وجووودي

زيزوومي جديد
إنضم
26 أغسطس 2008
المشاركات
60
مستوى التفاعل
0
النقاط
80
الإقامة
asssssss
غير متصل
عندي مشكله انه لما احاول اضغط على اي ايقونه من لوحه التحكم ما يطلع شي فحصت الجهاز على
RunScanner وهذا هو التقرير تحت ياليت تحلون لي المشكله لانه لوحه التحكم مهمه وشكرا






iYr53142.gif




Runscanner logfile
* = signed file
- = file not found
General info
------------
Computer name : MD
Creation time : 30/11/2009 06:49:44 ص
Hosts <> 127.0.0.1 : 0
Hosts file location : %SystemRoot%\System32\drivers\etc
IE version : 7.0.5730.13
OS : Microsoft Windows XP
OS Build : 2600
OS SP : Service Pack 3
RunScanner Version : 1.8.0.0
User Language : العربية (السعودية)
User rights : Administrator
Windows folder : C:\WINDOWS
Running processes
-----------------
* C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
* C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems)
* C:\WINDOWS\System32\alg.exe (Microsoft Corporation)
D:\Dا\A-SQUARED ANTI-MALWARE\a2guard.exe (Emsi Software GmbH)
D:\Dا\a-squared Anti-Malware\a2service.exe (Emsi Software GmbH)
* C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE (Broadcom Corporation.)
* C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
* C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
C:\Program Files\Broadcom\BACS\BPowMon.exe (Broadcom Corp.)
* C:\WINDOWS\system32\csrss.exe (Microsoft Corporation)
* C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
* C:\Program Files\ESET\ESET Smart Security\egui.exe
* C:\Program Files\ESET\ESET Smart Security\ekrn.exe
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\igfxext.exe (Intel Corporation)
* C:\WINDOWS\system32\igfxsrvc.exe (Intel Corporation)
C:\Internet Download Manager\IDMan.exe (Tonec Inc.)
* C:\Internet Download Manager\IEMonitor.exe (Tonec Inc.)
* C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
* C:\WINDOWS\system32\lsass.exe (Microsoft Corporation)
* C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
C:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe (mpc-hc@Sourceforge)
C:\Program Files\MessengerDiscovery 2\MessengerDiscovery 2.exe (Matt Holwood)
* D:\meeme\Downloads\Programs\RunScanner.exe (Runscanner.net)
* C:\WINDOWS\system32\services.exe (Microsoft Corporation)
* C:\WINDOWS\system32\spoolsv.exe (Microsoft Corporation)
C:\Program Files\JetAudio\jetUpdate.exe
* C:\Program Files\TuneUp Utilities 2009\MemOptimizer.exe (TuneUp Software GmbH)
* C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
* C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
* C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
* C:\Program Files\Movie Maker\moviemk.exe (Microsoft Corporation)
* C:\WINDOWS\system32\winlogon.exe (Microsoft Corporation)
* c:\windows\System32\smss.exe (Microsoft Corporation)
* C:\WINDOWS\system32\wuauclt.exe (Microsoft Corporation)
* C:\WINDOWS\system32\wdfmgr.exe (Microsoft Corporation)
Unrated items
-------------
002 D:\Dا\A-SQUARED ANTI-MALWARE\a2guard.exe (Emsi Software GmbH)
003 * C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
003 * D:\Dا\CCleaner\CCleaner.exe (Piriform Ltd)
003 C:\Internet Download Manager\IDMan.exe (Tonec Inc.)
003 * C:\Program Files\TuneUp Utilities 2009\MemOptimizer.exe (TuneUp Software GmbH)
003 * C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
010 D:\Dا\a-squared Anti-Malware\a2service.exe (a-squared Anti-Malware Service)
010 C:\Program Files\Broadcom\BACS\BPowMon.exe (Broadcom Power monitoring service)
010 * C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google Software Updater)
010 C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (InstallDriver Table Manager)
011 C:\WINDOWS\system32\drivers\ASPI32.sys (ASPI32)
011 C:\Program Files\Broadcom\BACS\BASFND.sys (BASFND)
011 C:\WINDOWS\system32\DRIVERS\b57xp32.sys (Broadcom NetXtreme Gigabit Ethernet)
011 C:\WINDOWS\system32\DRIVERS\d347bus.sys (d347bus)
011 C:\WINDOWS\System32\Drivers\d347prt.sys (d347prt)
011 C:\WINDOWS\system32\giveio.sys (giveio)
011 * C:\WINDOWS\system32\DRIVERS\igxpmp32.sys (ialm)
011 C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Microsoft UAA Bus Driver for High Definition Audio)
011 C:\WINDOWS\System32\DRIVERS\MS1000.sys (MS1000)
011 D:\Binaries\addins11111\Connection Wizard\fourm\program\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SASDIFSV)
011 C:\WINDOWS\system32\drivers\sensorsview.sys (sensorsview)
011 C:\WINDOWS\System32\Drivers\sptd.sys (sptd)
011 * C:\WINDOWS\system32\DRIVERS\SynTP.sys (Synaptics TouchPad Driver)
011 C:\WINDOWS\System32\Drivers\pcouffin.sys (VSO Software pcouffin)
030 * C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1}
030 * C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) {8f6b0360-b80d-11d0-a9b3-006097942311}
030 * C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) {8f6b0360-b80d-11d0-a9b3-006097942311}
030 * C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) {8f6b0360-b80d-11d0-a9b3-006097942311}
031 * C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) {3050F406-98B5-11CF-BB82-00AA00BDCE0B}
031 * C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) {3dd53d40-7b8b-11D0-b013-00aa0059ce02}
031 * C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) {79eac9e7-baf9-11ce-8c82-00aa004ba90b}
031 * C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) {79eac9e3-baf9-11ce-8c82-00aa004ba90b}
031 * C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) {79eac9e4-baf9-11ce-8c82-00aa004ba90b}
031 * C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) {79eac9e2-baf9-11ce-8c82-00aa004ba90b}
031 * C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) {79eac9e5-baf9-11ce-8c82-00aa004ba90b}
031 * C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B}
031 * C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) {828030A1-22C1-4009-854F-8E305202313F}
031 * C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) {79eac9e7-baf9-11ce-8c82-00aa004ba90b}
031 * C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B}
031 * C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) {79eac9e6-baf9-11ce-8c82-00aa004ba90b}
031 C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) {0A9007C0-4076-11D3-8789-0000F8105754}
031 * C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) {828030A1-22C1-4009-854F-8E305202313F}
031 * C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B}
031 * C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) {76E67A63-06E9-11D2-A840-006008059382}
031 * C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B}
035 * C:\WINDOWS\system32\IEDKCS32.DLL (Microsoft Corporation) >{60B49E34-C7CC-11D0-8953-00A0C90347FF}
035 * C:\WINDOWS\system32\ieudinit.exe (Microsoft Corporation) <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}
035 * C:\WINDOWS\system32\ie4uinit.exe (Microsoft Corporation) {89820200-ECBD-11cf-8B85-00AA005B4383}
035 * C:\WINDOWS\system32\ie4uinit.exe (Microsoft Corporation) >{26923b43-4d38-484f-9b9e-de460746276c}
035 * C:\WINDOWS\system32\advpack.dll (Microsoft Corporation) {6BF52A52-394A-11d3-B153-00C04F79FAA6}
035 * C:\WINDOWS\system32\advpack.dll (Microsoft Corporation) {44BBA842-CC51-11CF-AAFA-00AA00B6015B}
035 * C:\WINDOWS\system32\advpack.dll (Microsoft Corporation) {5945c046-1e7d-11d1-bc44-00c04fd912be}
035 * C:\WINDOWS\system32\IEDKCS32.DLL (Microsoft Corporation) >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS
040 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {CFBFAE00-17A6-11D0-99CB-00C04FD64497}
041 C:\Program Files\English4arab_2\tbEng1.dll (Conduit Ltd.) {44aceec8-3ce3-4639-afc4-98621c067ef2}
041 * C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) {724d43a0-0d85-11d4-9908-00400523e39a}
042 C:\WINDOWS\bdoscandel.exe {85d1f590-48f4-11d9-9669-0800200c9a66}
045 C:\Program Files\English4arab_2\tbEng1.dll (Conduit Ltd.) {44ACEEC8-3CE3-4639-AFC4-98621C067EF2}
045 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {F2CF5485-4E02-4F68-819C-B92DE9277049}
045 * C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) {724D43A0-0D85-11D4-9908-00400523E39A}
052 C:\Program Files\English4arab_2\tbEng1.dll (Conduit Ltd.) {44aceec8-3ce3-4639-afc4-98621c067ef2}
052 * C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.) {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
052 * C:\Internet Download Manager\IDMIECC.dll (Tonec Inc.) {0055C089-8582-441B-A0BF-17B458C2A3A8}
052 * C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) {724d43a9-0d85-11d4-9908-00400523e39a}
052 * C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) {9030D464-4C02-4ABF-8ECC-5164760863C6}
060 * C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {F2CF5485-4E02-4f68-819C-B92DE9277049}
061 * C:\WINDOWS\system32\occache.dll (Microsoft Corporation) {88C6C381-2E85-11D0-94DE-444553540000}
061 D:\Dا\a-squared Anti-Malware\a2contmenu.dll (Emsi Software GmbH) {AB77609F-2178-4E6F-9C4B-44AC179D937A}
061 * C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) {7D559C10-9FE9-11d0-93F7-00AA0059CE02}
061 * C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) {E6CC6978-6B6E-11D0-BECA-00C04FD940BE}
