هل من الممكن ان اجد حلاً جذرياً لمشكلتي

one_sa · 23 سبتمبر 2008

السلام عليكم ورحمة الله وبركاته

مازلت اعاني حتى هذه اللحظة من مشكلة اعادة تشغيل الجهاز

مع العلم ان قمت بعمل 5 مرات فورمات

وتبديل الرام باخرى جديدة

اغلب الاوقات تحضر المشكلة مع تشغيل الصوتيات والفيديو

بمجمل البرامج : gom plyer BS.Player PRO Media Player Classic

ومرات تكون فجاة

رجاء مساعدتي اخواني لاني عانيت كثيراً

وهذا تقرير الهايجاك

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:46, on 9/23/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20583)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\FolderSize\FolderSizeSvc.exe
C:\WINDOWS\VistaDrive\VistaDrive.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
C:\Program Files\LClock\LClock.exe
C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Paltalk Messenger\paltalk.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favorites
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [VistaDrive] C:\WINDOWS\VistaDrive\VistaDrive.exe
O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe
O4 - HKLM\..\Run: [Resume copy] copyfstq.exe /startup
O4 - HKLM\..\Run: [D-Link D-Link Wireless G DWA-110] C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Base frag grid bows] C:\Documents and Settings\All Users\Application Data\Cast ping base frag\Seek great.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe"
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Lookup on Merriam Webster -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

Files\ieSpell\Merriam Webster.HTM
O8 - Extra context menu item: Lookup on Wikipedia -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

Files\ieSpell\wikipedia.HTM
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Unknown owner - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe (file missing)
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Folder Size (FolderSize) - Brio - C:\Program Files\FolderSize\FolderSizeSvc.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: Windows Driver Foundation - User-mode Driver Framework (WudfSvc) - Unknown owner - hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,6b,00,20,00,57,00,75,00,64,00,66,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,47,00,72,00,6f,00,75,00,70,00,00,00 (file missing)
--
End of file - 9430 bytes

Demo-dash · 23 سبتمبر 2008

اعمل الخطوه هذي من مشاركه اخينا كونغ جزاه الله خير

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

^^ حق اعاده التشغيل فقط

عطل جميع برامج الحماية ,,
وحمل هذه الاداة واحفظها على سطح المكتب

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم

ثم من التقرير احذف

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favorites

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')

O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Unknown owner - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe (file missing)

O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)

O23 - Service: Windows Driver Foundation - User-mode Driver Framework (WudfSvc) - Unknown owner - hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,5 2,00,6f,00,6f,00,74,00,25,00,5c,00,73,00,79,00,73, 00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,76,00 ,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,6 5,00,20,00,2d,00,6b,00,20,00,57,00,75,00,64,00,66, 00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,47,00 ,72,00,6f,00,75,00,70,00,00,00 (file missing)

طريقة الحذف

ثم نزل هذه الاداة واتبع الشرح التالي

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

التوافق : ويندوز اكسبيفقط

شرح الاستخدام ,,,,,,
عند تشغيل ملف الاداة تظهر لك هذه الشاشه ,, انتظر ( وتابع مع الصور )

وعند ظهور هذه الشاشه ,, اضغط على Close ليتم اعادة تشغيل جهازك (( لتكملة عملية التنظيف ))

رابط تحميل آخر تحديث للاداة

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

شرح الاستخدام ,,,,,,
قم بتشغيل الملف SmitfraudFix.exe ,, وتابع الشرح كماا بهذه الصور

one_sa · 23 سبتمبر 2008

اخوي الف شكر لتجاوبك السريع

سأقوم بكل ماذكرته في ردك

وللمعلومية اني الان قمت بفك الرام وتركيبها مرة اخرى وقمت بتشغيل الفلم ولم تحصل المشكلة

