جهازي يعلق ولا عاد أستطيع التحكم بأي شي

ط

طآغي النظرهـ

زيزوومى محترف
إنضم
2 ديسمبر 2008
المشاركات
2,329
مستوى التفاعل
339
النقاط
770
الإقامة
Hotmail Company
غير متصل
ـــألســـلآم عليكم ورحمة ــآلله وبركـــآآآآآآآآته​
* يا أخواني الله يعطيكم العافيه .. أنا فتحت سيرفر حق برنامج ومن بعدها الجهااااز صار يعلللق وصار يطلع لي رساله تقول فيها [ لايستطيع الويندوز العثور على الملف و و و و ... الخ ]

هذ1 التقرير الاول ولحظات وانزل تقرير الهايجك
ـــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــ

******** 08-12-16.03 - طاغي 12/26/2008 18:13:48.5 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1256.1.1025.18.735.407 [GMT 3:00]
Running from: d:\documents and settings\طاغي\سطح المكتب\برامج الحمايه\********.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
- REDUCED FUNCTIONALITY MODE -
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
d:\windows\crss.exe
d:\windows\ktd32.atm
d:\windows\system32\tmp.reg
.
---- Previous Run -------
.
d:\windows\system32\tmp.reg
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_npf

((((((((((((((((((((((((( Files Created from 2008-11-26 to 2008-12-26 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-26 15:10 --------- d-----w d:\documents and settings\All Users\Application Data\Kaspersky Lab
2008-12-26 14:44 18,031,136 --sha-w d:\windows\system32\drivers\fidbox.dat
2008-12-26 14:38 824,352 --sha-w d:\windows\system32\drivers\fidbox2.dat
2008-12-26 04:35 --------- d-----w d:\program files\Windows Media Connect 2
2008-12-25 13:02 79,196 --sha-w d:\windows\system32\drivers\fidbox2.idx
2008-12-25 13:02 245,960 --sha-w d:\windows\system32\drivers\fidbox.idx
2008-12-25 11:14 7,168 ----a-w d:\windows\icq.dll
2008-12-25 11:14 3,584 ----a-w d:\windows\iss32.exe
2008-12-25 11:14 17,408 ----a-w d:\windows\mps.exe
2008-12-25 11:14 14,336 ----a-w d:\windows\fps.exe
2008-12-25 02:34 --------- d-----w d:\program files\mpegable
2008-12-20 17:59 --------- d--h--w d:\program files\InstallShield Installation Information
2008-12-20 17:01 --------- d-----w d:\program files\Safety-lab
2008-12-20 15:31 --------- d-----w d:\documents and settings\All Users\Application Data\GlobalSCAPE
2008-12-20 13:51 --------- d-----w d:\program files\VisualRoute Lite Edition
2008-12-19 22:13 --------- d-----w d:\documents and settings\طاغي\Application Data\cleaner
2008-12-19 21:54 --------- d-----w d:\documents and settings\طاغي\Application Data\BodyWipeNoun
2008-12-19 19:12 --------- d-----w d:\program files\Apollo 3GP Video Converter
2008-12-19 18:56 47,104 ------w d:\windows\AKDeInstall.exe
2008-12-19 11:42 20,253,946 ----a-w d:\windows\Internet Logs\vsmon_on_demand_2008_12_18_23_43_56_full.dmp.zip
2008-12-19 01:29 --------- d-----w d:\program files\Munga Bunga's HTTP Brute Forcer
2008-12-18 18:39 --------- d-----w d:\program files\DietMP3
2008-12-18 16:02 7,389,985 ----a-w d:\windows\Internet Logs\vsmon_on_demand_2008_12_18_18_29_09_full.dmp.zip
2008-12-17 17:34 2,712,576 ----a-w d:\windows\Internet Logs\xDB1.tmp
2008-12-15 17:49 --------- d-----w d:\program files\Hotspot_Shield
2008-12-15 17:49 --------- d-----w d:\program files\Conduit
2008-12-15 00:28 --------- d-----w d:\program files\Hotspot Shield
2008-12-11 06:30 --------- d-----w d:\documents and settings\طاغي\Application Data\CyberScrub
2008-12-11 00:08 --------- d-----w d:\program files\Golden Al-Wafi Translator
2008-12-10 14:47 --------- d-----w d:\documents and settings\All Users\Application Data\Microsoft Help
2008-12-09 22:40 --------- d-----w d:\program files\Vuze
2008-12-09 20:51 --------- d-----w d:\documents and settings\طاغي\Application Data\Azureus
2008-12-09 12:21 --------- d-----w d:\documents and settings\All Users\Application Data\Apple Computer
2008-12-09 12:13 81,920 ----a-w d:\documents and settings\طاغي\Application Data\ezpinst.exe
2008-12-09 12:13 47,360 ----a-w d:\windows\system32\drivers\pcouffin.sys
2008-12-09 12:13 47,360 ----a-w d:\documents and settings\طاغي\Application Data\pcouffin.sys
2008-12-09 12:13 --------- d-----w d:\documents and settings\طاغي\Application Data\Vso
2008-12-09 11:22 --------- d-----w d:\program files\FLV to AVI MPEG WMV 3GP MP4 iPod Converter
2008-12-07 18:57 --------- d-----w d:\program files\Zone Labs
2008-12-05 23:51 --------- d-----w d:\program files\PC Tools Internet Security
2008-12-05 23:47 --------- d-----w d:\program files\Common Files\PC Tools
2008-12-05 23:47 --------- d-----w d:\documents and settings\All Users\Application Data\PC Tools
2008-12-05 23:46 --------- d---a-w d:\documents and settings\All Users\Application Data\TEMP
2008-12-05 23:44 --------- d-----w d:\program files\Browser Defender
2008-12-05 21:30 --------- d-----w d:\documents and settings\طاغي\Application Data\PCToolsSpamMonitorPlus
2008-12-05 21:30 --------- d-----w d:\documents and settings\طاغي\Application Data\PCToolsFirewallPlus
2008-12-05 18:20 --------- d-----w d:\program files\Common Files\InstallShield
2008-12-05 17:52 757,760 ----a-w d:\windows\system32\SkinCrafter.dll
2008-12-05 16:08 --------- d-----w d:\program files\Circle Developement
2008-12-05 15:03 --------- d-----w d:\documents and settings\All Users\Application Data\Azureus
2008-12-04 23:08 --------- d-----w d:\documents and settings\All Users\Application Data\Messenger Plus!
2008-12-04 23:05 --------- d-----w d:\program files\Windows Live
2008-12-04 23:04 --------- d-----w d:\documents and settings\All Users\Application Data\WLInstaller
2008-12-04 21:56 --------- d-----w d:\documents and settings\All Users\Application Data\STORE LESS JUGS SURF
2008-12-04 21:36 --------- d-----w d:\program files\BodyWipeNoun
2008-12-04 21:35 --------- d-----w d:\program files\Messenger Plus! Live
2008-12-04 19:33 --------- d-----w d:\program files\MSECACHE
2008-12-04 18:45 --------- d-----w d:\documents and settings\طاغي\Application Data\ADPHONE
2008-12-04 09:28 --------- d-----w d:\program files\MSN Messenger
2008-12-04 09:22 --------- d-----w d:\program files\Microsoft Office Outlook Connector
2008-12-04 09:09 --------- d-----w d:\program files\Windows Live Toolbar