061 * C:\WINDOWS\system32\extmgr.dll (Microsoft Corporation) {692F0339-CBAA-47e6-B5B5-3B84DB604E87}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {FF393560-C2A7-11CF-BFF4-444553540000}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {3028902F-6374-48b2-8DC6-9725E775B926}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {73CFD649-CD48-4fd8-A272-2070EA56526B}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {FDE7673D-2E19-4145-8376-BBD58C4BC7BA}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {1C1EDB47-CE22-4bbb-B608-77B48F83C823}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {6CF48EF8-44CD-45d2-8832-A16EA016311B}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {4B78D326-D922-44f9-AF2A-07805C2A3560}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {205D7A97-F16D-4691-86EF-F3075DCCA57D}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {44C76ECD-F7FA-411c-9929-1B77BA77F524}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {07C45BB1-4A8C-4642-A1F5-237E7215FF66}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {6038EF75-ABFC-4e59-AB6F-12D397F6568D}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {B31C5FAE-961F-415b-BAF0-E697A5178B94}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {9D958C62-3954-4b44-8FAB-C4670C1DB4C2}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {43886CD5-6529-41c4-A707-7B3C92C05E68}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {F83DAC1C-9BB9-4f2b-B619-09819DA81B0E}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {30D02401-6A81-11d0-8274-00C04FD5AE38}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {E6EE9AAC-F76B-4947-8260-A9F136138E11}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {6B4ECC4F-16D1-4474-94AB-5A763F2A54AE}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {871C5380-42A0-1069-A2EA-08002B30309D}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {FBF23B40-E3F0-101B-8488-00AA003E56F8}
061 C:\Program Files\JetAudio\JetFlExt.dll (COWON America) {8D1636FD-CA49-4B4E-90E4-0A20E03A15E8}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {BC476F4C-D9D7-4100-8D4E-E043F6DEC409}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {3C374A40-BAE4-11CF-BF7D-00AA006946EE}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {CFBFAE00-17A6-11D0-99CB-00C04FD64497}
061 C:\WINDOWS\system32\btncopy.dll (Broadcom Corporation.) {7842554E-6BED-11D2-8CDB-B05550C10000}
061 C:\WINDOWS\system32\btneighborhood.dll (Broadcom Corporation.) {6af09ec9-b429-11d4-a1fb-0090960218cb}
061 * C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) {D8BD2030-6FC9-11D0-864F-00AA006809D9}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {E7E4BC40-E76A-11CE-A9BB-00AA004AE837}
061 * C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) {F5175861-2688-11d0-9C5E-00AA00A45957}
061 * C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) {ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}
061 * C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated) {2F603045-309F-11CF-9774-0020AFD0CFF6}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {7BD29E00-76C1-11CF-9DD0-00A0C9034933}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {7BD29E01-76C1-11CF-9DD0-00A0C9034933}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {3DC7A020-0ACD-11CF-A9BB-00AA004AE837}
061 * C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) {E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}
061 * C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
061 * C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) {7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}
061 * C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) {E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}
061 * C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) {08165EA0-E946-11CF-9C87-00AA005127ED}
061 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
062 GUID / CLSID not found {7D4D6379-F301-4311-BEBA-E26EB0561882}
064 * C:\WINDOWS\system32\url.dll (Microsoft Corporation)
064 * C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
064 * C:\WINDOWS\system32\wininet.dll (Microsoft Corporation)
067 D:\Binaries\addins11111\Connection Wizard\fourm\program\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
067 * C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
069 C:\WINDOWS\system32\bthcrp.dll (Broadcom Corporation.)
073 الصيانة بنقرة واحدة.job : C:\Program Files\TuneUp Utilities 2009\OneClickStarter.exe (TuneUp Software GmbH)
104 * C:\WINDOWS\system32\OGACheckControl.DLL {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}
104 GUID / CLSID not found {17492023-C23A-453E-A040-C7C580BBF700}
104 * C:\WINDOWS\Downloaded Program Files\sysreqlab_srl.dll (Husdawg, LLC) {1E54D648-B804-468d-BC78-4AFFED8E262E}
104 C:\WINDOWS\DOWNLO~1\oscan82.ocx (BitDefender) {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}
104 * C:\WINDOWS\system32\muweb.dll (Microsoft Corporation) {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
105 &Block This Image (ABP) :
105 &تصدير إلى Microsoft Excel : res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
105 Customize Menu :
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
105 Fill Forms :
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
105 RoboForm Toolbar :
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
105 Save Forms :
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
105 Send to &Bluetooth Device... : C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
105 تحميل بواسطة Internet Download Manager : C:\Internet Download Manager\IEExt.htm
105 تخصيص القائمه :
105 حفظ النماذج :
105 شريط ادوات روبوفورم :
105 ملئ النماذج :
173 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
221 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
223 D:\Dا\a-squared Anti-Malware\a2contmenu.dll (Emsi Software GmbH) {AB77609F-2178-4E6F-9C4B-44AC179D937A}
225 GUID / CLSID not found {AD392E40-428C-459F-961E-9B147782D099}
225 GUID / CLSID not found {AD392E40-428C-459F-961E-9B147782D099}
225 D:\Dا\a-squared Anti-Malware\a2contmenu.dll (Emsi Software GmbH) {AB77609F-2178-4E6F-9C4B-44AC179D937A}
225 D:\Dا\a-squared Anti-Malware\a2contmenu.dll (Emsi Software GmbH) {AB77609F-2178-4E6F-9C4B-44AC179D937A}
225 C:\Program Files\JetAudio\JetFlExt.dll (COWON America) {8D1636FD-CA49-4B4E-90E4-0A20E03A15E8}
225 C:\Program Files\JetAudio\JetFlExt.dll (COWON America) {8D1636FD-CA49-4B4E-90E4-0A20E03A15E8}
225 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
225 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
227 GUID / CLSID not found {AD392E40-428C-459F-961E-9B147782D099}
227 C:\Program Files\JetAudio\JetFlExt.dll (COWON America) {8D1636FD-CA49-4B4E-90E4-0A20E03A15E8}
227 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
229 * C:\WINDOWS\system32\igfxpph.dll (Intel Corporation) {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4}
231 GUID / CLSID not found NeroDigitalExt.NeroDigitalColumnHandler
251 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
254 C:\WINDOWS\system32\btncopy.dll (Broadcom Corporation.) {7842554E-6BED-11D2-8CDB-B05550C10000}
Missing files
-------------
011 C:\WINDOWS\system32\drivers\Abiosdsk.sys
011 C:\WINDOWS\system32\drivers\abp480n5.sys
011 C:\WINDOWS\system32\drivers\adpu160m.sys
011 C:\WINDOWS\system32\drivers\Aha154x.sys
011 C:\WINDOWS\system32\drivers\aic78u2.sys
011 C:\WINDOWS\system32\drivers\aic78xx.sys
011 C:\WINDOWS\system32\drivers\AliIde.sys
011 C:\WINDOWS\system32\drivers\amsint.sys
011 C:\WINDOWS\system32\drivers\asc.sys
011 C:\WINDOWS\system32\drivers\asc3350p.sys
011 C:\WINDOWS\system32\drivers\asc3550.sys
011 C:\WINDOWS\system32\drivers\Atdisk.sys
011 C:\Program Files\Anti Trojan Elite\ATEPMon.sys
011 c:\windows\system32\DRIVERS\br3gmdm.sys
011 C:\WINDOWS\system32\drivers\cd20xrnt.sys
011 C:\WINDOWS\system32\drivers\Changer.sys
011 C:\WINDOWS\system32\drivers\CmdIde.sys
011 c:\windows\system32\DRIVERS\UIUSYS.SYS
011 C:\WINDOWS\system32\drivers\Cpqarray.sys
011 C:\WINDOWS\system32\drivers\dac2w2k.sys
011 C:\WINDOWS\system32\drivers\dac960nt.sys
011 C:\WINDOWS\system32\drivers\dpti2o.sys
011 C:\WINDOWS\system32\drivers\hpn.sys
011 C:\WINDOWS\system32\drivers\i2omgmt.sys
011 C:\WINDOWS\system32\drivers\i2omp.sys
011 C:\WINDOWS\system32\drivers\ini910u.sys
011 C:\WINDOWS\system32\drivers\IntelIde.sys
011 D:\Dا\UltraISO\drivers\ISODrive.sys
011 C:\WINDOWS\system32\drivers\lbrtfdc.sys
011 C:\WINDOWS\system32\drivers\mbamswissarmy.sys
011 C:\WINDOWS\system32\drivers\mraid35x.sys
011 c:\windows\system32\DRIVERS\pccsmcfd.sys
011 C:\WINDOWS\system32\drivers\PCIDump.sys
011 C:\WINDOWS\system32\drivers\PDCOMP.sys
011 C:\WINDOWS\system32\drivers\PDFRAME.sys
011 C:\WINDOWS\system32\drivers\PDRELI.sys
011 C:\WINDOWS\system32\drivers\PDRFRAME.sys
011 C:\WINDOWS\system32\drivers\perc2.sys
011 C:\WINDOWS\system32\drivers\perc2hib.sys
011 C:\WINDOWS\system32\drivers\ql1080.sys
011 C:\WINDOWS\system32\drivers\Ql10wnt.sys
011 C:\WINDOWS\system32\drivers\ql12160.sys
011 C:\WINDOWS\system32\drivers\ql1240.sys
011 C:\WINDOWS\system32\drivers\ql1280.sys
011 c:\windows\system32\DRIVERS\Rts516xIR.sys
011 c:\windows\system32\DRIVERS\RtsUCcid.sys
011 D:\addins\Connection Wizard\fourm\program\Program Files\SUPERAntiSpyware\SASENUM.SYS
011 D:\addins\Connection Wizard\fourm\program\Program Files\SUPERAntiSpyware\SASKUTIL.sys
011 C:\WINDOWS\system32\drivers\Simbad.sys
011 C:\WINDOWS\system32\drivers\Sparrow.sys
011 C:\WINDOWS\system32\drivers\sym_hi.sys
011 C:\WINDOWS\system32\drivers\sym_u3.sys
011 C:\WINDOWS\system32\drivers\symc810.sys
011 C:\WINDOWS\system32\drivers\symc8xx.sys
011 c:\windows\system32\drivers\TfFsMon.sys
011 C:\WINDOWS\system32\drivers\TfNetMon.sys
011 c:\windows\system32\drivers\TfSysMon.sys
011 C:\WINDOWS\system32\drivers\TosIde.sys
011 C:\WINDOWS\system32\drivers\ultra.sys
011 c:\windows\system32\drivers\RTSTOR.SYS
011 C:\WINDOWS\system32\drivers\ViaIde.sys
011 C:\WINDOWS\system32\drivers\WDICA.sys
066 Settings\All
066 and
066 Users\Application
066 C:\Documents
066 Utilities\WinStyler\tu_logonui.exe
066 Data\TuneUp
066 Software\TuneUp
 