ساعمل اللازم وارفق التقرير حالاً

one_sa · 23 سبتمبر 2008

هذا تقرير الcomobox

ComboFix 08-09-20.05 - XPPRESP3 2008-09-23 3:29:11.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.966.1033.18.198 [GMT 3:00]
Running from: C:\Documents and Settings\XPPRESP3\Desktop\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2008-08-23 to 2008-09-23 )))))))))))))))))))))))))))))))
.
2008-09-23 03:26 . 2008-09-23 03:26 <DIR> d-------- C:\Program Files\MSXML 6.0
2008-09-23 03:20 . 2008-09-23 03:20 <DIR> d-------- C:\WINDOWS\LastGood
2008-09-23 03:20 . 2008-09-23 03:27 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-09-23 03:20 . 2008-09-23 03:20 <DIR> d-------- C:\Program Files\MSXML 4.0
2008-09-23 02:59 . 2008-09-23 02:59 <DIR> d-------- C:\Program Files\VirusTotalUploader
2008-09-23 01:47 . 2008-09-23 01:47 <DIR> d-------- C:\WINDOWS\Sun
2008-09-22 13:17 . 2008-03-25 07:50 1,516,568 --a------ C:\WINDOWS\system32\SET1C.tmp
2008-09-22 13:16 . 2008-02-26 14:48 297,984 --a------ C:\WINDOWS\system32\SETB.tmp
2008-09-22 13:16 . 2008-02-26 14:48 297,984 -----c--- C:\WINDOWS\system32\dllcache\msctf.dll
2008-09-22 13:16 . 2008-06-13 16:10 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-09-22 13:16 . 2008-06-13 16:10 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-09-22 13:12 . 2008-05-08 15:14 203,008 -----c--- C:\WINDOWS\system32\dllcache\rmcast.sys
2008-09-22 13:08 . 2008-04-11 21:39 683,520 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll
2008-09-22 06:45 . 2008-09-22 06:45 27,262,976 --a------ C:\VIRTPART.DAT
2008-09-22 06:26 . 2002-08-14 15:03 45,056 --a------ C:\WINDOWS\system32\WNASPI32.DLL
2008-09-22 06:26 . 2002-08-14 15:03 17,005 --a------ C:\WINDOWS\system32\drivers\ASPI32.SYS
2008-09-22 06:26 . 2002-08-14 15:03 5,600 --a------ C:\WINDOWS\system\WINASPI.DLL
2008-09-22 06:26 . 2002-08-14 15:03 4,672 --a------ C:\WINDOWS\system\WOWPOST.EXE
2008-09-22 06:25 . 2008-09-22 06:25 8,192 --a------ C:\WINDOWS\REGLOCS.OLD
2008-09-22 03:05 . 2008-09-22 03:05 <DIR> d-------- C:\Program Files\Windows Sidebar
2008-09-22 03:05 . 2008-09-22 03:33 <DIR> d-------- C:\Program Files\Norton AntiVirus
2008-09-22 03:04 . 2008-09-22 06:25 <DIR> d-------- C:\Program Files\Symantec
2008-09-22 03:04 . 2008-09-22 06:25 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Symantec
2008-09-22 03:04 . 2008-09-22 03:28 123,952 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2008-09-22 03:04 . 2008-09-22 03:28 60,800 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
2008-09-22 03:04 . 2008-09-22 03:28 10,671 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2008-09-22 03:04 . 2008-09-22 03:28 805 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.INF
2008-09-22 03:03 . 2008-09-23 00:14 <DIR> d-------- C:\Program Files\Common Files\Symantec Shared
2008-09-22 03:00 . 2008-09-22 06:25 <DIR> d-------- C:\Documents and Settings\XPPRESP3\Application Data\Symantec
2008-09-22 02:38 . 2008-09-22 02:38 <DIR> d-------- C:\Program Files\UltraISO
2008-09-22 02:38 . 2008-09-22 02:38 <DIR> d-------- C:\Program Files\Common Files\EZB Systems
2008-09-21 11:07 . 2008-09-21 11:07 <DIR> d-------- C:\WINDOWS\Paltalk Messenger
2008-09-21 11:07 . 2008-09-21 11:16 <DIR> d-------- C:\Program Files\Paltalk Messenger
2008-09-21 11:07 . 2008-09-21 11:17 <DIR> d-------- C:\Documents and Settings\XPPRESP3\Application Data\Paltalk
2008-09-21 10:05 . 2008-09-21 10:08 <DIR> d-------- C:\Documents and Settings\XPPRESP3\Application Data\Ulead Systems
2008-09-21 10:03 . 2008-09-21 10:03 <DIR> d-------- C:\Program Files\Common Files\InterVideo
2008-09-21 10:01 . 2008-09-21 10:01 <DIR> d-------- C:\Program Files\Windows Media Components
2008-09-21 10:00 . 2008-09-21 10:14 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-09-21 07:56 . 2008-09-21 07:59 <DIR> d-------- C:\Program Files\uTorrent
2008-09-21 07:56 . 2008-09-23 00:34 <DIR> d-------- C:\Documents and Settings\XPPRESP3\Application Data\uTorrent
2008-09-20 11:00 . 2008-09-23 00:35 69 --a------ C:\WINDOWS\NeroDigital.ini
2008-09-20 09:01 . 2008-09-20 09:01 <DIR> d-------- C:\Program Files\Webteh
2008-09-20 09:01 . 2008-09-20 09:05 <DIR> d-------- C:\Documents and Settings\XPPRESP3\Application Data\BSplayer PRO
2008-09-20 06:57 . 2008-09-20 06:57 <DIR> d-------- C:\Program Files\Debugging Tools for Windows
2008-09-20 04:27 . 2008-09-20 04:27 <DIR> d-------- C:\Program Files\SeePassword
2008-09-19 19:45 . 2008-09-19 19:45 <DIR> d-------- C:\Documents and Settings\XPPRESP3\Application Data\XnView
2008-09-19 16:21 . 2001-08-17 13:59 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys
2008-09-19 16:18 . 2008-09-22 03:53 <DIR> dr------- C:\Documents and Settings\All Users\Documents
2008-09-19 16:17 . 2004-08-04 17:00 1,086,058 -rah----- C:\WINDOWS\SETFF.tmp
2008-09-19 16:17 . 2004-08-04 17:00 1,042,903 -rah----- C:\WINDOWS\SETF9.tmp
2008-09-19 16:17 . 2004-08-04 17:00 13,753 -rah----- C:\WINDOWS\SET10E.tmp
2008-09-19 16:15 . 2008-09-20 06:07 <DIR> d--h----- C:\Documents and Settings\Default User
2008-09-19 16:15 . 2008-09-19 13:27 <DIR> d-------- C:\Documents and Settings\All Users
2008-09-19 16:07 . 2004-08-04 17:00 1,086,058 -rah----- C:\WINDOWS\SETFE.tmp
2008-09-19 16:07 . 2004-08-04 17:00 1,042,903 -rah----- C:\WINDOWS\SETF8.tmp
2008-09-19 16:07 . 2004-08-04 17:00 13,753 -rah----- C:\WINDOWS\SET10D.tmp
2008-09-19 16:01 . 2004-08-04 17:00 13,753 -rah----- C:\WINDOWS\SET106.tmp
2008-09-19 16:00 . 2004-08-04 17:00 1,086,058 -rah----- C:\WINDOWS\SETF7.tmp
2008-09-19 16:00 . 2004-08-04 17:00 1,042,903 -rah----- C:\WINDOWS\SETF1.tmp
2008-09-19 15:54 . 2004-08-04 17:00 1,086,058 -rah----- C:\WINDOWS\SETF6.tmp
2008-09-19 15:54 . 2004-08-04 17:00 1,042,903 -rah----- C:\WINDOWS\SETF0.tmp
2008-09-19 15:54 . 2004-08-04 17:00 13,753 -rah----- C:\WINDOWS\SET105.tmp
2008-09-19 15:48 . 2004-08-04 17:00 1,086,058 -rah----- C:\WINDOWS\SETF5.tmp
2008-09-19 15:48 . 2004-08-04 17:00 1,042,903 -rah----- C:\WINDOWS\SETEF.tmp
2008-09-19 15:48 . 2004-08-04 17:00 13,753 -rah----- C:\WINDOWS\SET104.tmp
2008-09-19 15:41 . 2004-08-04 17:00 1,086,058 -rah----- C:\WINDOWS\SETEE.tmp
2008-09-19 15:41 . 2004-08-04 17:00 1,042,903 -rah----- C:\WINDOWS\SETE8.tmp
2008-09-19 15:41 . 2004-08-04 17:00 13,753 -rah----- C:\WINDOWS\SETFD.tmp
2008-09-19 15:39 . 2008-09-19 15:39 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-09-19 15:39 . 2008-09-19 15:39 268 --ah----- C:\sqmdata01.sqm
2008-09-19 15:39 . 2008-09-19 15:39 244 --ah----- C:\sqmnoopt01.sqm
2008-09-19 15:35 . 2004-08-04 17:00 1,086,058 -rah----- C:\WINDOWS\SETED.tmp
2008-09-19 15:35 . 2004-08-04 17:00 1,042,903 -rah----- C:\WINDOWS\SETE7.tmp
2008-09-19 15:35 . 2004-08-04 17:00 13,753 -rah----- C:\WINDOWS\SETFC.tmp
2008-09-19 15:28 . 2004-08-04 17:00 1,086,058 -rah----- C:\WINDOWS\SETEC.tmp
2008-09-19 15:28 . 2004-08-04 17:00 1,042,903 -rah----- C:\WINDOWS\SETE6.tmp
2008-09-19 15:28 . 2004-08-04 17:00 13,753 -rah----- C:\WINDOWS\SETFB.tmp
2008-09-19 15:26 . 2008-09-22 02:12 <DIR> d-------- C:\Program Files\Internet Download Manager
2008-09-19 15:26 . 2008-09-22 06:16 <DIR> d-------- C:\Documents and Settings\XPPRESP3\Application Data\IDM
2008-09-19 15:26 . 2008-09-23 03:31 <DIR> d-------- C:\Documents and Settings\XPPRESP3\Application Data\DMCache
2008-09-19 15:23 . 2004-08-04 17:00 1,086,058 -rah----- C:\WINDOWS\SETE5.tmp
2008-09-19 15:23 . 2004-08-04 17:00 1,042,903 -rah----- C:\WINDOWS\SETDF.tmp
2008-09-19 15:23 . 2004-08-04 17:00 13,753 -rah----- C:\WINDOWS\SETF4.tmp
2008-09-19 15:16 . 2004-08-04 17:00 1,086,058 -rah----- C:\WINDOWS\SETE4.tmp
2008-09-19 15:16 . 2004-08-04 17:00 1,042,903 -rah----- C:\WINDOWS\SETDE.tmp
2008-09-19 15:16 . 2004-08-04 17:00 13,753 -rah----- C:\WINDOWS\SETF3.tmp
2008-09-19 15:10 . 2008-09-19 15:10 <DIR> d-------- C:\Program Files\Windows Live
2008-09-19 15:10 . 2008-09-19 15:10 <DIR> d-------- C:\Program Files\SiteBallBend
2008-09-19 15:10 . 2008-09-19 15:10 <DIR> d-------- C:\Program Files\Messenger Plus! Live
2008-09-19 15:10 . 2008-09-19 15:10 <DIR> d-------- C:\Program Files\Circle Developement
2008-09-19 15:10 . 2008-09-19 15:11 <DIR> d-------- C:\Documents and Settings\XPPRESP3\Application Data\SiteBallBend
2008-09-19 15:10 . 2008-09-19 15:10 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Cast ping base frag
2008-09-19 15:10 . 2004-08-04 17:00 1,086,058 -rah----- C:\WINDOWS\SETE3.tmp
2008-09-19 15:10 . 2004-08-04 17:00 1,042,903 -rah----- C:\WINDOWS\SETDD.tmp
2008-09-19 15:10 . 2004-08-04 17:00 13,753 -rah----- C:\WINDOWS\SETF2.tmp
2008-09-19 15:06 . 2008-09-19 15:07 <DIR> d-------- C:\Program Files\ImgBurn
2008-09-19 15:03 . 2004-08-04 17:00 1,086,058 -rah----- C:\WINDOWS\SETDC.tmp
2008-09-19 15:03 . 2004-08-04 17:00 1,042,903 -rah----- C:\WINDOWS\SETD6.tmp
2008-09-19 15:03 . 2004-08-04 17:00 13,753 -rah----- C:\WINDOWS\SETEB.tmp
2008-09-19 14:57 . 2004-08-04 17:00 1,086,058 -rah----- C:\WINDOWS\SETDB.tmp
2008-09-19 14:57 . 2004-08-04 17:00 1,042,903 -rah----- C:\WINDOWS\SETD5.tmp
2008-09-19 14:57 . 2004-08-04 17:00 13,753 -rah----- C:\WINDOWS\SETEA.tmp
2008-09-19 14:52 . 2008-09-19 15:40 <DIR> d-------- C:\Documents and Settings\XPPRESP3\Contacts
2008-09-19 14:51 . 2008-09-19 14:51 280 --ah----- C:\sqmdata00.sqm
2008-09-19 14:51 . 2008-09-19 14:51 244 --ah----- C:\sqmnoopt00.sqm
2008-09-19 14:50 . 2004-08-04 17:00 1,086,058 -rah----- C:\WINDOWS\SETDA.tmp
2008-09-19 14:50 . 2004-08-04 17:00 1,042,903 -rah----- C:\WINDOWS\SETD4.tmp
2008-09-19 14:50 . 2004-08-04 17:00 13,753 -rah----- C:\WINDOWS\SETE9.tmp
2008-09-19 14:45 . 2008-09-19 14:45 <DIR> d-------- C:\Documents and Settings\XPPRESP3\Application Data\Ahead
2008-09-19 14:44 . 2004-08-04 17:00 1,086,058 -rah----- C:\WINDOWS\SETD3.tmp
2008-09-19 14:44 . 2004-08-04 17:00 1,042,903 -rah----- C:\WINDOWS\SETCD.tmp
2008-09-19 14:44 . 2004-08-04 17:00 13,753 -rah----- C:\WINDOWS\SETE2.tmp
2008-09-19 14:37 . 2004-08-04 17:00 1,086,058 -rah----- C:\WINDOWS\SETD2.tmp
2008-09-19 14:37 . 2004-08-04 17:00 1,042,903 -rah----- C:\WINDOWS\SETCC.tmp
2008-09-19 14:37 . 2004-08-04 17:00 13,753 -rah----- C:\WINDOWS\SETE1.tmp
