[تم حل المشكلة]مشكلة (محرك الأقراص غير جاهز) ماهو حلهااا !!

المصدر: [تم حل المشكلة]مشكلة (محرك الأقراص غير جاهز) ماهو حلهااا !!
في منتدى : منتدى مشاكـل وحلول الحـاسب

الســلام عليكم


عند بداء تشغيل الكمبيوتر تظهر هذي الرساله !!




​

ماهو الحل !!

​

 

حمل هذا البرنامج
www.zyzoom.net/shswelh/Zyzoom_HijackThis.exe
بعدها اغلق جميع البرامج وخصوصا الانترنت اكسبلورر والماسنجر
شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم​

 

ماعليش اخوي آآسف على التأخير

هذا التقرير :


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 04:39:25, on 2/24/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Windows NT\bluetooth\bluetooth.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows NT\bluetooth\bluetooth.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Documents and Settings\Administrator\سطح المكتب\Zyzoom_HijackThis.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Bluetooth] C:\Program Files\Windows NT\bluetooth\bluetooth.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ACEREF] C:\DOCUME~1\ADMINI~1\APPLIC~1\DASHFL~1\livesurfwait.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [MPlayer2_FixUp] C:\WINDOWS\inf\unregmp2.exe /Fixups (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlpo_01] cmd.exe /c md "%USERPROFILE%\Local Settings\Temp" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlpo_02] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlpo_03] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlpo_04] rundll32 advpack.dll,LaunchINFSection nlite.inf,S (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [MPlayer2_FixUp] C:\WINDOWS\inf\unregmp2.exe /Fixups (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = C:\Program Files\Windows NT\bluetooth\bluetooth.exe
O4 - Global Startup: Reboot.exe
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Nod32 AV (EsetNod32Fix) - Unknown owner - C:\WINDOWS\
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 4594 bytes​

 

اكيد ظهرت هذه المشكلة بعد تركيب اسطوانة او تركيب فلاش او ذاكرة تفتكر بعد ايه
المشكلة



واعمل هذا كمان


عطل برامج الحماية عن العمل
[شرح] تعطيل برامج الحماية عن العمل لاستخدام ادوات الصيانة ‏
ثم
حمل الاداة التالية واحفظها على سطح المكتب

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة



​

 

والله ما اتذكر ..