2008-12-04 09:06 --------- d-----w d:\program files\Microsoft
2008-12-04 08:03 --------- d-----w d:\program files\Windows Installer Clean Up
2008-12-04 08:03 --------- d-----w d:\program files\Common Files\Windows Live
2008-12-04 07:29 410,976 ----a-w d:\windows\system32\deploytk.dll
2008-12-04 07:29 --------- d-----w d:\program files\Java
2008-12-04 07:01 --------- d-----w d:\program files\Yahoo!
2008-12-04 07:01 --------- d-----w d:\program files\CCleaner
2008-12-03 16:22 --------- d-----w d:\program files\IDA
2008-12-03 05:19 --------- d-----w d:\documents and settings\طاغي\Application Data\Internet Download Accelerator
2008-12-03 02:34 --------- d-----w d:\documents and settings\طاغي\Application Data\Media Player Classic
2008-12-03 02:30 2,223,653 ----a-w D:\mpc2kxp6490.zip
2008-12-02 19:50 --------- d-----w d:\program files\Common Files\Adobe
2008-12-02 18:31 75,921,920 ----a-w D:\ps55try.exe
2008-12-02 17:29 827,382 ----a-w D:\Trojan_u.zip
2008-12-02 17:14 985,989 ----a-w D:\MovieGear4.exe
2008-12-02 16:39 --------- d-----w d:\documents and settings\طاغي\Application Data\CursorArts
2008-12-02 16:36 6,766,448 ----a-w D:\imf_pro.exe
2008-12-02 14:16 40,073 ----a-w D:\patcher.zip
2008-12-02 14:09 --------- d-----w d:\program files\SWiSHmax
2008-12-02 14:05 9,783,685 ----a-w D:\SetupSwishmax_20050505.exe
2008-12-01 14:09 357,973 ----a-w D:\شطرنج.zip
2008-12-01 13:03 0 ---ha-w d:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-12-01 13:03 0 ---ha-w d:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-12-01 12:33 499,712 ----a-w d:\windows\system32\msvcp71.dll
2008-12-01 12:33 348,160 ----a-w d:\windows\system32\msvcr71.dll
2008-12-01 12:33 --------- d-----w d:\program files\Common Files\xing shared
2008-12-01 12:33 --------- d-----w d:\program files\Common Files\Real
2008-12-01 11:59 8,552 ----a-w d:\windows\system32\drivers\asctrm.sys
2008-12-01 11:59 --------- d-----w d:\program files\Real
2008-12-01 11:59 --------- d-----w d:\program files\aod
2008-11-30 16:28 --------- d-----w d:\documents and settings\طاغي\Application Data\HiYo
2008-11-30 00:41 --------- d-----w d:\program files\CEDP Stealer 6.0 for Messenger
2008-11-29 23:55 --------- d-----w d:\documents and settings\All Users\Application Data\iolo
2008-11-29 23:53 --------- d-----w d:\documents and settings\طاغي\Application Data\iolo
2008-11-29 21:19 --------- d-----w d:\program files\Microsoft SQL Server Compact Edition
2008-11-29 19:56 --------- dcsh--w d:\program files\Common Files\WindowsLiveInstaller
2008-11-23 15:13 --------- d-----w d:\documents and settings\All Users\Application Data\Bluetooth
2008-11-23 05:49 102,400 ----a-w d:\windows\system32\STemp_01.exe
2008-11-19 22:54 --------- d-----w d:\documents and settings\طاغي\Application Data\AntiSpywareGuard
2006-10-11 08:04 61,036 ----a-w d:\program files\mozilla firefox\components\jar50.dll
2006-10-11 08:04 48,742 ----a-w d:\program files\mozilla firefox\components\jsd3250.dll
2006-10-11 08:05 29,313 ----a-w d:\program files\mozilla firefox\components\myspell.dll
2006-10-11 08:05 41,082 ----a-w d:\program files\mozilla firefox\components\spellchk.dll
2006-10-11 08:04 166,510 ----a-w d:\program files\mozilla firefox\components\xpinstal.dll
.
((((((((((((((((((((((((((((( snapshot_Wed 12-24-2008_12.41.37.50 )))))))))))))))))))))))))))))))))))))))))
.
- 2007-03-06 00:57:34 14,560 ----a-w d:\windows\$hf_mig$\KB956390-IE7\spmsg.dll
+ 2007-03-06 00:57:33 14,560 ----a-w d:\windows\$hf_mig$\KB956390-IE7\spmsg.dll
- 2007-03-06 00:57:39 213,216 ----a-w d:\windows\$hf_mig$\KB956390-IE7\spuninst.exe
+ 2007-03-06 00:57:38 213,216 ----a-w d:\windows\$hf_mig$\KB956390-IE7\spuninst.exe
+ 2008-12-13 06:27:09 3,594,752 ----a-w d:\windows\$hf_mig$\KB960714-IE7\SP2QFE\mshtml.dll
+ 2007-03-06 00:57:33 14,560 ----a-w d:\windows\$hf_mig$\KB960714-IE7\spmsg.dll
+ 2007-03-06 00:57:38 213,216 ----a-w d:\windows\$hf_mig$\KB960714-IE7\spuninst.exe
+ 2007-03-06 00:57:32 22,752 ----a-w d:\windows\$hf_mig$\KB960714-IE7\update\spcustom.dll
+ 2007-03-06 00:57:55 712,928 ----a-w d:\windows\$hf_mig$\KB960714-IE7\update\update.exe
+ 2007-03-06 00:58:46 369,376 ----a-w d:\windows\$hf_mig$\KB960714-IE7\update\updspapi.dll
+ 2008-04-14 15:34:30 7,680 -c----w d:\windows\$NtUninstallwmp11$\asferror.dll
+ 2008-04-14 15:59:37 368,640 -c----w d:\windows\$NtUninstallwmp11$\mpvis.dll
+ 2008-04-14 16:00:02 618,496 -c----w d:\windows\$NtUninstallwmp11$\setup_wm.exe
+ 2006-05-16 15:11:54 213,216 -c----w d:\windows\$NtUninstallwmp11$\spuninst\spuninst.exe
+ 2006-05-16 15:11:52 369,376 -c----w d:\windows\$NtUninstallwmp11$\spuninst\updspapi.dll
+ 2008-04-14 16:00:04 208,896 -c----w d:\windows\$NtUninstallwmp11$\unregmp2.exe
+ 2008-04-14 15:38:13 154,624 -c----w d:\windows\$NtUninstallwmp11$\wmerror.dll
+ 2008-04-14 15:59:43 4,874,240 -c----w d:\windows\$NtUninstallwmp11$\wmp.dll
+ 2008-04-14 15:59:43 114,688 -c----w d:\windows\$NtUninstallwmp11$\wmpasf.dll
+ 2008-04-14 15:59:43 98,304 -c----w d:\windows\$NtUninstallwmp11$\wmpband.dll
+ 2008-04-14 15:59:44 233,472 -c----w d:\windows\$NtUninstallwmp11$\wmpdxm.dll
+ 2008-04-14 16:00:06 73,728 -c----w d:\windows\$NtUninstallwmp11$\wmplayer.exe
+ 2008-04-14 15:39:36 2,940,928 -c----w d:\windows\$NtUninstallwmp11$\wmploc.dll
+ 2008-04-14 15:59:44 102,400 -c----w d:\windows\$NtUninstallwmp11$\wmpshell.dll
+ 2006-06-20 12:44:04 379,704 ----a-w d:\windows\Downloaded Program Files\MsnPUpld.dll
+ 2007-01-09 05:30:26 110,592 ----a-w d:\windows\Downloaded Program Files\PURar-sa.dll
+ 2006-06-20 12:44:02 117,560 ----a-w d:\windows\Downloaded Program Files\PURen-us.dll
+ 2004-08-03 21:55:32 61,440 -c--a-w d:\windows\ie7\admparse.dll
+ 2004-08-03 21:55:32 99,840 -c--a-w d:\windows\ie7\advpack.dll
+ 2004-08-03 21:55:34 35,328 -c--a-w d:\windows\ie7\corpol.dll
+ 2004-08-03 21:55:34 28,672 -c--a-w d:\windows\ie7\custsat.dll
+ 2008-08-20 05:36:11 357,888 -c--a-w d:\windows\ie7\dxtmsft.dll
+ 2008-08-20 05:36:12 205,312 -c--a-w d:\windows\ie7\dxtrans.dll
+ 2008-08-20 05:36:12 55,808 -c--a-w d:\windows\ie7\extmgr.dll
