[ مشكلة ] في ونـدز Xp بعـد شآشـة الونـدز

تم تحميل الصفحة في 0,1641982 ثانية
في ونـدز Xp بعـد شآشـة الونـدز
الحالة
مغلق و غير مفتوح للمزيد من الردود.

Dr.Ali

VIP DeveloPer
إنضم
13 يوليو 2009
المشاركات
6,194
الإعجابات
6,046
النقاط
113
الإقامة
المنطقة الشرقية - الأحساء
السلامـ عليـكم ورحمة الله وبركآتهـ

اخوآني مشرفين هـذآ القسم أو من لديـه خبرهـ .. :10:

والله هالمشـكلة قآمـت تتنتشر بقـوهـ كبيره

والمشـكلة هي

لمآ تشغل الجهآز يشتغل معآك طبيعي الى شآشة الونـدز [ الي تكتمل ] ,., وبعـدهآ اذا خلصت .. الجهآز يعـيد لحآلهـ :26:

والحين 5 ماادري 4 أشخـآص صايره لهـم نفس المشـكلة :3:

مآلهآ حـل بالله ؟


[ انا فآتح بـ السيف مـود ]

بالتوفيق

:9:
 
إنضم
24 أكتوبر 2009
المشاركات
7,209
الإعجابات
798
النقاط
113
رد: في ونـدز Xp بعـد شآشـة الونـدز

تفضل يالغالي شيل الصح من اللي محدد بالاصفر

 
إنضم
24 أكتوبر 2009
المشاركات
7,209
الإعجابات
798
النقاط
113
رد: في ونـدز Xp بعـد شآشـة الونـدز

^^

ياخوي والله لو في تعب ما جيتك بنفسي وعطيتك حلول

والسالفة كلها مافيها تعب وكلمة شكر افضل من لا تتعب نفسك وتونا بأول الطريق يعني

ماسوينا شي غير وقفنا برامج بدء التشغيل وهذا حل مبدئي

:9:
 

Dr.Ali

VIP DeveloPer
إنضم
13 يوليو 2009
المشاركات
6,194
الإعجابات
6,046
النقاط
113
الإقامة
المنطقة الشرقية - الأحساء
رد: في ونـدز Xp بعـد شآشـة الونـدز

^^

ياخوي والله لو في تعب ما جيتك بنفسي وعطيتك حلول

والسالفة كلها مافيها تعب وكلمة شكر افضل من لا تتعب نفسك وتونا بأول الطريق يعني

ماسوينا شي غير وقفنا برامج بدء التشغيل وهذا حل مبدئي
يآلبىى قلبـك والله [ :9: ]

انا معآك حبيبي .. !

ومتآبـع لردودك ورآح أنفذهآ

حتى لو طلبت فورمآت :15:

:32:
 
إنضم
24 أكتوبر 2009
المشاركات
7,209
الإعجابات
798
النقاط
113
رد: في ونـدز Xp بعـد شآشـة الونـدز

افحص عن طريق الوضع الامن


حمل الاده من هنا

دبل كليك عليها وتابع الشرح ~

~~~~~~~~~~~~~~~





~~~~~~~~~~~~~~~





~~~~~~~~~~~~~~~





~~~~~~~~~~~~~~~





~~~~~~~~~~~~~~~


بعد الفحص راح يجيك تقرير انسخه وضعه في ردك القادم


 
إنضم
10 مارس 2011
المشاركات
6,989
الإعجابات
4,056
النقاط
0
رد: في ونـدز Xp بعـد شآشـة الونـدز

عليكم السلام~
بعد اذنكم ~
تابعو~
----------------------------------------------------
استعيد النظام الى قبل المشكله تحصل~
احتمال من برنامج~

بالتوفيق~

 
إنضم
15 أغسطس 2010
المشاركات
1,194
الإعجابات
828
النقاط
113
رد: في ونـدز Xp بعـد شآشـة الونـدز

كم قال لاستاد صالح الهزيمي الدي أحترمه في المجهود الدي يعمل في هدا القسم

أخي أضن أن جهازك في فيروس

و الادوات التي راح أعطيها لك شغلها في وضع الامان

طريقة الدخول للوضع الامن [ Safe Mode ] شرح بالصور للمبتدئين

.
.
.
.
عطل إستعادة النظام
كلك يمين على جهاز الكمبيوتر ~~> خصائص ~~> إستعادة النظام ~~> تابع الشرح




+

حمل البرنامج من هنا

قم بتشغيل البرنامج ثم طبق كما في الصور التالية