آآسف على التأخير هذا التقرير :​

ComboFix 10-02-23.04 - Administrator 02/24/2010 11:13:18.2.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1256.1.1025.18.1918.1365 [GMT 3:00]
Running from: c:\documents and settings\Administrator\سطح المكتب\ComboFix.exe
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users.WINDOWS\قائمة ابدأ\البرامج\بدء التشغيل\Bluetooth.lnk
c:\windows\system32\tmp.reg
F:\8xcrbho6.exe
F:\mvmdh.exe
F:\ws.exe
.
((((((((((((((((((((((((( Files Created from 2010-01-24 to 2010-02-24 )))))))))))))))))))))))))))))))
.
2010-02-24 03:56 . 2010-02-24 08:13 -------- d-----w- c:\windows\system32\CatRoot2
2010-02-24 03:39 . 2010-02-24 03:40 -------- d-----w- c:\program files\Save Flash
2010-02-24 02:33 . 2010-02-24 02:33 7168 ----a-w- c:\documents and settings\Administrator\Application Data\Thinstall\CyberScrub® Privacy Suite™ 5.1\400000dd00002i\CSPSeraser.exe
2010-02-23 19:29 . 2004-08-04 03:55 25600 ----a-w- c:\documents and settings\LocalService.NT AUTHORITY\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2010-02-23 06:37 . 2006-10-26 16:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2010-02-23 06:37 . 2006-10-26 16:56 32592 ----a-w- c:\windows\system32\msonpmon.dll
2010-02-23 06:36 . 2010-02-23 06:36 -------- d-----w- c:\program files\Microsoft Works
2010-02-23 06:35 . 2010-02-23 06:35 -------- d-----w- c:\program files\MSBuild
2010-02-23 06:32 . 2010-02-23 06:32 -------- d-----r- C:\MSOCache
2010-02-23 05:56 . 2010-02-23 05:56 -------- d-----w- c:\documents and settings\LocalService.NT AUTHORITY\Local Settings\Application Data\ESET
2010-02-23 05:45 . 2010-02-23 05:45 -------- d-----w- c:\program files\Windows Media Connect 2
2010-02-23 05:10 . 2010-02-23 05:10 -------- d-----w- c:\documents and settings\Administrator\Application Data\Media Player Classic
2010-02-23 04:09 . 2010-02-23 04:09 116144 ----a-w- c:\documents and settings\Administrator\Application Data\IDM\idmmzcc2\components\idmmzcc.dll
2010-02-23 04:09 . 2010-02-24 08:12 -------- d-----w- c:\documents and settings\Administrator\Application Data\DMCache
2010-02-23 04:09 . 2010-02-23 04:34 -------- d-----w- c:\documents and settings\Administrator\Application Data\IDM
2010-02-23 03:59 . 2010-02-23 04:08 -------- d-----w- c:\program files\Internet Download Manager
2010-02-23 03:04 . 2010-02-23 03:04 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Runscanner.net
2010-02-23 02:20 . 2010-02-23 02:20 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\ESET
2010-02-23 02:13 . 2010-02-23 02:13 -------- d-----w- c:\program files\Trend Micro
2010-02-23 01:33 . 2010-02-23 01:33 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Microsoft Help
2010-02-23 01:33 . 2010-02-23 06:37 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Microsoft Help
2010-02-23 01:28 . 2008-08-07 12:31 1238456 ----a-w- c:\windows\system32\NMSDVDXU.dll
2010-02-23 01:28 . 2007-08-19 18:14 2297856 ----a-w- c:\windows\system32\AudioCtl32.dll
2010-02-23 01:28 . 1998-12-24 17:23 40960 ----a-w- c:\windows\system32\VBAME.DLL
2010-02-23 01:28 . 2010-02-23 01:29 -------- d-----w- c:\program files\OZOMEDIA9
2010-02-23 01:17 . 2010-02-23 01:18 -------- d-----w- c:\program files\ESET
2010-02-23 01:17 . 2010-02-23 01:17 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\ESET
2010-02-23 01:11 . 2010-02-23 01:11 -------- d-----w- c:\windows\XSxS
2010-02-23 01:11 . 2010-02-23 01:11 -------- d-----w- c:\program files\Xenocode
2010-02-12 00:17 . 2010-02-12 00:17 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Identities
2010-02-05 00:23 . 2010-02-05 00:23 -------- d-----w- c:\windows\system32\CatRoot_bak
2010-02-03 06:49 . 2010-02-24 02:03 -------- d-----w- c:\windows\system32\DllCache
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-24 02:32 . 2010-01-12 22:34 -------- d-----w- c:\documents and settings\Administrator\Application Data\Thinstall
2010-02-24 02:23 . 2009-12-05 09:32 -------- d-----w- c:\documents and settings\amd\Application Data\dashflapjump
2010-02-24 02:02 . 2009-12-10 05:15 -------- d-----w- c:\documents and settings\mokish!!\Application Data\dashflapjump
2010-02-23 14:45 . 2010-01-08 21:10 83976 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-02-23 02:24 . 2010-01-11 20:09 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Program Eq Deaf Anti
2010-02-23 01:29 . 2010-02-23 01:29 -------- d-----w- c:\program files\Real Alternative
2010-02-23 01:29 . 2010-02-23 01:29 -------- d-----w- c:\program files\AviSynth 2.5
2010-02-23 01:25 . 2009-11-03 23:29 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-02-23 01:24 . 2009-11-03 23:29 -------- d-----w- c:\program files\Common Files\Real
2010-02-22 21:20 . 2009-11-03 23:28 -------- d-----w- c:\program files\Google
2010-01-12 15:39 . 2010-01-11 22:05 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Messenger Plus!
2010-01-11 20:10 . 2010-01-11 20:10 442368 ----a-w- c:\documents and settings\Administrator\Application Data\dashflapjump\site aim remote.exe
2010-01-11 20:10 . 2010-01-11 20:09 -------- d-----w- c:\documents and settings\Administrator\Application Data\dashflapjump