حمل هذا البرنامج
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

بعدها اغلق جميع البرامج وخصوصا الانترنت اكسبلورر والماسنجر
شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم
 
التعديل الأخير بواسطة المشرف:
توقيع : SUL6AN
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:53:59 ص, on 30/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
D:\Dا\A-SQUARED ANTI-MALWARE\a2guard.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Launch Manager\LManager.exe
D:\Dا\a-squared Anti-Malware\a2service.exe
C:\Internet Download Manager\IDMan.exe
C:\Program Files\TuneUp Utilities 2009\MemOptimizer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Broadcom\BACS\BPowMon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\MessengerDiscovery 2\MessengerDiscovery 2.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe
D:\meeme\Downloads\Programs\RunScanner.exe
C:\WINDOWS\system32\NOTEPAD.exe
C:\Program Files\Movie Maker\moviemk.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Internet Download Manager\IDMIECC.dll
O2 - BHO: English4arab 2 Toolbar - {44aceec8-3ce3-4639-afc4-98621c067ef2} - C:\Program Files\English4arab_2\tbEng1.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: English4arab 2 Toolbar - {44aceec8-3ce3-4639-afc4-98621c067ef2} - C:\Program Files\English4arab_2\tbEng1.dll
O4 - HKLM\..\Run: [a-squared] "D:\Dا\A-SQUARED ANTI-MALWARE\a2guard.exe" /d=60
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Acer Launch Manager Keyboard Application] C:\Program Files\Launch Manager\LManager.exe
O4 - HKCU\..\Run: [Windows Live Messenger] C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [IDMan] C:\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [ccleaner] "D:\Dا\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2009\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Customize Menu -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Fill Forms -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Internet Download Manager\IEExt.htm
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O20 - Winlogon Notify: !SASWinLogon - D:\Binaries\addins11111\Connection Wizard\fourm\program\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - D:\Dا\a-squared Anti-Malware\a2service.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Broadcom Power monitoring service (BPowMon) - Broadcom Corp. - C:\Program Files\Broadcom\BACS\BPowMon.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
--
End of file - 9125 bytes
 
عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة

ولو انه مافيه حمايه عندك :q:

بانتظارك
 
توقيع : SUL6AN
ComboFix 09-11-29.03 - tom 11/30/2009 9:18.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1256.966.1025.18.1014.678 [GMT 3:00]
Running from: d:\meeme\Downloads\Programs\ComboFix.exe
AV: a-squared Anti-Malware *On-access scanning disabled* (Outdated) {0F8591BB-342B-4493-91C3-4E948ED21255}
AV: ESET Smart Security 3.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Thumbs.db
c:\windows\system32\d3d10core.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\kakle.dll
c:\windows\system32\Ultra.dll
D:\resycled
d:\resycled\boot.com
c:\windows\System32\Drivers\d347prt.sys . . . is infected!!
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_NPF