~~~~~~~~~~~~~~~~~~~~~~


اول شي لازم نسوي تحديث للبرنامج






~~~~~~~~~~~~~~~~~~~~~~







~~~~~~~~~~~~~~~~~~~~~~







~~~~~~~~~~~~~~~~~~~~~~








~~~~~~~~~~~~~~~~~~~~~~






~~~~~~~~~~~~~~~~~~~~~~




في هذه الخطوة اضغط على ريموف وآنتظر قليلاً
تلقآئيآ سوف يظهر لك تقرير آلصقه في رك القآدم >> بعدهآ وآفق على آعآدة تشغيل الجهآز ليتم حذف الملفآت المصآبة والمشبوهة




---------------------------------------------------------------------------------------------

وإن لم يتغير شيء جرب أداة كاسبير

اداة الكاسبر ..
http://devbuilds.kaspersky-labs.com/...2010_22-11.exe
[ الاستخدام ]


--------------------------------------------------------------------------------------------------
ذحين حمل أداة Dr w e b
هنـــــأ
بعد التحميل أدخل علىا الوضع الامن " السيف مود "
[ شرح ] طريقة الدخول للوضع الامن [ Safe Mode ] شرح بالصور للمبتدئين

وبعد ماتدخل علىا الوضع الامن شغل الاده وشوف هذا الشرح



















عند العثور على فايروس او ملف مشبوه راح تظهر لك مثل هالنافذة اضغط كالموضح




بعد الآنتهاء من الفحص
اضغط على select all
ثم اضغط على cure
واختر delete incurable
--------------------------------------------------------------------------------------

حبيبي هده الادواة كلها متخصصة في حدف الفيروسات
 

Dr.Ali

VIP DeveloPer
إنضم
13 يوليو 2009
المشاركات
6,194
الإعجابات
6,046
النقاط
113
الإقامة
المنطقة الشرقية - الأحساء
رد: في ونـدز Xp بعـد شآشـة الونـدز

PHP:
ComboFix 11-04-05.02 - Administrator 04/06/2011  16:26:21.2.1 - x86 NETWORK
Microsoft Windows XP Professional  5.1.2600.2.1256.20.1025.18.1014.683 [GMT 3:00]
Running from: c:\documents and settings\Administrator\My Documents\Downloads\ComboFix\ComboFix.exe
AV: ESET NOD32 antivirus system 2.70 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\documents and settings\Administrator\Application Data\chrtmp
c:\documents and settings\Administrator\Application Data\inst.exe
c:\documents and settings\Administrator\Application Data\PriceGong
c:\documents and settings\Administrator\Application Data\PriceGong\Data\1.xml
c:\documents and settings\Administrator\Application Data\PriceGong\Data\a.xml
c:\documents and settings\Administrator\Application Data\PriceGong\Data\b.xml
c:\documents and settings\Administrator\Application Data\PriceGong\Data\c.xml
c:\documents and settings\Administrator\Application Data\PriceGong\Data\d.xml
c:\documents and settings\Administrator\Application Data\PriceGong\Data\e.xml
c:\documents and settings\Administrator\Application Data\PriceGong\Data\f.xml
c:\documents and settings\Administrator\Application Data\PriceGong\Data\g.xml
c:\documents and settings\Administrator\Application Data\PriceGong\Data\h.xml
c:\documents and settings\Administrator\Application Data\PriceGong\Data\i.xml
c:\documents and settings\Administrator\Application Data\PriceGong\Data\J.xml
c:\documents and settings\Administrator\Application Data\PriceGong\Data\k.xml
c:\documents and settings\Administrator\Application Data\PriceGong\Data\l.xml
c:\documents and settings\Administrator\Application Data\PriceGong\Data\m.xml
c:\documents and settings\Administrator\Application Data\PriceGong\Data\mru.xml
c:\documents and settings\Administrator\Application Data\PriceGong\Data\n.xml
c:\documents and settings\Administrator\Application Data\PriceGong\Data\o.xml
c:\documents and settings\Administrator\Application Data\PriceGong\Data\p.xml
c:\documents and settings\Administrator\Application Data\PriceGong\Data\q.xml
c:\documents and settings\Administrator\Application Data\PriceGong\Data\r.xml
c:\documents and settings\Administrator\Application Data\PriceGong\Data\s.xml
c:\documents and settings\Administrator\Application Data\PriceGong\Data\t.xml
c:\documents and settings\Administrator\Application Data\PriceGong\Data\u.xml
c:\documents and settings\Administrator\Application Data\PriceGong\Data\v.xml
c:\documents and settings\Administrator\Application Data\PriceGong\Data\w.xml
c:\documents and settings\Administrator\Application Data\PriceGong\Data\x.xml
c:\documents and settings\Administrator\Application Data\PriceGong\Data\y.xml
c:\documents and settings\Administrator\Application Data\PriceGong\Data\z.xml
c:\documents and settings\Administrator\WINDOWS
c:\program files\SpeedBit Video Downloader\Toolbar\tbhelper.dll
c:\windows\Mylist.dll
c:\windows\Mylist1.txt
c:\windows\Mylist2.txt
.
c:\windows\regedit.exe . . . is infected!!
.
.
(((((((((((((((((((((((((   Files Created from 2011-03-06 to 2011-04-06  )))))))))))))))))))))))))))))))
.
.
2011-04-06 11:01 . 2011-04-06 11:01	--------	d-----w-	c:\documents and settings\Administrator\Application Data\VSRevoGroup
2011-04-05 12:48 . 2007-03-22 17:24	28160	----a-w-	c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2011-04-05 12:48 . 2006-06-29 10:07	14048	------w-	c:\windows\system32\spmsg2.dll
2011-04-05 12:42 . 2011-04-05 12:42	--------	d-----w-	c:\program files\MSXML 6.0
2011-04-05 11:22 . 2011-04-05 11:22	--------	d-----w-	c:\program files\AutoIt3
2011-04-04 20:34 . 2011-04-04 20:34	--------	d-----w-	c:\documents and settings\Administrator\Local Settings\Application Data\IsolatedStorage
2011-04-04 20:34 . 2011-04-04 20:34	--------	d-----w-	c:\program files\Red Gate
2011-04-04 20:34 . 2011-04-04 20:34	--------	d-----w-	c:\documents and settings\All Users\Application Data\Red Gate
