مشكلتي في الجهاز انه بطي

[عاشق الاحلام]

السلام عليكم ورحمة الله وبركاته
مشكلتي في الجهاز انه بطي في التنقل بين الملفات
و التصفح واثناء التشغيل
ارجوو الافاده وجزاكم الله كل خير

 

[هاوي النت]

اعمل تقرير للهايجاك

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات ويظهر لك تقرير ,, انسخه والصقه بردك القادم​

 

[عاشق الاحلام]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

وهذا التقرير

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:42:04 م, on 17/12/08
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32\p2phost.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Users\vista\Desktop\اذاعه\Zyzoom_HijackThis.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: SuperAdBlockerBHO Class - {00000000-6C30-11D8-9363-000AE6309654} - C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\SABBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: FDMIEsBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: VeriSoft Access Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll
O3 - Toolbar: Super Ad Blocker Toolbar - {B4B3001E-0F56-4E51-8250-BDE11547EC55} - C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\sabtb.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SuperAdBlocker] C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\SAdBlock.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SHIM LINK FREE BALL] "C:\ProgramData\Dumb Settings Rect.s9sid"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: "إضافة إلى حاجب الدعايات" - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: Free Download Manager تحميل الفيديو بواسطة -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: تحميل المحددة بفري داونلود مانيجر -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: تنزيل الكل بفري داونلود مانيجر -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: تنزيل بفري داونلود مانيجر -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Files\Free Download Manager\dllink.htm
O9 - Extra button: احصائيات حماية حركة مرور الشبكة - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: CabBuilder -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} (ReadUid.UserControlMacEntry) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash ) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: APSHook.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O20 - Winlogon Notify: !SABWinLogon - C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\SABWINLO.DLL
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Super Ad Blocker Service (SABSVC) - SuperAdBlocker.com - C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\SABSVC.EXE
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 9997 bytes

 

[هاوي النت]

عطل جميع برامج الحماية ,,
وحمل هذه الاداة واحفظها على سطح المكتب

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم
​

 

[عاشق الاحلام]