((((((((((((((((((((((((( Files Created from 2009-10-28 to 2009-11-30 )))))))))))))))))))))))))))))))
.
2009-11-30 03:58 . 2009-05-30 18:00 625485 ----a-w- c:\documents and settings\tom\Application Data\zyzcleaner\run.exe
2009-11-30 03:58 . 2008-09-24 07:33 1053696 ----a-w- c:\documents and settings\tom\Application Data\zyzcleaner\engine.dll
2009-11-30 03:58 . 2008-08-11 09:23 809472 ----a-w- c:\documents and settings\tom\Application Data\zyzcleaner\CSPSprivacyguard.dll
2009-11-30 03:57 . 2007-01-23 09:32 21 ----a-w- c:\documents and settings\tom\Application Data\zyzcleaner\StopLoging.bat
2009-11-30 03:57 . 2007-01-23 09:32 21 ----a-w- c:\documents and settings\tom\Application Data\zyzcleaner\StartLoging.bat
2009-11-30 03:57 . 2003-12-30 22:41 65536 ----a-w- c:\documents and settings\tom\Application Data\zyzcleaner\1.exe
2009-11-30 03:48 . 2009-11-30 03:48 -------- d-----w- c:\documents and settings\tom\Local Settings\Application Data\Runscanner.net
2009-11-29 23:21 . 2009-11-29 23:21 -------- d-----w- c:\documents and settings\tom\Local Settings\Application Data\Conduit
2009-11-29 23:21 . 2009-11-29 23:21 -------- d-----w- c:\documents and settings\tom\Local Settings\Application Data\English4arab_2
2009-11-29 23:21 . 2009-11-29 23:21 -------- d-----w- c:\program files\Conduit
2009-11-29 23:21 . 2009-11-29 23:21 -------- d-----w- c:\program files\English4arab_2
2009-11-22 14:34 . 2003-08-07 12:01 237568 ----a-w- c:\windows\system32\lame_enc.dll
2009-11-22 14:34 . 2009-11-22 14:34 -------- d-----w- c:\program files\Arabic_video
2009-11-18 15:28 . 2007-10-30 09:25 16496 ----a-r- c:\windows\system32\drivers\HPZipr12.sys
2009-11-18 15:28 . 2007-10-30 09:25 49920 ----a-r- c:\windows\system32\drivers\HPZid412.sys
2009-11-18 15:27 . 2009-11-18 15:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Hewlett-Packard
2009-11-18 15:27 . 2007-11-08 14:52 271704 ----a-r- c:\windows\system32\hpzids01.dll
2009-11-18 15:27 . 2007-10-20 15:25 117760 ----a-w- c:\windows\system32\hpzll5mu.dll
2009-11-18 15:17 . 2007-10-30 09:25 21568 ----a-r- c:\windows\system32\drivers\HPZius12.sys
2009-11-18 15:17 . 2007-10-30 09:25 372736 ----a-r- c:\windows\system32\hppldcoi.dll
2009-11-16 11:43 . 2008-04-13 18:47 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2009-11-16 11:43 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-11-09 01:57 . 2009-11-09 01:57 -------- d-----w- c:\program files\Circle Dvelopement
2009-11-08 20:33 . 2009-11-08 20:33 -------- d-----w- c:\windows\system32\wbem\Repository
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-30 06:25 . 2008-10-12 17:39 -------- d-----w- c:\documents and settings\tom\Application Data\DMCache
2009-11-30 03:58 . 2009-11-30 03:57 -------- d-----w- c:\documents and settings\tom\Application Data\zyzcleaner
2009-11-29 00:15 . 2009-08-06 22:32 -------- d-----w- c:\documents and settings\tom\Application Data\IDM
2009-11-22 14:35 . 2008-10-12 19:25 1245184 ----a-w- c:\windows\system32\bkll.dll
2009-11-22 14:35 . 2008-10-27 03:13 215552 ----a-w- c:\windows\system32\ALOWMVFile.dll
2009-11-22 14:35 . 2008-10-27 03:13 403968 ----a-w- c:\windows\system32\ALOWMAFile2.dll
2009-11-22 14:35 . 2008-10-27 03:12 495104 ----a-w- c:\windows\system32\ALOVideoCoreM.dll
2009-11-22 14:35 . 2008-10-27 03:12 780288 ----a-w- c:\windows\system32\ALOVideoCompress.dll
2009-11-22 14:35 . 2008-10-27 03:12 249856 ----a-w- c:\windows\system32\ALOQuickTimeFile.dll
2009-11-22 14:35 . 2008-10-27 03:12 90112 ----a-w- c:\windows\system32\ALOAudioFormatSettings3.dll
2009-11-22 14:35 . 2008-10-27 03:12 877568 ----a-w- c:\windows\system32\ALOAudioFile2.dll
2009-11-22 14:35 . 2008-10-27 03:12 382464 ----a-w- c:\windows\system32\ALOAVIFile.dll
2009-11-22 14:35 . 2008-10-27 03:12 2846720 ----a-w- c:\windows\system32\ALOAudioCompress3.dll
2009-11-22 14:34 . 2008-10-27 03:12 778240 ----a-w- c:\windows\system32\ALOAudioCompress2.dll
2009-11-22 14:31 . 2009-10-17 01:41 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2009-11-09 01:57 . 2009-09-18 04:50 -------- d-----w- c:\program files\Messenger Plus! Live
2009-10-29 23:40 . 2009-01-24 12:36 -------- d-----w- c:\documents and settings\tom\Application Data\dvdcss
2009-10-29 22:19 . 2009-10-29 22:19 -------- d-----w- c:\documents and settings\tom\Application Data\Big Fish Games
2009-10-29 19:22 . 2009-10-29 19:22 -------- d-----w- c:\documents and settings\tom\Application Data\Magic Academy 2
2009-10-29 18:23 . 2009-10-29 18:23 -------- d-----w- c:\documents and settings\tom\Application Data\Merscom
2009-10-29 18:23 . 2009-10-29 18:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Merscom
2009-10-29 11:32 . 2008-10-13 15:12 -------- d-----w- c:\program files\ESET
2009-10-26 10:58 . 2009-07-30 22:50 -------- d-----w- c:\program files\SensorsViewPro21
2009-10-21 12:24 . 2008-12-12 09:25 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-10-21 12:23 . 2009-10-20 17:02 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools
2009-10-20 11:08 . 2009-09-18 04:00 -------- d-----w- c:\documents and settings\tom\Application Data\MessengerDiscovery 2
2009-10-20 02:04 . 2009-02-26 03:20 -------- d-----w- c:\program files\TuneUp Utilities 2009
2009-10-18 02:48 . 2009-03-17 15:55 117760 ----a-w- c:\documents and settings\tom\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-10-17 01:04 . 2009-10-17 01:04 -------- d-----w- c:\program files\Real Alternative
2009-10-17 01:01 . 2009-10-17 01:00 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-10-16 03:59 . 2008-09-23 19:43 109072 ----a-w- c:\documents and settings\tom\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-15 03:31 . 2009-10-15 03:23 -------- d-----w- c:\documents and settings\tom\Application Data\Video Converter for Any Flv Player
2009-10-14 06:55 . 2009-10-14 06:55 198064 ----a-w- c:\documents and settings\tom\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
2009-10-14 06:55 . 2009-10-14 06:53 3095008 ----a-w- c:\documents and settings\tom\Application Data\IDM\idmupdt.exe
2009-10-14 06:53 . 2009-10-14 06:53 198064 ----a-w- c:\documents and settings\tom\Application Data\IDM\idmmzcc02\components\idmmzcc.dll
2009-10-13 21:19 . 2009-10-13 21:19 -------- d-----w- c:\documents and settings\tom\Application Data\ERS G-Studio
2009-10-13 20:51 . 2009-10-13 20:51 -------- d-----w- c:\documents and settings\tom\Application Data\casanova
2009-10-10 13:12 . 2009-08-15 00:20 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2009-10-05 20:20 . 2009-08-26 02:26 -------- d-----w- c:\program files\ZTE Connection Manager
2009-10-05 15:48 . 2009-09-19 13:37 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstCCD.exe
2009-10-05 15:48 . 2009-09-19 13:37 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstPCSFEMsi.exe
2009-10-05 15:48 . 2009-09-19 13:37 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstPCS.exe
2009-10-05 13:57 . 2009-10-05 13:57 -------- d-----w- c:\program files\MessengerDiscovery 2
2009-09-28 23:13 . 2009-08-09 22:36 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-09-25 01:47 . 2001-09-19 12:00 62306 ----a-w- c:\windows\system32\perfc001.dat
2009-09-25 01:47 . 2001-09-19 12:00 338988 ----a-w- c:\windows\system32\perfh001.dat
2009-09-09 10:43 . 2009-09-16 12:26 210352 ----a-w- c:\windows\system32\idmmbc.dll
2009-08-16 10:58 . 2009-08-16 10:58 2470 ----a-w- c:\program files\Common Files\unins000.dat
2009-08-16 10:57 . 2009-08-16 10:58 728858 ----a-w- c:\program files\Common Files\unins000.exe
2009-07-15 05:42 . 2009-03-03 05:57 5120 --sha-w- c:\program files\Thumbs.db
2008-03-09 04:25 . 2009-08-16 10:58 236 ---ha-w- c:\program files\Common Files\dx.reg
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{44aceec8-3ce3-4639-afc4-98621c067ef2}]
2009-11-29 23:23 2166296 ----a-w- c:\program files\English4arab_2\tbEng1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{44aceec8-3ce3-4639-afc4-98621c067ef2}"= "c:\program files\English4arab_2\tbEng1.dll" [2009-11-29 2166296]
[HKEY_CLASSES_ROOT\clsid\{44aceec8-3ce3-4639-afc4-98621c067ef2}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{44ACEEC8-3CE3-4639-AFC4-98621C067EF2}"= "c:\program files\English4arab_2\tbEng1.dll" [2009-11-29 2166296]
[HKEY_CLASSES_ROOT\clsid\{44aceec8-3ce3-4639-afc4-98621c067ef2}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TuneUp MemOptimizer"="c:\program files\TuneUp Utilities 2009\MemOptimizer.exe autostart" [X]
"Acer Launch Manager Keyboard Application"="c:\program files\Launch Manager\LManager.exe" [2007-07-03 834056]
"Windows Live Messenger"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"IDMan"="c:\internet download manager\IDMan.exe" [2009-09-17 1065392]
"ccleaner"="d:\dا\CCleaner\CCleaner.exe" [2009-09-24 1685816]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"a-squared"="d:\dا\A-SQUARED ANTI-MALWARE\a2guard.exe" [2009-10-16 3278480]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2007-01-28 1398016]
c:\documents and settings\All Users\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ں颬نïé\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-4-1 568176]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"NoConfigPage"= 0 (0x0)
"NoDevMgrPage"= 0 (0x0)
"NoFileSysPage"= 0 (0x0)
"NoVirtMemPage"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoSMMyPictures"= 0 (0x0)
"NoStartMenuMyMusic"= 0 (0x0)
"NoRecentDocsNetHood"= 0 (0x0)
"NoSimpleStartMenu"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\documents and settings\All Users\Application Data\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-01-01 17:09 356352 ----a-w- d:\binaries\addins11111\Connection Wizard\fourm\program\Program Files\SUPERAntiSpyware\SASWINLO.DLL
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^tom^قائمة ابدأ^البرامج^بدء التشغيل^Realtek.lnk]
backup=c:\windows\pss\Realtek.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\a-squared Security Center
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Index Washer
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISTray
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Safely Remove A Device In One Click
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StormCodec_Helper
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPStart
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB Safely Remove
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"CCleaner"=d:\dا\CCleaner\CCleaner.exe
"swg"=c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"RTHDCPL"=RTHDCPL.EXE
"Alcmtr"=ALCMTR.EXE
"explorer.exe"=explorer.exe
"SynTPEnh"=c:\program files\Synaptics\SynTP\SynTPEnh.exe
"Persistence"=c:\windows\system32\igfxpers.exe
"IgfxTray"=c:\windows\system32\igfxtray.exe
"HotKeysCmds"=c:\windows\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"SynTPStart"=c:\program files\Synaptics\SynTP\SynTPStart.exe
"RTHDCPL"=RTHDCPL.EXE
"SynTPEnh"=c:\program files\Synaptics\SynTP\SynTPEnh.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices-]
"Driver32"=
"raVe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [17/03/2009 01:21 ص 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [17/03/2009 01:21 ص 5248]
R0 sensorsview;sensorsview;c:\windows\system32\drivers\sensorsview.sys [09/02/2006 02:54 م 3136]
R1 SASDIFSV;SASDIFSV;d:\binaries\addins11111\Connection Wizard\fourm\program\Program Files\SUPERAntiSpyware\sasdifsv.sys [18/09/2008 02:45 م 8944]
R2 a2AntiMalware;a-squared Anti-Malware Service;d:\dا\a-squared Anti-Malware\a2service.exe [15/08/2009 06:30 م 1858144]
R2 BPowMon;Broadcom Power monitoring service;c:\program files\Broadcom\BACS\BPowMon.exe [31/08/2006 05:04 م 65536]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [18/09/2009 07:48 ص 54752]
R3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RTS5121.sys [16/08/2009 03:39 م 160256]
S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys --> c:\windows\system32\drivers\TfFsMon.sys [?]
S0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys --> c:\windows\system32\drivers\TfSysMon.sys [?]
S1 SASKUTIL;SASKUTIL;\??\d:\addins\Connection Wizard\fourm\program\Program Files\SUPERAntiSpyware\SASKUTIL.sys --> d:\addins\Connection Wizard\fourm\program\Program Files\SUPERAntiSpyware\SASKUTIL.sys [?]
S2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [24/10/2008 08:51 م 455936]
S2 Stormser;Stormser; [x]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [16/08/2009 05:49 م 1684736]
S3 ATE_PROCMON;ATE_PROCMON;\??\c:\program files\Anti Trojan Elite\ATEPMon.sys --> c:\program files\Anti Trojan Elite\ATEPMon.sys [?]
S3 br3gmdm;BandLuxe 3.5G HSDPA Adapter - USB;c:\windows\system32\DRIVERS\br3gmdm.sys --> c:\windows\system32\DRIVERS\br3gmdm.sys [?]
S3 fsssvc;خدمة أمان العائلة في Windows Live;c:\program files\Windows Live\Family Safety\fsssvc.exe [05/08/2009 10:48 م 704864]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys --> c:\windows\system32\DRIVERS\Rts516xIR.sys [?]
S3 SASENUM;SASENUM;\??\d:\addins\Connection Wizard\fourm\program\Program Files\SUPERAntiSpyware\SASENUM.SYS --> d:\addins\Connection Wizard\fourm\program\Program Files\SUPERAntiSpyware\SASENUM.SYS [?]
S3 TfNetMon;TfNetMon;\??\c:\windows\system32\drivers\TfNetMon.sys --> c:\windows\system32\drivers\TfNetMon.sys [?]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [11/01/2009 04:10 م 716272]
.
Contents of the 'Scheduled Tasks' folder
2009-11-30 c:\windows\Tasks\الصيانة بنقرة واحدة.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-11-20 13:28]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Block This Image (ABP)
IE: &تصدير إلى Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Customize Menu -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: Fill Forms -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: RoboForm Toolbar -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Save Forms -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: تحميل بواسطة Internet Download Manager - c:\internet download manager\IEExt.htm
IE: تخصيص القائمه
IE: حفظ النماذج
IE: شريط ادوات روبوفورم
IE: ملئ النماذج
DPF: Microsoft XML Parser for Java -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