2011-04-04 20:33 . 2011-04-04 20:33	--------	d-----w-	c:\windows\Downloaded Installations
2011-04-04 12:46 . 2011-04-04 12:46	--------	d-----w-	c:\documents and settings\Administrator\.idlerc
2011-04-04 12:45 . 2011-04-04 12:45	--------	d-----w-	C:\Python25
2011-04-03 11:16 . 2011-04-03 11:16	--------	d-----w-	c:\program files\WinPcap
2011-04-03 11:15 . 2011-04-03 11:15	--------	d-----w-	c:\program files\Rapid7
2011-04-02 16:24 . 2011-04-02 16:24	--------	d-----w-	c:\documents and settings\All Users\Application Data\{smartassembly}
2011-04-02 16:24 . 2011-04-04 20:33	--------	d-----w-	c:\program files\{smartassembly}
2011-03-31 19:00 . 2011-04-04 16:20	--------	d-----w-	c:\documents and settings\Administrator\Local Settings\Application Data\AskToolbar
2011-03-31 18:53 . 2006-07-01 12:46	5504	----a-w-	c:\windows\system32\drivers\MSTEE.sys
2011-03-31 18:52 . 2006-07-01 12:46	10880	----a-w-	c:\windows\system32\drivers\NdisIP.sys
2011-03-31 18:52 . 2006-07-01 12:46	15360	----a-w-	c:\windows\system32\drivers\StreamIP.sys
2011-03-31 18:52 . 2006-07-01 12:46	16384	----a-w-	c:\windows\system32\ipsink.ax
2011-03-31 18:52 . 2006-07-01 12:46	11136	----a-w-	c:\windows\system32\drivers\SLIP.sys
2011-03-31 18:52 . 2006-07-01 12:46	19328	----a-w-	c:\windows\system32\drivers\WSTCODEC.SYS
2011-03-31 18:52 . 2006-07-01 12:46	85376	----a-w-	c:\windows\system32\drivers\NABTSFEC.sys
2011-03-31 18:52 . 2006-07-01 12:46	17024	----a-w-	c:\windows\system32\drivers\CCDECODE.sys
2011-03-31 18:52 . 2006-07-01 12:46	91136	----a-w-	c:\windows\system32\kswdmcap.ax
2011-03-31 18:52 . 2006-07-01 12:46	61952	----a-w-	c:\windows\system32\kstvtune.ax
2011-03-31 18:52 . 2006-07-01 12:46	28672	----a-w-	c:\windows\system32\vidcap.ax
2011-03-31 18:52 . 2006-07-01 12:46	43008	----a-w-	c:\windows\system32\ksxbar.ax
2011-03-31 18:52 . 2006-07-01 12:46	53760	----a-w-	c:\windows\system32\vfwwdm32.dll
2011-03-31 18:51 . 2011-03-31 18:53	--------	d-----w-	c:\program files\ManyCam 2.4
2011-03-31 18:51 . 2011-03-31 18:53	--------	d-----w-	c:\documents and settings\Administrator\Application Data\ManyCam
2011-03-31 18:51 . 2011-03-31 18:51	--------	d-----w-	c:\program files\Ask.com
2011-03-30 22:06 . 2010-04-28 04:44	54760	----a-w-	c:\windows\system32\drivers\fssfltr_tdi.sys
2011-03-29 20:07 . 2004-08-04 01:55	221184	----a-w-	c:\windows\system32\wmpns.dll
2011-03-29 20:06 . 2011-03-30 20:50	--------	d-----w-	c:\documents and settings\ali
2011-03-28 11:53 . 2011-03-28 11:51	480832	----a-w-	c:\windows\system32\elnour.exe
2011-03-25 18:38 . 2015-04-05 10:23	--------	d-----w-	c:\documents and settings\Administrator\Local Settings\Application Data\ConduitEngine
2011-03-25 18:38 . 2011-03-25 18:38	0	----a-w-	c:\windows\system32\ConduitEngine.tmp
2011-03-25 18:38 . 2011-03-25 18:38	--------	d-----w-	c:\program files\ConduitEngine
2011-03-24 23:27 . 2011-03-25 00:10	--------	d-----w-	c:\program files\Power Email Harvester
2011-03-23 12:32 . 2011-04-05 11:29	--------	d-----w-	c:\program files\CodeLifter5
2011-03-17 23:49 . 2011-03-17 23:49	--------	d-----w-	c:\program files\BreakPoint Software
2011-03-15 13:03 . 2011-03-28 18:57	--------	d-----w-	c:\documents and settings\Administrator\Application Data\TeamViewer
2011-03-14 18:02 . 2011-03-14 18:02	--------	d-----w-	c:\program files\No-IP
2011-03-14 17:11 . 2011-03-29 10:08	--------	d-----w-	c:\documents and settings\Administrator\Local Settings\Application Data\Temp
2011-03-14 17:11 . 2011-03-14 17:11	--------	d-----w-	c:\documents and settings\Administrator\Local Settings\Application Data\Deployment
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
------- Sigcheck -------
.
.
[7] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[7] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2006-04-20 . B4E29943B4B04BD5E7381546848E6669 . 359808 . . [5.1.2600.2892] . . c:\windows\system32\drivers\tcpip.sys
[7] 2006-01-13 . 5562CC0A47B2AEF06D3417B733F3C195 . 360448 . . [5.1.2600.2827] . . c:\windows\$hf_mig$\KB913446\SP2QFE\tcpip.sys
.
[-] 2006-07-01 . 0BB6CE5523BAF1512314BAE179360B3C . 197120 . . [5.1.2600.2743] . . c:\windows\system32\netman.dll
.
[-] 2006-09-12 . C8A68BC4C171654188326E2B9E936102 . 398336 . . [5.1.2600.2726] . . c:\windows\system32\rpcss.dll
.
[-] 2006-07-01 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\system32\spoolsv.exe
.
[-] 2006-09-12 03:32 . B79383100A456E981C5ABA1BEAD8B035 . 125208 . . [5.8.0.2469 built by: lab01_n(wmbla)] . . c:\windows\system32\wuauclt.exe
.
[-] 2006-09-12 03:52 . F3BAA9552C48E8652E3518E589F885FD . 243200 . . [2001.12.4414.308] . . c:\windows\system32\es.dll
.
[-] 2006-09-12 . 09C097450F5C7415E4AC441172ED4F61 . 1353216 . . [5.1.2600.2945] . . c:\windows\system32\kernel32.dll
.
[-] 2006-07-01 . 4180813BB96982D3AAFE7FF737533727 . 19968 . . [5.1.2600.2751] . . c:\windows\system32\linkinfo.dll
.
[-] 2006-09-12 . 926F34C7DBA84312CAF638E9D0B59695 . 3428864 . . [6.00.2900.2963] . . c:\windows\system32\mshtml.dll
[7] 2006-05-19 . C8BED60A5AFC22D3466E5896B2D92D35 . 3076096 . . [6.00.2900.2912] . . c:\windows\$hf_mig$\KB916281\SP2QFE\mshtml.dll
[7] 2006-05-19 . 349C7988F007D45C5ABD7260A53888A0 . 3073536 . . [6.00.2900.2912] . . c:\windows\system32\dllcache\mshtml.dll