ComboFix 08-12-16.03 - vista 12/17/2008 13:56:04.3 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1256.1.1033.18.1022.312 [GMT 3:00]
Running from: c:\users\vista\Desktop\ComboFix.exe
.
((((((((((((((((((((((((( Files Created from 2008-11-17 to 2008-12-17 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-17 11:02 --------- d-----w c:\users\vista\AppData\Roaming\Free Download Manager
2008-12-17 10:37 --------- d-----w c:\programdata\Kaspersky Lab
2008-12-16 17:03 696,352 --sha-w c:\windows\system32\drivers\fidbox2.dat
2008-12-16 16:09 5,556 --sha-w c:\windows\system32\drivers\fidbox2.idx
2008-12-15 03:55 252,644 --sha-w c:\windows\system32\drivers\fidbox.idx
2008-12-15 03:55 21,467,168 --sha-w c:\windows\system32\drivers\fidbox.dat
2008-12-13 15:12 --------- d-----w c:\program files\Common Files\xing shared
2008-12-13 15:11 --------- d-----w c:\program files\Real
2008-12-13 15:11 --------- d-----w c:\program files\Common Files\Real
2008-12-13 03:45 --------- d-----w c:\programdata\Microsoft Help
2008-12-13 00:30 --------- d-----w c:\program files\Java
2008-12-13 00:15 --------- d-----w c:\program files\Windows Mail
2008-12-12 20:21 13,025 ----a-w c:\users\vista\AppData\Roaming\nvModes.dat
2008-12-06 22:52 --------- d-----w c:\users\vista\AppData\Roaming\CyberLink
2008-12-05 13:39 --------- d-----w c:\program files\Broadcom
2008-11-27 14:23 96,976 ----a-w c:\windows\system32\drivers\klin.dat
2008-11-27 13:41 87,855 ----a-w c:\windows\system32\drivers\klick.dat
2008-11-27 13:37 --------- d-----w c:\program files\Kaspersky Lab
2008-11-27 00:43 --------- d-----w c:\programdata\OPTION16DEAF
2008-11-27 00:43 --------- d-----w c:\programdata\hide cool shim link
2008-11-27 00:07 --------- d-----w c:\programdata\is-UEAN4
2008-11-26 23:36 --------- d-----w c:\programdata\avg8
2008-11-22 12:12 --------- d-----w c:\program files\AVG
2008-11-22 12:07 --------- d---a-w c:\programdata\TEMP
2008-11-22 12:04 --------- d-----w c:\users\vista\AppData\Roaming\URSoft
2008-11-22 11:42 --------- d-----w c:\users\vista\AppData\Roaming\IObit
2008-11-22 11:42 --------- d-----w c:\program files\IObit
2008-11-21 11:19 --------- d-----w c:\users\vista\AppData\Roaming\SuperAdBlocker.com
2008-11-21 11:07 --------- d-----w c:\program files\NoAdware
2008-11-21 09:43 --------- d-----w c:\program files\SuperAdBlocker.com
2008-11-21 08:37 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2008-11-19 22:25 28,672 ----a-w c:\windows\system32\drivers\RKHit.sys
2008-11-15 20:32 --------- d-----w c:\program files\Common Files\Adobe
2008-11-14 21:07 --------- d-----w c:\program files\EPCTV
2008-11-14 14:17 --------- d-----w c:\users\vista\AppData\Roaming\Sammsoft
2008-11-14 14:16 193,024 ----a-w C:\ARO.exe
2008-11-14 14:05 --------- d-----w c:\users\vista\AppData\Roaming\WIPE
2008-11-13 14:40 --------- d-----w c:\program files\JetAudio
2008-11-09 10:19 --------- d-----w c:\program files\Common Files\BitDefender
2008-11-05 16:10 --------- d-----w c:\program files\Messenger Plus! Live
2008-11-03 10:36 --------- d-----w c:\programdata\WLInstaller
2008-11-03 10:36 --------- d-----w c:\program files\Windows Live
2008-11-01 03:44 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll
2008-11-01 03:44 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll
2008-11-01 03:44 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll
2008-11-01 03:44 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll
2008-11-01 03:44 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll
2008-10-30 21:57 --------- d-----w c:\users\vista\AppData\Roaming\BSplayer
2008-10-29 06:29 2,927,104 ----a-w c:\windows\explorer.exe
2008-10-26 05:16 --------- d-----w c:\programdata\Roxio
2008-10-22 04:09 --------- d-----w c:\program files\Microsoft Silverlight
2008-10-18 13:55 --------- d-----w c:\program files\Teorex
2008-10-17 09:53 --------- d-----w c:\users\vista\AppData\Roaming\elefundesktops
2008-06-13 00:24 174 --sha-w c:\program files\desktop.ini
2008-05-08 19:04 12,902,733 ----a-w c:\users\vista\ArabTV1_.EXE
2005-05-11 13:23 1 --sha-w c:\windows\fidbox.dat
2008-03-13 20:35 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-03-13 20:35 32,768 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\.IE5\index.dat
2008-03-13 20:35 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\s\index.dat
.
((((((((((((((((((((((((((((( snapshot_Thu 11-27-2008_ 1.20.18.29 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-11-26 22:09:16 14,020 ----a-w c:\windows\bthservsdp.dat
+ 2008-12-17 11:02:48 14,844 ----a-w c:\windows\bthservsdp.dat
- 2008-11-26 22:00:06 51,200 ----a-w c:\windows\inf\infpub.dat
+ 2008-12-17 08:54:47 51,200 ----a-w c:\windows\inf\infpub.dat
- 2008-11-23 10:17:50 86,016 ----a-w c:\windows\inf\infstor.dat
+ 2008-11-27 13:39:05 86,016 ----a-w c:\windows\inf\infstor.dat
- 2008-11-26 22:00:06 143,360 ----a-w c:\windows\inf\infstrng.dat
+ 2008-12-17 08:54:47 143,360 ----a-w c:\windows\inf\infstrng.dat
- 2008-10-04 15:52:33 65,536 ----a-r c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\_4E403E143BE9_4CD1_B8DF_8012EBBE9E82.exe
+ 2008-12-13 00:06:13 65,536 ----a-r c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\_4E403E143BE9_4CD1_B8DF_8012EBBE9E82.exe
- 2008-10-04 15:52:32 65,536 ----a-r c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\_630CEEA9B210_4765_A2B1_FC24596048D7.exe
+ 2008-12-13 00:06:13 65,536 ----a-r c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\_630CEEA9B210_4765_A2B1_FC24596048D7.exe
- 2008-10-04 15:52:32 184,320 ----a-r c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\_9FA356B1395F_4530_8CB3_946ED0B3291E.exe
+ 2008-12-13 00:06:13 184,320 ----a-r c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\_9FA356B1395F_4530_8CB3_946ED0B3291E.exe
- 2008-10-04 15:52:32 65,536 ----a-r c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\_B8B1511D9331_467C_9B1B_E8204012E95B.exe
+ 2008-12-13 00:06:13 65,536 ----a-r c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\_B8B1511D9331_467C_9B1B_E8204012E95B.exe
- 2008-10-04 15:52:32 17,534 ----a-r c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\gtngstrtd.exe
+ 2008-12-13 00:06:13 17,534 ----a-r c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\gtngstrtd.exe
- 2008-10-04 15:52:32 4,710 ----a-r c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\Win2Kico.exe
+ 2008-12-13 00:06:13 4,710 ----a-r c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\Win2Kico.exe
- 2008-10-04 15:52:32 4,710 ----a-r c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\WSBico.exe
+ 2008-12-13 00:06:13 4,710 ----a-r c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\WSBico.exe
- 2008-11-12 10:11:55 1,165,584 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2008-12-13 03:45:00 1,165,584 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
- 2008-11-12 10:11:56 20,240 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-12-13 03:45:00 20,240 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
- 2008-11-12 10:11:55 159,504 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2008-12-13 03:45:00 159,504 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
- 2008-11-12 10:11:55 184,080 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2008-12-13 03:45:00 184,080 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2008-11-12 10:11:56 217,864 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2008-12-13 03:45:00 217,864 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2008-11-12 10:11:56 18,704 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-12-13 03:45:00 18,704 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2008-11-12 10:11:56 35,088 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2008-12-13 03:45:00 35,088 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-11-12 10:11:55 845,584 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2008-12-13 03:45:00 845,584 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2008-11-12 10:11:56 922,384 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2008-12-13 03:45:00 922,384 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2008-11-12 10:11:56 272,648 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2008-12-13 03:45:00 272,648 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2008-11-12 10:11:56 888,080 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2008-12-13 03:45:00 888,080 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2008-11-12 10:11:55 1,172,240 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2008-12-13 03:45:00 1,172,240 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2008-11-12 10:12:14 217,864 ----a-r c:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
+ 2008-12-13 00:01:56 217,864 ----a-r c:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
- 2008-11-26 22:11:07 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2008-12-17 11:03:57 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2008-11-26 22:11:07 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2008-12-17 11:03:57 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2008-11-26 22:11:44 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-12-17 11:05:55 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
- 2008-10-04 16:31:01 2,641,057 -c--a-w c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareLicensing\tokens.dat
+ 2008-12-13 00:20:15 2,641,057 -c--a-w c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareLicensing\tokens.dat
- 2008-11-26 22:11:44 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-12-17 11:05:54 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-12-17 11:05:54 262,144 ---ha-w c:\windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