+ 2004-08-03 21:55:38 38,912 -c--a-w d:\windows\ie7\hmmapi.dll
+ 2004-08-03 21:56:16 34,304 -c--a-w d:\windows\ie7\ie4uinit.exe
+ 2004-08-03 21:55:38 139,264 -c--a-w d:\windows\ie7\ieakeng.dll
+ 2004-08-03 21:55:38 216,064 -c--a-w d:\windows\ie7\ieaksie.dll
+ 2001-09-19 12:00:00 221,184 -c--a-w d:\windows\ie7\ieakui.dll
+ 2004-08-03 21:55:38 323,584 -c--a-w d:\windows\ie7\iedkcs32.dll
+ 2008-08-19 09:30:39 18,432 -c--a-w d:\windows\ie7\iedw.exe
+ 2004-08-03 21:55:38 81,920 -c--a-w d:\windows\ie7\ieencode.dll
+ 2008-08-20 05:36:12 250,880 -c--a-w d:\windows\ie7\iepeers.dll
+ 2004-08-03 21:55:38 48,128 -c--a-w d:\windows\ie7\iernonce.dll
+ 2004-08-03 21:55:38 62,976 -c--a-w d:\windows\ie7\iesetup.dll
+ 2004-08-03 21:56:16 93,184 -c--a-w d:\windows\ie7\iexplore.exe
+ 2004-08-03 21:55:38 35,840 -c--a-w d:\windows\ie7\imgutil.dll
+ 2008-08-20 05:36:12 96,256 -c--a-w d:\windows\ie7\inseng.dll
+ 2008-08-20 05:36:14 16,384 -c--a-w d:\windows\ie7\jsproxy.dll
+ 2004-08-03 21:55:40 22,016 -c--a-w d:\windows\ie7\licmgr10.dll
+ 2004-08-03 21:56:22 29,184 -c--a-w d:\windows\ie7\mshta.exe
+ 2008-12-12 17:00:59 3,088,896 -c--a-w d:\windows\ie7\mshtml.dll
+ 2008-08-20 05:36:14 449,024 -c--a-w d:\windows\ie7\mshtmled.dll
+ 2004-08-03 21:53:52 56,832 -c--a-w d:\windows\ie7\mshtmler.dll
+ 2001-09-19 12:00:00 146,432 -c--a-w d:\windows\ie7\msls31.dll
+ 2008-08-20 05:36:12 146,432 -c--a-w d:\windows\ie7\msrating.dll
+ 2008-08-20 05:36:12 532,480 -c--a-w d:\windows\ie7\mstime.dll
+ 2004-08-03 21:55:46 96,256 -c--a-w d:\windows\ie7\occache.dll
+ 2008-08-20 05:36:12 39,424 -c--a-w d:\windows\ie7\pngfilt.dll
+ 2007-09-27 14:23:42 32,960 -c--a-w d:\windows\ie7\spuninst\iecustom.dll
+ 2007-09-27 14:21:34 66,048 -c--a-w d:\windows\ie7\spuninst\ieResetIcons.exe
+ 2006-09-06 14:42:02 213,216 -c--a-w d:\windows\ie7\spuninst\spuninst.exe
+ 2006-09-06 14:42:02 369,376 -c--a-w d:\windows\ie7\spuninst\updspapi.dll
+ 2004-08-03 21:55:54 48,640 -c--a-w d:\windows\ie7\url.dll
+ 2008-10-16 01:00:23 617,472 -c--a-w d:\windows\ie7\urlmon.dll
+ 2004-08-03 21:55:54 848,384 -c--a-w d:\windows\ie7\vgx.dll
+ 2004-08-03 21:55:58 276,480 -c--a-w d:\windows\ie7\webcheck.dll
+ 2008-10-16 01:00:23 664,576 -c--a-w d:\windows\ie7\wininet.dll
+ 2007-08-13 15:39:00 123,904 -c----w d:\windows\ie7updates\KB956390-IE7\advpack.dll
+ 2007-08-13 15:35:46 346,624 -c----w d:\windows\ie7updates\KB956390-IE7\dxtmsft.dll
+ 2007-08-13 15:35:38 214,528 -c----w d:\windows\ie7updates\KB956390-IE7\dxtrans.dll
+ 2007-08-13 15:54:10 131,584 -c----w d:\windows\ie7updates\KB956390-IE7\extmgr.dll
+ 2007-08-13 15:36:26 61,952 -c----w d:\windows\ie7updates\KB956390-IE7\icardie.dll
+ 2007-08-13 15:39:06 54,784 -c----w d:\windows\ie7updates\KB956390-IE7\ie4uinit.exe
+ 2007-08-13 15:39:26 152,064 -c----w d:\windows\ie7updates\KB956390-IE7\ieakeng.dll
+ 2007-08-13 15:39:54 229,376 -c----w d:\windows\ie7updates\KB956390-IE7\ieaksie.dll
+ 2007-08-13 14:56:54 161,792 -c----w d:\windows\ie7updates\KB956390-IE7\ieakui.dll
+ 2007-02-12 13:10:12 2,451,312 -c----w d:\windows\ie7updates\KB956390-IE7\ieapfltr.dat
+ 2007-07-11 09:27:48 383,488 -c----w d:\windows\ie7updates\KB956390-IE7\ieapfltr.dll
+ 2007-08-13 15:39:50 382,976 -c----w d:\windows\ie7updates\KB956390-IE7\iedkcs32.dll
+ 2007-08-13 15:54:10 6,049,280 -c----w d:\windows\ie7updates\KB956390-IE7\ieframe.dll
+ 2007-08-13 15:39:10 43,008 -c----w d:\windows\ie7updates\KB956390-IE7\iernonce.dll
+ 2007-08-13 15:34:04 266,752 -c----w d:\windows\ie7updates\KB956390-IE7\iertutil.dll
+ 2007-08-13 15:39:10 13,312 -c----w d:\windows\ie7updates\KB956390-IE7\ieudinit.exe
+ 2007-08-13 15:43:56 622,080 -c----w d:\windows\ie7updates\KB956390-IE7\iexplore.exe
+ 2007-08-13 15:54:10 27,136 -c----w d:\windows\ie7updates\KB956390-IE7\jsproxy.dll
+ 2007-08-13 15:54:10 458,752 -c----w d:\windows\ie7updates\KB956390-IE7\msfeeds.dll
+ 2007-08-13 15:54:10 50,688 -c----w d:\windows\ie7updates\KB956390-IE7\msfeedsbs.dll
+ 2007-08-13 15:54:12 3,578,368 -c----w d:\windows\ie7updates\KB956390-IE7\mshtml.dll
+ 2007-08-13 15:54:10 475,648 -c----w d:\windows\ie7updates\KB956390-IE7\mshtmled.dll
+ 2007-08-13 15:44:26 192,000 -c----w d:\windows\ie7updates\KB956390-IE7\msrating.dll
+ 2007-08-13 15:54:10 670,720 -c----w d:\windows\ie7updates\KB956390-IE7\mstime.dll
+ 2007-08-13 15:44:06 101,376 -c----w d:\windows\ie7updates\KB956390-IE7\occache.dll
+ 2007-08-13 15:36:12 44,544 -c----w d:\windows\ie7updates\KB956390-IE7\pngfilt.dll
+ 2007-03-06 00:57:32 22,752 -c----w d:\windows\ie7updates\KB956390-IE7\spcustom.dll
+ 2007-03-06 00:57:34 14,560 -c----w d:\windows\ie7updates\KB956390-IE7\spmsg.dll
+ 2007-03-06 00:57:39 213,216 -c----w d:\windows\ie7updates\KB956390-IE7\spuninst.exe
+ 2007-03-06 00:57:38 213,216 -c----w d:\windows\ie7updates\KB956390-IE7\spuninst\spuninst.exe
+ 2007-03-06 00:58:46 369,376 -c----w d:\windows\ie7updates\KB956390-IE7\spuninst\updspapi.dll
+ 2007-03-06 00:57:56 712,928 -c----w d:\windows\ie7updates\KB956390-IE7\update.exe
+ 2007-03-06 00:58:46 369,376 -c----w d:\windows\ie7updates\KB956390-IE7\updspapi.dll
+ 2007-08-13 15:44:30 105,984 -c----w d:\windows\ie7updates\KB956390-IE7\url.dll
+ 2007-08-13 15:54:10 1,162,240 -c----w d:\windows\ie7updates\KB956390-IE7\urlmon.dll
+ 2007-08-13 15:54:10 231,424 -c----w d:\windows\ie7updates\KB956390-IE7\webcheck.dll
+ 2007-08-13 15:54:10 818,688 -c----w d:\windows\ie7updates\KB956390-IE7\wininet.dll
+ 2008-10-16 22:34:18 3,593,216 -c----w d:\windows\ie7updates\KB960714-IE7\mshtml.dll
+ 2007-03-06 00:57:38 213,216 -c----w d:\windows\ie7updates\KB960714-IE7\spuninst\spuninst.exe
+ 2007-03-06 00:58:46 369,376 -c----w d:\windows\ie7updates\KB960714-IE7\spuninst\updspapi.dll
- 2008-04-14 16:00:04 208,896 ----a-w d:\windows\inf\unregmp2.exe
+ 2006-12-01 09:03:18 316,416 ----a-w d:\windows\inf\unregmp2.exe
- 2004-08-03 21:55:32 61,440 ----a-w d:\windows\system32\admparse.dll
+ 2007-08-13 15:39:20 71,680 ----a-w d:\windows\system32\admparse.dll
- 2004-08-03 21:55:32 99,840 ----a-w d:\windows\system32\advpack.dll