2008-09-19 14:33 . 2008-09-18 03:49 25,600,801 --a------ C:\WINDOWS\alzaeem_com.scr
2008-09-19 14:30 . 2004-08-04 17:00 1,086,058 -rah----- C:\WINDOWS\SETD1.tmp
2008-09-19 14:30 . 2004-08-04 17:00 1,042,903 -rah----- C:\WINDOWS\SETCB.tmp
2008-09-19 14:30 . 2004-08-04 17:00 13,753 -rah----- C:\WINDOWS\SETE0.tmp
2008-09-19 14:25 . 2004-08-04 17:00 1,086,058 -rah----- C:\WINDOWS\SETCA.tmp
2008-09-19 14:25 . 2004-08-04 17:00 1,042,903 -rah----- C:\WINDOWS\SETC7.tmp
2008-09-19 14:25 . 2004-08-04 17:00 13,753 -rah----- C:\WINDOWS\SETD9.tmp
2008-09-19 14:19 . 2008-09-20 04:57 <DIR> d-------- C:\Downloads
2008-09-19 14:19 . 2008-09-19 14:19 <DIR> d-------- C:\Documents and Settings\XPPRESP3\Application Data\MiniDm
2008-09-19 14:18 . 2004-08-04 17:00 1,086,058 -rah----- C:\WINDOWS\SETC9.tmp
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-22 23:46 --------- d-----w C:\Program Files\Trend Micro HijackThis
2008-09-21 07:15 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-19 14:49 --------- d-----w C:\Program Files\Orbitdownloader
2008-09-19 14:48 --------- d-----w C:\Documents and Settings\XPPRESP3\Application Data\Orbit
2008-09-19 12:39 --------- d-----w C:\Documents and Settings\XPPRESP3\Application Data\Media Player Classic
2008-09-19 12:10 --------- d-----w C:\Program Files\MSN Messenger
2008-09-19 11:00 --------- d-----w C:\Program Files\Eset
2008-09-19 10:57 --------- d-----w C:\Program Files\IEPro
2008-09-19 10:57 --------- d-----w C:\Documents and Settings\XPPRESP3\Application Data\IEPro
2008-09-19 10:56 --------- d-----w C:\Program Files\IE7Pro
2008-09-19 10:55 --------- d-----w C:\Documents and Settings\XPPRESP3\Application Data\IE7Pro
2008-09-19 10:53 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-09-19 10:52 --------- d-----w C:\Program Files\D-Link
2008-09-19 10:52 --------- d-----w C:\Documents and Settings\XPPRESP3\Application Data\InstallShield
2008-09-19 10:43 --------- d-----w C:\Program Files\Yahoo!
2008-09-19 10:43 --------- d-----w C:\Program Files\RocketDock
2008-09-19 10:43 --------- d-----w C:\Program Files\PopCap Games
2008-09-19 10:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Yahoo!
2008-09-19 10:40 --------- d-----w C:\Program Files\Winamp
2008-09-19 10:40 --------- d-----w C:\Program Files\Win32Pad
2008-09-19 10:40 --------- d-----w C:\Program Files\Wesmosis
2008-09-19 10:40 --------- d-----w C:\Program Files\VistaCodecPack
2008-09-19 10:40 --------- d-----w C:\Program Files\Java
2008-09-19 10:40 --------- d-----w C:\Documents and Settings\XPPRESP3\Application Data\Gena01
2008-09-19 10:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-09-19 10:39 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-09-19 10:39 --------- d-----w C:\Program Files\ScreenMaker
2008-09-19 10:39 --------- d-----w C:\Program Files\Rainlendar2
2008-09-19 10:39 --------- d-----w C:\Program Files\Common Files\Java
2008-09-19 10:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-09-19 10:38 --------- d-----w C:\Program Files\Paint.NET
2008-09-19 10:38 --------- d-----w C:\Program Files\Nero
2008-09-19 10:38 --------- d-----w C:\Program Files\Common Files\Ahead
2008-09-19 10:37 --------- d-----w C:\Program Files\VerbAce
2008-09-19 10:37 --------- d-----w C:\Program Files\Portable TuneUp Utilities 2007 6.0.2311
2008-09-19 10:37 --------- d-----w C:\Program Files\ieSpell
2008-09-19 10:37 --------- d-----w C:\Program Files\HWiNFO32
2008-09-19 10:37 --------- d-----w C:\Program Files\Foxit Software
2008-09-19 10:37 --------- d-----w C:\Program Files\FolderSize
2008-09-19 10:37 --------- d-----w C:\Program Files\FlashGet
2008-09-19 10:37 --------- d-----w C:\Program Files\Driver Genius Pro 2007
2008-09-19 10:37 --------- d-----w C:\Documents and Settings\XPPRESP3\Application Data\TuneUp Software
2008-09-19 10:36 --------- d-----w C:\Program Files\VMware
2008-09-19 10:36 --------- d-----w C:\Program Files\Mythicsoft
2008-09-19 10:36 --------- d-----w C:\Program Files\DAEMON Tools
2008-09-19 10:36 --------- d-----w C:\Program Files\Copy Handler
2008-09-19 10:36 --------- d-----w C:\Program Files\CCleaner
2008-09-19 10:32 --------- d-----w C:\Program Files\Microsoft.NET
2008-09-19 10:32 --------- d-----w C:\Program Files\Microsoft ActiveSync
2008-09-19 10:28 685,816 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-09-19 10:28 --------- d-----w C:\Program Files\Softland
2008-09-19 10:28 --------- d-----w C:\Program Files\DAMN NFO Viewer
2008-09-19 10:28 --------- d-----w C:\Program Files\CPU-Z
2008-09-19 10:24 --------- d-----w C:\Program Files\LClock
2008-09-19 10:24 --------- d-----w C:\Program Files\Graphics
2008-09-19 10:24 --------- d-----w C:\Program Files\Desktop
2008-09-19 10:23 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-09-19 10:23 --------- d-----w C:\Program Files\SysInternals
2008-09-19 10:22 --------- d-----w C:\Program Files\Utilities
2008-07-30 14:42 23,888 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.sys
2008-07-30 14:28 706 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.inf
2008-07-30 14:28 10,537 ----a-w C:\WINDOWS\system32\drivers\coh_mon.cat
2008-07-07 20:06 253,952 ----a-w C:\WINDOWS\system32\SET102.tmp
2008-06-24 16:28 74,240 ----a-w C:\WINDOWS\system32\SET126.tmp
.
------- Sigcheck -------
2007-08-08 19:40 950784 396acc64ecec61d7b2f8b53151b37028 C:\WINDOWS\explorer.exe
2007-08-08 19:40 950784 396acc64ecec61d7b2f8b53151b37028 C:\WINDOWS\XPize\Backup\explorer.exe
.
((((((((((((((((((((((((((((( snapshot@2008-09-20_ 6.07.26.78 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-06-13 13:10:50 272,128 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys
+ 2005-10-12 23:12:26 213,216 -c----w C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe
+ 2005-10-12 23:12:33 371,424 -c----w C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\updspapi.dll
+ 2007-08-08 16:25:09 765,952 -c----w C:\WINDOWS\ie7updates\KB938127-IE7\vgx.dll
+ 2007-03-06 01:22:39 213,216 -c----w C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:47 371,424 -c----w C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\updspapi.dll
+ 2007-07-12 23:31:54 765,952 -c----w C:\WINDOWS\ie7updates\KB938127-v2-IE7\vgx.dll
+ 2007-08-08 16:24:48 124,928 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\advpack.dll
+ 2007-08-08 16:24:49 346,624 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\dxtmsft.dll
+ 2007-08-08 16:24:50 214,528 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\dxtrans.dll
+ 2007-08-08 16:24:50 132,608 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\extmgr.dll
+ 2007-08-08 16:25:10 61,952 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\icardie.dll
+ 2007-08-08 16:24:51 56,832 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ie4uinit.exe
+ 2007-08-08 16:24:51 153,088 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieakeng.dll
+ 2007-08-08 16:24:52 230,400 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieaksie.dll
+ 2007-08-08 16:24:52 161,792 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieakui.dll
+ 2007-08-08 16:25:12 383,488 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieapfltr.dll
+ 2007-08-08 16:24:53 384,512 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iedkcs32.dll
+ 2007-08-08 16:25:19 6,059,008 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieframe.dll
+ 2007-08-08 16:24:54 44,544 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iernonce.dll
+ 2007-08-08 16:25:19 267,776 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iertutil.dll
+ 2007-08-08 16:25:19 13,824 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieudinit.exe
+ 2007-08-08 16:24:56 625,152 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iexplore.exe
+ 2007-08-08 16:24:59 27,648 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\jsproxy.dll
+ 2007-08-08 16:25:20 459,264 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\msfeeds.dll
+ 2007-04-25 09:08:34 52,224 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\msfeedsbs.dll
+ 2007-05-07 23:25:14 3,584,000 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\mshtml.dll
+ 2007-08-08 16:25:02 477,696 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\mshtmled.dll
+ 2007-04-25 09:08:34 193,024 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\msrating.dll
+ 2007-08-08 16:25:03 670,720 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\mstime.dll
+ 2007-08-08 16:25:04 102,400 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\occache.dll
+ 2007-02-10 18:18:48 44,544 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\pngfilt.dll
+ 2007-03-06 01:22:39 213,216 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\updspapi.dll
+ 2007-08-08 16:25:06 105,984 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\url.dll
+ 2007-08-08 16:25:07 1,153,536 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\urlmon.dll
+ 2007-04-25 09:08:34 232,960 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\webcheck.dll
+ 2007-08-08 16:25:10 823,808 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\wininet.dll
+ 2005-07-24 21:03:46 170,688 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\ACCWIZ.DLL
+ 2005-07-24 21:12:54 38,968 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\AUTHZAX.DLL
+ 2005-07-24 21:12:50 94,768 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\AW.DLL
+ 2005-07-24 21:18:58 351,936 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\CDLMSO.DLL
+ 2005-07-24 21:37:42 47,160 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\DFUICOM.EXE
+ 2005-07-24 21:10:14 14,904 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\DSITF.DLL
+ 2005-07-24 21:10:16 98,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\DSSM.EXE
+ 2005-07-24 21:08:56 10,080,960 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\EXCEL.EXE
+ 2005-07-24 21:40:42 1,146,320 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\FM20.DLL
+ 2005-07-24 21:18:38 1,952,960 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\FPCUTL.DLL
+ 2005-07-24 21:18:04 187,072 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\FPDTC.DLL