- 2008-07-31 03:32:38 28,160 ----a-w c:\windows\System32\Apphlpdm.dll
+ 2008-11-01 03:44:34 28,672 ----a-w c:\windows\System32\Apphlpdm.dll
+ 2008-11-27 13:33:20 262,144 ----a-w c:\windows\System32\config\Journal\NTUSER.DAT
+ 2008-11-27 13:33:21 262,144 ----a-w c:\windows\System32\config\RCCBakup\NTUSER.DAT
+ 2008-11-27 13:33:21 262,144 ----a-w c:\windows\System32\config\RegBack\NTUSER.DAT
- 2008-11-26 22:01:38 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-12-17 11:04:05 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-11-26 22:01:38 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\.IE5\index.dat
+ 2008-12-17 11:04:05 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\.IE5\index.dat
- 2008-11-26 22:01:38 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\s\index.dat
+ 2008-12-17 11:04:05 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\s\index.dat
- 2008-11-26 11:46:36 262,144 ----a-w c:\windows\System32\config\systemprofile\ntuser.dat
+ 2008-12-17 10:55:52 262,144 ----a-w c:\windows\System32\config\systemprofile\ntuser.dat
+ 2008-11-27 13:33:21 262,144 ----a-w c:\windows\System32\config\TxR\NTUSER.DAT
- 2008-11-11 17:35:50 410,976 ----a-w c:\windows\System32\deploytk.dll
+ 2008-11-10 02:43:30 410,984 ----a-w c:\windows\System32\deploytk.dll
+ 2008-07-21 15:34:36 121,872 ----a-w c:\windows\System32\drivers\kl1.sys
+ 2008-01-29 15:29:38 32,784 ----a-w c:\windows\System32\drivers\klbg.sys
+ 2008-03-13 16:02:46 26,640 ----a-w c:\windows\System32\drivers\klfltdev.sys
+ 2008-11-27 13:36:53 216,080 ----a-w c:\windows\System32\drivers\klif.sys
+ 2008-07-09 15:28:26 20,496 ----a-w c:\windows\System32\drivers\klim6.sys
+ 2008-07-29 17:20:00 24,774 ----a-w c:\windows\System32\drivers\klopp.dat
+ 2008-07-09 15:28:26 20,496 ----a-w c:\windows\System32\DriverStore\FileRepository\klim6.inf_bd3b4907\klim6.sys
- 2008-07-31 01:13:15 4,240,384 ----a-w c:\windows\System32\GameUXLegacyGDFs.dll
+ 2008-11-01 01:21:40 4,240,384 ----a-w c:\windows\System32\GameUXLegacyGDFs.dll
- 2008-02-22 04:57:23 295,936 ----a-w c:\windows\System32\gdi32.dll
+ 2008-10-21 05:25:18 296,960 ----a-w c:\windows\System32\gdi32.dll
- 2008-10-02 03:49:14 6,068,736 ----a-w c:\windows\System32\ieframe.dll
+ 2008-10-16 04:47:29 6,068,736 ----a-w c:\windows\System32\ieframe.dll
- 2008-10-02 03:49:14 270,336 ----a-w c:\windows\System32\iertutil.dll
+ 2008-10-16 04:47:29 270,336 ----a-w c:\windows\System32\iertutil.dll
- 2008-11-11 17:35:50 144,792 ----a-w c:\windows\System32\java.exe
+ 2008-11-10 02:43:37 144,792 ----a-w c:\windows\System32\java.exe
- 2008-11-11 17:35:50 144,792 ----a-w c:\windows\System32\javaw.exe
+ 2008-11-10 02:43:38 144,792 ----a-w c:\windows\System32\javaw.exe
- 2008-11-11 17:35:50 148,888 ----a-w c:\windows\System32\javaws.exe
+ 2008-11-10 02:43:39 148,888 ----a-w c:\windows\System32\javaws.exe
- 2008-10-02 03:49:14 28,160 ----a-w c:\windows\System32\jsproxy.dll
+ 2008-10-16 04:47:30 28,160 ----a-w c:\windows\System32\jsproxy.dll
- 2008-04-25 15:22:24 206,088 ----a-w c:\windows\System32\klogon.dll
+ 2008-07-29 17:21:42 218,376 ----a-w c:\windows\System32\klogon.dll
- 2008-01-19 07:33:14 94,720 ----a-w c:\windows\System32\logagent.exe
+ 2008-06-23 01:58:43 94,720 ----a-w c:\windows\System32\logagent.exe
+ 2003-09-04 11:14:28 94,208 ----a-w c:\windows\System32\Macromed\Flash\GetFlash.exe
- 2008-01-19 07:36:08 2,867,712 ----a-w c:\windows\System32\mf.dll
+ 2008-06-23 01:59:25 2,868,736 ----a-w c:\windows\System32\mf.dll
- 2008-11-04 00:10:25 17,318,336 ----a-w c:\windows\System32\mrt.exe
+ 2008-12-09 23:24:37 17,593,280 ----a-w c:\windows\System32\mrt.exe
- 2008-10-02 03:49:15 3,578,880 ----a-w c:\windows\System32\mshtml.dll
+ 2008-10-16 04:47:30 3,578,880 ----a-w c:\windows\System32\mshtml.dll
- 2008-10-02 03:49:16 671,232 ----a-w c:\windows\System32\mstime.dll
+ 2008-10-16 04:47:32 671,232 ----a-w c:\windows\System32\mstime.dll
- 2007-08-27 17:12:00 745,472 ----a-w c:\windows\System32\NETw4c32.dll
+ 2007-03-01 12:49:52 679,936 ----a-w c:\windows\System32\NETw4c32.dll
- 2008-11-26 13:25:40 106,120 ----a-w c:\windows\System32\perfc009.dat
+ 2008-12-17 04:18:08 106,120 ----a-w c:\windows\System32\perfc009.dat
- 2008-11-26 13:25:40 598,850 ----a-w c:\windows\System32\perfh009.dat
+ 2008-12-17 04:18:08 598,850 ----a-w c:\windows\System32\perfh009.dat
- 2008-11-13 18:41:05 278,528 ----a-w c:\windows\System32\pncrt.dll
+ 2008-12-13 15:11:52 278,528 ----a-w c:\windows\System32\pncrt.dll
- 2008-11-13 18:41:07 6,656 ----a-w c:\windows\System32\pndx5016.dll
+ 2008-12-13 15:11:53 6,656 ----a-w c:\windows\System32\pndx5016.dll
- 2008-11-13 18:41:07 5,632 ----a-w c:\windows\System32\pndx5032.dll
+ 2008-12-13 15:11:53 5,632 ----a-w c:\windows\System32\pndx5032.dll
- 2008-11-13 18:41:19 185,920 ----a-w c:\windows\System32\rmoc3260.dll
+ 2008-12-13 15:11:56 185,920 ----a-w c:\windows\System32\rmoc3260.dll
- 2008-04-24 04:58:20 11,580,416 ----a-w c:\windows\System32\shell32.dll
+ 2008-11-06 13:14:25 11,580,928 ----a-w c:\windows\System32\shell32.dll
- 2008-11-26 11:03:38 6,291,456 ----a-w c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2008-12-13 04:43:11 6,291,456 ----a-w c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
- 2008-07-16 01:32:44 2,048 ----a-w c:\windows\System32\tzres.dll
+ 2008-10-22 01:22:11 2,048 ----a-w c:\windows\System32\tzres.dll
- 2008-10-02 03:49:19 1,166,336 ----a-w c:\windows\System32\urlmon.dll
+ 2008-10-16 04:47:34 1,166,336 ----a-w c:\windows\System32\urlmon.dll
- 2008-11-26 22:13:14 17,820 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1279448002-3292429204-1925273592-1000_UserData.bin
+ 2008-12-17 09:49:31 18,828 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1279448002-3292429204-1925273592-1000_UserData.bin
- 2008-11-26 22:13:14 89,852 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-12-17 09:49:31 90,194 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2008-11-26 21:54:55 2,888 ----a-w c:\windows\System32\WDI\ERCQueuedResolutions.dat
+ 2008-12-17 11:02:55 4,588 ----a-w c:\windows\System32\WDI\ERCQueuedResolutions.dat
- 2008-11-26 21:58:35 64,646 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2008-12-15 11:06:04 66,144 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
- 2008-11-26 15:47:33 292,034 ----a-w c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2008-12-16 20:21:48 299,016 ----a-w c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2008-11-23 23:03:13 287,196 ----a-w c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2008-12-13 11:55:23 290,396 ----a-w c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S4.bin
- 2008-10-02 03:49:19 827,392 ----a-w c:\windows\System32\wininet.dll
+ 2008-10-16 04:47:35 827,392 ----a-w c:\windows\System32\wininet.dll
- 2008-01-19 07:36:59 996,352 ----a-w c:\windows\System32\WMNetMgr.dll
+ 2008-06-23 01:59:26 996,352 ----a-w c:\windows\System32\WMNetMgr.dll
- 2008-01-19 07:36:11 2,386,944 ----a-w c:\windows\System32\WMVCORE.DLL
+ 2008-06-23 01:59:25 2,386,944 ----a-w c:\windows\System32\WMVCORE.DLL
- 2008-11-26 08:15:01 135,056,726 ----a-w c:\windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin
+ 2008-12-13 00:09:04 146,619,175 ----a-w c:\windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin
+ 2008-11-01 03:33:48 28,672 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..-experience-apphelp_31bf3856ad364e35_6.0.6000.16772_none_7fd1ee2663d3b893\Apphlpdm.dll
+ 2008-11-01 03:24:17 28,672 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..-experience-apphelp_31bf3856ad364e35_6.0.6000.20949_none_8082fea17cd2b312\Apphlpdm.dll
+ 2008-11-01 03:44:34 28,672 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..-experience-apphelp_31bf3856ad364e35_6.0.6001.18165_none_81c5fd9660ef7998\Apphlpdm.dll
+ 2008-10-31 03:35:04 28,672 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..-experience-apphelp_31bf3856ad364e35_6.0.6001.22299_none_82332bc57a21d291\Apphlpdm.dll
+ 2008-10-31 23:23:42 2,560 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6000.16772_none_09f24c89f55cce48\AcRes.dll
+ 2008-10-31 23:23:36 2,560 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6000.20949_none_0aa35d050e5bc8c7\AcRes.dll
+ 2008-03-08 01:58:43 2,560 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6001.18165_none_0be65bf9f2788f4d\AcRes.dll
+ 2008-10-31 01:05:22 2,560 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6001.22299_none_0c538a290baae846\AcRes.dll
+ 2008-11-01 03:33:48 2,144,256 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c3_31bf3856ad364e35_6.0.6000.16772_none_09f44d1df55b00f6\AcGenral.dll
+ 2008-11-01 03:24:15 2,144,768 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c3_31bf3856ad364e35_6.0.6000.20949_none_0aa55d990e59fb75\AcGenral.dll
+ 2008-11-01 03:44:34 2,154,496 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c3_31bf3856ad364e35_6.0.6001.18165_none_0be85c8df276c1fb\AcGenral.dll
+ 2008-10-31 03:35:04 2,154,496 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c3_31bf3856ad364e35_6.0.6001.22299_none_0c558abd0ba91af4\AcGenral.dll
+ 2008-11-01 03:33:48 449,536 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c4_31bf3856ad364e35_6.0.6000.16772_none_09f54d67f55a1a4d\AcSpecfc.dll
+ 2008-11-01 03:24:15 450,560 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c4_31bf3856ad364e35_6.0.6000.20949_none_0aa65de30e5914cc\AcSpecfc.dll
+ 2008-11-01 03:44:34 460,288 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c4_31bf3856ad364e35_6.0.6001.18165_none_0be95cd7f275db52\AcSpecfc.dll