.
.
------- File Associations -------
.
txtfile=NOTEPAD %1
vbefile\shell\edit\command=c:\windows\Notepad.exe %1
vbsfile\shell\edit\command=c:\windows\Notepad.exe %1
.
- - - - ORPHANS REMOVED - - - -
AddRemove-LManager - c:\windows\UnInst32.exe LManager.UNI

**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-11-30 09:25
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

device: opened successfully
user: MBR read successfully
called modules: TUKERNEL.EXE CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x86F68B48]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf77aaf28
\Driver\ACPI -> ACPI.sys @ 0xf76f7cb8
\Driver\atapi -> 0x86f68b48
IoDeviceObjectType -> DeleteProcedure -> TUKERNEL.EXE @ 0x805e6686
ParseProcedure -> TUKERNEL.EXE @ 0x8057b6b1
\Device\Harddisk0\DR0 -> DeleteProcedure -> TUKERNEL.EXE @ 0x805e6686
ParseProcedure -> TUKERNEL.EXE @ 0x8057b6b1
NDIS: -> SendCompleteHandler -> 0x0
PacketIndicateHandler -> 0x0
SendHandler -> 0x0
Warning: possible MBR rootkit infection !
user & kernel MBR OK
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-2052111302-2077806209-682003330-1003\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.3\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\d:\D*'\Uniblue\DriverScanner\imageformats]
"qgif4.dll"=multi:"2007-11-01T17:44\00gif\00\00"
"qjpeg4.dll"=multi:"2007-11-01T17:43\00jpeg\00jpg\00\00"
[HKEY_USERS\S-1-5-21-2052111302-2077806209-682003330-1003\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.3.false\d:\d*'\Uniblue\DriverScanner\designer]
"UniblueComponents.dll"=multi:"40302\000\00Windows msvc release full-config\002008-11-14T16:32\00\00"
"MessageWindowPlugin.dll"=multi:"40302\000\00Windows msvc release full-config\002008-11-14T16:32\00\00"
"SerialView.dll"=multi:"40302\000\00Windows msvc release full-config\002008-11-14T16:32\00\00"
"BackupView.dll"=multi:"40302\000\00Windows msvc release full-config\002008-11-14T16:32\00\00"
"MainPluginView.dll"=multi:"40302\000\00Windows msvc release full-config\002008-11-14T16:32\00\00"
"ProxySettingsView.dll"=multi:"40302\000\00Windows msvc release full-config\002008-11-14T16:32\00\00"
"RestoreView.dll"=multi:"40302\000\00Windows msvc release full-config\002008-11-14T16:32\00\00"
"SettingsPluginView.dll"=multi:"40302\000\00Windows msvc release full-config\002008-11-14T16:32\00\00"
"ScanPluginView.dll"=multi:"40302\000\00Windows msvc release full-config\002008-11-14T16:32\00\00"
"SystemOverview.dll"=multi:"40302\000\00Windows msvc release full-config\002008-11-14T16:32\00\00"
"UpdatePluginView.dll"=multi:"40302\000\00Windows msvc release full-config\002008-11-14T16:32\00\00"
[HKEY_USERS\S-1-5-21-2052111302-2077806209-682003330-1003\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.3.false\d:\d*'\Uniblue\DriverScanner\imageformats]
"qgif4.dll"=multi:"40302\000\00Windows msvc release full-config\002007-11-01T17:44\00\00"
"qjpeg4.dll"=multi:"40302\000\00Windows msvc release full-config\002007-11-01T17:43\00\00"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{0E1ED8F5-B610-42B3-CB1C-6DC38D7482B7}\InProcServer32*]
"jannkmjbhbedmpedefcp"=hex:6b,61,6b,6d,65,6a,6d,6a,6e,66,6e,6c,67,64,62,70,6f,
6a,68,65,61,69,00,00
"iannenhlcnephdmcpa"=hex:6a,61,69,6d,63,6a,67,6f,68,65,69,6b,61,63,61,67,6e,68,
64,66,00,00
"fanncnjablco"=hex:66,61,6f,6c,70,66,6c,61,6f,6a,69,62,00,88
"eannhnmkne"=hex:6c,62,67,6c,66,62,62,64,6b,67,67,69,63,68,69,6c,63,6d,61,65,
6d,66,69,67,6f,67,69,68,6b,6f,63,70,61,68,6d,6c,63,6c,6f,6c,66,68,63,62,6e,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):42,7f,c0,34,fd,72,55,80,bf,a4,32,ab,b5,9d,7e,0c,a0,f4,78,e1,df,
de,cc,10,fb,30,04,2d,0e,2b,18,0c,fb,15,60,22,8e,c0,4e,8c,00,00,00,00,00,00,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{638e9448-f677-4ffb-b850-3eab20001c33}]
@Denied: (Full) (Everyone)
"Model"=dword:00000061
"Therad"=dword:0000001d
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,98,07,ff,fc,5d,
df,1c,2f,3b,8a,0a,32,11,89,01,b5,ad,fb,6d,15,31,73,6c,2d,a9,53,4c,11,4e,70,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):b9,b6,00,cf,5c,41,65,c0,cc,ec,33,1b,ef,e4,6d,12,88,b3,65,0d,8a,
cf,be,56,76,19,75,6c,0d,21,a9,61,f4,9d,ca,cc,2f,5c,e2,b4,00,00,00,00,00,00,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{c4ce0c38-6800-40c7-b75a-ebb763fbfb98}]
@Denied: (Full) (Everyone)
"Model"=dword:0000006d
"Therad"=dword:00000017
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Unimodem\DeviceSpecific\  EH/E *BJ'3J *9(1 *'1*('7 *B*l*u*e*t*o*o*t*h*:*:*  'DGH'*A *'D.DHJ) *'DBJ'3J):*:*M*i*c*r*o*s*o*f*t*\Responses]
"<cr>"=hex:01,00,00,00,00,00,00,00,00,00
"<lf>"=hex:01,00,00,00,00,00,00,00,00,00
"<cr><lf>OK<cr><lf>"=hex:00,00,00,00,00,00,00,00,00,00
"<cr><lf>RING<cr><lf>"=hex:08,00,00,00,00,00,00,00,00,00
"<cr><lf>NO CARRIER<cr><lf>"=hex:04,00,00,00,00,00,00,00,00,00
"<cr><lf>ERROR<cr><lf>"=hex:03,00,00,00,00,00,00,00,00,00
"<cr><lf>NO DIALTONE<cr><lf>"=hex:05,00,00,00,00,00,00,00,00,00
"<cr><lf>BUSY<cr><lf>"=hex:06,00,00,00,00,00,00,00,00,00
"<cr><lf>NO ANSWER<cr><lf>"=hex:07,00,00,00,00,00,00,00,00,00
"<cr><lf>CONNECT<cr><lf>"=hex:02,00,00,00,00,00,00,00,00,00
"0<cr>"=hex:00,00,00,00,00,00,00,00,00,00
"2<cr>"=hex:08,00,00,00,00,00,00,00,00,00
"3<cr>"=hex:04,00,00,00,00,00,00,00,00,00
"4<cr>"=hex:03,00,00,00,00,00,00,00,00,00
"6<cr>"=hex:05,00,00,00,00,00,00,00,00,00
"7<cr>"=hex:06,00,00,00,00,00,00,00,00,00
"8<cr>"=hex:07,00,00,00,00,00,00,00,00,00
"OK"=hex:00,00,00,00,00,00,00,00,00,00
"RING"=hex:08,00,00,00,00,00,00,00,00,00
"NO CARRIER"=hex:04,00,00,00,00,00,00,00,00,00