.
[-] 2006-07-01 . 5B86344B87D41C77D752C1B2221C808A . 248832 . . [5.1.2600.2716] . . c:\windows\system32\tapisrv.dll
.
[-] 2006-01-27 . C287C8218DAC8EE3AEF1FB2018064699 . 576512 . . [5.1.2600.2622] . . c:\windows\system32\user32.dll
.
[-] 2006-09-12 . 705A23DCE4CDF6B3DF8DE4481250D30D . 663040 . . [6.00.2900.2937] . . c:\windows\system32\wininet.dll
[7] 2006-05-10 . 4BC88C82ED023C36F906111864C16BF6 . 662016 . . [6.00.2900.2904] . . c:\windows\$hf_mig$\KB916281\SP2QFE\wininet.dll
[7] 2006-05-10 . 2D38385877CB32DB7C3D2271D2DC84DB . 656896 . . [6.00.2900.2904] . . c:\windows\system32\dllcache\wininet.dll
.
[-] 2006-09-12 . 810316E2E8D32075C8B984320A6011CF . 1616384 . . [6.00.2900.2180] . . c:\windows\explorer.exe
.
[-] 2006-09-12 . F7D2447E2051D452AFEEC4A37CAF758A . 1285632 . . [5.1.2600.2726] . . c:\windows\system32\ole32.dll
.
[-] 2006-07-01 . 5839C7D4FA3AE3ACEB7422829B010900 . 1547776 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll
.
[-] 2006-09-12 . E2E05AC6E25670D9A9F592E3E223B92D . 2196608 . . [5.1.2600.2622] . . c:\windows\system32\ntkrnlpa.exe
.
.
[-] 2006-09-08 . EF63859E4FD9CB3EC31A111481F4B1B6 . 2321024 . . [5.1.2600.2885] . . c:\windows\system32\ntoskrnl.exe
.
c:\windows\System32\drivers\beep.sys ... is missing !!
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-03-03 1362824]
"{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}"= "c:\program files\4shared.com\prxtb4sh2.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_CLASSES_ROOT\clsid\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}]
2011-01-17 14:54	175912	----a-w-	c:\program files\4shared.com\prxtb4sh2.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 14:54	175912	----a-w-	c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]
2011-01-17 14:54	175912	----a-w-	c:\program files\myBabylon_English\prxtbmyB2.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-03-03 13:42	1362824	----a-w-	c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}"= "c:\program files\myBabylon_English\prxtbmyB2.dll" [2011-01-17 175912]
"{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}"= "c:\program files\4shared.com\prxtb4sh2.dll" [2011-01-17 175912]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-03-03 1362824]
.
[HKEY_CLASSES_ROOT\clsid\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]
.
[HKEY_CLASSES_ROOT\clsid\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\************browser]
"{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7}"= "c:\program files\myBabylon_English\prxtbmyB2.dll" [2011-01-17 175912]
"{09EC805C-CB2E-4D53-B0D3-A75A428B81C7}"= "c:\program files\4shared.com\prxtb4sh2.dll" [2011-01-17 175912]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-03-03 1362824]
.
[HKEY_CLASSES_ROOT\clsid\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]
.
[HKEY_CLASSES_ROOT\clsid\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"!AVG Anti-Spyware"="c:\program files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-12-26 6731312]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2007-12-26 949376]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2004-10-15 385024]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nlsf"="move" [X]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-03 44544]
"MPlayer2_FixUp"="c:\windows\inf\unregmp2.exe" [2006-05-10 180736]
.
c:\documents and settings\All Users\çں‍ê، ں****§ڑ\ںé****©ںê¤\****§ک ں颬نïé\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2005-8-16 577597]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]
2004-10-15 09:27	110592	----a-w-	c:\program files\Intel\Wireless\Bin\LgNotify.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]
@="Service"
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"amva"=c:\windows\system32\amvo.exe
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe
"swg"=c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
"Acer ePower Management"=c:\acer\Empowering Technology\ePower\Acer ePower Management.exe boot
"CtrlVol"="c:\program files\Launch Manager\CtrlVol.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"AvaFind"="c:\program files\AvaFind\AvaFind.exe" /minimized
"Device Detector"=DevDetect.exe -autorun
"EOUApp"=c:\program files\Intel\Wireless\Bin\EOUWiz.exe
"eDataSecurity Loader"=c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe
"Flashget"="c:\program files\FlashGet\FlashGet.exe" /min
"iTune****************per"="c:\program files\iTunes\iTune****************per.exe"
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_03\bin\jusched.exe"
"ADMTray.exe"="c:\acer\Empowering Technology\admtray.exe"
"SynTPEnh"=c:\program files\Synaptics\SynTP\SynTPEnh.exe
"SynTPLpr"=c:\program files\Synaptics\SynTP\SynTPLpr.exe
"SoundMan"=SOUNDMAN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Avant Browser\\avant.exe"=
"c:\\Program Files\\Sierra Wireless Inc\\3G Watcher\\SwiApiMux.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"15051:TCP"= 15051:TCP:BitComet 15051 TCP
"15051:UDP"= 15051:UDP:BitComet 15051 UDP
"81:UDP"= 81:UDP:BiFrOsT 
"81:TCP"= 81:TCP:BiFrOsT 
"82:UDP"= 82:UDP:BiFrOsT 
"82:TCP"= 82:TCP:BiFrOsT 
.