+ 2008-10-31 03:35:04 460,288 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c4_31bf3856ad364e35_6.0.6001.22299_none_0c568b070ba8344b\AcSpecfc.dll
+ 2008-11-01 03:33:48 537,600 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6000.16772_none_09f64db1f55933a4\AcLayers.dll
+ 2008-11-01 03:33:48 173,056 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6000.16772_none_09f64db1f55933a4\AcXtrnal.dll
+ 2008-11-01 03:24:15 537,600 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6000.20949_none_0aa75e2d0e582e23\AcLayers.dll
+ 2008-11-01 03:24:15 173,056 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6000.20949_none_0aa75e2d0e582e23\AcXtrnal.dll
+ 2008-11-01 03:44:34 541,696 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6001.18165_none_0bea5d21f274f4a9\AcLayers.dll
+ 2008-11-01 03:44:34 173,056 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6001.18165_none_0bea5d21f274f4a9\AcXtrnal.dll
+ 2008-10-31 03:35:04 541,696 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6001.22299_none_0c578b510ba74da2\AcLayers.dll
+ 2008-10-31 03:35:04 173,056 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6001.22299_none_0c578b510ba74da2\AcXtrnal.dll
+ 2008-10-16 04:40:33 124,928 ----a-w c:\windows\winsxs\x86_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.16764_none_a9a84a59f5d70728\advpack.dll
+ 2008-10-16 04:19:25 124,928 ----a-w c:\windows\winsxs\x86_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.20937_none_aa5559ad0ed99c4b\advpack.dll
+ 2008-10-29 06:20:29 2,923,520 ----a-w c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
+ 2008-10-28 02:15:02 2,923,520 ----a-w c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
+ 2008-10-29 06:29:41 2,927,104 ----a-w c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
+ 2008-10-30 03:59:17 2,927,616 ----a-w c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
+ 2008-11-01 03:33:49 1,687,040 ----a-w c:\windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.16772_none_3fd0636ec44d63f6\gameux.dll
+ 2008-10-31 23:38:08 4,247,552 ----a-w c:\windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.16772_none_3fd0636ec44d63f6\GameUXLegacyGDFs.dll
+ 2008-11-01 03:25:02 1,686,528 ----a-w c:\windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.20949_none_408173e9dd4c5e75\gameux.dll
+ 2008-10-31 23:38:11 4,247,552 ----a-w c:\windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.20949_none_408173e9dd4c5e75\GameUXLegacyGDFs.dll
+ 2008-03-08 04:21:55 1,695,744 ----a-w c:\windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.18165_none_41c472dec16924fb\gameux.dll
+ 2008-11-01 01:21:40 4,240,384 ----a-w c:\windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.18165_none_41c472dec16924fb\GameUXLegacyGDFs.dll
+ 2008-10-31 03:35:06 1,696,256 ----a-w c:\windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.22299_none_4231a10dda9b7df4\gameux.dll
+ 2008-10-31 01:17:43 4,240,384 ----a-w c:\windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.22299_none_4231a10dda9b7df4\GameUXLegacyGDFs.dll
+ 2008-10-21 05:16:20 297,472 ----a-w c:\windows\winsxs\x86_microsoft-windows-gdi32_31bf3856ad364e35_6.0.6000.16766_none_575d8f704c563751\gdi32.dll
+ 2008-10-21 05:07:18 297,472 ----a-w c:\windows\winsxs\x86_microsoft-windows-gdi32_31bf3856ad364e35_6.0.6000.20940_none_57f6cc3d65690456\gdi32.dll
+ 2008-10-21 05:25:18 296,960 ----a-w c:\windows\winsxs\x86_microsoft-windows-gdi32_31bf3856ad364e35_6.0.6001.18159_none_59519ee04971f856\gdi32.dll
+ 2008-10-21 05:21:43 297,472 ----a-w c:\windows\winsxs\x86_microsoft-windows-gdi32_31bf3856ad364e35_6.0.6001.22291_none_59a7f9ab62b73d2c\gdi32.dll
+ 2008-10-16 04:40:37 44,544 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.16764_none_eba35409166fed27\pngfilt.dll
+ 2008-10-16 04:23:20 44,544 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.20937_none_ec50635c2f72824a\pngfilt.dll
+ 2008-10-16 04:40:37 1,160,192 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.16764_none_b2bffcbbd9d0648b\urlmon.dll
+ 2008-10-16 04:23:50 1,163,264 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.20937_none_b36d0c0ef2d2f9ae\urlmon.dll
+ 2008-10-16 04:47:34 1,166,336 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6001.18157_none_b4b40c2bd6ec2590\urlmon.dll
+ 2008-10-16 04:38:28 1,166,848 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6001.22288_none_b51e397cf0213284\urlmon.dll
+ 2008-10-16 04:40:36 671,232 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6000.16764_none_dea28b847f7923fa\mstime.dll
+ 2008-10-16 04:22:03 671,232 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6000.20937_none_df4f9ad7987bb91d\mstime.dll
+ 2008-10-16 04:47:32 671,232 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6001.18157_none_e0969af47c94e4ff\mstime.dll
+ 2008-10-16 04:38:25 671,232 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6001.22288_none_e100c84595c9f1f3\mstime.dll
+ 2008-10-21 23:31:22 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.16767_none_13273c340c95d620\tzres.dll
+ 2008-10-22 03:43:38 18,944 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.16767_none_13273c340c95d620\tzupd.exe
+ 2008-10-21 23:30:56 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.20941_none_13c0790125a8a325\tzres.dll
+ 2008-10-22 01:13:26 18,944 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.20941_none_13c0790125a8a325\tzupd.exe
+ 2008-10-22 01:22:11 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.18160_none_150678d409c2b5b0\tzres.dll
+ 2008-01-19 07:33:33 18,944 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.18160_none_150678d409c2b5b0\tzupd.exe
+ 2008-10-22 01:04:22 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.22292_none_1571a66f22f6dbfb\tzres.dll
+ 2008-10-22 03:34:43 18,944 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.22292_none_1571a66f22f6dbfb\tzupd.exe
+ 2008-10-16 04:40:35 27,648 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16764_none_ffc5d85da4d98b1e\jsproxy.dll
+ 2008-10-16 04:40:37 826,368 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16764_none_ffc5d85da4d98b1e\wininet.dll
+ 2008-10-16 04:40:37 64,512 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16764_none_ffc5d85da4d98b1e\WininetPlugin.dll
+ 2008-10-16 04:20:49 27,648 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20937_none_0072e7b0bddc2041\jsproxy.dll
+ 2008-10-16 04:24:00 827,904 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20937_none_0072e7b0bddc2041\wininet.dll
+ 2008-10-16 04:24:00 64,512 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20937_none_0072e7b0bddc2041\WininetPlugin.dll
+ 2008-10-16 04:47:30 28,160 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18157_none_01b9e7cda1f54c23\jsproxy.dll
+ 2008-10-16 04:47:35 827,392 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18157_none_01b9e7cda1f54c23\wininet.dll
+ 2008-02-22 05:01:41 64,512 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18157_none_01b9e7cda1f54c23\WininetPlugin.dll
+ 2008-10-16 04:38:24 28,160 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22288_none_0224151ebb2a5917\jsproxy.dll
+ 2008-10-16 04:38:28 827,904 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22288_none_0224151ebb2a5917\wininet.dll
+ 2008-10-16 04:38:28 64,512 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22288_none_0224151ebb2a5917\WininetPlugin.dll
+ 2007-04-11 23:21:53 2,455,488 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.16764_none_f96efb376ec50571\ieapfltr.dat
+ 2008-10-16 04:40:34 383,488 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.16764_none_f96efb376ec50571\ieapfltr.dll
+ 2007-04-11 23:21:53 2,455,488 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.20937_none_fa1c0a8a87c79a94\ieapfltr.dat
+ 2008-10-16 04:20:23 380,928 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.20937_none_fa1c0a8a87c79a94\ieapfltr.dll
+ 2008-10-16 04:40:34 347,136 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.16764_none_95a333ef84aa8b9f\dxtmsft.dll
+ 2008-10-16 04:40:34 214,528 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.16764_none_95a333ef84aa8b9f\dxtrans.dll
+ 2008-10-16 04:20:03 347,136 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.20937_none_965043429dad20c2\dxtmsft.dll
+ 2008-10-16 04:20:03 214,528 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.20937_none_965043429dad20c2\dxtrans.dll
+ 2008-10-16 04:40:35 477,696 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_6.0.6000.16764_none_4605ce47466b3e2c\mshtmled.dll
+ 2008-10-16 04:21:41 477,696 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_6.0.6000.20937_none_46b2dd9a5f6dd34f\mshtmled.dll
+ 2008-10-16 04:40:35 3,593,216 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16764_none_111ff77c252ff454\mshtml.dll
+ 2008-10-16 04:21:40 3,595,264 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20937_none_11cd06cf3e328977\mshtml.dll
+ 2008-10-16 04:47:30 3,578,880 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18157_none_131406ec224bb559\mshtml.dll
+ 2008-10-16 04:38:25 3,579,392 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22288_none_137e343d3b80c24d\mshtml.dll
+ 2008-10-16 04:40:34 63,488 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-infocard_31bf3856ad364e35_6.0.6000.16764_none_587864466744805d\icardie.dll
+ 2008-10-16 04:20:23 63,488 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-infocard_31bf3856ad364e35_6.0.6000.20937_none_5925739980471580\icardie.dll
+ 2008-10-16 04:40:06 26,624 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16764_none_2d3ee4e91d04fa01\ieUnatt.exe
+ 2008-10-16 04:42:58 634,024 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16764_none_2d3ee4e91d04fa01\iexplore.exe