"ERROR"=hex:03,00,00,00,00,00,00,00,00,00
"NO DIALTONE"=hex:05,00,00,00,00,00,00,00,00,00
"NO DIAL TONE"=hex:05,00,00,00,00,00,00,00,00,00
"BUSY"=hex:06,00,00,00,00,00,00,00,00,00
"NO ANSWER"=hex:07,00,00,00,00,00,00,00,00,00
"FAX"=hex:03,00,00,00,00,00,00,00,00,00
"DATA"=hex:03,00,00,00,00,00,00,00,00,00
"VOICE"=hex:03,00,00,00,00,00,00,00,00,00
"RINGING"=hex:01,00,00,00,00,00,00,00,00,00
"DIALING"=hex:01,00,00,00,00,00,00,00,00,00
"RRING"=hex:01,00,00,00,00,00,00,00,00,00
"DELAYED"=hex:1d,00,00,00,00,00,00,00,00,00
"BLACKLISTED"=hex:1c,00,00,00,00,00,00,00,00,00
"+FCERROR"=hex:03,00,00,00,00,00,00,00,00,00
"CONNECT"=hex:02,00,00,00,00,00,00,00,00,00
"CONNECT/ARQ"=hex:02,02,00,00,00,00,00,00,00,00
"CONNECT/REL"=hex:02,02,00,00,00,00,00,00,00,00
"CONNECT/MNP"=hex:02,02,00,00,00,00,00,00,00,00
"CONNECT/LAP-M"=hex:02,02,00,00,00,00,00,00,00,00
"CONNECT/V42BIS"=hex:02,03,00,00,00,00,00,00,00,00
"CONNECT/V42b"=hex:02,03,00,00,00,00,00,00,00,00
"CONNECT 300"=hex:02,00,2c,01,00,00,00,00,00,00
"CONNECT 300/ARQ"=hex:02,02,2c,01,00,00,00,00,00,00
"CONNECT 300/REL"=hex:02,02,2c,01,00,00,00,00,00,00
"CONNECT 300/MNP"=hex:02,02,2c,01,00,00,00,00,00,00
"CONNECT 300/LAP-M"=hex:02,02,2c,01,00,00,00,00,00,00
"CONNECT 300/V42BIS"=hex:02,03,2c,01,00,00,00,00,00,00
"CONNECT 300/V42b"=hex:02,03,2c,01,00,00,00,00,00,00
"CONNECT 600"=hex:02,00,58,02,00,00,00,00,00,00
"CONNECT 600/ARQ"=hex:02,02,58,02,00,00,00,00,00,00
"CONNECT 600/REL"=hex:02,02,58,02,00,00,00,00,00,00
"CONNECT 600/MNP"=hex:02,02,58,02,00,00,00,00,00,00
"CONNECT 600/LAP-M"=hex:02,02,58,02,00,00,00,00,00,00
"CONNECT 600/V42BIS"=hex:02,03,58,02,00,00,00,00,00,00
"CONNECT 600/V42b"=hex:02,03,58,02,00,00,00,00,00,00
"CONNECT 0600"=hex:02,00,58,02,00,00,00,00,00,00
"CONNECT 0600/ARQ"=hex:02,02,58,02,00,00,00,00,00,00
"CONNECT 0600/REL"=hex:02,02,58,02,00,00,00,00,00,00
"CONNECT 0600/MNP"=hex:02,02,58,02,00,00,00,00,00,00
"CONNECT 0600/LAP-M"=hex:02,02,58,02,00,00,00,00,00,00
"CONNECT 0600/V42BIS"=hex:02,03,58,02,00,00,00,00,00,00
"CONNECT 0600/V42b"=hex:02,03,58,02,00,00,00,00,00,00
"CONNECT 1200"=hex:02,00,b0,04,00,00,00,00,00,00
"CONNECT 1200/ARQ"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 1200/REL"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 1200/MNP"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 1200/LAP-M"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 1200/V42BIS"=hex:02,03,b0,04,00,00,00,00,00,00
"CONNECT 1200/V42b"=hex:02,03,b0,04,00,00,00,00,00,00
"CONNECT 1200/75"=hex:02,00,b0,04,00,00,00,00,00,00
"CONNECT 1200/75/ARQ"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 1200/75/REL"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 1200/75/MNP"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 1200/75/LAP-M"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 1200/75/V42BIS"=hex:02,03,b0,04,00,00,00,00,00,00
"CONNECT 1200/75/V42b"=hex:02,03,b0,04,00,00,00,00,00,00
"CONNECT 1200TX/75RX"=hex:02,00,b0,04,00,00,00,00,00,00
"CONNECT 1200TX/75RX/ARQ"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 1200TX/75RX/REL"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 1200TX/75RX/MNP"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 1200TX/75RX/LAP-M"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 1200TX/75RX/V42BIS"=hex:02,03,b0,04,00,00,00,00,00,00
"CONNECT 1200TX/75RX/V42b"=hex:02,03,b0,04,00,00,00,00,00,00
"CONNECT 75/1200"=hex:02,00,b0,04,00,00,00,00,00,00
"CONNECT 75/1200/ARQ"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 75/1200/REL"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 75/1200/MNP"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 75/1200/LAP-M"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 75/1200/V42BIS"=hex:02,03,b0,04,00,00,00,00,00,00
"CONNECT 75/1200/V42b"=hex:02,03,b0,04,00,00,00,00,00,00
"CONNECT 75TX/1200RX"=hex:02,00,b0,04,00,00,00,00,00,00
"CONNECT 75TX/1200RX/ARQ"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 75TX/1200RX/REL"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 75TX/1200RX/MNP"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 75TX/1200RX/LAP-M"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 75TX/1200RX/V42BIS"=hex:02,03,b0,04,00,00,00,00,00,00
"CONNECT 75TX/1200RX/V42b"=hex:02,03,b0,04,00,00,00,00,00,00
"CONNECT 2400"=hex:02,00,60,09,00,00,00,00,00,00
"CONNECT 2400/ARQ"=hex:02,02,60,09,00,00,00,00,00,00
"CONNECT 2400/REL"=hex:02,02,60,09,00,00,00,00,00,00
"CONNECT 2400/MNP"=hex:02,02,60,09,00,00,00,00,00,00
"CONNECT 2400/LAP-M"=hex:02,02,60,09,00,00,00,00,00,00
"CONNECT 2400/V42BIS"=hex:02,03,60,09,00,00,00,00,00,00
"CONNECT 2400/V42b"=hex:02,03,60,09,00,00,00,00,00,00
"CONNECT 4800"=hex:02,00,c0,12,00,00,00,00,00,00
"CONNECT 4800/ARQ"=hex:02,02,c0,12,00,00,00,00,00,00
"CONNECT 4800/REL"=hex:02,02,c0,12,00,00,00,00,00,00
"CONNECT 4800/MNP"=hex:02,02,c0,12,00,00,00,00,00,00
"CONNECT 4800/LAP-M"=hex:02,02,c0,12,00,00,00,00,00,00
"CONNECT 4800/V42BIS"=hex:02,03,c0,12,00,00,00,00,00,00
"CONNECT 4800/V42b"=hex:02,03,c0,12,00,00,00,00,00,00
"CONNECT 7200"=hex:02,00,20,1c,00,00,00,00,00,00
"CONNECT 7200/ARQ"=hex:02,02,20,1c,00,00,00,00,00,00
"CONNECT 7200/REL"=hex:02,02,20,1c,00,00,00,00,00,00
"CONNECT 7200/MNP"=hex:02,02,20,1c,00,00,00,00,00,00
"CONNECT 7200/LAP-M"=hex:02,02,20,1c,00,00,00,00,00,00
"CONNECT 7200/V42BIS"=hex:02,03,20,1c,00,00,00,00,00,00
"CONNECT 7200/V42b"=hex:02,03,20,1c,00,00,00,00,00,00
"CONNECT 9600"=hex:02,00,80,25,00,00,00,00,00,00
"CONNECT 9600/ARQ"=hex:02,02,80,25,00,00,00,00,00,00
"CONNECT 9600/REL"=hex:02,02,80,25,00,00,00,00,00,00