R0 ElbyVCD;ElbyVCD;c:\windows\system32\drivers\ElbyVCD.sys [11/28/2002 1:43 م 22016]
S1 mailKmd;mailKmd; [x]
S1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [12/26/2007 8:59 م 15424]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [1/27/2010 5:09 ص 50704]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [12/28/2007 4:27 م 13352]
S3 ManyCam;ManyCam Virtual ************cam, WDM Video Capture Driver;c:\windows\system32\drivers\ManyCam.sys [1/14/2008 1:06 م 21632]
S3 NSPacket;NextSecurity Packet Driver;c:\windows\system32\drivers\nspacket.sys [1/4/2008 8:24 م 32768]
S3 POWERKEY;POWERKEY;c:\program files\Launch Manager\POWERKEY.SYS [12/26/2007 7:11 م 2343]
S3 swivsp;AC8xx Virtual Serial Port;c:\windows\system32\drivers\swivspnt.sys [10/12/2006 10:49 ص 20352]
S3 SWNC8U12;Sierra Wireless MUX NDIS Driver (UMTS12);c:\windows\system32\drivers\swnc8u12.sys [3/12/2007 4:17 م 102272]
S3 swumx12;Sierra Wireless USB MUX Driver (UMTS12);c:\windows\system32\drivers\swumx12.sys [3/12/2007 4:18 م 72576]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12/28/2007 4:03 م 685816]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
.
2011-04-01 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClick.exe [2007-12-21 12:17]
.
2011-04-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-602162358-573735546-725345543-500Core.job
- c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-03-14 17:11]
.
2011-04-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-602162358-573735546-725345543-500UA.job
- c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-03-14 17:11]
.
2011-04-05 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2010-03-03 13:42]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.sa/
uInternet Settings,ProxyOverride = local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Download All using 4shared Desktop - c:\program files\4shared Desktop\down_all.htm
IE: &Sample Toolband Serach - c:\windows\system32\ToolBand.dll/MENUSEARCH.HTM
IE: Add to AMV Converter... - c:\program files\MP3 Player Utilities 4.04\AMVConverter\grab.html
IE: MediaManager tool grab multimedia file - c:\program files\MP3 Player Utilities 4.04\MediaManager\grab.html
IE: Send To &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: ت&صدير إلى Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-AVG Anti-Spyware Driver
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-06 16:29
Windows 5.1.2600 Service Pack 2 NTFS
.
scanning hidden processes ...  
.
scanning hidden autostart entries ... 
.
scanning hidden files ...  
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1bb9094d-7b5d-4cf4-a11b-93e555b35410}]
@Denied: (Full) (Everyone)
"Model"=dword:00000075
"Therad"=dword:0000001e
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
   38,95,44,51,c4,5c,06,a5,56,2b,b8,ab,79,6e,ff,03,36,6d,b2,83,e0,8b,c5,07,bb,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):28,ed,2d,53,3c,d8,92,cd,ed,12,b5,bb,0f,4a,dd,b7,03,23,f6,46,98,
   fc,62,20,f1,19,e3,9a,70,c3,5e,1e,05,cc,39,bb,bd,ed,bf,e2,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Unimodem\DeviceSpecific\  EH/E *BJ'3J *9(1 *'1*('7 *B*l*u*e*t*o*o*t*h*:*:*  'DGH'*A *'D.DHJ) *'DBJ'3J):*:*M*i*c*r*o*s*o*f*t*\Responses]
"<cr>"=hex:01,00,00,00,00,00,00,00,00,00
"<lf>"=hex:01,00,00,00,00,00,00,00,00,00
"<cr><lf>OK<cr><lf>"=hex:00,00,00,00,00,00,00,00,00,00
"<cr><lf>RING<cr><lf>"=hex:08,00,00,00,00,00,00,00,00,00
"<cr><lf>NO CARRIER<cr><lf>"=hex:04,00,00,00,00,00,00,00,00,00
"<cr><lf>ERROR<cr><lf>"=hex:03,00,00,00,00,00,00,00,00,00
"<cr><lf>NO DIALTONE<cr><lf>"=hex:05,00,00,00,00,00,00,00,00,00
"<cr><lf>BUSY<cr><lf>"=hex:06,00,00,00,00,00,00,00,00,00
"<cr><lf>NO ANSWER<cr><lf>"=hex:07,00,00,00,00,00,00,00,00,00
"<cr><lf>CONNECT<cr><lf>"=hex:02,00,00,00,00,00,00,00,00,00
"0<cr>"=hex:00,00,00,00,00,00,00,00,00,00
"2<cr>"=hex:08,00,00,00,00,00,00,00,00,00
"3<cr>"=hex:04,00,00,00,00,00,00,00,00,00
"4<cr>"=hex:03,00,00,00,00,00,00,00,00,00
"6<cr>"=hex:05,00,00,00,00,00,00,00,00,00
"7<cr>"=hex:06,00,00,00,00,00,00,00,00,00
"8<cr>"=hex:07,00,00,00,00,00,00,00,00,00
"OK"=hex:00,00,00,00,00,00,00,00,00,00
"RING"=hex:08,00,00,00,00,00,00,00,00,00
"NO CARRIER"=hex:04,00,00,00,00,00,00,00,00,00
"ERROR"=hex:03,00,00,00,00,00,00,00,00,00
"NO DIALTONE"=hex:05,00,00,00,00,00,00,00,00,00
"NO DIAL TONE"=hex:05,00,00,00,00,00,00,00,00,00
"BUSY"=hex:06,00,00,00,00,00,00,00,00,00
"NO ANSWER"=hex:07,00,00,00,00,00,00,00,00,00
"FAX"=hex:03,00,00,00,00,00,00,00,00,00
"DATA"=hex:03,00,00,00,00,00,00,00,00,00
"VOICE"=hex:03,00,00,00,00,00,00,00,00,00
"RINGING"=hex:01,00,00,00,00,00,00,00,00,00
"DIALING"=hex:01,00,00,00,00,00,00,00,00,00
"RRING"=hex:01,00,00,00,00,00,00,00,00,00
"DELAYED"=hex:1d,00,00,00,00,00,00,00,00,00
"BLACKLISTED"=hex:1c,00,00,00,00,00,00,00,00,00
"+FCERROR"=hex:03,00,00,00,00,00,00,00,00,00
"CONNECT"=hex:02,00,00,00,00,00,00,00,00,00
"CONNECT/ARQ"=hex:02,02,00,00,00,00,00,00,00,00
"CONNECT/REL"=hex:02,02,00,00,00,00,00,00,00,00
"CONNECT/MNP"=hex:02,02,00,00,00,00,00,00,00,00
"CONNECT/LAP-M"=hex:02,02,00,00,00,00,00,00,00,00
"CONNECT/V42BIS"=hex:02,03,00,00,00,00,00,00,00,00
"CONNECT/V42b"=hex:02,03,00,00,00,00,00,00,00,00
"CONNECT 300"=hex:02,00,2c,01,00,00,00,00,00,00