+ 2008-10-16 02:13:16 26,624 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20937_none_2debf43c36078f24\ieUnatt.exe
+ 2008-10-16 04:27:53 634,024 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20937_none_2debf43c36078f24\iexplore.exe
+ 2008-10-16 04:40:34 267,776 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6000.16764_none_45808f398f8aa97b\iertutil.dll
+ 2008-10-16 04:40:37 134,144 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6000.16764_none_45808f398f8aa97b\sqmapi.dll
+ 2008-10-16 04:20:24 267,776 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6000.20937_none_462d9e8ca88d3e9e\iertutil.dll
+ 2008-10-16 04:23:41 134,144 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6000.20937_none_462d9e8ca88d3e9e\sqmapi.dll
+ 2008-10-16 04:47:29 270,336 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6001.18157_none_47749ea98ca66a80\iertutil.dll
+ 2008-01-19 07:36:35 129,536 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6001.18157_none_47749ea98ca66a80\sqmapi.dll
+ 2008-10-16 04:38:24 270,848 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6001.22288_none_47decbfaa5db7774\iertutil.dll
+ 2008-10-16 04:38:27 129,536 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6001.22288_none_47decbfaa5db7774\sqmapi.dll
+ 2008-10-16 04:40:06 70,656 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16764_none_c3ad9a04617fc2a6\ie4uinit.exe
+ 2008-10-16 04:40:34 44,544 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16764_none_c3ad9a04617fc2a6\iernonce.dll
+ 2008-10-16 04:40:34 56,320 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16764_none_c3ad9a04617fc2a6\iesetup.dll
+ 2008-10-16 02:13:06 70,656 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.20937_none_c45aa9577a8257c9\ie4uinit.exe
+ 2008-10-16 04:20:24 44,544 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.20937_none_c45aa9577a8257c9\iernonce.dll
+ 2008-10-16 04:20:24 56,320 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.20937_none_c45aa9577a8257c9\iesetup.dll
+ 2008-10-16 04:40:34 52,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6000.16764_none_29d2b074682f9803\iebrshim.dll
+ 2008-11-01 03:33:49 52,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6000.16772_none_29c5dff468398146\iebrshim.dll
+ 2008-10-16 04:20:23 52,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6000.20937_none_2a7fbfc781322d26\iebrshim.dll
+ 2008-11-01 03:25:13 52,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6000.20949_none_2a76f06f81387bc5\iebrshim.dll
+ 2008-11-01 03:44:36 52,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6001.18165_none_2bb9ef646555424b\iebrshim.dll
+ 2008-10-31 03:35:06 52,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6001.22299_none_2c271d937e879b44\iebrshim.dll
+ 2008-10-16 04:40:34 6,066,176 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.16764_none_627f517fb1258281\ieframe.dll
+ 2008-10-16 04:40:34 180,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.16764_none_627f517fb1258281\ieui.dll
+ 2008-10-16 04:20:24 6,068,224 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.20937_none_632c60d2ca2817a4\ieframe.dll
+ 2008-10-16 04:20:24 180,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.20937_none_632c60d2ca2817a4\ieui.dll
+ 2008-10-16 04:47:29 6,068,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.18157_none_647360efae414386\ieframe.dll
+ 2008-01-19 07:34:31 180,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.18157_none_647360efae414386\ieui.dll
+ 2008-10-16 04:38:24 6,069,760 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.22288_none_64dd8e40c776507a\ieframe.dll
+ 2008-10-16 04:38:24 180,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.22288_none_64dd8e40c776507a\ieui.dll
+ 2008-10-16 04:40:06 263,168 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieinstal_31bf3856ad364e35_6.0.6000.16764_none_e678bdfe94a8d6b9\ieinstal.exe
+ 2008-10-16 02:13:30 263,168 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieinstal_31bf3856ad364e35_6.0.6000.20937_none_e725cd51adab6bdc\ieinstal.exe
+ 2008-10-16 04:40:06 301,568 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieuser_31bf3856ad364e35_6.0.6000.16764_none_0b20f31ad723966b\ieuser.exe
+ 2008-10-16 02:13:32 301,568 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieuser_31bf3856ad364e35_6.0.6000.20937_none_0bce026df0262b8e\ieuser.exe
+ 2008-06-23 01:52:48 2,855,424 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6000.16708_none_9a80f4cc0f93e171\mf.dll
+ 2008-06-22 22:34:28 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6000.16708_none_9a80f4cc0f93e171\mferror.dll
+ 2008-06-23 01:52:18 24,576 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6000.16708_none_9a80f4cc0f93e171\mfpmp.exe
+ 2008-06-23 01:52:48 98,816 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6000.16708_none_9a80f4cc0f93e171\mfps.dll
+ 2008-06-23 01:52:29 52,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6000.16708_none_9a80f4cc0f93e171\rrinstaller.exe
+ 2008-06-23 01:45:58 2,855,424 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6000.20864_none_9ac5b0e728e5c385\mf.dll
+ 2008-06-22 22:30:28 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6000.20864_none_9ac5b0e728e5c385\mferror.dll
+ 2008-06-22 23:56:54 24,576 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6000.20864_none_9ac5b0e728e5c385\mfpmp.exe
+ 2008-06-23 01:46:00 98,816 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6000.20864_none_9ac5b0e728e5c385\mfps.dll
+ 2008-06-22 23:56:20 52,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6000.20864_none_9ac5b0e728e5c385\rrinstaller.exe
+ 2008-06-23 01:59:25 2,868,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6001.18096_none_9c03e1ac0d053e06\mf.dll
+ 2006-11-02 12:35:51 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6001.18096_none_9c03e1ac0d053e06\mferror.dll
+ 2008-01-19 07:33:15 24,576 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6001.18096_none_9c03e1ac0d053e06\mfpmp.exe
+ 2008-01-19 07:34:45 98,816 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6001.18096_none_9c03e1ac0d053e06\mfps.dll
+ 2008-01-19 07:33:25 53,248 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6001.18096_none_9c03e1ac0d053e06\rrinstaller.exe
+ 2008-06-23 01:41:40 2,868,224 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6001.22208_none_9cf0d03d25d8122c\mf.dll
+ 2008-06-23 00:00:57 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6001.22208_none_9cf0d03d25d8122c\mferror.dll
+ 2008-06-23 00:01:07 24,576 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6001.22208_none_9cf0d03d25d8122c\mfpmp.exe
+ 2008-06-23 01:39:32 98,816 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6001.22208_none_9cf0d03d25d8122c\mfps.dll
+ 2008-06-23 00:00:33 53,248 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6001.22208_none_9cf0d03d25d8122c\rrinstaller.exe
+ 2008-06-23 01:52:15 94,720 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-logagent_31bf3856ad364e35_6.0.6000.16708_none_e96251c7c4db0f0d\logagent.exe
+ 2008-06-22 23:58:14 94,720 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-logagent_31bf3856ad364e35_6.0.6000.20864_none_e9a70de2de2cf121\logagent.exe
+ 2008-06-23 01:58:43 94,720 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-logagent_31bf3856ad364e35_6.0.6001.18096_none_eae53ea7c24c6ba2\logagent.exe
+ 2008-06-23 00:02:10 94,720 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-logagent_31bf3856ad364e35_6.0.6001.22208_none_ebd22d38db1f3fc8\logagent.exe
+ 2008-06-23 01:52:51 996,352 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-wmnetmgr_31bf3856ad364e35_6.0.6000.16708_none_4567bba6c17416fd\WMNetMgr.dll
+ 2008-06-23 01:49:03 996,352 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-wmnetmgr_31bf3856ad364e35_6.0.6000.20864_none_45ac77c1dac5f911\WMNetMgr.dll
+ 2008-06-23 01:59:26 996,352 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-wmnetmgr_31bf3856ad364e35_6.0.6001.18096_none_46eaa886bee57392\WMNetMgr.dll
+ 2008-06-23 01:42:23 996,864 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-wmnetmgr_31bf3856ad364e35_6.0.6001.22208_none_47d79717d7b847b8\WMNetMgr.dll
+ 2008-06-23 01:52:51 2,433,536 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-wmvcore_31bf3856ad364e35_6.0.6000.16708_none_0554495dd8a9b82d\WMVCORE.DLL
+ 2008-06-23 01:49:11 2,436,096 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-wmvcore_31bf3856ad364e35_6.0.6000.20864_none_05990578f1fb9a41\WMVCORE.DLL
+ 2008-06-23 01:59:25 2,386,944 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-wmvcore_31bf3856ad364e35_6.0.6001.18096_none_06d7363dd61b14c2\WMVCORE.DLL
+ 2008-06-23 01:41:43 2,386,944 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-wmvcore_31bf3856ad364e35_6.0.6001.22208_none_07c424ceeeede8e8\WMVCORE.DLL
+ 2008-11-11 23:21:19 2,410,800 ----a-w c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.16776_none_f05c2fac6e871afe\OESpamFilter.dat
+ 2008-11-11 23:22:42 2,410,800 ----a-w c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.20954_none_f0f96da187964d5f\OESpamFilter.dat
+ 2008-11-11 23:23:20 2,410,800 ----a-w c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.18169_none_f2503f1c6ba2dc03\OESpamFilter.dat
+ 2008-11-11 23:23:01 2,410,800 ----a-w c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.22307_none_f318bcc184919ea0\OESpamFilter.dat
+ 2008-11-06 12:57:06 11,315,712 ----a-w c:\windows\winsxs\x86_microsoft-windows-shell32_31bf3856ad364e35_6.0.6000.16774_none_69fb3fd2150a82e8\shell32.dll
+ 2008-11-06 12:59:14 11,320,832 ----a-w c:\windows\winsxs\x86_microsoft-windows-shell32_31bf3856ad364e35_6.0.6000.20951_none_6a977d7d2e1a9bf2\shell32.dll