+ 2005-07-24 21:30:14 179,768 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\FPERSON.DLL
+ 2005-07-24 21:30:16 165,944 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\FPLACE.DLL
+ 2005-07-24 21:32:56 1,159,368 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\FPSRVUTL.DLL
+ 2005-07-24 21:33:02 800,960 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\FPWEC.DLL
+ 2005-07-24 21:10:12 2,140,352 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\GRAPH.EXE
+ 2005-07-24 21:18:42 87,240 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\IEAWSDC.DLL
+ 2005-07-24 21:30:20 161,472 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\IETAG.DLL
+ 2005-07-24 21:26:44 765,680 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MDIGRAPH.DLL
+ 2005-07-24 21:27:00 252,928 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MDIINK.DLL
+ 2005-07-24 21:26:44 24,816 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MDIMON.DLL
+ 2005-07-24 21:26:44 25,840 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MDIPPR.DLL
+ 2005-07-24 21:26:46 42,224 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MDIUI.DLL
+ 2005-07-24 21:27:02 443,904 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MDIVWCTL.DLL
+ 2005-07-24 21:04:36 6,631,624 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSACCESS.EXE
+ 2005-07-24 21:04:38 130,112 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSAEXP30.DLL
+ 2005-07-24 21:38:54 230,968 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSCDM.DLL
+ 2005-07-24 21:31:48 115,400 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSCONV97.DLL
+ 2005-07-24 21:39:26 359,600 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSDMENG.DLL
+ 2005-07-24 21:39:36 1,383,592 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSDMINE.DLL
+ 2005-07-24 21:32:48 87,104 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSENCODE.DLL
+ 2005-07-24 21:05:58 139,328 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSJSPP40.DLL
+ 2005-07-24 21:39:36 187,560 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSMDUN80.DLL
+ 2005-07-24 21:29:40 17,464 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSMH.DLL
+ 2005-07-24 21:29:40 12,216,512 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSO.DLL
+ 2005-07-24 21:17:52 120,888 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSOAUTH.DLL
+ 2005-07-24 21:18:46 107,200 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSOCF.DLL
+ 2005-07-24 21:18:50 128,192 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSOCFU.DLL
+ 2005-07-24 21:12:50 27,704 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSODCW.DLL
+ 2005-07-24 21:31:52 25,144 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSOEURO.DLL
+ 2005-07-24 21:12:52 55,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSOHTMED.EXE
+ 2005-07-24 21:39:18 2,071,752 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSOLAP80.DLL
+ 2005-07-24 21:33:08 376,888 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSORUN.DLL
+ 2005-07-24 21:19:58 28,224 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSOSTYLE.DLL
+ 2005-07-24 21:26:22 35,896 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSOSV.DLL
+ 2005-07-24 21:29:42 42,040 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSOXEV.DLL
+ 2005-07-24 21:29:42 55,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSOXMLED.EXE
+ 2005-07-24 21:29:42 39,488 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSOXMLMF.DLL
+ 2005-07-24 21:26:56 1,033,216 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSPCORE.DLL
+ 2005-07-24 21:26:58 16,384 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSPGIMME.DLL
+ 2005-07-24 21:27:06 364,648 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSPVIEW.EXE
+ 2005-07-24 21:29:40 41,528 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSSH.DLL
+ 2005-07-24 21:11:46 627,912 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSTORDB.EXE
+ 2005-07-24 21:11:54 125,632 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSTORE.EXE
+ 2005-07-24 21:12:24 484,040 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSTORES.DLL
+ 2005-07-24 21:11:30 145,984 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSWEBCAP.DLL
+ 2005-07-24 21:10:14 56,888 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\NAME.DLL
+ 2005-07-24 21:12:56 13,888 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\NPOFFICE.DLL
+ 2005-07-24 21:10:44 283,696 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\OIS.EXE
+ 2005-07-24 21:10:38 830,144 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\OISAPP.DLL
+ 2005-07-24 21:10:52 27,192 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\OISCTRL.DLL
+ 2005-07-24 21:10:50 242,240 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\OISGRAPH.DLL
+ 2005-07-24 21:15:10 1,054,264 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\OMFC.DLL
+ 2005-07-24 21:36:00 7,334,592 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\OWC10.DLL
+ 2005-07-24 21:37:42 8,140,480 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\OWC11.DLL
+ 2005-07-24 21:13:38 6,137,544 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\POWERPNT.EXE
+ 2005-07-24 21:12:58 430,136 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\PP4X322.DLL
+ 2005-07-24 21:13:00 93,752 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\PP7X32.DLL
+ 2005-07-24 21:13:54 1,782,840 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\PPTVIEW.EXE
+ 2005-07-24 21:12:54 77,824 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\REFEDIT.DLL
+ 2005-07-24 21:10:56 40,512 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\REFIEBAR.DLL
+ 2005-07-24 21:19:16 58,944 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\SEQCHK10.DLL
+ 2005-07-24 21:30:18 11,848 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\SMARTTAGINSTALL.EXE
+ 2005-07-24 21:04:46 444,608 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\SOA.DLL
+ 2005-07-24 21:17:48 2,808,376 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\STSLIST.DLL
+ 2005-07-24 21:32:46 2,482,176 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\VBE6.DLL
+ 2005-07-24 21:16:34 12,047,560 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\WINWORD.EXE
+ 2008-09-22 03:26:08 32,768 ----a-r C:\WINDOWS\Installer\{6975E810-C92F-45F0-0BFD-187B312F10E8}\_35A3816B64DB_4AB3_83FD_BC20E7C011E8.exe
+ 2008-09-22 03:26:08 10,134 ----a-r C:\WINDOWS\Installer\{6975E810-C92F-45F0-0BFD-187B312F10E8}\Ghost.exe
+ 2008-09-22 03:26:08 8,478 ----a-r C:\WINDOWS\Installer\{6975E810-C92F-45F0-0BFD-187B312F10E8}\ghostimage.exe
- 2008-09-19 10:33:12 593,920 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2008-09-23 00:27:08 593,920 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2008-09-19 10:33:12 12,288 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2008-09-23 00:27:08 12,288 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-09-19 10:33:12 86,016 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2008-09-23 00:27:08 86,016 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2008-09-19 10:33:12 135,168 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-09-23 00:27:08 135,168 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-09-19 10:33:12 11,264 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-09-23 00:27:08 11,264 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-09-19 10:33:12 27,136 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-09-23 00:27:08 27,136 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-09-19 10:33:12 4,096 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-09-23 00:27:08 4,096 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-09-19 10:33:12 794,624 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-09-23 00:27:08 794,624 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-09-19 10:33:12 249,856 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-09-23 00:27:08 249,856 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-09-19 10:33:12 61,440 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2008-09-23 00:27:08 61,440 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2008-09-19 10:33:12 23,040 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-09-23 00:27:08 23,040 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-09-19 10:33:12 286,720 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-09-23 00:27:08 286,720 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-09-19 10:33:12 409,600 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-09-23 00:27:08 409,600 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-09-23 00:20:22 32,768 ----a-r C:\WINDOWS\Installer\{C04E32E0-0416-434D-AFB9-6969D703A9EF}\icon.exe
+ 2008-09-22 00:04:44 7,406 ----a-r C:\WINDOWS\Installer\{E80F62FF-5D3C-4A19-8409-9721F2928206}\IconE80F62FF.exe
+ 2008-09-21 08:07:54 473,600 ----a-w C:\WINDOWS\Paltalk Messenger\uninstall.exe
+ 2007-04-11 18:11:20 511,328 ----a-w C:\WINDOWS\system32\capicom.dll
- 2007-08-08 16:20:58 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
+ 2007-07-30 16:19:20 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
+ 2006-08-16 12:08:32 100,352 -c----w C:\WINDOWS\system32\dllcache\6to4svc.dll
+ 2008-06-23 16:01:38 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2008-06-20 10:44:08 138,368 -c----w C:\WINDOWS\system32\dllcache\afd.sys
+ 2008-03-25 04:50:25 554,008 -c----w C:\WINDOWS\system32\dllcache\dao360.dll
+ 2008-06-20 17:36:11 147,968 -c----w C:\WINDOWS\system32\dllcache\dnsapi.dll
+ 2008-06-23 16:01:38 347,136 -c----w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-06-23 16:01:39 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-07-07 20:06:43 253,952 -c----w C:\WINDOWS\system32\dllcache\es.dll
+ 2008-06-23 16:01:39 132,608 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-06-23 16:01:39 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