"CONNECT 300/ARQ"=hex:02,02,2c,01,00,00,00,00,00,00
"CONNECT 300/REL"=hex:02,02,2c,01,00,00,00,00,00,00
"CONNECT 300/MNP"=hex:02,02,2c,01,00,00,00,00,00,00
"CONNECT 300/LAP-M"=hex:02,02,2c,01,00,00,00,00,00,00
"CONNECT 300/V42BIS"=hex:02,03,2c,01,00,00,00,00,00,00
"CONNECT 300/V42b"=hex:02,03,2c,01,00,00,00,00,00,00
"CONNECT 600"=hex:02,00,58,02,00,00,00,00,00,00
"CONNECT 600/ARQ"=hex:02,02,58,02,00,00,00,00,00,00
"CONNECT 600/REL"=hex:02,02,58,02,00,00,00,00,00,00
"CONNECT 600/MNP"=hex:02,02,58,02,00,00,00,00,00,00
"CONNECT 600/LAP-M"=hex:02,02,58,02,00,00,00,00,00,00
"CONNECT 600/V42BIS"=hex:02,03,58,02,00,00,00,00,00,00
"CONNECT 600/V42b"=hex:02,03,58,02,00,00,00,00,00,00
"CONNECT 0600"=hex:02,00,58,02,00,00,00,00,00,00
"CONNECT 0600/ARQ"=hex:02,02,58,02,00,00,00,00,00,00
"CONNECT 0600/REL"=hex:02,02,58,02,00,00,00,00,00,00
"CONNECT 0600/MNP"=hex:02,02,58,02,00,00,00,00,00,00
"CONNECT 0600/LAP-M"=hex:02,02,58,02,00,00,00,00,00,00
"CONNECT 0600/V42BIS"=hex:02,03,58,02,00,00,00,00,00,00
"CONNECT 0600/V42b"=hex:02,03,58,02,00,00,00,00,00,00
"CONNECT 1200"=hex:02,00,b0,04,00,00,00,00,00,00
"CONNECT 1200/ARQ"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 1200/REL"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 1200/MNP"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 1200/LAP-M"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 1200/V42BIS"=hex:02,03,b0,04,00,00,00,00,00,00
"CONNECT 1200/V42b"=hex:02,03,b0,04,00,00,00,00,00,00
"CONNECT 1200/75"=hex:02,00,b0,04,00,00,00,00,00,00
"CONNECT 1200/75/ARQ"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 1200/75/REL"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 1200/75/MNP"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 1200/75/LAP-M"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 1200/75/V42BIS"=hex:02,03,b0,04,00,00,00,00,00,00
"CONNECT 1200/75/V42b"=hex:02,03,b0,04,00,00,00,00,00,00
"CONNECT 1200TX/75RX"=hex:02,00,b0,04,00,00,00,00,00,00
"CONNECT 1200TX/75RX/ARQ"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 1200TX/75RX/REL"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 1200TX/75RX/MNP"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 1200TX/75RX/LAP-M"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 1200TX/75RX/V42BIS"=hex:02,03,b0,04,00,00,00,00,00,00
"CONNECT 1200TX/75RX/V42b"=hex:02,03,b0,04,00,00,00,00,00,00
"CONNECT 75/1200"=hex:02,00,b0,04,00,00,00,00,00,00
"CONNECT 75/1200/ARQ"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 75/1200/REL"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 75/1200/MNP"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 75/1200/LAP-M"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 75/1200/V42BIS"=hex:02,03,b0,04,00,00,00,00,00,00
"CONNECT 75/1200/V42b"=hex:02,03,b0,04,00,00,00,00,00,00
"CONNECT 75TX/1200RX"=hex:02,00,b0,04,00,00,00,00,00,00
"CONNECT 75TX/1200RX/ARQ"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 75TX/1200RX/REL"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 75TX/1200RX/MNP"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 75TX/1200RX/LAP-M"=hex:02,02,b0,04,00,00,00,00,00,00
"CONNECT 75TX/1200RX/V42BIS"=hex:02,03,b0,04,00,00,00,00,00,00
"CONNECT 75TX/1200RX/V42b"=hex:02,03,b0,04,00,00,00,00,00,00
"CONNECT 2400"=hex:02,00,60,09,00,00,00,00,00,00
"CONNECT 2400/ARQ"=hex:02,02,60,09,00,00,00,00,00,00
"CONNECT 2400/REL"=hex:02,02,60,09,00,00,00,00,00,00
"CONNECT 2400/MNP"=hex:02,02,60,09,00,00,00,00,00,00
"CONNECT 2400/LAP-M"=hex:02,02,60,09,00,00,00,00,00,00
"CONNECT 2400/V42BIS"=hex:02,03,60,09,00,00,00,00,00,00
"CONNECT 2400/V42b"=hex:02,03,60,09,00,00,00,00,00,00
"CONNECT 4800"=hex:02,00,c0,12,00,00,00,00,00,00
"CONNECT 4800/ARQ"=hex:02,02,c0,12,00,00,00,00,00,00
"CONNECT 4800/REL"=hex:02,02,c0,12,00,00,00,00,00,00
"CONNECT 4800/MNP"=hex:02,02,c0,12,00,00,00,00,00,00
"CONNECT 4800/LAP-M"=hex:02,02,c0,12,00,00,00,00,00,00
"CONNECT 4800/V42BIS"=hex:02,03,c0,12,00,00,00,00,00,00
"CONNECT 4800/V42b"=hex:02,03,c0,12,00,00,00,00,00,00
"CONNECT 7200"=hex:02,00,20,1c,00,00,00,00,00,00
"CONNECT 7200/ARQ"=hex:02,02,20,1c,00,00,00,00,00,00
"CONNECT 7200/REL"=hex:02,02,20,1c,00,00,00,00,00,00
"CONNECT 7200/MNP"=hex:02,02,20,1c,00,00,00,00,00,00
"CONNECT 7200/LAP-M"=hex:02,02,20,1c,00,00,00,00,00,00
"CONNECT 7200/V42BIS"=hex:02,03,20,1c,00,00,00,00,00,00
"CONNECT 7200/V42b"=hex:02,03,20,1c,00,00,00,00,00,00
"CONNECT 9600"=hex:02,00,80,25,00,00,00,00,00,00
"CONNECT 9600/ARQ"=hex:02,02,80,25,00,00,00,00,00,00
"CONNECT 9600/REL"=hex:02,02,80,25,00,00,00,00,00,00
"CONNECT 9600/MNP"=hex:02,02,80,25,00,00,00,00,00,00
"CONNECT 9600/LAP-M"=hex:02,02,80,25,00,00,00,00,00,00
"CONNECT 9600/V42BIS"=hex:02,03,80,25,00,00,00,00,00,00
"CONNECT 9600/V42b"=hex:02,03,80,25,00,00,00,00,00,00
"CONNECT 12000"=hex:02,00,e0,2e,00,00,00,00,00,00
"CONNECT 12000/ARQ"=hex:02,02,e0,2e,00,00,00,00,00,00
"CONNECT 12000/REL"=hex:02,02,e0,2e,00,00,00,00,00,00
"CONNECT 12000/MNP"=hex:02,02,e0,2e,00,00,00,00,00,00
"CONNECT 12000/LAP-M"=hex:02,02,e0,2e,00,00,00,00,00,00
"CONNECT 12000/V42BIS"=hex:02,03,e0,2e,00,00,00,00,00,00
"CONNECT 12000/V42b"=hex:02,03,e0,2e,00,00,00,00,00,00
"CONNECT 14400"=hex:02,00,40,38,00,00,00,00,00,00
"CONNECT 14400/ARQ"=hex:02,02,40,38,00,00,00,00,00,00