+ 2008-11-06 13:14:25 11,580,928 ----a-w c:\windows\winsxs\x86_microsoft-windows-shell32_31bf3856ad364e35_6.0.6001.18167_none_6bef4f42122643ed\shell32.dll
+ 2008-11-06 12:59:27 11,582,976 ----a-w c:\windows\winsxs\x86_microsoft-windows-shell32_31bf3856ad364e35_6.0.6001.22303_none_6cb5cc532b16d3dc\shell32.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SHIM LINK FREE BALL"="c:\programdata\Dumb Settings Rect.s9sid" [X]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [01/19/2008 10:33 AM 202240]
"SuperAdBlocker"="c:\program files\SuperAdBlocker.com\Super Ad Blocker\SAdBlock.exe" [08/01/2007 09:28 AM 1564672]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [01/19/2008 10:33 AM 1233920]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [10/18/2007 01:34 PM 5724184]
"Free Download Manager"="c:\program files\Free Download Manager\fdm.exe" [01/22/2008 06:13 PM 2449455]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [01/19/2008 10:33 AM 125952]
"CollaborationHost"="c:\windows\system32\p2phost.exe" [01/19/2008 10:33 AM 192000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [07/29/2008 08:20 PM 206088]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [04/24/2007 04:11 AM 176128]
"NvSvc"="c:\windows\system32\nvsvc.dll" [04/29/2007 01:05 PM 86016]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [04/29/2007 01:05 PM 81920]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [04/29/2007 01:05 PM 8429568]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [02/12/2007 05:37 PM 174872]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [02/17/2005 09:11 AM 49152]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [03/12/2007 09:54 PM 50696]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [08/24/2007 10:00 AM 33648]
"CognizanceTS"="c:\progra~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll" [12/22/2003 09:12 PM 17920]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [03/11/2007 02:21 PM 159744]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [11/10/2008 05:43 AM 136600]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [12/13/2008 06:11 PM 185872]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [11/08/2006 03:39 AM 44128]
c:\users\vista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-07 101440]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-03-30 113664]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000D7}"= "c:\program files\SuperAdBlocker.com\Super Ad Blocker\SABSEHB.DLL" [11/07/2006 12:58 PM 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SABWinLogon]
08/01/2007 09:28 AM 176128 c:\program files\SuperAdBlocker.com\Super Ad Blocker\SABWINLO.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=APSHook.dll,c:\progra~1\KASPER~1\KASPER~1\mzvkbd.dll,c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll,c:\progra~1\KASPER~1\KASPER~1\adialhk.dll,c:\progra~1\KASPER~1\KASPER~1\kloehk.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= msaud32_divx.acm
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli ASWLNPkg
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{D5A969EC-ECAD-402D-A777-6C0B51693530}"= c:\program files\HP\QuickPlay\QP.exe:Quick Play
"{86C6D85B-AE63-439D-B771-7987EAD45E84}"= c:\program files\HP\QuickPlay\QPService.exe:Quick Play Resident Program
"{A433D666-3D70-4224-801A-3CB323931ECB}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{B7F1F92E-6F4A-4300-8F36-0DEE8646DE0C}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{66DA871A-1825-46DF-B5AE-BBF316E688AB}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{739916D0-28B1-4449-9F14-5FB49CA2C035}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{BDDB942F-C678-4A0E-B8D0-5F9129C9ADCC}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"TCP Query User{A872F064-1545-4A4C-8440-3C12883FF535}c:\\program files\\real\\realplayer\\realplay.exe"= UDP:c:\program files\real\realplayer\realplay.exe:RealPlayer
"UDP Query User{11CEC53D-BDA7-4E69-9B3F-8F8A2923BC89}c:\\program files\\real\\realplayer\\realplay.exe"= TCP:c:\program files\real\realplayer\realplay.exe:RealPlayer
"{CD339C31-4DB4-4DDC-BEAC-C15926912220}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{AFDF178E-7831-4260-921D-435F8BD015FB}c:\\users\\vista\\appdata\\local\\temp\\temp1_sopcast3.0.3_by_sultan.zip\\sopcast3.0.3 by (sultan)\\sopcast3.0.3 by (sultan).exe"= UDP:c:\users\vista\appdata\local\temp\temp1_sopcast3.0.3_by_sultan.zip\sopcast3.0.3 by (sultan)\sopcast3.0.3 by (sultan).exe:sopcast3.0.3 by (sultan).exe
"UDP Query User{628529C0-FD21-41B1-8734-9B320A17D7BE}c:\\users\\vista\\appdata\\local\\temp\\temp1_sopcast3.0.3_by_sultan.zip\\sopcast3.0.3 by (sultan)\\sopcast3.0.3 by (sultan).exe"= TCP:c:\users\vista\appdata\local\temp\temp1_sopcast3.0.3_by_sultan.zip\sopcast3.0.3 by (sultan)\sopcast3.0.3 by (sultan).exe:sopcast3.0.3 by (sultan).exe
"TCP Query User{94F58C1C-A5F2-409B-80BA-2172156C2491}c:\\users\\vista\\sopcast3.0.3_by_sultan\\sopcast3.0.3 by (sultan)\\sopcast3.0.3 by (sultan).exe"= UDP:c:\users\vista\sopcast3.0.3_by_sultan\sopcast3.0.3 by (sultan)\sopcast3.0.3 by (sultan).exe:sopcast3.0.3 by (sultan).exe
"UDP Query User{CB4A96DC-CA0F-4B10-925D-5056996283BB}c:\\users\\vista\\sopcast3.0.3_by_sultan\\sopcast3.0.3 by (sultan)\\sopcast3.0.3 by (sultan).exe"= TCP:c:\users\vista\sopcast3.0.3_by_sultan\sopcast3.0.3 by (sultan)\sopcast3.0.3 by (sultan).exe:sopcast3.0.3 by (sultan).exe
"TCP Query User{3C1296B6-A027-4F2B-960D-387656AE0D68}c:\\users\\vista\\appdata\\roaming\\thinstall\\sopcast 3.0.3\\4000008d00003i\\sopadver.exe"= UDP:c:\users\vista\appdata\roaming\thinstall\sopcast 3.0.3\4000008d00003i\sopadver.exe:sopadver.exe
"UDP Query User{3CBC8C98-416B-4924-BC94-4FB63DBC4866}c:\\users\\vista\\appdata\\roaming\\thinstall\\sopcast 3.0.3\\4000008d00003i\\sopadver.exe"= TCP:c:\users\vista\appdata\roaming\thinstall\sopcast 3.0.3\4000008d00003i\sopadver.exe:sopadver.exe
"TCP Query User{0B75A09D-9B47-4303-B9C5-F60B30AAB04C}c:\\program files\\freewire\\freewire television\\freewire television.exe"= UDP:c:\program files\freewire\freewire television\freewire television.exe:Freewire Television
"UDP Query User{AC1C2F7C-5E66-4052-B3F2-664AB27B0274}c:\\program files\\freewire\\freewire television\\freewire television.exe"= TCP:c:\program files\freewire\freewire television\freewire television.exe:Freewire Television
"TCP Query User{368265B2-CC1A-4256-95A2-E95F9F231691}c:\\programdata\\kaspersky lab setup files\\kaspersky internet security 7.0.1.323\\english\\setup.exe"= UDP:c:\programdata\kaspersky lab setup files\kaspersky internet security 7.0.1.323\english\setup.exe:Kaspersky Internet Security 7.0 Setup
"UDP Query User{59860ECC-918A-4010-9257-3FD2011D8431}c:\\programdata\\kaspersky lab setup files\\kaspersky internet security 7.0.1.323\\english\\setup.exe"= TCP:c:\programdata\kaspersky lab setup files\kaspersky internet security 7.0.1.323\english\setup.exe:Kaspersky Internet Security 7.0 Setup
"TCP Query User{470D0D25-DFC8-4B48-817A-BD6BB306DBCF}c:\\kav\\kis7.0\\english\\setup.exe"= UDP:c:\kav\kis7.0\english\setup.exe:Kaspersky Internet Security 7.0 Setup
"UDP Query User{4BEF2169-DB57-4668-AFEF-297F81AF336D}c:\\kav\\kis7.0\\english\\setup.exe"= TCP:c:\kav\kis7.0\english\setup.exe:Kaspersky Internet Security 7.0 Setup
"{04942329-A7CC-452F-95FD-60CEDB71025F}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{5BBB2607-89FF-4F2A-BAFF-4D34BFFA9A7C}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{39532FBB-670A-47DC-B614-FAC20583EECA}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{8EBE95B6-D141-4BAD-BF2A-DB50A17BDBAC}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{09B7E45E-0E76-4168-A0B1-79B6DA97FBA5}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"{F498E84B-F658-41A4-AE8B-E06DB02A98CD}"= UDP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{740DAC1C-4F0D-4E54-B831-45282BF05B0A}"= TCP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{E3815044-73E5-4B75-8CAD-BDCA5DB005B0}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{654FF5CC-E9C7-41FE-8DCF-C469B00E3D4C}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-01-29 32784]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2008-07-09 20496]
R1 SABDIFSV;SABDIFSV;\??\c:\program files\SuperAdBlocker.com\Super Ad Blocker\SABDIFSV.SYS [2005-09-21 5632]
R1 SABKUTIL;SABKUTIL;\??\c:\program files\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.sys [2007-02-20 32256]
R2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe -k Cognizance [2008-06-13 21504]
R2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [2008-06-13 21504]
R2 Vcs;Vcs support;\??\c:\windows\system32\Drivers\Vcs.sys [2008-06-13 6852]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\DRIVERS\klfltdev.sys [2008-03-13 26640]
S3 RkHit;RkHit;\??\c:\windows\system32\drivers\RKHit.sys [2008-11-05 28672]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
Cognizance REG_MULTI_SZ ASBroker ASChannel
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{28ac62b7-1bf4-11dd-a526-001e3704093f}]
\shell\Auto\command - F:\setup.exe
\shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b80cb2bb-b87f-11dd-bb74-001e3704093f}]
\shell\explore\command - G:\explorer.exe
\shell\open\Command - G:\explorer.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{df5665a0-e02f-11dc-8135-001e3704093f}]
\shell\AutoRun\command - RavMon.exe
\shell\explore\Command - RavMon.exe -e
\shell\open\Command - RavMon.exe
.
s of the 'Scheduled Tasks' folder
2008-12-17 c:\windows\Tasks\User_Feed_Synchronization-{0D7898AA-F694-4F61-9E2F-FCE0D3DC7C2E}.job
- c:\windows\system32\msfeedssync.exe [01/19/2008 10:33 AM]
.
- - - - ORPHANS REMOVED - - - -
HKLM-Run-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe

.
------- Supplementary Scan -------
.
uLocal Page = \blank.htm
uStart Page = hxxp://www.googel.com/
mStart Page = hxxp://home.sweetim.com
IE: "إضافة إلى حاجب الدعايات" - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
IE: Free Download Manager تحميل الفيديو بواسطة -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

files\Free Download Manager\dlfvideo.htm
IE: تحميل المحددة بفري داونلود مانيجر -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

files\Free Download Manager\dlselected.htm
IE: تنزيل الكل بفري داونلود مانيجر -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

files\Free Download Manager\dlall.htm
IE: تنزيل بفري داونلود مانيجر -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

files\Free Download Manager\dllink.htm
c:\windows\Downloaded Program Files\InstallerControl.dll - O16 -: CabBuilder
hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
c:\windows\Downloaded Program Files\OSDC5.OSD
O16 -: Microsoft XML Parser for Java -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd
c:\windows\System32\msvcrt.dll - c:\windows\System32\mfc42.dll
c:\windows\System32\olepro32.dll
c:\windows\Downloaded Program Files\imcv1.dll
O16 -: {6924091F-CD97-41E1-B1D4-D9079409D413}
hxxp://66.186.63.170/talk.cab
c:\windows\Downloaded Program Files\talk.inf
c:\windows\Downloaded Program Files\ReadUid.ocx - O16 -: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA}
hxxp://66.186.63.170/ReadUid.CAB
c:\windows\Downloaded Program Files\ReadUid.INF
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2008-12-17 14:06:12
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'lsass.exe'(696)
c:\program files\Bioscrypt\VeriSoft\bin\ASWLNPkg.dll
c:\program files\Bioscrypt\VeriSoft\bin\ItMsg.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\audiodg.exe
c:\program files\SuperAdBlocker.com\Super Ad Blocker\SABSVC.EXE
c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe
c:\program files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\System32\drivers\XAudio.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\windows\System32\conime.exe
c:\windows\System32\rundll32.exe
c:\windows\System32\wbem\unsecapp.exe
c:\windows\System32\rundll32.exe
c:\program files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Apoint2K\ApMsgFwd.exe
c:\program files\Apoint2K\ApntEx.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Completion time: 12/17/2008 14:13:19 - machine was rebooted
ComboFix-quarantined-files.txt 2008-12-17 11:13:08
ComboFix2.txt 2008-11-26 22:21:45
ComboFix3.txt 2008-11-26 12:06:05
Pre-Run: 98,298,249,216 bytes free
Post-Run: 98,141,138,944 bytes free
587 --- E O F --- 2008-12-13 03:45:11