+ 2008-06-23 08:23:18 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2008-06-23 16:01:39 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2008-06-23 16:01:39 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2008-06-21 05:23:53 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dat
+ 2008-06-23 16:01:40 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
+ 2008-06-23 16:01:40 388,608 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2008-06-23 16:01:43 6,068,736 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
+ 2008-06-23 16:01:43 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2008-06-23 16:01:44 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
+ 2008-06-23 08:23:18 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
+ 2008-06-23 08:23:52 625,664 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2008-06-23 16:01:46 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-05-01 14:30:33 331,776 -c----w C:\WINDOWS\system32\dllcache\msadce.dll
+ 2008-06-24 16:28:00 74,240 -c----w C:\WINDOWS\system32\dllcache\mscms.dll
+ 2008-03-25 04:50:28 518,944 -c----w C:\WINDOWS\system32\dllcache\msexch40.dll
+ 2008-03-25 04:50:30 326,432 -c----w C:\WINDOWS\system32\dllcache\msexcl40.dll
+ 2008-06-23 16:01:46 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2008-06-23 16:01:46 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
- 2007-05-07 23:25:14 3,584,000 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-06-23 16:01:49 3,594,240 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-06-23 16:01:49 477,696 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-03-25 04:50:34 1,516,568 -c----w C:\WINDOWS\system32\dllcache\msjet40.dll
+ 2008-03-25 04:50:40 355,112 -c----w C:\WINDOWS\system32\dllcache\msjetol1.dll
+ 2008-03-26 08:09:15 151,583 -c----w C:\WINDOWS\system32\dllcache\msjint40.dll
+ 2008-03-25 04:50:42 60,192 -c----w C:\WINDOWS\system32\dllcache\msjter40.dll
+ 2008-03-25 04:50:42 248,608 -c----w C:\WINDOWS\system32\dllcache\msjtes40.dll
+ 2008-03-25 07:20:46 219,936 -c----w C:\WINDOWS\system32\dllcache\msltus40.dll
+ 2008-03-25 04:50:45 355,104 -c----w C:\WINDOWS\system32\dllcache\mspbde40.dll
- 2007-04-25 09:08:34 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-06-23 16:01:49 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-03-25 04:50:47 432,928 -c----w C:\WINDOWS\system32\dllcache\msrd2x40.dll
+ 2008-03-25 04:50:49 322,336 -c----w C:\WINDOWS\system32\dllcache\msrd3x40.dll
+ 2008-03-25 04:50:52 559,904 -c----w C:\WINDOWS\system32\dllcache\msrepl40.dll
+ 2008-03-25 04:50:55 264,992 -c----w C:\WINDOWS\system32\dllcache\mstext40.dll
+ 2008-06-23 16:01:50 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-03-25 04:50:57 838,432 -c----w C:\WINDOWS\system32\dllcache\mswdat10.dll
+ 2008-06-20 17:36:11 245,248 -c----w C:\WINDOWS\system32\dllcache\mswsock.dll
+ 2008-03-25 04:50:58 621,344 -c----w C:\WINDOWS\system32\dllcache\mswstr10.dll
+ 2008-03-25 04:50:58 355,104 -c----w C:\WINDOWS\system32\dllcache\msxbde40.dll
+ 2008-06-23 16:01:50 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll
- 2007-02-10 18:18:48 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-06-23 16:01:50 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-05-07 05:18:48 1,287,680 -c----w C:\WINDOWS\system32\dllcache\quartz.dll
+ 2008-06-20 10:44:42 360,960 -c----w C:\WINDOWS\system32\dllcache\tcpip.sys
+ 2008-06-20 09:32:39 225,920 -c----w C:\WINDOWS\system32\dllcache\tcpip6.sys
+ 2008-06-23 16:01:50 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
+ 2008-06-23 16:01:51 1,162,752 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-05-27 17:23:58 765,952 -c----w C:\WINDOWS\system32\dllcache\vgx.dll
- 2007-04-25 09:08:34 273,408 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2008-06-23 16:01:51 233,472 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2008-06-23 16:01:51 827,904 -c----w C:\WINDOWS\system32\dllcache\wininet.dll
- 2004-08-04 14:00:00 138,496 ----a-w C:\WINDOWS\system32\drivers\afd.sys
+ 2008-06-20 10:44:08 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
- 2007-08-08 16:22:54 202,496 ----a-w C:\WINDOWS\system32\drivers\RMCast.sys
+ 2008-05-08 12:14:51 203,008 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
+ 2007-11-30 20:57:12 279,088 ----a-w C:\WINDOWS\system32\drivers\srtsp.sys
+ 2007-11-30 20:57:12 317,616 ----a-w C:\WINDOWS\system32\drivers\srtspl.sys
+ 2007-11-30 20:57:12 43,696 ----a-w C:\WINDOWS\system32\drivers\srtspx.sys
+ 2008-06-13 11:13:38 13,616 ----a-w C:\WINDOWS\system32\drivers\symdns.sys
+ 2008-06-13 11:13:38 96,432 ----a-w C:\WINDOWS\system32\drivers\symfw.sys
+ 2008-06-13 11:13:38 38,576 ----a-w C:\WINDOWS\system32\drivers\symids.sys
+ 2008-06-13 11:14:02 31,280 ----a-w C:\WINDOWS\system32\drivers\SymIM.sys
+ 2008-06-13 11:13:38 37,424 ----a-w C:\WINDOWS\system32\drivers\symndis.sys
+ 2008-06-13 11:13:40 41,008 ----a-w C:\WINDOWS\system32\drivers\symndisv.sys
+ 2008-06-13 11:13:38 22,320 ----a-w C:\WINDOWS\system32\drivers\symredrv.sys
+ 2008-06-13 11:13:40 184,240 ----a-w C:\WINDOWS\system32\drivers\symtdi.sys
- 2007-08-08 16:28:24 360,704 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
+ 2008-06-20 10:44:42 360,960 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
- 2007-08-08 16:23:25 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
+ 2008-06-20 09:32:39 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
- 2007-08-08 16:24:50 132,608 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2008-06-23 16:01:39 132,608 ----a-w C:\WINDOWS\system32\extmgr.dll
- 2005-07-24 21:40:42 1,146,320 ----a-w C:\WINDOWS\system32\FM20.DLL
+ 2007-06-06 07:53:34 1,195,888 ----a-w C:\WINDOWS\system32\FM20.DLL
- 2005-07-24 21:40:46 32,584 ----a-w C:\WINDOWS\system32\FM20ENU.DLL
+ 2007-03-22 16:17:04 35,440 ----a-w C:\WINDOWS\system32\FM20ENU.DLL
- 2008-09-19 10:45:25 175,464 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-09-21 23:52:36 199,344 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2007-08-08 16:24:51 56,832 ----a-w C:\WINDOWS\system32\ie4uinit.exe
+ 2008-06-23 08:23:18 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
- 2007-08-08 16:24:51 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
+ 2008-06-23 16:01:39 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
- 2007-08-08 16:24:52 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
+ 2008-06-23 16:01:39 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
- 2007-08-08 16:24:52 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
+ 2008-06-21 05:23:53 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
- 2007-08-08 16:24:53 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
+ 2008-06-23 16:01:40 388,608 ----a-w C:\WINDOWS\system32\iedkcs32.dll
- 2007-08-08 16:24:54 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
+ 2008-06-23 16:01:43 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
- 2007-08-08 16:25:19 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2008-06-23 08:23:18 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
- 2007-08-08 16:21:29 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
+ 2008-04-11 18:39:39 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
- 2007-08-08 16:24:59 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2008-06-23 16:01:46 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2003-09-04 11:14:28 94,208 ----a-w C:\WINDOWS\system32\Macromed\Flash\GetFlash.exe
- 2005-07-24 21:26:44 24,816 ----a-w C:\WINDOWS\system32\mdimon.dll
+ 2007-04-09 10:23:54 28,040 ----a-w C:\WINDOWS\system32\mdimon.dll
- 2004-08-04 14:00:00 512,029 ----a-w C:\WINDOWS\system32\msexch40.dll
+ 2008-03-25 04:50:28 518,944 ----a-w C:\WINDOWS\system32\msexch40.dll
- 2004-08-04 14:00:00 319,517 ----a-w C:\WINDOWS\system32\msexcl40.dll
+ 2008-03-25 04:50:30 326,432 ----a-w C:\WINDOWS\system32\msexcl40.dll
- 2004-08-04 14:00:00 213,023 ----a-w C:\WINDOWS\system32\msltus40.dll
+ 2008-03-25 07:20:46 219,936 ----a-w C:\WINDOWS\system32\msltus40.dll
- 2004-08-04 14:00:00 348,189 ----a-w C:\WINDOWS\system32\mspbde40.dll
+ 2008-03-25 04:50:45 355,104 ----a-w C:\WINDOWS\system32\mspbde40.dll
- 2004-08-04 14:00:00 421,919 ----a-w C:\WINDOWS\system32\msrd2x40.dll
+ 2008-03-25 04:50:47 432,928 ----a-w C:\WINDOWS\system32\msrd2x40.dll
- 2004-08-04 14:00:00 315,423 ----a-w C:\WINDOWS\system32\msrd3x40.dll
+ 2008-03-25 04:50:49 322,336 ----a-w C:\WINDOWS\system32\msrd3x40.dll
- 2004-08-04 14:00:00 552,989 ----a-w C:\WINDOWS\system32\msrepl40.dll
+ 2008-03-25 04:50:52 559,904 ----a-w C:\WINDOWS\system32\msrepl40.dll
- 2004-08-04 14:00:00 258,077 ----a-w C:\WINDOWS\system32\mstext40.dll
+ 2008-03-25 04:50:55 264,992 ----a-w C:\WINDOWS\system32\mstext40.dll
- 2007-08-08 16:25:03 670,720 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2008-06-23 16:01:50 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
- 2007-08-08 16:22:23 838,360 ----a-w C:\WINDOWS\system32\mswdat10.dll
+ 2008-03-25 04:50:57 838,432 ----a-w C:\WINDOWS\system32\mswdat10.dll
- 2004-08-04 14:00:00 348,189 ----a-w C:\WINDOWS\system32\msxbde40.dll
+ 2008-03-25 04:50:58 355,104 ----a-w C:\WINDOWS\system32\msxbde40.dll
+ 2007-05-25 17:27:07 25,088 ----a-w C:\WINDOWS\system32\msxml3a.dll
- 2007-08-08 16:24:25 1,245,696 ----a-w C:\WINDOWS\system32\msxml4.dll
+ 2007-05-08 12:03:04 1,275,392 ----a-w C:\WINDOWS\system32\msxml4.dll
- 2007-08-08 16:24:27 1,317,648 ----a-w C:\WINDOWS\system32\msxml6.dll
+ 2007-05-15 12:43:10 1,320,800 ----a-w C:\WINDOWS\system32\msxml6.dll
- 2007-08-08 16:24:27 271,224 ----a-w C:\WINDOWS\system32\mucltui.dll
+ 2007-07-30 16:19:10 271,224 ----a-w C:\WINDOWS\system32\mucltui.dll
- 2007-08-08 16:24:27 208,248 ----a-w C:\WINDOWS\system32\muweb.dll
+ 2007-07-30 16:19:04 207,736 ----a-w C:\WINDOWS\system32\muweb.dll
- 2007-08-08 16:25:04 102,400 ----a-w C:\WINDOWS\system32\occache.dll
+ 2008-06-23 16:01:50 102,912 ----a-w C:\WINDOWS\system32\occache.dll
+ 2007-07-30 16:18:40 33,624 ----a-w C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.0.6000.381\wups.dll
+ 2007-07-30 16:19:12 43,352 ----a-w C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.0.6000.381\wups2.dll