+ 2008-10-16 20:04:07 124,928 ----a-w d:\windows\system32\advpack.dll
- 2008-04-14 15:34:30 7,680 ----a-w d:\windows\system32\asferror.dll
+ 2006-12-01 07:51:06 6,656 ----a-w d:\windows\system32\asferror.dll
- 2008-09-12 08:41:38 16,384 ----a-w d:\windows\system32\config\systemprofile\******s\index.dat
+ 2008-12-26 15:10:19 16,384 ----a-w d:\windows\system32\config\systemprofile\******s\index.dat
- 2008-09-12 08:41:38 32,768 ----a-w d:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2008-12-26 15:10:19 32,768 ----a-w d:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2008-09-12 08:41:38 32,768 ----a-w d:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\*******.IE5\index.dat
+ 2008-12-26 15:10:19 32,768 ----a-w d:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\*******.IE5\index.dat
- 2004-08-03 21:55:32 61,440 -c--a-w d:\windows\system32\dllcache\admparse.dll
+ 2007-08-13 15:39:20 71,680 -c--a-w d:\windows\system32\dllcache\admparse.dll
- 2004-08-03 21:55:32 99,840 -c--a-w d:\windows\system32\dllcache\advpack.dll
+ 2008-10-16 20:04:07 124,928 -c----w d:\windows\system32\dllcache\advpack.dll
- 2008-04-14 15:34:30 7,680 ----a-w d:\windows\system32\dllcache\asferror.dll
+ 2006-12-01 07:51:06 6,656 -c--a-w d:\windows\system32\dllcache\asferror.dll
+ 2006-09-23 10:12:32 1,022,976 -c----w d:\windows\system32\dllcache\browseui.dll
- 2004-08-03 21:55:34 28,672 -c--a-w d:\windows\system32\dllcache\custsat.dll
+ 2007-08-13 15:54:10 33,792 -c--a-w d:\windows\system32\dllcache\custsat.dll
- 2008-08-20 05:36:11 357,888 -c--a-w d:\windows\system32\dllcache\dxtmsft.dll
+ 2008-10-16 20:04:07 347,136 -c----w d:\windows\system32\dllcache\dxtmsft.dll
- 2008-08-20 05:36:12 205,312 -c--a-w d:\windows\system32\dllcache\dxtrans.dll
+ 2008-10-16 20:04:07 214,528 -c----w d:\windows\system32\dllcache\dxtrans.dll
- 2008-08-20 05:36:12 55,808 -c--a-w d:\windows\system32\dllcache\extmgr.dll
+ 2008-10-16 20:04:08 133,120 -c----w d:\windows\system32\dllcache\extmgr.dll
- 2004-08-03 21:55:38 38,912 -c--a-w d:\windows\system32\dllcache\hmmapi.dll
+ 2007-08-13 15:18:02 60,416 -c--a-w d:\windows\system32\dllcache\hmmapi.dll
- 2004-08-03 21:56:16 34,304 -c--a-w d:\windows\system32\dllcache\ie4uinit.exe
+ 2008-10-16 13:09:53 70,656 -c----w d:\windows\system32\dllcache\ie4uinit.exe
- 2004-08-03 21:55:38 139,264 -c--a-w d:\windows\system32\dllcache\ieakeng.dll
+ 2008-10-16 20:04:08 153,088 -c----w d:\windows\system32\dllcache\ieakeng.dll
- 2004-08-03 21:55:38 216,064 -c--a-w d:\windows\system32\dllcache\ieaksie.dll
+ 2008-10-16 20:04:08 230,400 -c----w d:\windows\system32\dllcache\ieaksie.dll
- 2001-09-19 12:00:00 221,184 -c--a-w d:\windows\system32\dllcache\ieakui.dll
+ 2008-10-15 07:04:53 161,792 -c----w d:\windows\system32\dllcache\ieakui.dll
- 2004-08-03 21:55:38 323,584 -c--a-w d:\windows\system32\dllcache\iedkcs32.dll
+ 2008-10-16 20:04:09 384,512 -c----w d:\windows\system32\dllcache\iedkcs32.dll
- 2008-08-19 09:30:39 18,432 -c--a-w d:\windows\system32\dllcache\iedw.exe
+ 2007-08-13 15:44:02 69,120 -c--a-w d:\windows\system32\dllcache\iedw.exe
- 2004-08-03 21:55:38 81,920 ----a-w d:\windows\system32\dllcache\ieencode.dll
+ 2007-08-13 15:45:18 78,336 -c--a-w d:\windows\system32\dllcache\ieencode.dll
- 2008-08-20 05:36:12 250,880 -c--a-w d:\windows\system32\dllcache\iepeers.dll
+ 2007-08-13 15:54:10 191,488 -c--a-w d:\windows\system32\dllcache\iepeers.dll
- 2004-08-03 21:55:38 48,128 -c--a-w d:\windows\system32\dllcache\iernonce.dll
+ 2008-10-16 20:04:12 44,544 -c----w d:\windows\system32\dllcache\iernonce.dll
- 2004-08-03 21:55:38 62,976 -c--a-w d:\windows\system32\dllcache\iesetup.dll
+ 2007-08-13 15:39:12 55,296 -c--a-w d:\windows\system32\dllcache\iesetup.dll
- 2004-08-03 21:56:16 93,184 -c--a-w d:\windows\system32\dllcache\iexplore.exe
+ 2008-10-15 07:06:26 633,632 -c----w d:\windows\system32\dllcache\iexplore.exe
- 2004-08-03 21:55:38 35,840 -c--a-w d:\windows\system32\dllcache\imgutil.dll
+ 2007-08-13 15:36:06 36,352 -c--a-w d:\windows\system32\dllcache\imgutil.dll
- 2008-08-20 05:36:12 96,256 -c--a-w d:\windows\system32\dllcache\inseng.dll
+ 2007-08-13 15:39:02 92,672 -c--a-w d:\windows\system32\dllcache\inseng.dll
- 2008-08-20 05:36:14 16,384 -c--a-w d:\windows\system32\dllcache\jsproxy.dll
+ 2008-10-16 20:04:13 27,648 -c----w d:\windows\system32\dllcache\jsproxy.dll
- 2004-08-03 21:55:40 22,016 -c--a-w d:\windows\system32\dllcache\licmgr10.dll
+ 2007-08-13 15:44:18 40,960 -c--a-w d:\windows\system32\dllcache\licmgr10.dll
- 2008-04-14 15:59:37 368,640 ----a-w d:\windows\system32\dllcache\mpvis.dll
+ 2006-12-01 07:51:20 243,712 -c--a-w d:\windows\system32\dllcache\mpvis.dll
- 2004-08-03 21:56:22 29,184 -c--a-w d:\windows\system32\dllcache\mshta.exe
+ 2007-08-13 15:32:30 45,568 -c--a-w d:\windows\system32\dllcache\mshta.exe
- 2008-12-12 17:00:59 3,088,896 -c--a-w d:\windows\system32\dllcache\mshtml.dll
+ 2008-12-13 06:36:43 3,593,216 -c----w d:\windows\system32\dllcache\mshtml.dll
- 2008-08-20 05:36:14 449,024 -c--a-w d:\windows\system32\dllcache\mshtmled.dll
+ 2008-10-16 20:04:16 477,696 -c----w d:\windows\system32\dllcache\mshtmled.dll
- 2004-08-03 21:53:52 56,832 -c--a-w d:\windows\system32\dllcache\mshtmler.dll
+ 2007-08-13 15:01:12 48,128 -c--a-w d:\windows\system32\dllcache\mshtmler.dll
- 2001-09-19 12:00:00 146,432 -c--a-w d:\windows\system32\dllcache\msls31.dll
+ 2007-08-13 15:54:10 156,160 -c--a-w d:\windows\system32\dllcache\msls31.dll
- 2008-08-20 05:36:12 146,432 -c--a-w d:\windows\system32\dllcache\msrating.dll
+ 2008-10-16 20:04:17 193,024 -c----w d:\windows\system32\dllcache\msrating.dll
- 2008-08-20 05:36:12 532,480 -c--a-w d:\windows\system32\dllcache\mstime.dll
+ 2008-10-16 20:04:17 671,232 -c----w d:\windows\system32\dllcache\mstime.dll
- 2004-08-03 21:55:46 96,256 -c--a-w d:\windows\system32\dllcache\occache.dll
+ 2008-10-16 20:04:17 102,912 -c----w d:\windows\system32\dllcache\occache.dll
- 2008-08-20 05:36:12 39,424 -c--a-w d:\windows\system32\dllcache\pngfilt.dll