"CONNECT 9600/MNP"=hex:02,02,80,25,00,00,00,00,00,00
"CONNECT 9600/LAP-M"=hex:02,02,80,25,00,00,00,00,00,00
"CONNECT 9600/V42BIS"=hex:02,03,80,25,00,00,00,00,00,00
"CONNECT 9600/V42b"=hex:02,03,80,25,00,00,00,00,00,00
"CONNECT 12000"=hex:02,00,e0,2e,00,00,00,00,00,00
"CONNECT 12000/ARQ"=hex:02,02,e0,2e,00,00,00,00,00,00
"CONNECT 12000/REL"=hex:02,02,e0,2e,00,00,00,00,00,00
"CONNECT 12000/MNP"=hex:02,02,e0,2e,00,00,00,00,00,00
"CONNECT 12000/LAP-M"=hex:02,02,e0,2e,00,00,00,00,00,00
"CONNECT 12000/V42BIS"=hex:02,03,e0,2e,00,00,00,00,00,00
"CONNECT 12000/V42b"=hex:02,03,e0,2e,00,00,00,00,00,00
"CONNECT 14400"=hex:02,00,40,38,00,00,00,00,00,00
"CONNECT 14400/ARQ"=hex:02,02,40,38,00,00,00,00,00,00
"CONNECT 14400/REL"=hex:02,02,40,38,00,00,00,00,00,00
"CONNECT 14400/MNP"=hex:02,02,40,38,00,00,00,00,00,00
"CONNECT 14400/LAP-M"=hex:02,02,40,38,00,00,00,00,00,00
"CONNECT 14400/V42BIS"=hex:02,03,40,38,00,00,00,00,00,00
"CONNECT 14400/V42b"=hex:02,03,40,38,00,00,00,00,00,00
"CONNECT 16800"=hex:02,00,a0,41,00,00,00,00,00,00
"CONNECT 16800/ARQ"=hex:02,02,a0,41,00,00,00,00,00,00
"CONNECT 16800/REL"=hex:02,02,a0,41,00,00,00,00,00,00
"CONNECT 16800/MNP"=hex:02,02,a0,41,00,00,00,00,00,00
"CONNECT 16800/LAP-M"=hex:02,02,a0,41,00,00,00,00,00,00
"CONNECT 16800/V42BIS"=hex:02,03,a0,41,00,00,00,00,00,00
"CONNECT 16800/V42b"=hex:02,03,a0,41,00,00,00,00,00,00
"CONNECT 19200"=hex:02,00,00,4b,00,00,00,00,00,00
"CONNECT 19200/ARQ"=hex:02,02,00,4b,00,00,00,00,00,00
"CONNECT 19200/REL"=hex:02,02,00,4b,00,00,00,00,00,00
"CONNECT 19200/MNP"=hex:02,02,00,4b,00,00,00,00,00,00
"CONNECT 19200/LAP-M"=hex:02,02,00,4b,00,00,00,00,00,00
"CONNECT 19200/V42BIS"=hex:02,03,00,4b,00,00,00,00,00,00
"CONNECT 19200/V42b"=hex:02,03,00,4b,00,00,00,00,00,00
"CONNECT 21600"=hex:02,00,60,54,00,00,00,00,00,00
"CONNECT 21600/ARQ"=hex:02,02,60,54,00,00,00,00,00,00
"CONNECT 21600/REL"=hex:02,02,60,54,00,00,00,00,00,00
"CONNECT 21600/MNP"=hex:02,02,60,54,00,00,00,00,00,00
"CONNECT 21600/LAP-M"=hex:02,02,60,54,00,00,00,00,00,00
"CONNECT 21600/V42BIS"=hex:02,03,60,54,00,00,00,00,00,00
"CONNECT 21600/V42b"=hex:02,03,60,54,00,00,00,00,00,00
"CONNECT 24000"=hex:02,00,c0,5d,00,00,00,00,00,00
"CONNECT 24000/ARQ"=hex:02,02,c0,5d,00,00,00,00,00,00
"CONNECT 24000/REL"=hex:02,02,c0,5d,00,00,00,00,00,00
"CONNECT 24000/MNP"=hex:02,02,c0,5d,00,00,00,00,00,00
"CONNECT 24000/LAP-M"=hex:02,02,c0,5d,00,00,00,00,00,00
"CONNECT 24000/V42BIS"=hex:02,03,c0,5d,00,00,00,00,00,00
"CONNECT 24000/V42b"=hex:02,03,c0,5d,00,00,00,00,00,00
"CONNECT 26400"=hex:02,00,20,67,00,00,00,00,00,00
"CONNECT 26400/ARQ"=hex:02,02,20,67,00,00,00,00,00,00
"CONNECT 26400/REL"=hex:02,02,20,67,00,00,00,00,00,00
"CONNECT 26400/MNP"=hex:02,02,20,67,00,00,00,00,00,00
"CONNECT 26400/LAP-M"=hex:02,02,20,67,00,00,00,00,00,00
"CONNECT 26400/V42BIS"=hex:02,03,20,67,00,00,00,00,00,00
"CONNECT 26400/V42b"=hex:02,03,20,67,00,00,00,00,00,00
"CONNECT 28800"=hex:02,00,80,70,00,00,00,00,00,00
"CONNECT 28800/ARQ"=hex:02,02,80,70,00,00,00,00,00,00
"CONNECT 28800/REL"=hex:02,02,80,70,00,00,00,00,00,00
"CONNECT 28800/MNP"=hex:02,02,80,70,00,00,00,00,00,00
"CONNECT 28800/LAP-M"=hex:02,02,80,70,00,00,00,00,00,00
"CONNECT 28800/V42BIS"=hex:02,03,80,70,00,00,00,00,00,00
"CONNECT 28800/V42b"=hex:02,03,80,70,00,00,00,00,00,00
"CONNECT 38400"=hex:02,00,00,00,00,00,00,96,00,00
"CONNECT 38400/ARQ"=hex:02,02,00,00,00,00,00,96,00,00
"CONNECT 38400/REL"=hex:02,02,00,00,00,00,00,96,00,00
"CONNECT 38400/MNP"=hex:02,02,00,00,00,00,00,96,00,00
"CONNECT 38400/LAP-M"=hex:02,02,00,00,00,00,00,96,00,00
"CONNECT 38400/V42BIS"=hex:02,03,00,00,00,00,00,96,00,00
"CONNECT 38400/V42b"=hex:02,03,00,00,00,00,00,96,00,00
"CONNECT 57600"=hex:02,00,00,00,00,00,00,e1,00,00
"CONNECT 57600/ARQ"=hex:02,02,00,00,00,00,00,e1,00,00
"CONNECT 57600/REL"=hex:02,02,00,00,00,00,00,e1,00,00
"CONNECT 57600/MNP"=hex:02,02,00,00,00,00,00,e1,00,00
"CONNECT 57600/LAP-M"=hex:02,02,00,00,00,00,00,e1,00,00
"CONNECT 57600/V42BIS"=hex:02,03,00,00,00,00,00,e1,00,00
"CONNECT 57600/V42b"=hex:02,03,00,00,00,00,00,e1,00,00
"CONNECT 115200"=hex:02,00,00,00,00,00,00,c2,01,00
"CONNECT 115200/ARQ"=hex:02,02,00,00,00,00,00,c2,01,00
"CONNECT 115200/REL"=hex:02,02,00,00,00,00,00,c2,01,00
"CONNECT 115200/MNP"=hex:02,02,00,00,00,00,00,c2,01,00
"CONNECT 115200/LAP-M"=hex:02,02,00,00,00,00,00,c2,01,00
"CONNECT 115200/V42BIS"=hex:02,03,00,00,00,00,00,c2,01,00
"CONNECT 115200/V42b"=hex:02,03,00,00,00,00,00,c2,01,00
"CONNECT 115,200"=hex:02,00,00,00,00,00,00,c2,01,00
"CONNECT 115,200/ARQ"=hex:02,02,00,00,00,00,00,c2,01,00
"CONNECT 115,200/REL"=hex:02,02,00,00,00,00,00,c2,01,00
"CONNECT 115,200/MNP"=hex:02,02,00,00,00,00,00,c2,01,00
"CONNECT 115,200/LAP-M"=hex:02,02,00,00,00,00,00,c2,01,00
"CONNECT 115,200/V42BIS"=hex:02,03,00,00,00,00,00,c2,01,00
"CONNECT 115,200/V42b"=hex:02,03,00,00,00,00,00,c2,01,00
"CONNECT 230400"=hex:02,00,00,00,00,00,00,84,03,00
"CONNECT 230400/ARQ"=hex:02,02,00,00,00,00,00,84,03,00
"CONNECT 230400/REL"=hex:02,02,00,00,00,00,00,84,03,00
"CONNECT 230400/MNP"=hex:02,02,00,00,00,00,00,84,03,00
"CONNECT 230400/LAP-M"=hex:02,02,00,00,00,00,00,84,03,00
"CONNECT 230400/V42BIS"=hex:02,03,00,00,00,00,00,84,03,00
"CONNECT 230400/V42b"=hex:02,03,00,00,00,00,00,84,03,00
"CARRIER 300"=hex:01,00,2c,01,00,00,00,00,00,00
"CARRIER 1200"=hex:01,00,b0,04,00,00,00,00,00,00
"CARRIER 1200/75"=hex:01,00,b0,04,00,00,00,00,00,00
"CARRIER 75/1200"=hex:01,00,b0,04,00,00,00,00,00,00
"CARRIER 2400"=hex:01,00,60,09,00,00,00,00,00,00
"CARRIER 4800"=hex:01,00,c0,12,00,00,00,00,00,00
"CARRIER 7200"=hex:01,00,20,1c,00,00,00,00,00,00
"CARRIER 9600"=hex:01,00,80,25,00,00,00,00,00,00