+ 2007-11-30 11:18:51 17,272 ------w C:\WINDOWS\system32\spmsg.dll
- 2005-07-24 21:26:44 765,680 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mdigraph.dll
+ 2007-04-09 10:24:04 758,664 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mdigraph.dll
- 2005-07-24 21:26:46 42,224 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mdiui.dll
+ 2007-04-09 10:23:58 46,472 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mdiui.dll
- 2005-07-24 21:26:44 765,680 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\mdigraph.dll
+ 2007-04-09 10:24:04 758,664 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\mdigraph.dll
- 2005-07-24 21:26:46 42,224 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\mdiui.dll
+ 2007-04-09 10:23:58 46,472 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\mdiui.dll
- 2005-07-24 21:26:44 25,840 ----a-w C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
+ 2007-04-09 10:23:54 28,552 ----a-w C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
+ 2008-06-13 11:45:48 579,464 ----a-w C:\WINDOWS\system32\SymNeti.dll
+ 2008-06-13 11:45:44 207,240 ----a-w C:\WINDOWS\system32\SymRedir.dll
+ 2008-07-14 11:09:18 62,976 ------w C:\WINDOWS\system32\tzchange.exe
- 2007-08-08 16:23:50 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
+ 2007-07-30 16:19:36 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
- 2007-08-08 16:23:50 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
+ 2007-07-30 16:19:16 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
- 2007-08-08 16:23:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll
+ 2007-07-30 16:19:42 1,712,984 ----a-w C:\WINDOWS\system32\wuaueng.dll
- 2007-08-08 16:23:55 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
+ 2007-07-30 16:19:32 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
- 2007-08-08 16:23:55 33,624 ----a-w C:\WINDOWS\system32\wups.dll
+ 2007-07-30 16:18:40 33,624 ----a-w C:\WINDOWS\system32\wups.dll
- 2007-08-08 16:24:34 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
+ 2007-07-30 16:19:12 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
- 2007-08-08 16:23:55 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
+ 2007-07-30 16:19:28 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
+ 2007-05-08 12:06:44 1,275,392 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9848.0_x-ww_1b897e9a\msxml4.dll
+ 2005-09-22 20:49:12 95,744 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841\ATL80.dll
+ 2006-12-01 19:56:00 96,256 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll
+ 2006-12-01 19:54:32 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll
+ 2006-12-01 19:54:34 548,864 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll
+ 2006-12-01 19:54:32 626,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll
+ 2005-09-22 20:48:08 1,015,808 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.DebugCRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_f75eb16c\msvcm80d.dll
+ 2005-09-22 20:48:08 1,028,096 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.DebugCRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_f75eb16c\msvcp80d.dll
+ 2005-09-22 20:48:08 1,171,456 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.DebugCRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_f75eb16c\msvcr80d.dll
+ 2005-09-22 22:16:02 2,375,680 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.DebugMFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_c8452471\mfc80d.dll
+ 2005-09-22 22:16:06 2,379,264 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.DebugMFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_c8452471\mfc80ud.dll
+ 2005-09-22 22:16:10 114,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.DebugMFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_c8452471\mfcm80d.dll
+ 2005-09-22 22:16:12 102,400 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.DebugMFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_c8452471\mfcm80ud.dll
+ 2005-09-22 22:35:10 102,400 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.DebugOpenMP_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_66b81908\vcompd.dll
+ 2005-09-22 22:16:02 1,093,632 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80.dll
+ 2005-09-22 22:16:06 1,079,808 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80u.dll
+ 2005-09-22 22:16:08 69,632 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80.dll
+ 2005-09-22 22:16:10 57,344 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80u.dll
+ 2006-12-01 21:25:52 1,101,824 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll
+ 2006-12-01 21:25:56 1,093,120 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll
+ 2006-12-01 21:25:58 69,632 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll
+ 2006-12-01 21:26:00 57,856 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll
+ 2005-09-22 21:58:06 40,960 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHS.dll
+ 2005-09-22 21:58:06 45,056 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHT.dll
+ 2005-09-22 21:58:06 65,536 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80DEU.dll
+ 2005-09-22 21:58:06 57,344 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ENU.dll
+ 2005-09-22 21:58:06 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ESP.dll
+ 2005-09-22 21:58:06 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80FRA.dll
+ 2005-09-22 21:58:06 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ITA.dll
+ 2005-09-22 21:58:06 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80JPN.dll
+ 2005-09-22 21:58:06 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80KOR.dll
+ 2006-12-01 21:08:00 40,960 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll
+ 2006-12-01 21:08:00 45,056 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll
+ 2006-12-01 21:08:00 65,536 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll
+ 2006-12-01 21:08:00 57,344 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll
+ 2006-12-01 21:08:00 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll
+ 2006-12-01 21:08:00 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll
+ 2006-12-01 21:08:00 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll
+ 2006-12-01 21:08:00 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll
+ 2006-12-01 21:08:00 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll
+ 2005-09-22 22:35:10 65,536 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0ee63867\vcomp.dll
+ 2008-04-15 17:54:19 1,724,416 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.3352_x-ww_81af8e88\GdiPlus.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 15360]
"RocketDock"="C:\Program Files\RocketDock\RocketDock.exe" [2007-03-19 630784]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-08-16 167368]
"Rainlendar2"="C:\Program Files\Rainlendar2\Rainlendar2.exe" [2007-07-24 1298432]
"IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe" [2008-09-15 2606512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VistaDrive"="C:\WINDOWS\VistaDrive\VistaDrive.exe" [2006-10-05 280779]
"LClock"="C:\Program Files\LClock\LClock.exe" [2004-09-19 65536]
"D-Link D-Link Wireless G DWA-110"="C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe" [2007-05-04 1662976]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2003-03-11 155648]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2003-03-11 114688]
"Base frag grid bows"="C:\Documents and Settings\All Users\Application Data\Cast ping base frag\Seek great.exe" [2008-09-23 517120]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2008-02-14 51048]
"osCheck"="C:\Program Files\Norton AntiVirus\osCheck.exe" [2007-08-25 714608]
"GhostStartTrayApp"="C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe" [2002-08-14 94208]
"Resume copy"="copyfstq.exe" [2002-03-24 C:\WINDOWS\COPYFSTQ.EXE]
"SoundMan"="SOUNDMAN.EXE" [2005-11-11 C:\WINDOWS\SOUNDMAN.EXE]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 15360]
"RocketDock"="C:\Program Files\RocketDock\RocketDock.exe" [2007-03-19 630784]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"ShowDeskFix"="shell32" [X]
"nltide_3"="advpack.dll" [2007-08-08 C:\WINDOWS\system32\advpack.dll]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
PalTalk.lnk - C:\Program Files\Paltalk Messenger\paltalk.exe [2008-09-11 11713536]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"=hex(2):58,50,69,7a,65,5f,4c,6f,67,6f,6e,2e,65,78,65,00
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= divxa32.acm
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
--a------ 2008-09-15 21:30 2606512 C:\Program Files\Internet Download Manager\IDMan.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Rainlendar2]
--a------ 2007-07-24 10:12 1298432 C:\Program Files\Rainlendar2\Rainlendar2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock]
--a------ 2007-03-19 00:05 630784 C:\Program Files\RocketDock\RocketDock.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\Program Files\\IEPro\\MiniDM.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
R1 GhPciScan;GhostPciScanner;C:\Program Files\Symantec\Norton Ghost 2003\ghpciscan.sys [2002-08-14 5632]
R2 HWiNFO32;HWiNFO32 Kernel Driver;C:\Program Files\HWiNFO32\HWiNFO32.SYS [2007-03-05 8064]
R2 LiveUpdate Notice;LiveUpdate Notice;C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-02-14 149864]
S3 COH_Mon;COH_Mon;C:\WINDOWS\system32\Drivers\COH_Mon.sys [2008-07-30 23888]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WudfServiceGroup REG_SZ hex(7):57,00,55,00,44,00,46,00,53,00,76,00,63,00,00,00,00,00
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2ad6b5d1-34db-11dc-ad72-806d6172696f}]
\Shell\AutoRun\command - D:\setup.exe
*Newly Created Service* - ALERTER
.
s of the 'Scheduled Tasks' folder
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\XPPRESP3\Application Data\Mozilla\Firefox\Profiles\2moj8l1y.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE -
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://arabia.msn.com/
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