+ 2008-10-16 20:04:17 44,544 -c----w d:\windows\system32\dllcache\pngfilt.dll
- 2008-04-14 16:00:02 618,496 ----a-w d:\windows\system32\dllcache\setup_wm.exe
+ 2006-12-01 09:03:28 1,667,072 -c--a-w d:\windows\system32\dllcache\setup_wm.exe
+ 2006-09-23 10:12:32 474,112 -c----w d:\windows\system32\dllcache\shlwapi.dll
- 2008-04-14 16:00:04 208,896 ----a-w d:\windows\system32\dllcache\unregmp2.exe
+ 2006-12-01 09:03:18 316,416 -c--a-w d:\windows\system32\dllcache\unregmp2.exe
- 2004-08-03 21:55:54 48,640 -c--a-w d:\windows\system32\dllcache\url.dll
+ 2008-10-16 20:04:17 105,984 -c----w d:\windows\system32\dllcache\url.dll
- 2008-10-16 01:00:23 617,472 -c--a-w d:\windows\system32\dllcache\urlmon.dll
+ 2008-10-16 20:04:18 1,160,192 -c----w d:\windows\system32\dllcache\urlmon.dll
- 2004-08-03 21:55:54 848,384 -c--a-w d:\windows\system32\dllcache\vgx.dll
+ 2008-05-27 17:23:58 765,952 -c--a-w d:\windows\system32\dllcache\vgx.dll
- 2004-08-03 21:55:58 276,480 -c--a-w d:\windows\system32\dllcache\webcheck.dll
+ 2008-10-16 20:04:18 233,472 -c----w d:\windows\system32\dllcache\webcheck.dll
- 2008-10-16 01:00:23 664,576 -c--a-w d:\windows\system32\dllcache\wininet.dll
+ 2008-10-16 20:04:19 826,368 -c----w d:\windows\system32\dllcache\wininet.dll
- 2008-04-14 15:38:13 154,624 ----a-w d:\windows\system32\dllcache\wmerror.dll
+ 2006-12-01 07:53:12 208,896 -c--a-w d:\windows\system32\dllcache\wmerror.dll
- 2008-04-14 15:59:43 4,874,240 ----a-w d:\windows\system32\dllcache\wmp.dll
+ 2006-10-18 18:47:20 10,834,432 -c--a-w d:\windows\system32\dllcache\wmp.dll
- 2008-04-14 15:59:43 114,688 ----a-w d:\windows\system32\dllcache\wmpasf.dll
+ 2006-10-18 18:47:20 242,688 -c--a-w d:\windows\system32\dllcache\wmpasf.dll
- 2008-04-14 15:59:43 98,304 ----a-w d:\windows\system32\dllcache\wmpband.dll
+ 2006-12-01 07:53:20 96,256 -c--a-w d:\windows\system32\dllcache\wmpband.dll
- 2008-04-14 15:59:44 233,472 ----a-w d:\windows\system32\dllcache\wmpdxm.dll
+ 2006-10-18 18:47:20 314,880 -c--a-w d:\windows\system32\dllcache\wmpdxm.dll
- 2008-04-14 16:00:06 73,728 ----a-w d:\windows\system32\dllcache\wmplayer.exe
+ 2006-12-01 09:03:08 63,488 -c--a-w d:\windows\system32\dllcache\wmplayer.exe
- 2008-04-14 15:39:36 2,940,928 ----a-w d:\windows\system32\dllcache\wmploc.dll
+ 2006-12-01 08:51:38 8,237,056 -c--a-w d:\windows\system32\dllcache\wmploc.dll
- 2008-04-14 15:59:44 102,400 ----a-w d:\windows\system32\dllcache\wmpshell.dll
+ 2006-12-01 07:53:42 99,840 -c--a-w d:\windows\system32\dllcache\wmpshell.dll
- 2008-08-20 05:36:11 357,888 ----a-w d:\windows\system32\dxtmsft.dll
+ 2008-10-16 20:04:07 347,136 ------w d:\windows\system32\dxtmsft.dll
- 2008-08-20 05:36:12 205,312 ----a-w d:\windows\system32\dxtrans.dll
+ 2008-10-16 20:04:07 214,528 ------w d:\windows\system32\dxtrans.dll
- 2008-08-20 05:36:12 55,808 ----a-w d:\windows\system32\extmgr.dll
+ 2008-10-16 20:04:08 133,120 ------w d:\windows\system32\extmgr.dll
+ 2008-10-16 20:04:08 63,488 ----a-w d:\windows\system32\icardie.dll
- 2004-08-03 21:56:16 34,304 ----a-w d:\windows\system32\ie4uinit.exe
+ 2008-10-16 13:09:53 70,656 ------w d:\windows\system32\ie4uinit.exe
- 2004-08-03 21:55:38 139,264 ----a-w d:\windows\system32\ieakeng.dll
+ 2008-10-16 20:04:08 153,088 ------w d:\windows\system32\ieakeng.dll
- 2004-08-03 21:55:38 216,064 ----a-w d:\windows\system32\ieaksie.dll
+ 2008-10-16 20:04:08 230,400 ------w d:\windows\system32\ieaksie.dll
- 2001-09-19 12:00:00 221,184 ----a-w d:\windows\system32\ieakui.dll
+ 2008-10-15 07:04:53 161,792 ------w d:\windows\system32\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w d:\windows\system32\ieapfltr.dat
+ 2008-10-16 20:04:08 383,488 ----a-w d:\windows\system32\ieapfltr.dll
- 2004-08-03 21:55:38 323,584 ----a-w d:\windows\system32\iedkcs32.dll
+ 2008-10-16 20:04:09 384,512 ------w d:\windows\system32\iedkcs32.dll
- 2004-08-03 21:55:38 81,920 ----a-w d:\windows\system32\ieencode.dll
+ 2007-08-13 15:45:18 78,336 ----a-w d:\windows\system32\ieencode.dll
+ 2008-10-16 20:04:12 6,066,176 ----a-w d:\windows\system32\ieframe.dll
- 2008-08-20 05:36:12 250,880 ----a-w d:\windows\system32\iepeers.dll
+ 2007-08-13 15:54:10 191,488 ----a-w d:\windows\system32\iepeers.dll
- 2004-08-03 21:55:38 48,128 ----a-w d:\windows\system32\iernonce.dll
+ 2008-10-16 20:04:12 44,544 ------w d:\windows\system32\iernonce.dll
+ 2008-10-16 20:04:12 267,776 ----a-w d:\windows\system32\iertutil.dll
- 2004-08-03 21:55:38 62,976 ----a-w d:\windows\system32\iesetup.dll
+ 2007-08-13 15:39:12 55,296 ----a-w d:\windows\system32\iesetup.dll
+ 2007-08-13 15:54:10 180,736 ------w d:\windows\system32\ieui.dll
- 2004-08-03 21:55:38 35,840 ----a-w d:\windows\system32\imgutil.dll
+ 2007-08-13 15:36:06 36,352 ----a-w d:\windows\system32\imgutil.dll
- 2008-08-20 05:36:12 96,256 ----a-w d:\windows\system32\inseng.dll
+ 2007-08-13 15:39:02 92,672 ----a-w d:\windows\system32\inseng.dll
- 2008-08-20 05:36:14 16,384 ----a-w d:\windows\system32\jsproxy.dll
+ 2008-10-16 20:04:13 27,648 ------w d:\windows\system32\jsproxy.dll
+ 2004-05-14 13:53:08 57,344 ----a-w d:\windows\system32\lfbmp13n.dll
+ 2004-05-14 13:53:08 401,408 ----a-w d:\windows\system32\lfcmp13n.dll
+ 2003-11-04 12:10:40 69,632 ----a-w d:\windows\system32\lfgif13n.dll
+ 2003-11-04 12:11:04 159,744 ----a-w d:\windows\system32\lfpng13n.dll
- 2004-08-03 21:55:40 22,016 ----a-w d:\windows\system32\licmgr10.dll
+ 2007-08-13 15:44:18 40,960 ----a-w d:\windows\system32\licmgr10.dll
+ 2004-05-14 13:53:10 299,008 ----a-w d:\windows\system32\ltdis13n.dll
+ 2004-01-11 23:09:42 206,336 ----a-w d:\windows\system32\ltefx13n.dll
+ 2004-05-14 13:53:10 163,840 ----a-w d:\windows\system32\ltfil13n.dll
+ 2004-05-14 13:53:12 450,560 ----a-w d:\windows\system32\ltimg13n.dll
+ 2004-05-14 13:53:12 462,848 ----a-w d:\windows\system32\ltkrn13n.dll
- 2008-12-02 21:26:30 17,593,280 ----a-w d:\windows\system32\MRT.exe
+ 2008-12-09 12:24:38 17,593,280 ----a-w d:\windows\system32\MRT.exe
+ 2008-10-16 20:04:13 459,264 ----a-w d:\windows\system32\msfeeds.dll