 

[هاوي النت]

احذف القيم هذي وهات تقرير هايجاك جديد​

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm​

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)​

O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe​

O4 - HKCU\..\Run: [SHIM LINK FREE BALL] "C:\ProgramData\Dumb Settings Rect.s9sid"​

O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s​

O16 - DPF: CabBuilder -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} (ReadUid.UserControlMacEntry) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe​

طريقة الحذف ​

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

​

استخدم هذه الاداة للتنظيف​

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

 

[عاشق الاحلام]

هذي مارضيت تنحذف

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe​

O16 - DPF: CabBuilder -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} (ReadUid.UserControlMacEntry) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe​

 

[عاشق الاحلام]

وهذا التقرير
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:22, on 2008-12-17
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Windows\system32\conime.exe
C:\Users\vista\Desktop\اذاعه\Zyzoom_HijackThis.exe
C:\Windows\system32\DllHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: SuperAdBlockerBHO Class - {00000000-6C30-11D8-9363-000AE6309654} - C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\SABBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: FDMIEsBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: VeriSoft Access Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll
O3 - Toolbar: Super Ad Blocker Toolbar - {B4B3001E-0F56-4E51-8250-BDE11547EC55} - C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\sabtb.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: "إضافة إلى حاجب الدعايات" - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: Free Download Manager تحميل الفيديو بواسطة -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: تحميل المحددة بفري داونلود مانيجر -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: تنزيل الكل بفري داونلود مانيجر -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: تنزيل بفري داونلود مانيجر -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Files\Free Download Manager\dllink.htm
O9 - Extra button: احصائيات حماية حركة مرور الشبكة - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: CabBuilder -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} (ReadUid.UserControlMacEntry) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash ) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: APSHook.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O20 - Winlogon Notify: !SABWinLogon - C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\SABWINLO.DLL
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Super Ad Blocker Service (SABSVC) - SuperAdBlocker.com - C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\SABSVC.EXE
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 9494 bytes

 

[المانسي]

حدد التالي ثم احذفهها

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O16 - DPF: CabBuilder -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} (ReadUid.UserControlMacEntry) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

طريقة الحذف ​

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

ثم توجه الى اضافة وازالة البرامج في لوحة التحكم واحذف اي تولبار لديك

ثم

استخدم هذه الاداة للتنظيف​

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

ثم ادخل ابدأ ثم بحث وانسخ التالي :
msconfig
اختر بدء التشغيل وعطل جميع البرامج ما عدا برنامج كاسبر
ثم اعد التشغيل

بالتوفيق​

 

[gaberbkr]

قم بتعطيل القيمة التالية
O3 - Toolbar: Super Ad Blocker Toolbar - {B4B3001E-0F56-4E51-8250-BDE11547EC55} - C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\sabtb.dll

ـــــــــــــــــــــــــــــــــــــــــــ
ثم البدء Start
- اكتب في خانة التشغيل Run الأمر التالي : msconfig
- سوف تظهر لك نافذة System Configuration Utility
- اختار من هذه النافذة من أعلى قسم Start up
- ستظهر لك شاشة تعرض البرامج التي تبدأ العمل مباشرة مع بدء تشغيل الجهاز .
قم بأذالة علامة الصح من أمامها جميعاً
ثم وافق على ذلك
ـــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــ
حمل هذه الأداة الصغيرة
وضعها فى إى مكان عندك
قم بالضغط عليها وأتركها تعمل
من هنا

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

​

 

[عاشق الاحلام]

اخووووي مو انحذفت اول تطلع هذي الرساله قبل البحث​

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

وبعد البحث هذي الرساله​

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

 

[KoNaMi]

حياك قلبي استخدم هذة الاداة

استخدم هذة الاداة

استخدم اداة دكتور ويب

فحص وتنظيف وهي بدون تثبيت ومحدث بتاريخ اليوم

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

بعد ماتخلص فحص اديني تقرير جديد
​

 

[عاشق الاحلام]

اخووووووووووي يعطيك الف عااااااااااااااااااااااافيه
بس الموقع مو راضي يفتح معي

 

[KoNaMi]

جاري رفعها على موقع ثاتي
​

 

[عاشق الاحلام]

حمود منتظرينك

 

[عاشق الاحلام]

ياهووووووووووو
وين الناااااااس

 

[gaberbkr]

اخووووووووووي يعطيك الف عااااااااااااااااااااااافيه
بس الموقع مو راضي يفتح معي

هل هذا الموقع يفتح معك لقد قمت بتحميلها ومن ثم رفعها مخصوص

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

 

[عاشق الاحلام]

هل هذا الموقع يفتح معك لقد قمت بتحميلها ومن ثم رفعها مخصوص​

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[/url]

يعطيك العااااااافيه اخوووووووووي بس ماانمسحت

o2 - bho: (no name) - {7e853d72-626a-48ec-a868-ba8d5e23e045} - (no file)​

o16 - dpf: Cabbuilder -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

o16 - dpf: {b7fdb0c3-4724-46d2-b8db-6fa1dc63f7ca} (readuid.usercontrolmacentry) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

 

[عاشق الاحلام]

يعني مااااااااااافيه حل

 

[gaberbkr]

من كنترول بانل أضافة وإذالة البرامج أحذف
Super Ad Blocker Toolbar
ــــــــــــــــــــــــــــــــــــ
من Run
أكتب msconfig
آختار Start up
أذل العلامة من أمام الجميع ثم وافق على ذلك
أعد تشغيل الجهاز مرة آخرى
ــــــــــــــــــــــــــــــــــــــــ
ثم أحضر تقرير جديد للهايجاك