"CARRIER 12000"=hex:01,00,e0,2e,00,00,00,00,00,00
"CARRIER 14400"=hex:01,00,40,38,00,00,00,00,00,00
"CARRIER 16800"=hex:01,00,a0,41,00,00,00,00,00,00
"CARRIER 19200"=hex:01,00,00,4b,00,00,00,00,00,00
"CARRIER 21600"=hex:01,00,60,54,00,00,00,00,00,00
"CARRIER 24000"=hex:01,00,c0,5d,00,00,00,00,00,00
"CARRIER 26400"=hex:01,00,20,67,00,00,00,00,00,00
"CARRIER 28800"=hex:01,00,80,70,00,00,00,00,00,00
"COMPRESSION: CLASS 5"=hex:01,03,00,00,00,00,00,00,00,00
"COMPRESSION: MNP5"=hex:01,03,00,00,00,00,00,00,00,00
"COMPRESSION: V.42BIS"=hex:01,03,00,00,00,00,00,00,00,00
"COMPRESSION: V.42 BIS"=hex:01,03,00,00,00,00,00,00,00,00
"COMPRESSION: ADC"=hex:01,01,00,00,00,00,00,00,00,00
"COMPRESSION: NONE"=hex:01,00,00,00,00,00,00,00,00,00
"PROTOCOL: NONE"=hex:01,00,00,00,00,00,00,00,00,00
"PROTOCOL: ERROR-CONTROL/LAPB"=hex:01,02,00,00,00,00,00,00,00,00
"PROTOCOL: ERROR-CONTROL/LAPB/HDX"=hex:01,02,00,00,00,00,00,00,00,00
"PROTOCOL: ERROR-CONTROL/LAPB/AFT"=hex:01,02,00,00,00,00,00,00,00,00
"PROTOCOL: X.25/LAPB"=hex:01,02,00,00,00,00,00,00,00,00
"PROTOCOL: X.25/LAPB/HDX"=hex:01,02,00,00,00,00,00,00,00,00
"PROTOCOL: X.25/LAPB/AFT"=hex:01,02,00,00,00,00,00,00,00,00
"PROTOCOL: LAPM"=hex:01,02,00,00,00,00,00,00,00,00
"PROTOCOL: LAP-M"=hex:01,02,00,00,00,00,00,00,00,00
"PROTOCOL: LAPM/HDX"=hex:01,02,00,00,00,00,00,00,00,00
"PROTOCOL: LAP-M/HDX"=hex:01,02,00,00,00,00,00,00,00,00
"PROTOCOL: LAPM/AFT"=hex:01,02,00,00,00,00,00,00,00,00
"PROTOCOL: LAP-M/AFT"=hex:01,02,00,00,00,00,00,00,00,00
"PROTOCOL: ALT"=hex:01,02,00,00,00,00,00,00,00,00
"PROTOCOL: ALT-CELLULAR"=hex:01,0a,00,00,00,00,00,00,00,00
"PROTOCOL: MNP"=hex:01,02,00,00,00,00,00,00,00,00
"PROTOCOL: MNP2"=hex:01,02,00,00,00,00,00,00,00,00
"PROTOCOL: MNP3"=hex:01,02,00,00,00,00,00,00,00,00
"PROTOCOL: MNP4"=hex:01,02,00,00,00,00,00,00,00,00
"AUTOSTREAM: LEVEL 1"=hex:01,00,00,00,00,00,00,00,00,00
"AUTOSTREAM: LEVEL 2"=hex:01,00,00,00,00,00,00,00,00,00
"AUTOSTREAM: LEVEL 3"=hex:01,00,00,00,00,00,00,00,00,00
"CARRIER 31200 V.23"=hex:01,00,e0,79,00,00,00,00,00,00
"CARRIER 31200"=hex:01,00,e0,79,00,00,00,00,00,00
"CARRIER 31200/VFC"=hex:01,00,e0,79,00,00,00,00,00,00
"CARRIER 33600 V.23"=hex:01,00,40,83,00,00,00,00,00,00
"CARRIER 33600"=hex:01,00,40,83,00,00,00,00,00,00
"CARRIER 33600/VFC"=hex:01,00,40,83,00,00,00,00,00,00
"CONNECT 31200 EC"=hex:02,02,e0,79,00,00,00,00,00,00
"CONNECT 31200 EC/V42"=hex:02,02,e0,79,00,00,00,00,00,00
"CONNECT 31200 EC/V42BIS"=hex:02,03,e0,79,00,00,00,00,00,00
"CONNECT 31200 REL"=hex:02,02,e0,79,00,00,00,00,00,00
"CONNECT 31200 REL/MNP5"=hex:02,03,e0,79,00,00,00,00,00,00
"CONNECT 31200 REL/V42"=hex:02,02,e0,79,00,00,00,00,00,00
"CONNECT 31200 REL/V42BIS"=hex:02,03,e0,79,00,00,00,00,00,00
"CONNECT 31200"=hex:02,00,e0,79,00,00,00,00,00,00
"CONNECT 31200/ARQ"=hex:02,02,e0,79,00,00,00,00,00,00
"CONNECT 31200/LAP-M"=hex:02,02,e0,79,00,00,00,00,00,00
"CONNECT 31200/MNP"=hex:02,02,e0,79,00,00,00,00,00,00
"CONNECT 31200/REL"=hex:02,02,e0,79,00,00,00,00,00,00
"CONNECT 31200/REL-LAPM V.42 BIS"=hex:02,03,e0,79,00,00,00,00,00,00
"CONNECT 31200/REL-LAPM"=hex:02,02,e0,79,00,00,00,00,00,00
"CONNECT 31200/V42B"=hex:02,03,e0,79,00,00,00,00,00,00
"CONNECT 31200/V42BIS"=hex:02,03,e0,79,00,00,00,00,00,00
"CONNECT 33600 EC"=hex:02,02,40,83,00,00,00,00,00,00
"CONNECT 33600 EC/V42"=hex:02,02,40,83,00,00,00,00,00,00
"CONNECT 33600 EC/V42BIS"=hex:02,03,40,83,00,00,00,00,00,00
"CONNECT 33600 REL"=hex:02,02,40,83,00,00,00,00,00,00
"CONNECT 33600 REL/MNP5"=hex:02,03,40,83,00,00,00,00,00,00
"CONNECT 33600 REL/V42"=hex:02,02,40,83,00,00,00,00,00,00
"CONNECT 33600 REL/V42BIS"=hex:02,03,40,83,00,00,00,00,00,00
"CONNECT 33600"=hex:02,00,40,83,00,00,00,00,00,00
"CONNECT 33600/ARQ"=hex:02,02,40,83,00,00,00,00,00,00
"CONNECT 33600/LAP-M"=hex:02,02,40,83,00,00,00,00,00,00
"CONNECT 33600/MNP"=hex:02,02,40,83,00,00,00,00,00,00
"CONNECT 33600/REL"=hex:02,02,40,83,00,00,00,00,00,00
"CONNECT 33600/REL-LAPM V.42 BIS"=hex:02,03,40,83,00,00,00,00,00,00
"CONNECT 33600/REL-LAPM"=hex:02,02,40,83,00,00,00,00,00,00
"CONNECT 33600/V42B"=hex:02,03,40,83,00,00,00,00,00,00
"CONNECT 33600/V42BIS"=hex:02,03,40,83,00,00,00,00,00,00
"CONNECT 31200/REL-MNP"=hex:02,02,e0,79,00,00,00,00,00,00
"CONNECT 33600/REL-MNP"=hex:02,02,40,83,00,00,00,00,00,00
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(792)
d:\binaries\addins11111\Connection Wizard\fourm\program\Program Files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
- - - - - - - > 'explorer.exe'(2028)
c:\windows\system32\WININET.dll
c:\windows\system32\btmmhook.dll
c:\windows\system32\ieframe.dll
c:\internet download manager\idmmkb.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\wdfmgr.exe
c:\program files\TuneUp Utilities 2009\MemOptimizer.exe
c:\windows\system32\igfxext.exe
c:\windows\system32\igfxsrvc.exe
c:\internet download manager\IEMonitor.exe
c:\program files\MessengerDiscovery 2\MessengerDiscovery 2.exe
.
**************************************************************************
.
Completion time: 2009-11-30 09:30 - machine was rebooted
ComboFix-quarantined-files.txt 2009-11-30 06:30
Pre-Run: 30,878,724,096 bytes free
Post-Run: 30,772,449,280 bytes free
- - End Of File - - 5E9EF7CE0D078E67F400E779FC92ACAF
 
الظاهر ان النود نايم

اما انك تركبين له مفتاح وتحدثينه
او تغيري برنامج حمايه ثاني

جربي تفتحي هل تفتح معك ؟!

بالتوفيق
 
توقيع : SUL6AN
ممكن احد يحل المشكله؟؟؟؟؟؟؟؟؟؟
 
ممكن احد يحل المشكله؟؟؟؟؟؟؟؟؟؟

:?:
اختي
النود معطل موب فعال

جربي تحذفينه وتركبي برنامج حمايه وافحصي جهازك
 
توقيع : SUL6AN
طيب ايش افضل برنامج حمايه تنصحني فيه؟؟
 
عودة
أعلى