+ 2008-10-16 20:04:13 52,224 ----a-w d:\windows\system32\msfeedsbs.dll
+ 2007-08-13 15:36:40 12,288 ------w d:\windows\system32\msfeedssync.exe
- 2004-08-03 21:56:22 29,184 ----a-w d:\windows\system32\mshta.exe
+ 2007-08-13 15:32:30 45,568 ----a-w d:\windows\system32\mshta.exe
- 2008-12-12 17:00:59 3,088,896 ----a-w d:\windows\system32\mshtml.dll
+ 2008-12-13 06:36:43 3,593,216 ----a-w d:\windows\system32\mshtml.dll
- 2008-08-20 05:36:14 449,024 ----a-w d:\windows\system32\mshtmled.dll
+ 2008-10-16 20:04:16 477,696 ------w d:\windows\system32\mshtmled.dll
- 2004-08-03 21:53:52 56,832 ----a-w d:\windows\system32\mshtmler.dll
+ 2007-08-13 15:01:12 48,128 ----a-w d:\windows\system32\mshtmler.dll
- 2001-09-19 12:00:00 146,432 ----a-w d:\windows\system32\msls31.dll
+ 2007-08-13 15:54:10 156,160 ----a-w d:\windows\system32\msls31.dll
- 2008-08-20 05:36:12 146,432 ----a-w d:\windows\system32\msrating.dll
+ 2008-10-16 20:04:17 193,024 ------w d:\windows\system32\msrating.dll
- 2008-08-20 05:36:12 532,480 ----a-w d:\windows\system32\mstime.dll
+ 2008-10-16 20:04:17 671,232 ------w d:\windows\system32\mstime.dll
- 2004-08-03 21:55:46 96,256 ----a-w d:\windows\system32\occache.dll
+ 2008-10-16 20:04:17 102,912 ------w d:\windows\system32\occache.dll
- 2008-12-10 09:08:38 63,760 ----a-w d:\windows\system32\perfc001.dat
+ 2008-12-26 04:36:50 63,866 ----a-w d:\windows\system32\perfc001.dat
- 2008-12-10 09:08:38 63,992 ----a-w d:\windows\system32\perfc009.dat
+ 2008-12-26 04:36:50 64,108 ----a-w d:\windows\system32\perfc009.dat
- 2008-12-10 09:08:38 341,138 ----a-w d:\windows\system32\perfh001.dat
+ 2008-12-26 04:36:50 341,408 ----a-w d:\windows\system32\perfh001.dat
- 2008-12-10 09:08:38 406,856 ----a-w d:\windows\system32\perfh009.dat
+ 2008-12-26 04:36:50 407,164 ----a-w d:\windows\system32\perfh009.dat
- 2008-08-20 05:36:12 39,424 ----a-w d:\windows\system32\pngfilt.dll
+ 2008-10-16 20:04:17 44,544 ------w d:\windows\system32\pngfilt.dll
- 2007-11-30 12:39:01 17,784 ------w d:\windows\system32\spmsg.dll
+ 2006-09-25 14:58:48 14,640 ------w d:\windows\system32\spmsg.dll
- 2004-08-03 21:55:54 48,640 ----a-w d:\windows\system32\url.dll
+ 2008-10-16 20:04:17 105,984 ----a-w d:\windows\system32\url.dll
- 2008-10-16 01:00:23 617,472 ----a-w d:\windows\system32\urlmon.dll
+ 2008-10-16 20:04:18 1,160,192 ----a-w d:\windows\system32\urlmon.dll
- 2004-08-03 21:55:58 276,480 ----a-w d:\windows\system32\webcheck.dll
+ 2008-10-16 20:04:18 233,472 ----a-w d:\windows\system32\webcheck.dll
+ 2007-08-13 15:45:16 206,336 ------w d:\windows\system32\WinFXDocObj.exe
- 2008-10-16 01:00:23 664,576 ----a-w d:\windows\system32\wininet.dll
+ 2008-10-16 20:04:19 826,368 ----a-w d:\windows\system32\wininet.dll
- 2008-04-14 15:38:13 154,624 ----a-w d:\windows\system32\wmerror.dll
+ 2006-12-01 07:53:12 208,896 ----a-w d:\windows\system32\wmerror.dll
- 2008-04-14 15:59:43 4,874,240 ----a-w d:\windows\system32\wmp.dll
+ 2006-10-18 18:47:20 10,834,432 ----a-w d:\windows\system32\wmp.dll
- 2008-04-14 15:59:43 114,688 ----a-w d:\windows\system32\wmpasf.dll
+ 2006-10-18 18:47:20 242,688 ----a-w d:\windows\system32\wmpasf.dll
- 2008-04-14 15:59:44 233,472 ----a-w d:\windows\system32\wmpdxm.dll
+ 2006-10-18 18:47:20 314,880 ----a-w d:\windows\system32\wmpdxm.dll
+ 2006-10-18 18:47:20 295,936 ------w d:\windows\system32\wmpeffects.dll
+ 2006-10-18 18:47:20 1,661,440 ------w d:\windows\system32\wmpencen.dll
- 2008-04-14 15:39:36 2,940,928 ----a-w d:\windows\system32\wmploc.dll
+ 2006-12-01 08:51:38 8,237,056 ----a-w d:\windows\system32\wmploc.dll
+ 2006-10-18 18:47:20 613,376 ------w d:\windows\system32\wmpmde.dll
+ 2006-10-18 18:47:20 130,048 ------w d:\windows\system32\wmpps.dll
- 2008-04-14 15:59:44 102,400 ----a-w d:\windows\system32\wmpshell.dll
+ 2006-12-01 07:53:42 99,840 ----a-w d:\windows\system32\wmpshell.dll
+ 2006-10-18 18:47:20 204,288 ------w d:\windows\system32\wmpsrcwp.dll
- 2008-12-19 16:01:53 4,212 ---h--w d:\windows\system32\zllictbl.dat
+ 2008-12-26 00:53:46 4,212 ---h--w d:\windows\system32\zllictbl.dat
+ 2008-12-26 15:10:20 16,384 ----atw d:\windows\Temp\Perflib_Perfdata_5d0.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="d:\program files\Windows Live\Messenger\msnmsgr.exe" [10/18/2007 11:34 AM 5724184]
"ctfmon.exe"="d:\windows\system32\ctfmon.exe" [04/14/2008 06:59 PM 15360]
"MSMSGS"="d:\program files\Messenger\msmsgs.exe" [04/14/2008 06:59 PM 1695232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="d:\program files\Java\jre6\bin\jusched.exe" [12/04/2008 10:29 AM 136600]
"ZoneAlarm Client"="d:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [11/14/2007 04:05 PM 919016]
"TkBellExe"="d:\program files\Common Files\Real\Update_OB\realsched.exe" [12/01/2008 03:33 PM 185872]
d:\documents and settings\All Users\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ں颬نïé\
REALTEK RTL8187 Wireless LAN Utility.lnk - d:\program files\REALTEK RTL8187 Wireless LAN Driver and Utility\RtWLan.exe [2008-11-11 737280]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Shell"="Explorer.exe d:\\WINDOWS\\system32\\fservice.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"="0x00000000"
"UpdatesDisableNotify"="0x00000000"
"AntiVirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"d:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe"=
"d:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Program Files\\Messenger\\msmsgs.exe"=
"d:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"d:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
R1 oxser;OX16C95x Serial port driver;d:\windows\system32\DRIVERS\oxser.sys [2008-08-25 51169]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;d:\windows\system32\DRIVERS\klim5.sys [2007-04-04 24344]
R3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;d:\windows\system32\DRIVERS\RTL8187.sys [2008-11-11 194304]
R3 SjyPkt;SjyPkt;\??\d:\windows\System32\Drivers\SjyPkt.sys [2008-11-11 13532]
.
- - - - ORPHANS REMOVED - - - -
HKLM-Explorer_Run-DirectX For Microsoft® Windows - d:\windows\system32\fservice.exe