"CONNECT 14400/REL"=hex:02,02,40,38,00,00,00,00,00,00
"CONNECT 14400/MNP"=hex:02,02,40,38,00,00,00,00,00,00
"CONNECT 14400/LAP-M"=hex:02,02,40,38,00,00,00,00,00,00
"CONNECT 14400/V42BIS"=hex:02,03,40,38,00,00,00,00,00,00
"CONNECT 14400/V42b"=hex:02,03,40,38,00,00,00,00,00,00
"CONNECT 16800"=hex:02,00,a0,41,00,00,00,00,00,00
"CONNECT 16800/ARQ"=hex:02,02,a0,41,00,00,00,00,00,00
"CONNECT 16800/REL"=hex:02,02,a0,41,00,00,00,00,00,00
"CONNECT 16800/MNP"=hex:02,02,a0,41,00,00,00,00,00,00
"CONNECT 16800/LAP-M"=hex:02,02,a0,41,00,00,00,00,00,00
"CONNECT 16800/V42BIS"=hex:02,03,a0,41,00,00,00,00,00,00
"CONNECT 16800/V42b"=hex:02,03,a0,41,00,00,00,00,00,00
"CONNECT 19200"=hex:02,00,00,4b,00,00,00,00,00,00
"CONNECT 19200/ARQ"=hex:02,02,00,4b,00,00,00,00,00,00
"CONNECT 19200/REL"=hex:02,02,00,4b,00,00,00,00,00,00
"CONNECT 19200/MNP"=hex:02,02,00,4b,00,00,00,00,00,00
"CONNECT 19200/LAP-M"=hex:02,02,00,4b,00,00,00,00,00,00
"CONNECT 19200/V42BIS"=hex:02,03,00,4b,00,00,00,00,00,00
"CONNECT 19200/V42b"=hex:02,03,00,4b,00,00,00,00,00,00
"CONNECT 21600"=hex:02,00,60,54,00,00,00,00,00,00
"CONNECT 21600/ARQ"=hex:02,02,60,54,00,00,00,00,00,00
"CONNECT 21600/REL"=hex:02,02,60,54,00,00,00,00,00,00
"CONNECT 21600/MNP"=hex:02,02,60,54,00,00,00,00,00,00
"CONNECT 21600/LAP-M"=hex:02,02,60,54,00,00,00,00,00,00
"CONNECT 21600/V42BIS"=hex:02,03,60,54,00,00,00,00,00,00
"CONNECT 21600/V42b"=hex:02,03,60,54,00,00,00,00,00,00
"CONNECT 24000"=hex:02,00,c0,5d,00,00,00,00,00,00
"CONNECT 24000/ARQ"=hex:02,02,c0,5d,00,00,00,00,00,00
"CONNECT 24000/REL"=hex:02,02,c0,5d,00,00,00,00,00,00
"CONNECT 24000/MNP"=hex:02,02,c0,5d,00,00,00,00,00,00
"CONNECT 24000/LAP-M"=hex:02,02,c0,5d,00,00,00,00,00,00
"CONNECT 24000/V42BIS"=hex:02,03,c0,5d,00,00,00,00,00,00
"CONNECT 24000/V42b"=hex:02,03,c0,5d,00,00,00,00,00,00
"CONNECT 26400"=hex:02,00,20,67,00,00,00,00,00,00
"CONNECT 26400/ARQ"=hex:02,02,20,67,00,00,00,00,00,00
"CONNECT 26400/REL"=hex:02,02,20,67,00,00,00,00,00,00
"CONNECT 26400/MNP"=hex:02,02,20,67,00,00,00,00,00,00
"CONNECT 26400/LAP-M"=hex:02,02,20,67,00,00,00,00,00,00
"CONNECT 26400/V42BIS"=hex:02,03,20,67,00,00,00,00,00,00
"CONNECT 26400/V42b"=hex:02,03,20,67,00,00,00,00,00,00
"CONNECT 28800"=hex:02,00,80,70,00,00,00,00,00,00
"CONNECT 28800/ARQ"=hex:02,02,80,70,00,00,00,00,00,00
"CONNECT 28800/REL"=hex:02,02,80,70,00,00,00,00,00,00
"CONNECT 28800/MNP"=hex:02,02,80,70,00,00,00,00,00,00
"CONNECT 28800/LAP-M"=hex:02,02,80,70,00,00,00,00,00,00
"CONNECT 28800/V42BIS"=hex:02,03,80,70,00,00,00,00,00,00
"CONNECT 28800/V42b"=hex:02,03,80,70,00,00,00,00,00,00
"CONNECT 38400"=hex:02,00,00,00,00,00,00,96,00,00
"CONNECT 38400/ARQ"=hex:02,02,00,00,00,00,00,96,00,00
"CONNECT 38400/REL"=hex:02,02,00,00,00,00,00,96,00,00
"CONNECT 38400/MNP"=hex:02,02,00,00,00,00,00,96,00,00
"CONNECT 38400/LAP-M"=hex:02,02,00,00,00,00,00,96,00,00
"CONNECT 38400/V42BIS"=hex:02,03,00,00,00,00,00,96,00,00
"CONNECT 38400/V42b"=hex:02,03,00,00,00,00,00,96,00,00
"CONNECT 57600"=hex:02,00,00,00,00,00,00,e1,00,00
"CONNECT 57600/ARQ"=hex:02,02,00,00,00,00,00,e1,00,00
"CONNECT 57600/REL"=hex:02,02,00,00,00,00,00,e1,00,00
"CONNECT 57600/MNP"=hex:02,02,00,00,00,00,00,e1,00,00
"CONNECT 57600/LAP-M"=hex:02,02,00,00,00,00,00,e1,00,00
"CONNECT 57600/V42BIS"=hex:02,03,00,00,00,00,00,e1,00,00
"CONNECT 57600/V42b"=hex:02,03,00,00,00,00,00,e1,00,00
"CONNECT 115200"=hex:02,00,00,00,00,00,00,c2,01,00
"CONNECT 115200/ARQ"=hex:02,02,00,00,00,00,00,c2,01,00
"CONNECT 115200/REL"=hex:02,02,00,00,00,00,00,c2,01,00
"CONNECT 115200/MNP"=hex:02,02,00,00,00,00,00,c2,01,00
"CONNECT 115200/LAP-M"=hex:02,02,00,00,00,00,00,c2,01,00
"CONNECT 115200/V42BIS"=hex:02,03,00,00,00,00,00,c2,01,00
"CONNECT 115200/V42b"=hex:02,03,00,00,00,00,00,c2,01,00
"CONNECT 115,200"=hex:02,00,00,00,00,00,00,c2,01,00
"CONNECT 115,200/ARQ"=hex:02,02,00,00,00,00,00,c2,01,00
"CONNECT 115,200/REL"=hex:02,02,00,00,00,00,00,c2,01,00
"CONNECT 115,200/MNP"=hex:02,02,00,00,00,00,00,c2,01,00
"CONNECT 115,200/LAP-M"=hex:02,02,00,00,00,00,00,c2,01,00
"CONNECT 115,200/V42BIS"=hex:02,03,00,00,00,00,00,c2,01,00
"CONNECT 115,200/V42b"=hex:02,03,00,00,00,00,00,c2,01,00
"CONNECT 230400"=hex:02,00,00,00,00,00,00,84,03,00
"CONNECT 230400/ARQ"=hex:02,02,00,00,00,00,00,84,03,00
"CONNECT 230400/REL"=hex:02,02,00,00,00,00,00,84,03,00
"CONNECT 230400/MNP"=hex:02,02,00,00,00,00,00,84,03,00
"CONNECT 230400/LAP-M"=hex:02,02,00,00,00,00,00,84,03,00
"CONNECT 230400/V42BIS"=hex:02,03,00,00,00,00,00,84,03,00
"CONNECT 230400/V42b"=hex:02,03,00,00,00,00,00,84,03,00
"CARRIER 300"=hex:01,00,2c,01,00,00,00,00,00,00
"CARRIER 1200"=hex:01,00,b0,04,00,00,00,00,00,00
"CARRIER 1200/75"=hex:01,00,b0,04,00,00,00,00,00,00
"CARRIER 75/1200"=hex:01,00,b0,04,00,00,00,00,00,00
"CARRIER 2400"=hex:01,00,60,09,00,00,00,00,00,00
"CARRIER 4800"=hex:01,00,c0,12,00,00,00,00,00,00
"CARRIER 7200"=hex:01,00,20,1c,00,00,00,00,00,00
"CARRIER 9600"=hex:01,00,80,25,00,00,00,00,00,00
"CARRIER 12000"=hex:01,00,e0,2e,00,00,00,00,00,00
"CARRIER 14400"=hex:01,00,40,38,00,00,00,00,00,00
"CARRIER 16800"=hex:01,00,a0,41,00,00,00,00,00,00
"CARRIER 19200"=hex:01,00,00,4b,00,00,00,00,00,00
"CARRIER 21600"=hex:01,00,60,54,00,00,00,00,00,00
"CARRIER 24000"=hex:01,00,c0,5d,00,00,00,00,00,00