Rootkit scan 2008-09-23 03:31:05
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WudfPf]
"ImagePath"="hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,57,00,75,00,64,00,66,00,50,00,66,00,2e,00,73,00,79,00,73,00,00,00"
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WudfRd]
"ImagePath"="hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,77,00,75,00,64,00,66,00,72,00,64,00,2e,00,73,00,79,00,73,00,00,00"
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WudfSvc]
"ImagePath"="hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,6b,00,20,00,57,00,75,00,64,00,66,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,47,00,72,00,6f,00,75,00,70,00,00,00"
"ServiceDll"="hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,57,00,55,00,44,00,46,00,53,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,00"
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WudfPf]
"ImagePath"="hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,57,00,75,00,64,00,66,00,50,00,66,00,2e,00,73,00,79,00,73,00,00,00"
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WudfRd]
"ImagePath"="hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,77,00,75,00,64,00,66,00,72,00,64,00,2e,00,73,00,79,00,73,00,00,00"
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WudfSvc]
"ImagePath"="hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,6b,00,20,00,57,00,75,00,64,00,66,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,47,00,72,00,6f,00,75,00,70,00,00,00"
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WudfSvc]
"ImagePath"="hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,6b,00,20,00,57,00,75,00,64,00,66,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,47,00,72,00,6f,00,75,00,70,00,00,00"
"ServiceDll"="hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,57,00,55,00,44,00,46,00,53,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,00"
.
Completion time: 2008-09-23 3:33:12
ComboFix-quarantined-files.txt 2008-09-23 00:32:43
ComboFix2.txt 2008-09-20 03:13:20
ComboFix3.txt 2008-09-20 03:07:54
Pre-Run: 12,421,218,304 bytes free
Post-Run: 12,524,933,120 bytes free
691 --- E O F --- 2008-09-23 00:27:37