.
------- Supplementary Scan -------
.
IE: &Windows Live Search - d:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

IE: Download ALL with IDA
IE: Download with IDA
IE: ت&صدير إلى Microsoft Excel - d:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
O16 -: Microsoft XML Parser for Java -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

d:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd
d:\windows\system32\msvcrt.dll - d:\windows\system32\mfc42.dll
d:\windows\system32\olepro32.dll
d:\windows\Downloaded Program Files\imcv1.dll
O16 -: {6924091F-CD97-41E1-B1D4-D9079409D413}
hxxp://76.76.24.100/IMSCP/talk.cab
d:\windows\Downloaded Program Files\talk.inf
FF - ProfilePath - d:\documents and settings\طاغي\Application Data\Mozilla\Firefox\Profiles\n6esbnl1.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Live Search
FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2008-12-26 18:14:23
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(1616)
d:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll
d:\windows\system32\klogon.dll
- - - - - - - > 'lsass.exe'(1672)
d:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll
d:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll
.
Completion time: 12/26/2008 18:16:08
********-quarantined-files.txt 2008-12-26 15:16:02
********2.txt 2008-12-17 17:38:25
********3.txt 2008-12-15 08:19:55
********4.txt 2008-12-10 02:17:13
Pre-Run: 1,353,795,584 bytes free
Post-Run: 1,360,672,768 bytes free
557 --- E O F --- 2008-12-25 13:02:26
 