2010-01-11 20:10 . 2010-01-11 20:10 372736 ----a-w- c:\documents and settings\Administrator\Application Data\dashflapjump\MfcdDumbDvdGlobal.exe
2010-01-11 20:09 . 2010-01-11 20:09 724992 ----a-w- c:\documents and settings\Administrator\Application Data\dashflapjump\uqjmfykk.exe
2010-01-11 20:09 . 2010-01-11 20:09 -------- d-----w- c:\program files\dashflapjump
2010-01-11 20:09 . 2010-01-11 20:09 520192 ----a-w- c:\documents and settings\Administrator\Application Data\dashflapjump\livesurfwait.exe
2010-01-11 20:08 . 2010-01-11 20:08 -------- d-----w- c:\program files\Circle Dvelopement
2010-01-11 20:08 . 2009-11-03 07:59 -------- d-----w- c:\program files\Messenger Plus! Live
2010-01-10 18:13 . 2010-01-08 20:49 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-01-08 21:33 . 2009-11-03 18:55 -------- d-----w- c:\program files\Realtek
2010-01-08 21:29 . 2001-09-19 18:00 39982 ----a-w- c:\windows\system32\perfc001.dat
2010-01-08 21:29 . 2001-09-19 18:00 251478 ----a-w- c:\windows\system32\perfh001.dat
2010-01-08 21:22 . 2010-01-08 21:22 315392 ----a-w- c:\windows\HideWin.exe
2010-01-08 20:46 . 2010-01-08 20:46 22144 ----a-w- c:\windows\system32\emptyregdb.dat
2009-12-23 13:54 . 2009-12-23 13:54 10240 -c--a-w- c:\documents and settings\mokish!!\Application Data\GRETECH\GomPlayer\GrLauncherTempSetup.exe
2009-12-17 07:17 . 2009-12-17 07:17 716800 -c--a-w- c:\documents and settings\amd\Application Data\dashflapjump\gadnompj.exe
2009-12-10 05:14 . 2009-12-10 05:14 57688 -c--a-w- c:\documents and settings\mokish!!\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-05 08:35 . 2009-11-03 23:26 57688 -c--a-w- c:\documents and settings\amd\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
.
------- Sigcheck -------
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\SoftwareDistribution\Download\77d40fc9473e388a3d9833a56a4d281f\sp3qfe\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\SoftwareDistribution\Download\77d40fc9473e388a3d9833a56a4d281f\sp3gdr\tcpip.sys
[-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\SoftwareDistribution\Download\77d40fc9473e388a3d9833a56a4d281f\sp2gdr\tcpip.sys
[-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\SoftwareDistribution\Download\77d40fc9473e388a3d9833a56a4d281f\sp2qfe\tcpip.sys
[-] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\system32\drivers\tcpip.sys
[-] 2006-07-05 . 0BB6CE5523BAF1512314BAE179360B3C . 197120 . . [5.1.2600.2743] . . c:\windows\system32\netman.dll
[-] 2009-02-09 . 1D07888E58486533D87582985D047186 . 401408 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\83061d86781db0b4e8791439303ae788\SP3QFE\rpcss.dll
[-] 2009-02-09 . 271830BCE6D77085E72D571F60EAF85A . 401408 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\83061d86781db0b4e8791439303ae788\SP3GDR\rpcss.dll
[-] 2009-02-09 . DDF4FB3D29F07C201FED908E2EFCB223 . 399360 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\83061d86781db0b4e8791439303ae788\SP2GDR\rpcss.dll
[-] 2009-02-09 . 21B3BEC8872F48C5F3697DAFE9E0BAF1 . 401408 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\83061d86781db0b4e8791439303ae788\SP2QFE\rpcss.dll
[-] 2006-07-05 . C8A68BC4C171654188326E2B9E936102 . 398336 . . [5.1.2600.2726] . . c:\windows\system32\rpcss.dll
[-] 2006-07-05 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\system32\spoolsv.exe
[-] 2006-08-25 . 7037C70E7AC84B229E35E74D1D1A361F . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2008-07-07 20:30 . 4ACD9FB301F635D8F97D273B9A76050F . 253952 . . [2001.12.4414.320] . . c:\windows\SoftwareDistribution\Download\451576686cccdc7e010f2e02b0f4f958\sp2gdr\es.dll
[-] 2008-07-07 20:27 . 584A7EDA1F7DC89E22BB046878A5E350 . 253952 . . [2001.12.4414.706] . . c:\windows\SoftwareDistribution\Download\451576686cccdc7e010f2e02b0f4f958\sp3gdr\es.dll
[-] 2008-07-07 20:23 . 055A6DFE5400C9E484A65B9E0E50F20D . 253952 . . [2001.12.4414.706] . . c:\windows\SoftwareDistribution\Download\451576686cccdc7e010f2e02b0f4f958\sp3qfe\es.dll
[-] 2008-07-07 20:17 . E01E47A89B2CCA03189AD913FEB8F227 . 253952 . . [2001.12.4414.320] . . c:\windows\SoftwareDistribution\Download\451576686cccdc7e010f2e02b0f4f958\sp2qfe\es.dll
[-] 2006-07-05 14:12 . F3BAA9552C48E8652E3518E589F885FD . 243200 . . [2001.12.4414.308] . . c:\windows\system32\es.dll
[-] 2009-03-21 . 066648E62711DF29186B3D9089E95486 . 1354240 . . [5.1.2600.3541] . . c:\windows\SoftwareDistribution\Download\ed27f97a6b62c2d37d04aa3546636469\sp2gdr\kernel32.dll
[-] 2009-03-21 . 08000FB156274AEFD51A57299422D023 . 1357824 . . [5.1.2600.5781] . . c:\windows\SoftwareDistribution\Download\ed27f97a6b62c2d37d04aa3546636469\sp3gdr\kernel32.dll
[-] 2009-03-21 . AED671FD84652A2E59B1EDF57DC54048 . 1359872 . . [5.1.2600.5781] . . c:\windows\SoftwareDistribution\Download\ed27f97a6b62c2d37d04aa3546636469\sp3qfe\kernel32.dll
[-] 2009-03-21 . 6408A503EDF4ACBE0F56F252963572C1 . 1357312 . . [5.1.2600.3541] . . c:\windows\SoftwareDistribution\Download\ed27f97a6b62c2d37d04aa3546636469\sp2qfe\kernel32.dll
[-] 2006-07-05 . 09C097450F5C7415E4AC441172ED4F61 . 1353216 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll
[-] 2006-07-05 . 9AAF34C3F2901C3D99F880FFA109EE7A . 1352192 . . [5.1.2600.2945] . . c:\windows\system32\kernel32.dll