"CARRIER 26400"=hex:01,00,20,67,00,00,00,00,00,00
"CARRIER 28800"=hex:01,00,80,70,00,00,00,00,00,00
"COMPRESSION: CLASS 5"=hex:01,03,00,00,00,00,00,00,00,00
"COMPRESSION: MNP5"=hex:01,03,00,00,00,00,00,00,00,00
"COMPRESSION: V.42BIS"=hex:01,03,00,00,00,00,00,00,00,00
"COMPRESSION: V.42 BIS"=hex:01,03,00,00,00,00,00,00,00,00
"COMPRESSION: ADC"=hex:01,01,00,00,00,00,00,00,00,00
"COMPRESSION: NONE"=hex:01,00,00,00,00,00,00,00,00,00
"PROTOCOL: NONE"=hex:01,00,00,00,00,00,00,00,00,00
"PROTOCOL: ERROR-CONTROL/LAPB"=hex:01,02,00,00,00,00,00,00,00,00
"PROTOCOL: ERROR-CONTROL/LAPB/HDX"=hex:01,02,00,00,00,00,00,00,00,00
"PROTOCOL: ERROR-CONTROL/LAPB/AFT"=hex:01,02,00,00,00,00,00,00,00,00
"PROTOCOL: X.25/LAPB"=hex:01,02,00,00,00,00,00,00,00,00
"PROTOCOL: X.25/LAPB/HDX"=hex:01,02,00,00,00,00,00,00,00,00
"PROTOCOL: X.25/LAPB/AFT"=hex:01,02,00,00,00,00,00,00,00,00
"PROTOCOL: LAPM"=hex:01,02,00,00,00,00,00,00,00,00
"PROTOCOL: LAP-M"=hex:01,02,00,00,00,00,00,00,00,00
"PROTOCOL: LAPM/HDX"=hex:01,02,00,00,00,00,00,00,00,00
"PROTOCOL: LAP-M/HDX"=hex:01,02,00,00,00,00,00,00,00,00
"PROTOCOL: LAPM/AFT"=hex:01,02,00,00,00,00,00,00,00,00
"PROTOCOL: LAP-M/AFT"=hex:01,02,00,00,00,00,00,00,00,00
"PROTOCOL: ALT"=hex:01,02,00,00,00,00,00,00,00,00
"PROTOCOL: ALT-CELLULAR"=hex:01,0a,00,00,00,00,00,00,00,00
"PROTOCOL: MNP"=hex:01,02,00,00,00,00,00,00,00,00
"PROTOCOL: MNP2"=hex:01,02,00,00,00,00,00,00,00,00
"PROTOCOL: MNP3"=hex:01,02,00,00,00,00,00,00,00,00
"PROTOCOL: MNP4"=hex:01,02,00,00,00,00,00,00,00,00
"AUTOSTREAM: LEVEL 1"=hex:01,00,00,00,00,00,00,00,00,00
"AUTOSTREAM: LEVEL 2"=hex:01,00,00,00,00,00,00,00,00,00
"AUTOSTREAM: LEVEL 3"=hex:01,00,00,00,00,00,00,00,00,00
"CARRIER 31200 V.23"=hex:01,00,e0,79,00,00,00,00,00,00
"CARRIER 31200"=hex:01,00,e0,79,00,00,00,00,00,00
"CARRIER 31200/VFC"=hex:01,00,e0,79,00,00,00,00,00,00
"CARRIER 33600 V.23"=hex:01,00,40,83,00,00,00,00,00,00
"CARRIER 33600"=hex:01,00,40,83,00,00,00,00,00,00
"CARRIER 33600/VFC"=hex:01,00,40,83,00,00,00,00,00,00
"CONNECT 31200 EC"=hex:02,02,e0,79,00,00,00,00,00,00
"CONNECT 31200 EC/V42"=hex:02,02,e0,79,00,00,00,00,00,00
"CONNECT 31200 EC/V42BIS"=hex:02,03,e0,79,00,00,00,00,00,00
"CONNECT 31200 REL"=hex:02,02,e0,79,00,00,00,00,00,00
"CONNECT 31200 REL/MNP5"=hex:02,03,e0,79,00,00,00,00,00,00
"CONNECT 31200 REL/V42"=hex:02,02,e0,79,00,00,00,00,00,00
"CONNECT 31200 REL/V42BIS"=hex:02,03,e0,79,00,00,00,00,00,00
"CONNECT 31200"=hex:02,00,e0,79,00,00,00,00,00,00
"CONNECT 31200/ARQ"=hex:02,02,e0,79,00,00,00,00,00,00
"CONNECT 31200/LAP-M"=hex:02,02,e0,79,00,00,00,00,00,00
"CONNECT 31200/MNP"=hex:02,02,e0,79,00,00,00,00,00,00
"CONNECT 31200/REL"=hex:02,02,e0,79,00,00,00,00,00,00
"CONNECT 31200/REL-LAPM V.42 BIS"=hex:02,03,e0,79,00,00,00,00,00,00
"CONNECT 31200/REL-LAPM"=hex:02,02,e0,79,00,00,00,00,00,00
"CONNECT 31200/V42B"=hex:02,03,e0,79,00,00,00,00,00,00
"CONNECT 31200/V42BIS"=hex:02,03,e0,79,00,00,00,00,00,00
"CONNECT 33600 EC"=hex:02,02,40,83,00,00,00,00,00,00
"CONNECT 33600 EC/V42"=hex:02,02,40,83,00,00,00,00,00,00
"CONNECT 33600 EC/V42BIS"=hex:02,03,40,83,00,00,00,00,00,00
"CONNECT 33600 REL"=hex:02,02,40,83,00,00,00,00,00,00
"CONNECT 33600 REL/MNP5"=hex:02,03,40,83,00,00,00,00,00,00
"CONNECT 33600 REL/V42"=hex:02,02,40,83,00,00,00,00,00,00
"CONNECT 33600 REL/V42BIS"=hex:02,03,40,83,00,00,00,00,00,00
"CONNECT 33600"=hex:02,00,40,83,00,00,00,00,00,00
"CONNECT 33600/ARQ"=hex:02,02,40,83,00,00,00,00,00,00
"CONNECT 33600/LAP-M"=hex:02,02,40,83,00,00,00,00,00,00
"CONNECT 33600/MNP"=hex:02,02,40,83,00,00,00,00,00,00
"CONNECT 33600/REL"=hex:02,02,40,83,00,00,00,00,00,00
"CONNECT 33600/REL-LAPM V.42 BIS"=hex:02,03,40,83,00,00,00,00,00,00
"CONNECT 33600/REL-LAPM"=hex:02,02,40,83,00,00,00,00,00,00
"CONNECT 33600/V42B"=hex:02,03,40,83,00,00,00,00,00,00
"CONNECT 33600/V42BIS"=hex:02,03,40,83,00,00,00,00,00,00
"CONNECT 31200/REL-MNP"=hex:02,02,e0,79,00,00,00,00,00,00
"CONNECT 33600/REL-MNP"=hex:02,02,40,83,00,00,00,00,00,00
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(696)
c:\program files\Intel\Wireless\Bin\LgNotify.dll
.
- - - - - - - > 'explorer.exe'(1256)
c:\windows\system32\msi.dll
.
Completion time: 2011-04-06  16:31:33
ComboFix-quarantined-files.txt  2011-04-06 13:31
.
Pre-Run: 21,069,574,144 bytes free
Post-Run: 21,058,330,624 bytes free
.
- - End Of File - - E97BFF6371F6F33C2D69E23CCD8A6204
هذآ هـو

:9:
 
إنضم
24 أكتوبر 2009
المشاركات
7,209
الإعجابات
798
النقاط
113
رد: في ونـدز Xp بعـد شآشـة الونـدز

طيب يالغالي الحين اعد تشغيل الجهاز وشف يشتغل معك الويندوز

:9:
 
إنضم
24 أكتوبر 2009
المشاركات
7,209
الإعجابات
798
النقاط
113
رد: في ونـدز Xp بعـد شآشـة الونـدز

طيب وش سويت انت وبعدها ما رضى يشتغل الجهاز ركبت برنامج مثلا ..؟

وياليت صوره جديد من برامج بدء التشغيل

واذا مستعجل على الفورمات براحتك

:9:
 
إنضم
24 أكتوبر 2009
المشاركات
7,209
الإعجابات
798
النقاط
113
رد: في ونـدز Xp بعـد شآشـة الونـدز

طيب اعمل استعادة نظام الى ماقبل تركيب الفريم وورك
 
الحالة
مغلق و غير مفتوح للمزيد من الردود.

الأعضاء النشطين حاليآ الذين يشاهدون هذا الموضوع (1 عضو و 0 ضيف)

خيارات الاستايل

نوع الخط
مودك
اخفاء السايدر بار OFF
توسيط المنتدى OFF
فصل الأقسام OFF
الأقسام الفرعية OFF
عرض المشاركات
حجم الخط
معلومات العضو OFF
إخفاء التوقيع OFF

إرجاع خيارات الإستايل