وهذا تقرير SmitFraudFix

SmitFraudFix v2.353
Scan done at 3:47:26.03, Tue 09/23/2008
Run from D:\Downloads\Programs\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Killing process

»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix
S!Ri's WS2Fix: LSP not Found.

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix
AntiXPVSTFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» RK

»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: D-Link Wireless G DWA-110 USB Adapter - Packet Scheduler Miniport
DNS Server Search Order: 192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{96D47F61-36E6-447F-B9AC-9D4652AC4B56}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{96D47F61-36E6-447F-B9AC-9D4652AC4B56}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{96D47F61-36E6-447F-B9AC-9D4652AC4B56}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» End

one_sa · 23 سبتمبر 2008

رفع

البارون · 23 سبتمبر 2008

هلا اخوي ممكن تعطيني تقرير هايجاك جديد

one_sa · 23 سبتمبر 2008

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 04:55:34, on 9/23/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20861)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\FolderSize\FolderSizeSvc.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
C:\WINDOWS\VistaDrive\VistaDrive.exe
C:\Program Files\LClock\LClock.exe
C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Paltalk Messenger\paltalk.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\explorer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Program Files\Trend Micro HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favorites
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O4 - HKLM\..\Run: [VistaDrive] C:\WINDOWS\VistaDrive\VistaDrive.exe
O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe
O4 - HKLM\..\Run: [Resume copy] copyfstq.exe /startup
O4 - HKLM\..\Run: [D-Link D-Link Wireless G DWA-110] C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Base frag grid bows] C:\Documents and Settings\All Users\Application Data\Cast ping base frag\Seek great.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe"
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [boobfree] C:\DOCUME~1\XPPRESP3\APPLIC~1\SITEBA~1\HECK HTM.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')
O4 - Global Startup: PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Lookup on Merriam Webster -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

Files\ieSpell\Merriam Webster.HTM
O8 - Extra context menu item: Lookup on Wikipedia -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

Files\ieSpell\wikipedia.HTM
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Unknown owner - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe (file missing)
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Folder Size (FolderSize) - Brio - C:\Program Files\FolderSize\FolderSizeSvc.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: Windows Driver Foundation - User-mode Driver Framework (WudfSvc) - Unknown owner - hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,6b,00,20,00,57,00,75,00,64,00,66,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,47,00,72,00,6f,00,75,00,70,00,00,00 (file missing)
--
End of file - 8699 bytes

البارون · 23 سبتمبر 2008

اخوي الظاهر في التقرير

نظامك يحتاج الى ترقية او تحديث

لايوجد لديك برنامج حماية

وهذي اشياء مهمة للحفاظ على الجهاز

احذف هذي القيم

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O4 - HKLM\..\Run: [Base frag grid bows] C:\Documents and Settings\All Users\Application Data\Cast ping base frag\Seek great.exe

O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')

O23 - Service: Windows Driver Foundation - User-mode Driver Framework (WudfSvc) - Unknown owner - hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,5 2,00,6f,00,6f,00,74,00,25,00,5c,00,73,00,79,00,73, 00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,76,00 ,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,6 5,00,20,00,2d,00,6b,00,20,00,57,00,75,00,64,00,66, 00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,47,00 ,72,00,6f,00,75,00,70,00,00,00 (file missing)

وركب برنامج حماية وحدث وبعدين اخوي نبي تقرير جديد

one_sa · 23 سبتمبر 2008

اخوي الحماية اللي عندي Norton AntiVirus2008

وبالنسبة لنسخة الويندووز/ الذكية المعدلة

فارس الملاك · 23 سبتمبر 2008

عزيزي حاليا طبق هالشرح عشان مايسوي اعادة تشغيل من نفسه

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

ثانيا انصحك انك تغير برنامج الحماية وتركب الكاسبر

one_sa · 23 سبتمبر 2008

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 05:29:41, on 9/23/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20861)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\FolderSize\FolderSizeSvc.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
C:\WINDOWS\VistaDrive\VistaDrive.exe
C:\Program Files\LClock\LClock.exe
C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Paltalk Messenger\paltalk.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\explorer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Program Files\Trend Micro HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favorites
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O4 - HKLM\..\Run: [VistaDrive] C:\WINDOWS\VistaDrive\VistaDrive.exe
O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe
O4 - HKLM\..\Run: [Resume copy] copyfstq.exe /startup
O4 - HKLM\..\Run: [D-Link D-Link Wireless G DWA-110] C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe"
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [boobfree] C:\DOCUME~1\XPPRESP3\APPLIC~1\SITEBA~1\HECK HTM.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')
O4 - Global Startup: PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Lookup on Merriam Webster -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

Files\ieSpell\Merriam Webster.HTM
O8 - Extra context menu item: Lookup on Wikipedia -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

Files\ieSpell\wikipedia.HTM
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Unknown owner - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe (file missing)
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Folder Size (FolderSize) - Brio - C:\Program Files\FolderSize\FolderSizeSvc.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: Windows Driver Foundation - User-mode Driver Framework (WudfSvc) - Unknown owner - hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,6b,00,20,00,57,00,75,00,64,00,66,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,47,00,72,00,6f,00,75,00,70,00,00,00 (file missing)
--
End of file - 8570 bytes

one_sa · 23 سبتمبر 2008

الف شكر لك / فارس الملاك

تم الغاء الخاصية

one_sa · 23 سبتمبر 2008

للرفع

فارس الملاك · 23 سبتمبر 2008

جاري التحليل

فارس الملاك · 23 سبتمبر 2008

احذف هالقيم

O4 - HKCU\..\Run: [boobfree] C:\DOCUME~1\XPPRESP3\APPLIC~1\SITEBA~1\HECK HTM.exe

O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present

طريقة الحذف

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

=================================

استخدم هذه الاداة للتنظيف

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

وياليت لو تحذف سيمانتك انتي فايروس وتركب بدالة الكااااسبر

طبعا لاتنسى تعمل اعادة تشغيل بعد حذف القيم

one_sa · 23 سبتمبر 2008

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 06:21:08, on 9/23/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20861)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\FolderSize\FolderSizeSvc.exe
C:\WINDOWS\VistaDrive\VistaDrive.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
C:\Program Files\LClock\LClock.exe
C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\msconfig.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Trend Micro HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favorites
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O4 - HKLM\..\Run: [VistaDrive] C:\WINDOWS\VistaDrive\VistaDrive.exe
O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe
O4 - HKLM\..\Run: [Resume copy] copyfstq.exe /startup
O4 - HKLM\..\Run: [D-Link D-Link Wireless G DWA-110] C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Lookup on Merriam Webster -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

Files\ieSpell\Merriam Webster.HTM
O8 - Extra context menu item: Lookup on Wikipedia -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

Files\ieSpell\wikipedia.HTM
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Unknown owner - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe (file missing)
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Folder Size (FolderSize) - Brio - C:\Program Files\FolderSize\FolderSizeSvc.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: Windows Driver Foundation - User-mode Driver Framework (WudfSvc) - Unknown owner - hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,6b,00,20,00,57,00,75,00,64,00,66,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,47,00,72,00,6f,00,75,00,70,00,00,00 (file missing)
--
End of file - 7125 bytes

one_sa · 23 سبتمبر 2008

للرفع

فارس الملاك · 23 سبتمبر 2008

تقريرك سليم عزيزي

بس مثل ماقلت لك اتمنى تركب الكاسبر

one_sa · 23 سبتمبر 2008

الحمدلله

راح اجربه الفترة القادمة

جزاكم الله الف خير جميعاً

الف شكر لك / فارس الملاك

one_sa · 23 سبتمبر 2008

هل من الممكن اختبار فعالية عمل الرام؟

برنامج Avast Premium Security 24.12.9725 تفعيل بسيريال مدة 680 يوم​

زيزوومي جديد

داعم للمنتدى،(خبراء زيزووم )

توقيع : Demo-dashDemo-dash is verified member.

زيزوومي جديد

زيزوومي جديد

زيزوومي جديد

زيزوومى فضى

توقيع : البارون

زيزوومي جديد

زيزوومى فضى

توقيع : البارون

زيزوومي جديد

زيزوومى محترف

توقيع : فارس الملاك

زيزوومي جديد

زيزوومي جديد

زيزوومي جديد

زيزوومى محترف

توقيع : فارس الملاك

زيزوومى محترف

توقيع : فارس الملاك

زيزوومي جديد

زيزوومي جديد

زيزوومى محترف

توقيع : فارس الملاك

زيزوومي جديد

زيزوومي جديد

برنامج Avast Premium Security 24.12.9725 تفعيل بسيريال مدة 680 يوم

توقيع : Demo-dash