[-] 2006-07-05 . 4180813BB96982D3AAFE7FF737533727 . 19968 . . [5.1.2600.2751] . . c:\windows\system32\linkinfo.dll
[-] 2009-12-22 . FDB10B5B32E360C5E0AD0478D70A89A2 . 3092480 . . [6.00.2900.3660] . . c:\windows\SoftwareDistribution\Download\1f60475a2f7b444b9a4b1982711ecf2b\sp2qfe\mshtml.dll
[-] 2009-12-22 . A6875E38EA8B7BA2AEF9C0DBD7C4AB5E . 3092480 . . [6.00.2900.5921] . . c:\windows\SoftwareDistribution\Download\1f60475a2f7b444b9a4b1982711ecf2b\sp3gdr\mshtml.dll
[-] 2009-12-22 . 604ADA64C2BCBB90492F4AE9E1941F8D . 3094528 . . [6.00.2900.5921] . . c:\windows\SoftwareDistribution\Download\1f60475a2f7b444b9a4b1982711ecf2b\sp3qfe\mshtml.dll
[-] 2006-10-23 . 406C3F3857BBA8739589BF2EE488ACF8 . 3076096 . . [6.00.2900.3020] . . c:\windows\$NtUninstallKB925454_1$\mshtml.dll
[-] 2006-10-23 . B25A0B786F3144E4271F90E60E95781E . 3082240 . . [6.00.2900.3020] . . c:\windows\$hf_mig$\KB925454\SP2QFE\mshtml.dll
[-] 2006-10-23 . B25A0B786F3144E4271F90E60E95781E . 3082240 . . [6.00.2900.3020] . . c:\windows\$NtUninstallKB925454$\mshtml.dll
[-] 2006-10-23 . B25A0B786F3144E4271F90E60E95781E . 3082240 . . [6.00.2900.3020] . . c:\windows\system32\mshtml.dll
[-] 2009-08-04 . 1FB8108C573EF413900E50CF07565A5B . 2190720 . . [5.1.2600.5857] . . c:\windows\SoftwareDistribution\Download\10af1efd353045d1482c67500311cac9\SP3GDR\ntoskrnl.exe
[-] 2009-08-04 . B3723EC1F0F5B0F33D86E0BC17ECE065 . 2190848 . . [5.1.2600.5857] . . c:\windows\SoftwareDistribution\Download\10af1efd353045d1482c67500311cac9\SP3QFE\ntoskrnl.exe
[-] 2009-08-04 . 050C61932F4655970CE02812A2FF7A0E . 2187520 . . [5.1.2600.3610] . . c:\windows\SoftwareDistribution\Download\10af1efd353045d1482c67500311cac9\SP2QFE\ntoskrnl.exe
[-] 2009-08-04 . 1C5715495EECB07F38377C0BFBAA13B4 . 2181888 . . [5.1.2600.3610] . . c:\windows\SoftwareDistribution\Download\10af1efd353045d1482c67500311cac9\SP2GDR\ntoskrnl.exe
[-] 2009-02-10 . 6140520CDCCE0CCC733DD19262411952 . 2190720 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\83061d86781db0b4e8791439303ae788\SP3QFE\ntoskrnl.exe
[-] 2009-02-09 . 8B35F1EDF5C5BA099BE4CA639DD84C47 . 2182016 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\83061d86781db0b4e8791439303ae788\SP2GDR\ntoskrnl.exe
[-] 2009-02-09 . 63B601A19C76DE3DFFB48C9153E5FB15 . 2187648 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\83061d86781db0b4e8791439303ae788\SP2QFE\ntoskrnl.exe
[-] 2009-02-09 . BAC3C70CE9AAE5129516FEBFE001C873 . 2190592 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\83061d86781db0b4e8791439303ae788\SP3GDR\ntoskrnl.exe
[-] 2006-07-05 . C7D8DB9C1F072D6E22D9A2B354CCE5B2 . 2181120 . . [5.1.2600.2622] . . c:\windows\system32\ntoskrnl.exe
[-] 2006-07-05 . 5B86344B87D41C77D752C1B2221C808A . 248832 . . [5.1.2600.2716] . . c:\windows\system32\tapisrv.dll
[-] 2006-07-05 . C287C8218DAC8EE3AEF1FB2018064699 . 576512 . . [5.1.2600.2622] . . c:\windows\system32\user32.dll
[-] 2009-12-22 . 1E28AEAE63C174AC253D2286C5FA2C84 . 667136 . . [6.00.2900.3660] . . c:\windows\SoftwareDistribution\Download\1f60475a2f7b444b9a4b1982711ecf2b\sp2qfe\wininet.dll
[-] 2009-12-22 . CC9FD9A083AE739C3B079F7F21887B81 . 665600 . . [6.00.2900.5921] . . c:\windows\SoftwareDistribution\Download\1f60475a2f7b444b9a4b1982711ecf2b\sp3gdr\wininet.dll
[-] 2009-12-22 . 4A0CE578F65610F8011F1096E6BA15EA . 667136 . . [6.00.2900.5921] . . c:\windows\SoftwareDistribution\Download\1f60475a2f7b444b9a4b1982711ecf2b\sp3qfe\wininet.dll
[-] 2006-10-23 . D648502AC4ADC99FC6E79A3123865F95 . 663040 . . [6.00.2900.3020] . . c:\windows\$hf_mig$\KB925454\SP2QFE\wininet.dll
[-] 2006-10-23 . D648502AC4ADC99FC6E79A3123865F95 . 663040 . . [6.00.2900.3020] . . c:\windows\$NtUninstallKB925454$\wininet.dll
[-] 2006-10-23 . D648502AC4ADC99FC6E79A3123865F95 . 663040 . . [6.00.2900.3020] . . c:\windows\system32\wininet.dll
[-] 2006-10-23 . 0FB1D870039B054BEB9BD7D265219747 . 657408 . . [6.00.2900.3020] . . c:\windows\$NtUninstallKB925454_1$\wininet.dll
[-] 2006-07-01 . 5839C7D4FA3AE3ACEB7422829B010900 . 1547776 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll
[-] 2006-07-05 11:07 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\system32\drivers\aec.sys
[-] 2009-08-04 . 45441C974E666462C2419EE2EB400DF7 . 2067712 . . [5.1.2600.5857] . . c:\windows\SoftwareDistribution\Download\10af1efd353045d1482c67500311cac9\SP3QFE\ntkrnlpa.exe
[-] 2009-08-04 . 8A6088459375E73583F6230530EA257F . 2067584 . . [5.1.2600.5857] . . c:\windows\SoftwareDistribution\Download\10af1efd353045d1482c67500311cac9\SP3GDR\ntkrnlpa.exe
[-] 2009-08-04 . 993EF69899274B42EFA19CF339BC8C7D . 2064512 . . [5.1.2600.3610] . . c:\windows\SoftwareDistribution\Download\10af1efd353045d1482c67500311cac9\SP2QFE\ntkrnlpa.exe
[-] 2009-08-04 . 94C4EADF650804DD81863EA05FF5A679 . 2059264 . . [5.1.2600.3610] . . c:\windows\SoftwareDistribution\Download\10af1efd353045d1482c67500311cac9\SP2GDR\ntkrnlpa.exe
[-] 2009-02-10 . A4C3645FF33495D60C9210EF94113DEA . 2067584 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\83061d86781db0b4e8791439303ae788\SP3GDR\ntkrnlpa.exe
[-] 2009-02-09 . F053586033C0F793F80F95F8376CEA05 . 2059264 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\83061d86781db0b4e8791439303ae788\SP2GDR\ntkrnlpa.exe
[-] 2009-02-09 . 76D4AE381DB33DED1A38D541887BD1F0 . 2064512 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\83061d86781db0b4e8791439303ae788\SP2QFE\ntkrnlpa.exe
[-] 2009-02-09 . BF87F187CEBD49FA80AEF07431295048 . 2067712 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\83061d86781db0b4e8791439303ae788\SP3QFE\ntkrnlpa.exe
[-] 2006-07-05 . D4BD251B437E841CE93C4AFA19B9B788 . 2058496 . . [5.1.2600.2622] . . c:\windows\system32\ntkrnlpa.exe
.
((((((((((((((((((((((((((((( SnapShot@2010-02-23_02.01.12 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-10-26 10:40 . 2006-10-26 10:40 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80KOR.dll
+ 2006-10-26 10:40 . 2006-10-26 10:40 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80JPN.dll
+ 2006-10-26 10:40 . 2006-10-26 10:40 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ITA.dll
+ 2006-10-26 10:40 . 2006-10-26 10:40 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80FRA.dll
+ 2006-10-26 10:40 . 2006-10-26 10:40 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ESP.dll
+ 2006-10-26 10:40 . 2006-10-26 10:40 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ENU.dll
+ 2006-10-26 10:40 . 2006-10-26 10:40 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80DEU.dll
+ 2006-10-26 10:40 . 2006-10-26 10:40 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHT.dll
+ 2006-10-26 10:40 . 2006-10-26 10:40 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHS.dll
+ 2006-10-26 10:40 . 2006-10-26 10:40 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80u.dll
+ 2006-10-26 10:40 . 2006-10-26 10:40 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80.dll
+ 2006-10-26 10:40 . 2006-10-26 10:40 95744 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841\ATL80.dll
+ 2006-04-11 11:26 . 2006-09-28 15:56 55808 c:\windows\system32\WudfSvc.dll
+ 2006-04-11 11:30 . 2006-09-28 17:13 95344 c:\windows\system32\WUDFCoinstaller.dll
+ 2006-11-02 08:51 . 2006-11-02 08:51 35840 c:\windows\system32\wpdshextres.dll
+ 2006-05-09 17:58 . 2006-10-18 17:00 17408 c:\windows\system32\wpdshextautoplay.exe
+ 2010-01-08 20:45 . 2006-10-18 18:47 63488 c:\windows\system32\wpdmtpus.dll
- 2010-01-08 20:45 . 2006-05-09 17:58 35840 c:\windows\system32\wpdconns.dll
+ 2010-01-08 20:45 . 2006-10-18 18:47 35840 c:\windows\system32\wpdconns.dll
+ 2006-01-28 02:33 . 2006-12-01 07:53 99840 c:\windows\system32\wmpshell.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 37376 c:\windows\system32\wmdmps.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 33792 c:\windows\system32\wmdmlog.dll
+ 2010-01-08 20:51 . 2006-09-25 14:58 23856 c:\windows\system32\spupdsvc.exe
+ 2010-02-23 06:36 . 2006-10-26 16:56 67408 c:\windows\system32\spool\drivers\w32x86\msonpui.dll
+ 2010-02-23 06:36 . 2006-10-26 16:56 67408 c:\windows\system32\spool\drivers\w32x86\3\msonpui.dll
+ 2010-02-23 05:46 . 2006-09-25 14:58 14640 c:\windows\system32\spmsg.dll
+ 2006-07-24 07:50 . 2006-07-24 07:50 39728 c:\windows\system32\SCP32.DLL
+ 2006-01-28 02:32 . 2006-10-18 18:47 27136 c:\windows\system32\mspmsnsv.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 11264 c:\windows\system32\LAPRXY.dll
+ 2006-04-11 11:29 . 2006-09-28 16:00 82944 c:\windows\system32\drivers\WudfRd.sys
+ 2006-04-11 11:26 . 2006-09-28 15:55 77568 c:\windows\system32\drivers\WudfPf.sys
+ 2010-01-08 20:45 . 2006-10-18 17:00 38528 c:\windows\system32\drivers\wpdusb.sys
+ 2010-02-23 06:33 . 2010-02-23 06:33 48128 c:\windows\Installer\e2c254.msi
+ 2010-02-23 06:37 . 2010-02-23 06:37 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2010-02-23 06:37 . 2010-02-23 06:37 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2010-02-23 06:37 . 2010-02-23 06:37 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2010-02-23 05:46 . 2006-10-04 14:05 39424 c:\windows\AppPatch\acadproc.dll
- 2006-01-28 02:33 . 2006-05-09 19:26 4096 c:\windows\system32\wmvdmoe2.dll
+ 2006-01-28 02:33 . 2006-10-18 18:47 4096 c:\windows\system32\wmvdmoe2.dll
- 2006-01-28 02:33 . 2006-05-09 19:26 4096 c:\windows\system32\wmvdmod.dll
+ 2006-01-28 02:33 . 2006-10-18 18:47 4096 c:\windows\system32\wmvdmod.dll
- 2010-01-08 20:45 . 2006-05-09 19:26 4096 c:\windows\system32\WMVADVE.DLL
+ 2010-01-08 20:45 . 2006-10-18 18:47 4096 c:\windows\system32\WMVADVE.DLL
- 2010-01-08 20:45 . 2006-05-09 19:26 4096 c:\windows\system32\WMVADVD.dll
+ 2010-01-08 20:45 . 2006-10-18 18:47 4096 c:\windows\system32\WMVADVD.dll
+ 2006-01-28 02:33 . 2006-10-18 18:47 4096 c:\windows\system32\wmsdmoe2.dll
- 2006-01-28 02:33 . 2006-05-09 19:26 4096 c:\windows\system32\wmsdmoe2.dll
- 2006-01-28 02:33 . 2006-05-09 19:26 4096 c:\windows\system32\wmsdmod.dll
+ 2006-01-28 02:33 . 2006-10-18 18:47 4096 c:\windows\system32\wmsdmod.dll
+ 2010-01-08 20:45 . 2006-10-18 18:58 8704 c:\windows\system32\wdfmgr.exe
- 2010-01-08 20:45 . 2006-05-09 19:26 4096 c:\windows\system32\wdfapi.dll
+ 2010-01-08 20:45 . 2006-10-18 18:47 4096 c:\windows\system32\wdfapi.dll
+ 2010-01-08 20:45 . 2006-10-18 18:58 8704 c:\windows\system32\uwdf.exe
+ 2004-08-04 03:55 . 2006-10-18 18:47 4096 c:\windows\system32\MPG4DMOD.dll
- 2004-08-04 03:55 . 2006-05-09 19:26 4096 c:\windows\system32\MPG4DMOD.dll
- 2004-08-04 03:55 . 2006-05-09 19:26 4096 c:\windows\system32\MP4SDMOD.dll
+ 2004-08-04 03:55 . 2006-10-18 18:47 4096 c:\windows\system32\MP4SDMOD.dll
- 2004-08-04 03:55 . 2006-05-09 19:26 4096 c:\windows\system32\MP43DMOD.dll
+ 2004-08-04 03:55 . 2006-10-18 18:47 4096 c:\windows\system32\MP43DMOD.dll
+ 2006-01-28 02:32 . 2006-12-01 07:51 6656 c:\windows\system32\asferror.dll
+ 2006-04-11 11:27 . 2006-09-28 15:56 316416 c:\windows\system32\WUDFx.dll
+ 2006-04-11 11:26 . 2006-09-28 15:56 165376 c:\windows\system32\WudfPlatform.dll
+ 2006-04-11 11:27 . 2006-09-28 15:56 146432 c:\windows\system32\WudfHost.exe
+ 2010-01-08 20:45 . 2006-10-18 18:47 356352 c:\windows\system32\wpdsp.dll
+ 2006-05-09 17:58 . 2006-10-18 18:47 133632 c:\windows\system32\WPDShServiceObj.dll
+ 2010-01-08 20:45 . 2006-10-18 18:47 154624 c:\windows\system32\wpdmtp.dll
+ 2010-01-08 20:45 . 2006-10-18 18:47 629760 c:\windows\system32\wpd_ci.dll
+ 2006-05-09 18:00 . 2006-10-18 18:47 656896 c:\windows\system32\WMVXENCD.dll
+ 2006-05-09 18:00 . 2006-10-18 18:47 767488 c:\windows\system32\WMVSENCD.dll
+ 2006-01-28 02:33 . 2006-10-18 18:47 603648 c:\windows\system32\WMSPDMOD.dll
+ 2010-01-08 20:45 . 2006-10-18 18:47 204288 c:\windows\system32\wmpsrcwp.dll
+ 2006-05-09 19:26 . 2006-10-18 18:47 130048 c:\windows\system32\wmpps.dll
+ 2006-05-09 18:00 . 2006-10-18 18:47 613376 c:\windows\system32\wmpmde.dll
+ 2006-05-09 19:26 . 2006-10-18 18:47 295936 c:\windows\system32\wmpeffects.dll
+ 2006-01-28 02:33 . 2006-10-18 18:47 314880 c:\windows\system32\wmpdxm.dll
+ 2006-01-28 02:33 . 2006-10-18 18:47 242688 c:\windows\system32\wmpasf.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 937984 c:\windows\system32\WMNetMgr.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 157184 c:\windows\system32\wmidx.dll
+ 2006-01-28 02:32 . 2006-12-01 07:53 208896 c:\windows\system32\wmerror.dll
+ 2006-05-09 17:59 . 2006-10-18 18:47 535040 c:\windows\system32\wmdrmsdk.dll
+ 2010-01-08 20:45 . 2006-10-18 18:47 348672 c:\windows\system32\wmdrmnet.dll
+ 2010-01-08 20:45 . 2006-10-18 18:47 429056 c:\windows\system32\wmdrmdev.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 222208 c:\windows\system32\WMASF.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 757248 c:\windows\system32\WMADMOD.dll
+ 2006-10-26 10:45 . 2006-10-26 10:45 293376 c:\windows\system32\WISPTIS.EXE
+ 2010-02-23 06:36 . 2006-10-26 16:56 864080 c:\windows\system32\spool\drivers\w32x86\msonpdrv.dll
+ 2010-02-23 06:36 . 2006-10-26 16:56 864080 c:\windows\system32\spool\drivers\w32x86\3\msonpdrv.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 211456 c:\windows\system32\qasf.dll
+ 2006-05-09 17:58 . 2006-10-18 18:47 199168 c:\windows\system32\PortableDeviceWMDRM.dll
+ 2006-05-09 17:58 . 2006-10-18 18:47 132096 c:\windows\system32\PortableDeviceWiaCompat.dll
+ 2006-05-09 17:58 . 2006-10-18 18:47 166912 c:\windows\system32\PortableDeviceTypes.dll
+ 2006-05-09 17:58 . 2006-10-18 18:47 101888 c:\windows\system32\PortableDeviceClassExtension.dll
+ 2006-05-09 17:58 . 2006-10-18 18:47 284160 c:\windows\system32\PortableDeviceApi.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 321536 c:\windows\system32\mswmdm.dll
+ 2006-07-24 07:50 . 2006-07-24 07:50 125744 c:\windows\system32\MSSTDFMT.DLL
+ 2006-01-28 02:32 . 2006-10-18 18:47 414208 c:\windows\system32\msscp.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 175616 c:\windows\system32\mspmsp.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 179712 c:\windows\system32\msnetobj.dll
+ 2006-05-09 17:45 . 2006-10-02 12:28 312128 c:\windows\system32\msdelta.dll
+ 2006-05-09 18:00 . 2006-10-18 18:47 259072 c:\windows\system32\MPG4DECD.dll
+ 2006-05-09 18:00 . 2006-10-18 18:47 317440 c:\windows\system32\MP4SDECD.dll
+ 2006-05-09 18:00 . 2006-10-18 18:47 259072 c:\windows\system32\MP43DECD.dll
+ 2006-05-09 18:00 . 2006-10-18 18:47 212992 c:\windows\system32\MFPLAT.dll
+ 2006-01-28 02:32 . 2006-10-18 17:03 100864 c:\windows\system32\logagent.exe
+ 2006-10-26 10:45 . 2006-10-26 10:45 207360 c:\windows\system32\INKED.DLL
+ 2010-01-08 23:38 . 2010-02-23 14:44 357752 c:\windows\system32\FNTCACHE.DAT
+ 2006-01-28 02:32 . 2006-10-18 18:47 991744 c:\windows\system32\drmv2clt.dll
+ 2006-05-09 17:59 . 2006-10-18 17:00 249856 c:\windows\system32\drmupgds.exe
+ 2006-05-09 17:58 . 2006-10-18 18:47 671232 c:\windows\system32\drivers\umdf\wpdmtpdr.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 229376 c:\windows\system32\cewmdm.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 542720 c:\windows\system32\blackbox.dll
+ 2010-01-08 20:45 . 2006-10-18 18:47 276992 c:\windows\system32\audiodev.dll
+ 2010-02-23 06:34 . 2010-02-23 06:34 500224 c:\windows\Installer\e2c29a.msi
+ 2010-02-23 06:33 . 2010-02-23 06:33 514560 c:\windows\Installer\e2c292.msi
+ 2010-02-23 06:33 . 2010-02-23 06:33 506880 c:\windows\Installer\e2c28b.msi
+ 2010-02-23 06:33 . 2010-02-23 06:33 516608 c:\windows\Installer\e2c283.msi
+ 2010-02-23 06:33 . 2010-02-23 06:33 500736 c:\windows\Installer\e2c275.msi
+ 2010-02-23 06:33 . 2010-02-23 06:33 217864 c:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
- 2010-02-23 01:34 . 2010-02-23 01:34 217864 c:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
+ 2010-02-23 06:32 . 2010-02-23 06:32 217864 c:\windows\Installer\{90120000-006E-0401-0000-0000000FF1CE}\misc.exe
+ 2010-02-23 06:37 . 2010-02-23 06:37 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2010-02-23 06:37 . 2010-02-23 06:37 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2010-02-23 06:37 . 2010-02-23 06:37 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2010-02-23 06:37 . 2010-02-23 06:37 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2010-02-23 06:37 . 2010-02-23 06:37 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2010-02-23 06:37 . 2010-02-23 06:37 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2010-02-23 06:37 . 2010-02-23 06:37 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2006-01-28 02:32 . 2006-12-01 09:03 316416 c:\windows\inf\unregmp2.exe
+ 2006-10-26 10:40 . 2006-10-26 10:40 1079808 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80u.dll
+ 2006-10-26 10:40 . 2006-10-26 10:40 1093632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80.dll
+ 2006-05-09 23:21 . 2006-10-18 18:47 2603008 c:\windows\system32\WpdShext.dll
+ 2006-05-09 18:01 . 2006-10-18 18:47 1382912 c:\windows\system32\WMVSDECD.dll
+ 2006-05-09 18:00 . 2006-10-18 18:47 1574912 c:\windows\system32\WMVENCOD.dll
+ 2006-05-09 18:01 . 2006-10-18 18:47 1543680 c:\windows\system32\WMVDECOD.dll
+ 2006-01-28 02:33 . 2006-10-18 18:47 2450944 c:\windows\system32\wmvcore.dll
+ 2006-01-28 02:33 . 2006-10-18 18:47 1329152 c:\windows\system32\WMSPDMOE.dll
+ 2006-01-28 02:33 . 2006-12-01 08:51 8237056 c:\windows\system32\wmploc.dll
+ 2010-01-08 20:45 . 2006-10-18 18:47 1661440 c:\windows\system32\wmpencen.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 1117696 c:\windows\system32\WMADMOE.dll
+ 2006-10-26 11:10 . 2006-10-26 11:10 1190688 c:\windows\system32\FM20.DLL
+ 2010-02-23 06:34 . 2010-02-23 06:34 1637888 c:\windows\Installer\e2c2b6.msi
+ 2010-02-23 06:34 . 2010-02-23 06:34 1652224 c:\windows\Installer\e2c2af.msi
+ 2010-02-23 06:34 . 2010-02-23 06:34 1653248 c:\windows\Installer\e2c2a8.msi
+ 2010-02-23 06:34 . 2010-02-23 06:34 1638400 c:\windows\Installer\e2c2a1.msi
+ 2010-02-23 06:33 . 2010-02-23 06:33 2325504 c:\windows\Installer\e2c27c.msi
+ 2010-02-23 06:33 . 2010-02-23 06:33 1647616 c:\windows\Installer\e2c26e.msi
+ 2010-02-23 06:33 . 2010-02-23 06:33 2397184 c:\windows\Installer\e2c266.msi
+ 2010-02-23 06:32 . 2010-02-23 06:32 1640448 c:\windows\Installer\e2c24c.msi
+ 2010-02-23 06:32 . 2010-02-23 06:32 2021888 c:\windows\Installer\e2c245.msi
+ 2010-02-23 06:32 . 2010-02-23 06:32 1745408 c:\windows\Installer\e2c23e.msi
+ 2010-02-23 06:32 . 2010-02-23 06:32 2393600 c:\windows\Installer\e2c237.msi
+ 2010-02-23 06:37 . 2010-02-23 06:37 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2010-02-23 06:37 . 2010-02-23 06:37 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2006-07-05 14:12 . 2006-10-18 18:47 10834432 c:\windows\system32\wmp.dll
+ 2010-02-23 06:37 . 2010-02-23 06:37 18181632 c:\windows\Installer\e2c2e1.msi
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-27 3883856]
"ACEREF"="c:\docume~1\ADMINI~1\APPLIC~1\DASHFL~1\livesurfwait.exe" [2010-01-11 520192]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-31 7634944]
"nwiz"="nwiz.exe" [2006-10-31 1622016]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-31 86016]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-05 16380416]
"SkyTel"="SkyTel.EXE" [2007-06-15 1826816]
"Bluetooth"="c:\program files\Windows NT\bluetooth\bluetooth.exe" [2009-06-14 275577]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2007-12-21 1443072]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nlpo_01"="md" [X]
"MPlayer2_FixUp"="c:\windows\inf\unregmp2.exe" [2006-12-01 316416]
"nlpo_03"="advpack.dll" [2004-08-04 99840]
"nlpo_04"="advpack.dll" [2004-08-04 99840]
c:\documents and settings\All Users.WINDOWS\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ں颬نïé\
Bluetooth.lnk - c:\program files\Windows NT\bluetooth\bluetooth.exe [2010-2-2 275577]
Reboot.exe [2006-12-29 409088]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows NT\\Accessories\\en-UK\\System"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [12/21/2007 8:21 ص 33800]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [12/21/2007 8:21 ص 468224]
S2 EsetNod32Fix;Nod32 AV;%WINDIR%\regedit.exe /s %Windir%\Fix.reg --> %WINDIR%\regedit.exe [?]
.
Contents of the 'Scheduled Tasks' folder
2010-02-24 c:\windows\Tasks\AC4640179199F2B7.job
- c:\docume~1\admini~1\applic~1\dashfl~1\site aim remote.exe [2010-01-11 20:10]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.sa/
IE: ت&صدير إلى Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: تحميل الكل بـ إنترنت داونلود مانيجر - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بـ إنترنت داونلود مانيجر - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - c:\program files\Internet Download Manager\IEGetVL.htm
TCP: {BC14C259-FE13-42B9-9ADB-72160350AE22} = 84.235.7.55,84.235.6.55
.
- - - - ORPHANS REMOVED - - - -
AddRemove-HijackThis - c:\documents and settings\Administrator\سطح المكتب\HijackThis.exe​

**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-24 11:17
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EsetNod32Fix]
"ImagePath"=hex:25,00,57,00,49,00,4e,00,44,00,49,00,52,00,25,00,5c,00,72,00,65,\
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EsetNod32Fix]
"ImagePath"=hex:25,00,57,00,49,00,4e,00,44,00,49,00,52,00,25,00,5c,00,72,00,65,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(4012)
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\RTHDCPL.EXE
c:\program files\Internet Explorer\iexplore.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\imapi.exe
.
**************************************************************************
.
Completion time: 2010-02-24 11:19:59 - machine was rebooted
ComboFix-quarantined-files.txt 2010-02-24 08:19
ComboFix2.txt 2010-02-23 02:02
Pre-Run: 2,540,949,504 bytes free
Post-Run: 2,525,007,872 bytes free
- - End Of File - - AFAB8BE04A938D5C13E6DF2576769D41​

​

 

حمل هذا البرنامج


http://www.mediafire.com/?iumiiyoyjmg




ثبته على الجهاز ،، ثم شغله واعمل كما الشرح التالي لفحص الجهاز وعمل تقرير



ثم انتظر حتى اكتمال الفحص وظهور هذه الرسالة











انسخ ما بداخل التقرير والصقه بمشاركتك القادمة


​

 

هلا اخوي نزلت البرنامج وعلق معي !! وجربت شغلت البرنامج بس بدون تثبيت يعني محمول ونفس الحكاية علق معي !! وهذي الصوره :​

​

 

آحذف هذهـ آلقيمـ من آلهآيجآگ

O4 - HKCU\..\Run: [ACEREF] C:\DOCUME~1\ADMINI~1\APPLIC~1\DASHFL~1\livesurfwai t.exe

O4 - HKUS\S-1-5-18\..\RunOnce: [nlpo_02] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM')

ثم نظف جهازك بهذه الاداة

TFC

وخبرنآ آخر النتآئج

 

حمل الاداة التالية واتبع الشرح لعمل تقرير ورفعه​

http://tools.zyzoom.org/tools/system/RunScanner.exe​

​

اعمل كما الصورة لبدء الفحص​

​

ثم اعمل التالي لحفظ ملف التقرير​

​

بعد حفظه قم بضغط الملف >>> شرح الضغط
وارفع الملف هنا​

http://www.eupload.org/index.php​

-----------------------------------------------------------------​

 

اخوي سويت الي قلت لي عليه وعاد تشغيل الجهاز وبعدها جاتني الرساله ( محرك الاقراص غير جاهز ) ورساله ثانيه اضن تبع برنامج الحمايه فيه يس و نو انا اخترت نو وحطيت في رسالة ( محرك الاقراص غير جاهز ) الغاء الامر , وبعدها ماجتني الرساله .​

وهذا التقرير ​

 

حمل الملف التالي

​

http://www.eupload.org/shared/87160runscanner.rar

وطبق عليه هذا الشرح

وبالماوس دبل كلك على الملف ... بعدها راح يفتح لك واجهة الاداة
اعمل كما بالشرح ...



​

ثم

حمل الملف التالي

http://oldtimer.geekstogo.com/TFC.exe

شغلها بدبل كلك لمستخدمين الاكسبي
ومستخدمين الفيستا و 7 حسب الصورة



سيتم اعادة تشغيل الجهاز اجباريا ،، احفظ اي اعمال تقوم بها
اضغط start وانتظر حتى انتهاء التنظيف
واضغط موافق للموافقة على اعادة تشغيل الجهاز​

 

اشكركم اخواني MAAX و ألوحش و Mr.AzOz
جزاكم الله خير بصراحه عاجز عن الشكر
الله يوفقكم دنيا واخره .. آآآمين

الحمدلله انحلت المشكلة بفضل الله ثم مجهودكم .​

 

الله يعطيكم العافية