توقيع : طآغي النظرهـ
ترتيب حسب التاريخ ترتيب حسب الأصوات
تقرير الهايجك
ــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــ

Logfile of HijackThis v1.99.1
Scan saved at 18:30:12, on 26/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
D:\Program Files\Hotspot Shield\bin\openvpnas.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\Java\jre6\bin\jusched.exe
D:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\REALTEK RTL8187 Wireless LAN Driver and Utility\RtWLan.exe
D:\WINDOWS\Explorer.exe
D:\Program Files\internet explorer\iexplore.exe
D:\Documents and Settings\طاغي\سطح المكتب\برامج الحمايه\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

F2 - REG:system.ini: Shell=Explorer.exe D:\WINDOWS\system32\fservice.exe
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: REALTEK RTL8187 Wireless LAN Utility.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://D:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - D:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash ******) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - D:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - D:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: klogon - D:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - D:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Unknown owner - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -r (file missing)
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - D:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - D:\Program Files\Java\jre6\bin\jqs.exe" -service -config "D:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - D:\WINDOWS\system32\ZoneLabs\vsmon.exe
 
توقيع : طآغي النظرهـ
تأييد 0
بالنسبه لتقرير الاول وجدت فيروسات وتم حذفها


حدد هالقيمه واحذفها

F2 - REG:system.ini: Shell=Explorer.exe D:\WINDOWS\system32\fservice.exe

طريقة الحذف

mg%20%283%29.png

mg%20%284%29.png

بعدها اذهب الى اضافة وازالة البرامج واحذف التولبار الموجود عندك (toolbar)>> ممكن ما يكون موجود

ثم نزل هذه الاداة واتبع الشرح التالي


يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

التوافق : ويندوز اكسبيفقط

شرح الاستخدام ,,,,,,
دبل كلك على الاداة واصبر حتى تنتهي جميع النوافذ وتقف عند هذه النافذة

002.png

وعند ظهور هذه الشاشه ,, اضغط على Close ليتم اعادة تشغيل جهاز

بالتوفيق
 
توقيع : SUL6AN
تأييد 0
الله يعطيك العافيه أخوي سلطان ماقصرت أبيض وجه الله يرزقك ويرزق والديك الجنه
 
توقيع : طآغي النظرهـ
تأييد 0
طآغي النظرهـ قال:
الله يعطيك العافيه أخوي سلطان ماقصرت أبيض وجه الله يرزقك ويرزق والديك الجنه
أنقر للتوسيع...

الله يجزاك خير على كلامك الطيب

اتمنى ان مشكلتك قد انتهت :smile:
 
توقيع : SUL6AN
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى