مشكله بجهازي USB Device Not Recognized

Ali-911 · 24 مارس 2009

سلام عليكم

عندي جهاز iPod شبكه على الكمبيوتر اكثر من مره بدون اي مشاكل ! وشغال زي الحلاوه

بس اليوم شبكه يقولي USB Device Not Recognized

طيب بعده على طول الفأره عيت تشتغل ! لأنه مشبوكه USB

وعلق الجهاز

وسويت له ريستارت وتغير الـStart Up بعض البرامج جت وبعضها راحت واحس انه متغير الجهاز علي

ولما سويت له ريستارت رجع كأنه ويندوز 98 بس غيرت بالـMsconfig خليته Normal ولما افتح الـTask Manager اشوف طلعت اشياء جديده

والحين هالصوره تطلع وتختفي كل شوي وش الحل معها ؟؟

تقرير الـHijackthis

كود:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:40:34 PM, on 3/24/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\Explorer.EXE
F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
F:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
F:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
F:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
F:\Program Files\Bonjour\mDNSResponder.exe
F:\Program Files\Nero\Nero 7\InCD\InCD.exe
F:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
F:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
F:\Program Files\Java\jre6\bin\jqs.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
F:\WINDOWS\system32\nvsvc32.exe
F:\WINDOWS\system32\PnkBstrA.exe
F:\WINDOWS\system32\PnkBstrB.exe
F:\Program Files\CyberLink\Shared files\RichVideo.exe
f:\program files\idt\intelxpv_v83\wdm\STacSV.exe
F:\WINDOWS\System32\PAStiSvc.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\system32\wuauclt.exe
F:\Program Files\Internet Explorer\IEXPLORE.EXE
F:\Program Files\Mozilla Firefox\firefox.exe
F:\Program Files\Internet Explorer\IEXPLORE.EXE
F:\Documents and Settings\user\Desktop\Zyzoom_HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
F2 - REG:system.ini: UserInit=userinit.exe 
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - F:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - F:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - F:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - F:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - F:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - F:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O4 - HKLM\..\Run: [AVP] "F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [SecurDisc] F:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [RemoteControl] "F:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LanguageShortcut] "F:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [InCD] F:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [GrooveMonitor] "F:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Download All Links with IDM - F:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - F:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - F:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - F:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - F:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - F:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - F:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - F:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - F:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - F:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - F:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - F:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - F:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - F:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - F:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - F:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - f:\program files\idt\intelxpv_v83\wdm\STacSV.exe
O23 - Service: STI Simulator - Unknown owner - F:\WINDOWS\System32\PAStiSvc.exe
--
End of file - 7428 bytes

MAAX · 24 مارس 2009

اهلاا بك
التقرير سليم

عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة

Ali-911 · 24 مارس 2009

تفضل

كود:

ComboFix 09-03-23.01 - user 2009-03-24 21:45:33.2 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.2.1256.966.1033.18.2046.1558 [GMT 3:00]
Running from: f:\documents and settings\user\Desktop\ComboFix.exe
AV: Kaspersky Anti-Virus *On-access scanning disabled* (Outdated)
 * Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Autorun.inf
D:\Autorun.inf
f:\documents and settings\user\Application Data\inst.exe
f:\windows\IE4 Error Log.txt
f:\windows\mdm.exe
f:\windows\rvhost.exe
f:\windows\svchost.ini
f:\windows\system32\Microsoft\svchost.exe
f:\windows\system32\setting.ini
f:\windows\system32\tmp.reg
G:\Autorun.inf
.
(((((((((((((((((((((((((   Files Created from 2009-02-24 to 2009-03-24  )))))))))))))))))))))))))))))))
.
2009-03-21 14:42 . 2009-03-21 14:42 <DIR> d-------- f:\documents and settings\user\Application Data\Research In Motion
2009-03-21 14:42 . 2009-03-21 14:57 256 --a------ f:\windows\system32\pool.bin
2009-03-21 14:41 . 2007-01-18 10:24 26,496 -ra------ f:\windows\system32\drivers\RimSerial.sys
2009-03-21 14:40 . 2009-03-21 14:40 <DIR> d-------- f:\program files\Common Files\Research In Motion
2009-03-13 15:01 . 2009-03-13 15:01 <DIR> d-------- f:\program files\GameHouse
2009-03-08 21:36 . 2009-03-08 21:36 <DIR> d--h----- f:\windows\PIF
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-24 18:48 --------- d-----w f:\documents and settings\user\Application Data\DMCache
2009-03-24 18:44 --------- d-----w f:\documents and settings\user\Application Data\uTorrent
2009-03-24 10:03 --------- d-----w f:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-03-24 10:01 876,576 --sha-w f:\windows\system32\drivers\fidbox2.dat
2009-03-24 10:01 6,461,984 --sha-w f:\windows\system32\drivers\fidbox.dat
2009-03-24 10:01 57,852 --sha-w f:\windows\system32\drivers\fidbox.idx
2009-03-24 10:01 10,364 --sha-w f:\windows\system32\drivers\fidbox2.idx
2009-03-23 11:46 --------- d-----w f:\program files\Steam
2009-03-23 11:46 --------- d-----w f:\documents and settings\user\Application Data\Xfire
2009-03-23 11:40 49,242 --sh--r F:\RavMon.exe
2009-03-06 17:50 --------- d-----w f:\documents and settings\user\Application Data\Paltalk
2009-03-06 17:48 --------- d-----w f:\program files\Paltalk Messenger
2009-03-03 21:03 --------- d-----w f:\documents and settings\user\Application Data\Apple Computer
2009-02-21 17:34 201,816 ----a-w f:\windows\system32\PnkBstrB.exe
2009-02-21 17:34 137,992 ----a-w f:\windows\system32\drivers\PnkBstrK.sys
2009-02-17 15:29 --------- d-----w f:\program files\Total Video Converter
2009-02-15 18:24 --------- d-----w f:\program files\Google
2009-02-13 21:09 --------- d-----w f:\documents and settings\user\Application Data\OpenOffice.org
2009-02-13 12:08 --------- d-----w f:\program files\No-IP
2009-02-09 11:46 --------- d-----w f:\program files\TechSmith
2009-02-09 11:46 --------- d-----w f:\documents and settings\All Users\Application Data\TechSmith
2009-02-09 11:44 --------- d-----w f:\program files\Common Files\Wise Installation Wizard
2009-02-08 11:10 --------- d--h--w f:\program files\InstallShield Installation Information
2009-02-08 11:07 --------- d-----w f:\program files\Visicron
2009-02-08 11:07 --------- d-----w f:\program files\icuii
2009-02-08 10:31 --------- d-----w f:\program files\AloeCam22
2009-02-08 10:29 --------- d-----w f:\program files\ChatStat Technologies
2009-02-07 20:05 --------- d-----w f:\program files\Opera
2009-02-04 11:32 --------- d-----w f:\program files\OpenOffice.org 3
2009-02-04 11:32 --------- d-----w f:\program files\JRE
2009-01-31 19:19 --------- d-----w f:\program files\Commander
2009-01-27 19:24 --------- d-----w f:\program files\DirectVobSub
2009-01-27 11:02 720,896 ----a-w f:\windows\iun6002.exe
2009-01-14 11:11 66,872 ----a-w f:\windows\system32\PnkBstrA.exe
2008-11-21 10:56 47,360 ----a-w f:\documents and settings\user\Application Data\pcouffin.sys
2008-11-20 18:49 87,608 ----a-w f:\documents and settings\user\Application Data\ezpinst.exe
2006-05-03 09:06 163,328 --sh--r f:\windows\system32\flvDX.dll
2007-02-21 10:47 31,232 --sh--r f:\windows\system32\msfDX.dll
2008-03-16 12:30 216,064 --sh--r f:\windows\system32\nbDX.dll
.
(((((((((((((((((((((((((((((   [EMAIL="snapshot@2008-11-17_23.23.56.35"]snapshot@2008-11-17_23.23.56.35[/EMAIL]   )))))))))))))))))))))))))))))))))))))))))
.
+ 2004-08-04 12:00:00 2,804,224 -c----w f:\windows\$MSI31Uninstall_KB893803v2$\msi.dll
+ 2004-08-04 12:00:00 77,312 -c----w f:\windows\$MSI31Uninstall_KB893803v2$\msiexec.exe
+ 2004-08-04 12:00:00 331,264 -c----w f:\windows\$MSI31Uninstall_KB893803v2$\msihnd.dll
+ 2004-08-04 12:00:00 884,736 -c----w f:\windows\$MSI31Uninstall_KB893803v2$\msimsg.dll
+ 2004-08-04 12:00:00 44,032 -c----w f:\windows\$MSI31Uninstall_KB893803v2$\msisip.dll
+ 2005-05-04 11:45:26 209,632 -c----w f:\windows\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe
+ 2005-05-04 11:45:28 371,936 -c----w f:\windows\$MSI31Uninstall_KB893803v2$\spuninst\updspapi.dll
+ 2009-02-08 10:12:44 68,608 ----a-w f:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2009-02-08 10:12:49 72,192 ----a-w f:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2009-02-08 10:12:49 4,308,992 ----a-w f:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2009-02-08 10:12:50 482,304 ----a-w f:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2009-02-08 10:12:47 2,878,976 ----a-w f:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2009-02-08 10:12:42 258,048 ----a-w f:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2009-02-08 10:12:42 114,176 ----a-w f:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2009-02-08 10:12:52 260,096 ----a-w f:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2009-02-08 10:12:45 5,025,792 ----a-w f:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2009-02-08 10:12:43 10,752 ----a-w f:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2009-02-08 10:12:41 503,808 ----a-w f:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2009-02-08 10:12:42 13,312 ----a-w f:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2009-02-08 10:12:48 8,192 ----a-w f:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2009-02-08 10:12:49 36,864 ----a-w f:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2009-02-08 10:12:49 5,632 ----a-w f:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2009-02-08 10:12:42 413,696 ----a-w f:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-02-08 10:12:43 36,864 ----a-w f:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2009-02-08 10:12:43 647,168 ----a-w f:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2009-02-08 10:12:43 73,728 ----a-w f:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2009-02-08 10:12:42 745,472 ----a-w f:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2009-02-08 10:12:53 110,592 ----a-w f:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2009-02-08 10:12:53 372,736 ----a-w f:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2009-02-08 10:12:41 28,672 ----a-w f:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2009-02-08 10:12:53 667,648 ----a-w f:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2009-02-08 10:12:54 5,632 ----a-w f:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2009-02-08 10:12:41 12,800 ----a-w f:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2009-02-08 10:12:41 32,768 ----a-w f:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2009-02-08 10:12:41 7,168 ----a-w f:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2009-02-08 10:12:51 110,592 ----a-w f:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2009-02-08 10:12:44 81,920 ----a-w f:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2009-02-08 10:12:51 389,120 ----a-w f:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2009-02-08 10:12:50 716,800 ----a-w f:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2009-02-08 10:12:42 884,736 ----a-w f:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2009-02-08 10:12:48 5,050,368 ----a-w f:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2009-02-08 10:12:44 188,416 ----a-w f:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2009-02-08 10:12:44 397,312 ----a-w f:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2009-02-08 10:12:45 81,920 ----a-w f:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2009-02-08 10:12:52 700,416 ----a-w f:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2009-02-08 10:12:50 368,640 ----a-w f:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2009-02-08 10:12:52 258,048 ----a-w f:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2009-02-08 10:12:50 299,008 ----a-w f:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2009-02-08 10:12:50 131,072 ----a-w f:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2009-02-08 10:12:44 258,048 ----a-w f:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2009-02-08 10:12:45 114,688 ----a-w f:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2009-02-08 10:12:53 835,584 ----a-w f:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2009-02-08 10:12:46 86,016 ----a-w f:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2009-02-08 10:12:46 823,296 ----a-w f:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2009-02-08 10:12:46 5,316,608 ----a-w f:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2009-02-08 10:12:47 2,035,712 ----a-w f:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2009-02-08 10:12:51 3,018,752 ----a-w f:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2009-02-08 12:55:02 26,624 ----a-w f:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\[u]0[/u]6e099f77d22e040a7292fa8a54d3c1d\Accessibility.ni.dll
+ 2009-02-08 12:55:03 860,160 ----a-w f:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\2f9911d32d1df547b867c5fb1a672155\AspNetMMCExt.ni.dll
+ 2009-02-08 12:55:03 237,568 ----a-w f:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\d7b55f3449640e4e87aa0a4d5bfbc7f4\CustomMarshalers.ni.dll
+ 2009-02-08 12:55:04 15,360 ----a-w f:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\711b7160c0805a43a51f8e2553bf62cd\dfsvc.ni.exe
+ 2009-02-08 12:55:05 880,640 ----a-w f:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\324b75dde5c6ce4888b4811b76432fc6\Microsoft.Build.Engine.ni.dll
+ 2009-02-08 12:55:05 81,920 ----a-w f:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\4fd4322803b9924897fea3dccd00c31a\Microsoft.Build.Framework.ni.dll
+ 2009-02-08 12:55:08 1,691,648 ----a-w f:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\7d445432b88adc458c93154549a885a0\Microsoft.Build.Tasks.ni.dll
+ 2009-02-08 12:55:08 163,840 ----a-w f:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\85fc4c6037ce65479ca32517cab25ccf\Microsoft.Build.Utilities.ni.dll
+ 2009-02-08 12:55:10 1,724,416 ----a-w f:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\fbbf524696cc7448bf656288a6cd1185\Microsoft.VisualBasic.ni.dll
+ 2009-02-08 10:13:22 11,411,456 ----a-w f:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6f99de1acb06d4188c341aa2033871d\mscorlib.ni.dll
+ 2009-02-08 12:55:12 962,560 ----a-w f:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\38b0ee90ee62c6428efc0102b7f529a3\System.Configuration.ni.dll
+ 2009-02-08 10:14:18 6,688,768 ----a-w f:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\4e7528d2412f384da604efe7d22399d8\System.Data.ni.dll
+ 2009-02-08 12:55:13 1,716,224 ----a-w f:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\9349889e0dc1b642bc996207060bdf00\System.Deployment.ni.dll
+ 2009-02-08 10:14:34 10,723,328 ----a-w f:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\2bef9babdd399b498f309af1bde57301\System.Design.ni.dll
+ 2009-02-08 12:55:16 512,000 ----a-w f:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\8e16aec64d6b5c4ab8ebe457a0f4eb4c\System.DirectoryServices.Protocols.ni.dll
+ 2009-02-08 12:55:15 1,220,608 ----a-w f:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\9bc9640b5897044481d752183c1929d8\System.DirectoryServices.ni.dll
+ 2009-02-08 10:13:40 229,376 ----a-w f:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\5d6b00c2c8470546a6a166339d1120ef\System.Drawing.Design.ni.dll
+ 2009-02-08 10:13:43 1,626,112 ----a-w f:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\295fb57c02e3774484e64f7bdf2ba7de\System.Drawing.ni.dll
+ 2009-02-08 12:55:17 659,456 ----a-w f:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\fcb7885759dfe342b05034a19fd34700\System.EnterpriseServices.ni.dll
+ 2009-02-08 12:55:17 294,912 ----a-w f:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\fcb7885759dfe342b05034a19fd34700\System.EnterpriseServices.Wrapper.dll
+ 2009-02-08 12:55:18 729,088 ----a-w f:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\6e0813fc6201d64190780c9f11906944\System.Security.ni.dll
+ 2009-02-08 12:55:19 684,032 ----a-w f:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\c43b84c2a1a7b843bb43939df40e156e\System.Transactions.ni.dll
+ 2009-02-08 12:55:41 2,310,144 ----a-w f:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\4b34cfe404249b4fae7aeda00c027466\System.Web.Mobile.ni.dll
+ 2009-02-08 12:55:42 237,568 ----a-w f:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\4f40c5a718a8274486b041c3ec0b0030\System.Web.RegularExpressions.ni.dll
+ 2009-02-08 12:55:44 1,945,600 ----a-w f:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\b60f31956c66b240b82c738ac15685e6\System.Web.Services.ni.dll
+ 2009-02-08 12:55:37 11,808,768 ----a-w f:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\28005139050acd48b0acbd9de1e4d75a\System.Web.ni.dll
+ 2009-02-08 10:13:59 13,107,200 ----a-w f:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\[u]0[/u]9325078fd250248b3e3cf936520426b\System.Windows.Forms.ni.dll
+ 2009-02-08 10:14:07 5,640,192 ----a-w f:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9b3ded57c7ce6849a29eb50b62755e26\System.Xml.ni.dll
+ 2009-02-08 10:13:37 8,093,696 ----a-w f:\windows\assembly\NativeImages_v2.0.50727_32\System\3b74a0e5f2acd647be78a275899c912d\System.ni.dll
+ 2005-06-13 12:50:22 397,312 ----a-w f:\windows\Downloaded Program Files\imcv1.dll
+ 2009-01-11 12:36:54 102,400 ----a-r f:\windows\Installer\{318AB667-3230-41B5-A617-CB3BF748D371}\iTunesIco.exe
+ 2009-02-09 11:47:28 609,792 ----a-r f:\windows\Installer\{59991D18-A988-45AB-B1BF-5ADE6E64CD3F}\Icon59991D183.exe
+ 2009-01-11 12:34:27 27,136 ----a-r f:\windows\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe
+ 2009-01-11 12:36:06 86,016 ----a-r f:\windows\Installer\{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}\PrntWzrdIco.exe
- 2008-10-28 10:14:07 1,165,584 ----a-r f:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2008-12-24 13:57:30 1,165,584 ----a-r f:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
- 2008-10-28 10:14:07 20,240 ----a-r f:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-12-24 13:57:30 20,240 ----a-r f:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
- 2008-10-28 10:14:07 159,504 ----a-r f:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2008-12-24 13:57:30 159,504 ----a-r f:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
- 2008-10-28 10:14:07 184,080 ----a-r f:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2008-12-24 13:57:30 184,080 ----a-r f:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2008-10-28 10:14:07 217,864 ----a-r f:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2008-12-24 13:57:30 217,864 ----a-r f:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2008-10-28 10:14:07 18,704 ----a-r f:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-12-24 13:57:30 18,704 ----a-r f:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2008-10-28 10:14:07 35,088 ----a-r f:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2008-12-24 13:57:30 35,088 ----a-r f:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-10-28 10:14:07 845,584 ----a-r f:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2008-12-24 13:57:30 845,584 ----a-r f:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2008-10-28 10:14:07 922,384 ----a-r f:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2008-12-24 13:57:30 922,384 ----a-r f:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2008-10-28 10:14:07 272,648 ----a-r f:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2008-12-24 13:57:30 272,648 ----a-r f:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2008-10-28 10:14:07 888,080 ----a-r f:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2008-12-24 13:57:30 888,080 ----a-r f:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2008-10-28 10:14:07 1,172,240 ----a-r f:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2008-12-24 13:57:30 1,172,240 ----a-r f:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2008-10-28 10:08:34 217,864 ----a-r f:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
+ 2008-12-24 13:56:20 217,864 ----a-r f:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
+ 2009-02-04 11:33:51 7,424,000 ----a-r f:\windows\Installer\{F44DA61E-720D-4E79-871F-F6E628B33242}\soffice.exe
+ 2006-04-12 06:47:22 217,073 ----a-w f:\windows\meta4.exe
+ 2005-09-23 04:28:52 72,704 ----a-w f:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2005-09-23 04:29:04 5,120 ----a-w f:\windows\Microsoft.NET\Framework\sbs_diasymreader.dll
+ 2005-09-23 04:29:04 5,120 ----a-w f:\windows\Microsoft.NET\Framework\sbs_iehost.dll
+ 2005-09-23 04:29:04 5,120 ----a-w f:\windows\Microsoft.NET\Framework\sbs_microsoft.jscript.dll
+ 2005-09-23 04:29:04 5,632 ----a-w f:\windows\Microsoft.NET\Framework\sbs_microsoft.vsa.vb.codedomprocessor.dll
+ 2005-09-23 04:29:04 5,120 ----a-w f:\windows\Microsoft.NET\Framework\sbs_mscordbi.dll
+ 2005-09-23 04:29:04 5,120 ----a-w f:\windows\Microsoft.NET\Framework\sbs_mscorrc.dll
+ 2005-09-23 04:29:04 5,120 ----a-w f:\windows\Microsoft.NET\Framework\sbs_mscorsec.dll
+ 2005-09-23 04:29:04 5,120 ----a-w f:\windows\Microsoft.NET\Framework\sbs_system.configuration.install.dll
+ 2005-09-23 04:29:04 5,120 ----a-w f:\windows\Microsoft.NET\Framework\sbs_system.data.dll
+ 2005-09-23 04:29:04 5,120 ----a-w f:\windows\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll
+ 2005-09-23 04:29:04 5,120 ----a-w f:\windows\Microsoft.NET\Framework\sbs_VsaVb7rt.dll
+ 2005-09-23 04:29:04 5,120 ----a-w f:\windows\Microsoft.NET\Framework\sbs_wminet_utils.dll
+ 2005-09-23 04:28:52 7,680 ----a-w f:\windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2005-09-23 04:28:56 7,680 ----a-w f:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2005-09-23 04:28:58 7,680 ----a-w f:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2005-09-23 04:28:56 7,680 ----a-w f:\windows\Microsoft.NET\Framework\SharedReg12.dll
+ 2005-09-23 04:28:52 86,528 ----a-w f:\windows\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
+ 2005-09-23 04:28:36 18,944 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2005-09-23 04:28:42 136,192 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
+ 2005-09-23 04:28:44 4,608 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
+ 2005-09-23 04:29:04 183,808 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
+ 2005-09-23 04:28:28 208,896 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
+ 2005-09-23 04:28:56 10,752 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
+ 2005-09-23 04:28:58 138,240 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
+ 2005-09-23 04:28:36 87,552 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
+ 2005-09-23 04:28:58 55,488 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2005-09-23 04:28:32 36,864 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2005-09-23 04:28:32 10,752 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
+ 2005-09-23 04:28:32 8,192 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
+ 2005-09-23 04:28:32 23,552 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2005-09-23 04:28:32 70,656 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2005-09-23 04:28:32 13,824 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
+ 2005-09-23 04:28:32 26,824 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
+ 2005-09-23 04:28:32 106,496 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2005-09-23 04:28:32 29,896 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2005-09-23 04:28:32 29,888 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2005-09-23 04:28:32 503,808 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
+ 2005-09-23 04:28:56 106,496 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2005-09-23 04:28:56 88,576 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2005-09-23 04:28:42 76,984 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2005-09-23 04:28:42 1,144,832 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
+ 2005-09-23 04:28:42 13,312 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
+ 2005-09-23 04:28:58 17,920 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
+ 2005-09-23 04:28:56 68,608 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
+ 2005-09-23 04:28:44 31,936 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
+ 2005-09-23 04:28:38 52,736 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
+ 2005-09-23 04:28:38 4,608 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2005-09-23 04:29:12 547,840 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
+ 2005-09-23 04:28:56 788,992 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
+ 2005-09-23 04:28:50 9,216 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
+ 2005-09-23 04:28:56 9,728 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2005-09-23 04:28:56 8,192 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
+ 2005-09-23 04:28:56 36,864 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
+ 2005-09-23 04:28:56 5,632 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
+ 2005-09-23 04:28:56 224,952 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2005-09-23 04:28:56 28,672 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
+ 2005-09-23 04:28:56 55,296 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
+ 2005-09-23 04:28:56 72,192 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
+ 2005-09-23 04:28:48 40,960 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
+ 2005-09-23 04:01:16 609,472 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
+ 2005-09-23 03:29:48 80,896 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1025.dll
+ 2005-09-23 03:32:24 80,896 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1028.dll
+ 2005-09-23 03:34:10 82,944 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1029.dll
+ 2005-09-23 03:34:12 81,920 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1030.dll
+ 2005-09-23 03:34:44 85,504 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1031.dll
+ 2005-09-23 03:36:24 87,552 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1032.dll
+ 2005-09-23 00:46:14 80,896 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1033.dll
+ 2005-09-23 03:38:26 81,408 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1035.dll
+ 2005-09-23 03:38:52 86,016 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1036.dll
+ 2005-09-23 03:40:30 80,896 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1037.dll
+ 2005-09-23 03:40:32 83,968 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1038.dll
+ 2005-09-23 03:40:56 84,480 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1040.dll
+ 2005-09-23 03:42:58 80,896 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1041.dll
+ 2005-09-23 03:44:58 80,896 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1042.dll
+ 2005-09-23 03:46:38 83,456 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1043.dll
+ 2005-09-23 03:46:38 81,920 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1044.dll
+ 2005-09-23 03:46:40 83,456 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1045.dll
+ 2005-09-23 03:47:04 82,432 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1046.dll
+ 2005-09-23 03:47:30 82,432 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1049.dll
+ 2005-09-23 03:47:32 81,920 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1053.dll
+ 2005-09-23 03:47:32 80,896 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1055.dll
+ 2005-09-23 03:30:18 80,896 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.2052.dll
+ 2005-09-23 03:47:06 84,480 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.2070.dll
+ 2005-09-23 03:29:50 80,896 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.3076.dll
+ 2005-09-23 03:36:48 85,504 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.3082.dll
+ 2005-09-23 04:57:06 245,408 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\unicows.dll
+ 2005-09-23 04:28:48 413,696 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2005-09-23 04:28:48 36,864 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
+ 2005-09-23 04:28:48 647,168 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2005-09-23 04:28:48 73,728 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
+ 2005-09-23 04:28:48 745,472 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2005-09-23 04:29:10 110,592 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2005-09-23 04:29:10 372,736 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
+ 2005-09-23 04:29:08 667,648 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
+ 2005-09-23 04:28:30 28,672 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2005-09-23 04:29:10 5,632 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
+ 2005-09-23 04:28:30 32,768 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
+ 2005-09-23 04:28:30 12,800 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2005-09-23 04:28:30 7,168 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
+ 2005-09-23 04:28:32 87,552 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
+ 2005-09-23 04:28:48 69,632 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
+ 2005-09-23 04:28:56 800,768 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2005-09-23 04:28:56 73,216 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
+ 2005-09-23 04:28:56 288,768 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
+ 2005-09-23 04:28:56 36,864 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
+ 2005-09-23 04:28:56 326,144 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2005-09-23 04:28:56 81,408 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2005-09-23 04:28:56 4,308,992 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2005-09-23 04:28:56 102,400 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2005-09-23 04:29:00 330,752 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
+ 2005-09-23 04:28:56 67,072 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
+ 2005-09-23 04:28:50 9,216 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
+ 2005-09-23 04:28:56 226,816 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
+ 2005-09-23 04:28:56 66,240 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
+ 2005-09-23 04:28:56 10,240 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
+ 2005-09-23 04:28:50 5,615,616 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2005-09-23 04:29:00 22,528 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\[u]0[/u]409\mscorsecr.dll
+ 2005-09-23 04:28:56 96,440 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2005-09-23 04:28:56 14,848 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2005-09-23 04:28:56 78,336 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
+ 2005-09-23 04:28:50 136,192 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2005-09-23 04:28:56 53,248 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
+ 2005-09-23 04:28:56 32,768 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
+ 2005-09-23 04:29:02 59,072 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
+ 2005-09-23 04:28:58 7,680 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2005-09-23 04:28:56 107,520 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
+ 2005-09-23 04:29:00 85,504 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
+ 2005-09-23 04:28:56 377,344 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2005-09-23 04:28:56 110,592 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2005-09-23 04:28:58 389,120 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
+ 2005-09-23 04:28:56 81,920 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
+ 2005-09-23 04:28:56 2,878,976 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
+ 2005-09-23 04:28:56 482,304 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
+ 2005-09-23 04:28:56 716,800 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2005-09-23 04:28:38 884,736 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2005-09-23 04:28:56 5,050,368 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2005-09-23 04:28:56 397,312 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
+ 2005-09-23 04:28:56 188,416 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2005-09-23 04:28:56 3,018,752 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2005-09-23 04:28:56 81,920 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
+ 2005-09-23 04:28:56 700,416 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2005-09-23 04:28:56 258,048 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2005-09-23 04:28:56 47,616 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
+ 2005-09-23 04:28:56 114,176 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
+ 2005-09-23 04:28:56 368,640 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
+ 2005-09-23 04:28:56 258,048 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
+ 2005-09-23 04:28:56 299,008 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
+ 2005-09-23 04:28:56 131,072 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
+ 2005-09-23 04:28:56 258,048 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2005-09-23 04:28:56 114,688 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
+ 2005-09-23 04:28:56 260,096 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
+ 2005-09-23 04:28:56 5,025,792 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2005-09-23 04:28:56 835,584 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
+ 2005-09-23 04:28:56 86,016 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll
+ 2005-09-23 04:28:56 823,296 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
+ 2005-09-23 04:28:56 5,316,608 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2005-09-23 04:28:56 2,035,712 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2005-09-23 04:28:56 71,680 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
+ 2005-09-23 04:29:06 1,140,920 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2005-09-23 04:28:30 1,306,624 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
+ 2005-09-23 04:28:32 298,496 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2005-09-23 04:28:56 28,160 ----a-w f:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
+ 2006-04-05 05:09:16 66,560 ----a-w f:\windows\MOTA113.exe
- 2000-08-31 05:00:00 28,672 ----a-w f:\windows\NIRCMD.exe
+ 2000-08-31 05:00:00 29,696 ----a-w f:\windows\NIRCMD.exe
- 2008-10-23 15:26:11 473,600 ----a-w f:\windows\PaltalkScene\uninstall.exe
+ 2009-03-06 17:48:16 473,600 ----a-w f:\windows\PaltalkScene\uninstall.exe
+ 2008-11-21 12:26:38 778,240 ----a-w f:\windows\system32\ALOAudioCompress2.dll
+ 2008-11-21 12:26:38 2,846,720 ----a-w f:\windows\system32\ALOAudioCompress3.dll
+ 2008-11-21 12:26:38 877,568 ----a-w f:\windows\system32\ALOAudioFile2.dll
+ 2008-11-21 12:26:38 90,112 ----a-w f:\windows\system32\ALOAudioFormatSettings3.dll
+ 2008-11-21 12:26:38 382,464 ----a-w f:\windows\system32\ALOAVIFile.dll
+ 2008-11-21 12:26:38 249,856 ----a-w f:\windows\system32\ALOQuickTimeFile.dll
+ 2008-11-21 12:26:39 780,288 ----a-w f:\windows\system32\ALOVideoCompress.dll
+ 2008-11-21 12:26:39 495,104 ----a-w f:\windows\system32\ALOVideoCoreM.dll
+ 2008-11-21 12:26:39 188,416 ----a-w f:\windows\system32\ALOVideoFile.dll
+ 2008-11-21 12:26:39 403,968 ----a-w f:\windows\system32\ALOWMAFile2.dll
+ 2008-11-21 12:26:39 215,552 ----a-w f:\windows\system32\ALOWMVFile.dll
+ 2003-03-19 03:05:48 89,088 ----a-w f:\windows\system32\atl71.dll
- 2006-09-16 16:44:28 314,368 ----a-w f:\windows\system32\avisynth.dll
+ 2007-05-17 14:30:48 318,976 ----a-w f:\windows\system32\avisynth.dll
+ 2005-07-14 09:31:20 27,648 ----a-w f:\windows\system32\AVSredirect.dll
- 2008-10-23 15:36:33 1,245,184 ----a-w f:\windows\system32\bkll.dll
+ 2008-11-21 12:26:39 1,245,184 ----a-w f:\windows\system32\bkll.dll
- 2004-08-04 12:00:00 66,560 ----a-w f:\windows\system32\cdm.dll
+ 2008-10-16 11:09:44 92,696 ----a-w f:\windows\system32\cdm.dll
+ 2005-02-05 16:45:26 2,222,800 ----a-w f:\windows\system32\d3dx9_24.dll
+ 2005-03-18 14:19:58 2,337,488 ----a-w f:\windows\system32\d3dx9_25.dll
+ 2005-05-26 12:34:52 2,297,552 ----a-w f:\windows\system32\d3dx9_26.dll
+ 2005-07-22 16:59:04 2,319,568 ----a-w f:\windows\system32\d3dx9_27.dll
+ 2006-02-03 05:43:16 2,332,368 ----a-w f:\windows\system32\d3dx9_29.dll
+ 2008-12-06 10:41:02 410,984 ----a-w f:\windows\system32\deploytk.dll
+ 2005-09-23 04:28:38 83,456 ----a-w f:\windows\system32\dfshim.dll
- 2004-08-04 12:00:00 66,560 -c--a-w f:\windows\system32\dllcache\cdm.dll
+ 2008-10-16 11:09:44 92,696 -c--a-w f:\windows\system32\dllcache\cdm.dll
+ 2004-08-03 19:58:36 14,848 -c--a-w f:\windows\system32\dllcache\kbdhid.sys
- 2004-08-04 12:00:00 2,804,224 -c--a-w f:\windows\system32\dllcache\msi.dll
+ 2005-05-04 11:45:32 2,890,240 -c--a-w f:\windows\system32\dllcache\msi.dll
- 2004-08-04 12:00:00 77,312 -c--a-w f:\windows\system32\dllcache\msiexec.exe
+ 2005-05-04 11:45:36 78,848 -c--a-w f:\windows\system32\dllcache\msiexec.exe
- 2004-08-04 12:00:00 331,264 -c--a-w f:\windows\system32\dllcache\msihnd.dll
+ 2005-05-04 11:45:36 271,360 -c--a-w f:\windows\system32\dllcache\msihnd.dll
- 2004-08-04 12:00:00 884,736 -c--a-w f:\windows\system32\dllcache\msimsg.dll
+ 2005-05-04 11:45:36 884,736 -c--a-w f:\windows\system32\dllcache\msimsg.dll
- 2004-08-04 12:00:00 44,032 -c--a-w f:\windows\system32\dllcache\msisip.dll
+ 2005-05-04 11:45:36 15,360 -c--a-w f:\windows\system32\dllcache\msisip.dll
+ 2004-08-03 20:08:48 31,616 -c--a-w f:\windows\system32\dllcache\usbccgp.sys
- 2004-08-04 12:00:00 430,592 -c--a-w f:\windows\system32\dllcache\wuapi.dll
+ 2008-10-16 11:12:20 561,688 -c--a-w f:\windows\system32\dllcache\wuapi.dll
- 2004-08-04 12:00:00 111,104 -c--a-w f:\windows\system32\dllcache\wuauclt.exe
+ 2008-10-16 11:09:44 51,224 -c--a-w f:\windows\system32\dllcache\wuauclt.exe
- 2004-08-04 12:00:00 1,134,592 -c--a-w f:\windows\system32\dllcache\wuaueng.dll
+ 2008-10-16 11:13:40 1,809,944 -c--a-w f:\windows\system32\dllcache\wuaueng.dll
- 2004-08-04 12:00:00 112,640 -c--a-w f:\windows\system32\dllcache\wucltui.dll
+ 2008-10-16 11:12:22 323,608 -c--a-w f:\windows\system32\dllcache\wucltui.dll
- 2004-08-04 12:00:00 36,864 -c--a-w f:\windows\system32\dllcache\wups.dll
+ 2008-10-16 11:08:58 34,328 -c--a-w f:\windows\system32\dllcache\wups.dll
- 2004-08-04 12:00:00 120,320 -c--a-w f:\windows\system32\dllcache\wuweb.dll
+ 2008-10-16 11:13:40 202,776 -c--a-w f:\windows\system32\dllcache\wuweb.dll
+ 2008-08-29 07:18:58 87,336 ----a-w f:\windows\system32\dns-sd.exe
+ 2008-08-29 06:53:50 61,440 ----a-w f:\windows\system32\dnssd.dll
+ 2007-07-20 09:40:44 25,930 ----a-w f:\windows\system32\drivers\FLockXP.sys
+ 2008-04-17 10:12:54 15,464 ----a-w f:\windows\system32\drivers\GEARAspiWDM.sys
+ 2004-08-03 19:58:36 14,848 ----a-w f:\windows\system32\drivers\kbdhid.sys
- 2008-11-17 10:53:24 47,360 ----a-w f:\windows\system32\drivers\pcouffin.sys
+ 2008-11-21 10:56:19 47,360 ----a-w f:\windows\system32\drivers\pcouffin.sys
+ 2007-05-31 09:39:50 22,656 ----a-w f:\windows\system32\drivers\RimUsb.sys
+ 2008-11-07 11:23:30 32,000 ----a-w f:\windows\system32\drivers\usbaapl.sys
+ 2004-08-03 20:08:48 31,616 ----a-w f:\windows\system32\drivers\usbccgp.sys
- 2006-09-29 10:26:22 176,165 ----a-w f:\windows\system32\drv23260.dll
+ 2006-09-29 08:26:22 176,165 ----a-w f:\windows\system32\drv23260.dll
- 2006-09-29 10:25:38 208,935 ----a-w f:\windows\system32\drv33260.dll
+ 2006-09-29 08:25:38 208,935 ----a-w f:\windows\system32\drv33260.dll
- 2006-09-29 10:24:48 217,127 ----a-w f:\windows\system32\drv43260.dll
+ 2006-09-29 08:24:48 217,127 ----a-w f:\windows\system32\drv43260.dll
+ 2008-04-17 10:12:54 107,368 -c--a-w f:\windows\system32\DRVSTORE\GEARAspiWD_D213663B6381F01E45A131159A9DEFE018321CB3\x86\GEARAspi.dll
+ 2008-04-17 10:12:54 15,464 -c--a-w f:\windows\system32\DRVSTORE\GEARAspiWD_D213663B6381F01E45A131159A9DEFE018321CB3\x86\GEARAspiWDM.sys
+ 2008-11-07 11:23:30 32,000 -c--a-w f:\windows\system32\DRVSTORE\usbaapl_246F92BBD6449C86FC3F3F28C40D59AC1F69C558\usbaapl.sys
+ 2005-06-07 12:11:02 60,416 ----a-w f:\windows\system32\dsetup.dll
- 2008-11-17 20:19:35 359,344 ----a-w f:\windows\system32\FNTCACHE.DAT
+ 2009-02-10 11:33:43 2,246,464 ----a-w f:\windows\system32\FNTCACHE.DAT
+ 2004-08-18 12:00:00 1,712,128 ----a-w f:\windows\system32\gdiplus.dll
+ 2008-04-17 10:12:54 107,368 ----a-w f:\windows\system32\GEARAspi.dll
+ 2004-01-24 21:00:00 70,656 ----a-w f:\windows\system32\i420vfw.dll
+ 2006-07-31 13:46:10 140,984 ----a-w f:\windows\system32\idmmbc.dll
+ 2008-04-25 04:23:06 6,066,176 ----a-w f:\windows\system32\ieframe.dll
- 2008-06-09 22:21:01 135,168 ----a-w f:\windows\system32\java.exe
+ 2008-12-06 10:41:03 144,792 ----a-w f:\windows\system32\java.exe
- 2008-06-09 22:21:04 135,168 ----a-w f:\windows\system32\javaw.exe
+ 2008-12-06 10:41:03 144,792 ----a-w f:\windows\system32\javaw.exe
- 2008-06-09 23:32:34 139,264 ----a-w f:\windows\system32\javaws.exe
+ 2008-12-06 10:41:03 148,888 ----a-w f:\windows\system32\javaws.exe
- 2008-10-23 15:36:31 237,568 ----a-w f:\windows\system32\lame_enc.dll
+ 2003-08-07 12:01:50 237,568 ----a-w f:\windows\system32\lame_enc.dll
+ 2008-10-05 03:24:02 3,695,008 ----a-w f:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2008-10-05 03:24:04 235,936 ----a-w f:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2008-11-21 16:45:24 84,661 ----a-w f:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2003-03-19 05:19:58 1,060,864 ----a-w f:\windows\system32\mfc71.dll
+ 2003-03-19 05:12:10 1,047,552 ----a-w f:\windows\system32\mfc71u.dll
+ 1998-06-17 21:00:00 77,824 ----a-w f:\windows\system32\MSBIND.DLL
+ 2005-09-23 04:28:52 270,848 ----a-w f:\windows\system32\mscoree.dll
+ 2005-09-23 04:28:52 150,016 ----a-w f:\windows\system32\mscorier.dll
+ 2005-09-23 04:28:52 74,240 ----a-w f:\windows\system32\mscories.dll
- 2004-08-04 12:00:00 2,804,224 ----a-w f:\windows\system32\msi.dll
+ 2005-05-04 11:45:32 2,890,240 ----a-w f:\windows\system32\msi.dll
- 2004-08-04 12:00:00 77,312 ----a-w f:\windows\system32\msiexec.exe
+ 2005-05-04 11:45:36 78,848 ----a-w f:\windows\system32\msiexec.exe
- 2004-08-04 12:00:00 331,264 ----a-w f:\windows\system32\msihnd.dll
+ 2005-05-04 11:45:36 271,360 ----a-w f:\windows\system32\msihnd.dll
- 2004-08-04 12:00:00 884,736 ----a-w f:\windows\system32\msimsg.dll
+ 2005-05-04 11:45:36 884,736 ----a-w f:\windows\system32\msimsg.dll
- 2004-08-04 12:00:00 44,032 ----a-w f:\windows\system32\msisip.dll
+ 2005-05-04 11:45:36 15,360 ----a-w f:\windows\system32\msisip.dll
- 2002-02-18 07:23:04 945,936 ----a-w f:\windows\system32\msjava.dll
+ 2008-07-31 07:16:54 947,472 ----a-w f:\windows\system32\msjava.dll
+ 2005-09-23 04:29:00 6,144 ----a-w f:\windows\system32\mui\[u]0[/u]409\mscorees.dll
+ 2005-09-23 04:28:56 32,768 ----a-w f:\windows\system32\netfxperf.dll
- 2008-10-23 18:20:57 39,992 ----a-w f:\windows\system32\perfc009.dat
+ 2009-02-08 10:14:38 59,440 ----a-w f:\windows\system32\perfc009.dat
- 2008-10-23 18:20:57 311,604 ----a-w f:\windows\system32\perfh009.dat
+ 2009-02-08 10:14:38 395,200 ----a-w f:\windows\system32\perfh009.dat
+ 2007-01-18 07:24:58 26,496 ----a-r f:\windows\system32\ReinstallBackups\[u]0[/u]013\DriverFiles\RimSerial.sys
+ 2008-10-16 11:08:58 34,328 ----a-w f:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.788\wups.dll
+ 2005-05-04 11:45:26 13,536 ------w f:\windows\system32\spmsg.dll
+ 2008-05-15 13:49:20 21,832 ----a-w f:\windows\system32\spool\drivers\w32x86\3\SNAGITD9.DLL
+ 2004-08-03 21:56:48 264,704 ----a-w f:\windows\system32\spool\drivers\w32x86\3\UNIDRV.DLL
+ 2004-08-03 21:56:48 197,120 ----a-w f:\windows\system32\spool\drivers\w32x86\3\UNIDRVUI.DLL
+ 2004-08-03 21:56:36 619,520 ----a-w f:\windows\system32\spool\drivers\w32x86\3\UNIRES.DLL
+ 2002-07-12 07:30:32 89,360 ----a-w f:\windows\system32\VB5DB.dll
- 2004-08-04 12:00:00 430,592 ----a-w f:\windows\system32\wuapi.dll
+ 2008-10-16 11:12:20 561,688 ----a-w f:\windows\system32\wuapi.dll
- 2004-08-04 12:00:00 111,104 ----a-w f:\windows\system32\wuauclt.exe
+ 2008-10-16 11:09:44 51,224 ----a-w f:\windows\system32\wuauclt.exe
- 2004-08-04 12:00:00 1,134,592 ----a-w f:\windows\system32\wuaueng.dll
+ 2008-10-16 11:13:40 1,809,944 ----a-w f:\windows\system32\wuaueng.dll
- 2004-08-04 12:00:00 112,640 ----a-w f:\windows\system32\wucltui.dll
+ 2008-10-16 11:12:22 323,608 ----a-w f:\windows\system32\wucltui.dll
- 2004-08-04 12:00:00 36,864 ----a-w f:\windows\system32\wups.dll
+ 2008-10-16 11:08:58 34,328 ----a-w f:\windows\system32\wups.dll
+ 2008-10-16 11:09:44 43,544 ----a-w f:\windows\system32\wups2.dll
- 2004-08-04 12:00:00 120,320 ----a-w f:\windows\system32\wuweb.dll
+ 2008-10-16 11:13:40 202,776 ----a-w f:\windows\system32\wuweb.dll
+ 2005-02-28 10:16:22 240,128 ----a-w f:\windows\system32\x.264.exe
+ 2006-02-03 05:41:26 14,032 ----a-w f:\windows\system32\x3daudio1_0.dll
+ 2006-02-03 05:42:06 230,096 ----a-w f:\windows\system32\xactengine2_0.dll
+ 2008-12-11 20:37:44 42,320 ----a-w f:\windows\system32\xfcodec.dll
+ 2005-12-05 15:07:30 61,136 ----a-w f:\windows\system32\xinput9_1_0.dll
+ 2004-01-24 21:00:00 70,656 ----a-w f:\windows\system32\yv12vfw.dll
+ 2009-03-24 10:03:05 16,384 ----atw f:\windows\temp\Perflib_Perfdata_574.dat
+ 2006-12-01 19:56:00 96,256 ----a-w f:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll
+ 2006-12-01 19:54:32 479,232 ----a-w f:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll
+ 2006-12-01 19:54:34 548,864 ----a-w f:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll
+ 2006-12-01 19:54:32 626,688 ----a-w f:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll
+ 2006-12-01 21:25:52 1,101,824 ----a-w f:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll
+ 2006-12-01 21:25:56 1,093,120 ----a-w f:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll
+ 2006-12-01 21:25:58 69,632 ----a-w f:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll
+ 2006-12-01 21:26:00 57,856 ----a-w f:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll
+ 2006-12-01 21:08:00 40,960 ----a-w f:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll
+ 2006-12-01 21:08:00 45,056 ----a-w f:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll
+ 2006-12-01 21:08:00 65,536 ----a-w f:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll
+ 2006-12-01 21:08:00 57,344 ----a-w f:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll
+ 2006-12-01 21:08:00 61,440 ----a-w f:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll
+ 2006-12-01 21:08:00 61,440 ----a-w f:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll
+ 2006-12-01 21:08:00 61,440 ----a-w f:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll
+ 2006-12-01 21:08:00 49,152 ----a-w f:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll
+ 2006-12-01 21:08:00 49,152 ----a-w f:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll
+ 2006-12-01 21:46:44 65,536 ----a-w f:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll
+ 2009-01-21 14:14:34 224,768 ----a-w f:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll
+ 2009-01-21 14:14:34 568,832 ----a-w f:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll
+ 2009-01-21 14:14:34 655,872 ----a-w f:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll
+ 2009-02-08 10:12:42 258,048 ----a-w f:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2009-02-08 10:12:42 114,176 ----a-w f:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2006-10-07 14:43:42 502,784 ----a-w f:\windows\x2.64.exe
.
-- Snapshot reset to current date --
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="f:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"IDMan"="f:\program files\Internet Download Manager\IDMan.exe" [2006-08-15 877056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVP"="f:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" [2008-07-29 206088]
"NvCplDaemon"="f:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"SysTrayApp"="f:\program files\IDT\WDM\sttray.exe" [2008-05-07 413696]
"SecurDisc"="f:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2007-05-15 1628208]
"RemoteControl"="f:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-12-07 30208]
"QuickTime Task"="f:\program files\QuickTime\qttask.exe" [2008-11-04 413696]
"LanguageShortcut"="f:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-05-18 49152]
"InCD"="f:\program files\Nero\Nero 7\InCD\InCD.exe" [2007-05-15 1057328]
"GrooveMonitor"="f:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
"nwiz"="nwiz.exe" [2006-10-22 f:\windows\system32\nwiz.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.ACDV"= ACDV.dll
"msacm.speexacm"= speex32.acm
"VIDC.XFR1"= xfcodec.dll
[HKLM\~\startupfolder\F:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=f:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
backup=f:\windows\pss\Adobe Gamma Loader.lnkCommon Startup
[HKLM\~\startupfolder\F:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=f:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=f:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\F:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=f:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=f:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup
[HKLM\~\startupfolder\F:^Documents and Settings^All Users^Start Menu^Programs^Startup^PalTalk.lnk]
path=f:\documents and settings\All Users\Start Menu\Programs\Startup\PalTalk.lnk
backup=f:\windows\pss\PalTalk.lnkCommon Startup
[HKLM\~\startupfolder\F:^Documents and Settings^All Users^Start Menu^Programs^Startup^SnagIt 9.lnk]
path=f:\documents and settings\All Users\Start Menu\Programs\Startup\SnagIt 9.lnk
backup=f:\windows\pss\SnagIt 9.lnkCommon Startup
[HKLM\~\startupfolder\F:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=f:\documents and settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=f:\windows\pss\WinZip Quick Pick.lnkCommon Startup
[HKLM\~\startupfolder\F:^Documents and Settings^user^Start Menu^Programs^Startup^Xfire.lnk]
path=f:\documents and settings\user\Start Menu\Programs\Startup\Xfire.lnk
backup=f:\windows\pss\Xfire.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
--a------ 2007-01-02 00:22 3739648 f:\program files\Google\Google Talk\googletalk.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
--a------ 2006-08-15 20:11 877056 f:\program files\Internet Download Manager\IDMan.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-11-20 13:20 290088 f:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2007-03-01 15:57 153136 f:\program files\Common Files\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
--a------ 2008-11-11 22:29 1410296 f:\program files\Steam\Steam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--------- 2008-10-23 18:42 185896 f:\program files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"f:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"f:\\Program Files\\MSN Messenger\\livecall.exe"=
"f:\\Program Files\\Skype\\Phone\\Skype.exe"=
"f:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"f:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"f:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"f:\\Program Files\\uTorrent\\uTorrent.exe"=
"f:\\Program Files\\Steam\\SteamApps\\wldabumt3b\\counter-strike source\\hl2.exe"=
"f:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"f:\\Program Files\\iTunes\\iTunes.exe"=
"f:\\Program Files\\Electronic Arts\\Battlefield 2142\\BF2142.exe"=
"f:\\Program Files\\Xfire\\xfire.exe"=
"f:\\Documents and Settings\\user\\Application Data\\Thinstall\\CuteFTP 8 Professional\\4000001d000002i\\ftpte.exe"=
"f:\\Program Files\\Internet Download Manager\\IDMan.exe"=
"f:\\Program Files\\Camfrog\\Camfrog Video Chat\\Camfrog Video Chat.exe"=
"f:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"f:\\Program Files\\Paltalk Messenger\\paltalk.exe"=
R0 klbg;Kaspersky Lab Boot Guard Driver;f:\windows\system32\drivers\klbg.sys [2008-01-29 32784]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;f:\windows\system32\drivers\klim5.sys [2008-04-30 24592]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;f:\windows\system32\drivers\ManyCam.sys [2008-01-14 21632]
R3 PhTVTune;Philips WDM TV Tuner;f:\windows\system32\drivers\PhTVTune.sys [2008-10-23 14624]
S3 PAC207;VideoCAM GF112;f:\windows\system32\drivers\PFC027.sys [2005-04-08 162176]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5879f629-c2ae-11dd-8fdb-001676690ef9}]
\Shell\AutoRun\command - e:\wd_windows_tools\WDSetup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{72dd47ab-b7ad-11dd-8fd0-001676690ef9}]
\Shell\AutoRun\command - E:\WDSetup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{72dd47cb-b7ad-11dd-8fd0-001676690ef9}]
\Shell\AutoRun\command - e:\wd_windows_tools\WDSetup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a3980c99-b181-11dd-8fcc-001676690ef9}]
\Shell\AutoRun\command - e:\wd_windows_tools\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a3980c9a-b181-11dd-8fcc-001676690ef9}]
\Shell\AutoRun\command - e:\wd_windows_tools\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a3980cc0-b181-11dd-8fcc-001676690ef9}]
\Shell\AutoRun\command - e:\wd_windows_tools\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a6742733-e601-11dd-8ff0-001676690ef9}]
\Shell\Auto\command - auto.exe
\Shell\AutoRun\command - auto.exe
\Shell\Open(&0)\command - Recycled\ctfmon.exe
.
- - - - ORPHANS REMOVED - - - -
WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)

.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = local
IE: Download All Links with IDM - f:\program files\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - f:\program files\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - f:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: Microsoft XML Parser for Java - [URL]file://f:\windows\Java\classes\xmldso.cab[/URL]
FF - ProfilePath - f:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\afzaoj6i.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1959912&SearchSource=3&q=
FF - prefs.js: browser.search.selectedEngine - saleh.alqhtani Customized Web Search
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [URL]http://www.gmer.net[/URL]
Rootkit scan 2009-03-24 21:48:33
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...  
scanning hidden autostart entries ... 
scanning hidden files ...  
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{49aec333-7c35-4776-a171-c4191373f5d5}]
@Denied: (Full) (Everyone)
"Model"=dword:0000001f
"Therad"=dword:00000011
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):c9,d4,b5,10,ec,0d,75,4e,ab,64,5a,a2,df,e5,dd,95,e9,43,74,bc,38,
   be,02,d1,8d,6a,d2,2d,c1,e7,df,f4,bd,85,88,1f,26,8b,c0,bc,00,00,00,00,00,00,\
.
Completion time: 2009-03-24 21:50:17
ComboFix-quarantined-files.txt  2009-03-24 18:50:14
ComboFix2.txt  2008-11-17 20:24:29
Pre-Run: 18,255,609,856 bytes free
Post-Run: 18,811,518,976 bytes free
672

Corporation · 24 مارس 2009

ارجع هات تقرير هايججاك بدون كود ياغالي ,,

Ali-911 · 24 مارس 2009

تفضل

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:59:14 PM, on 3/24/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
F:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
F:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
F:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
F:\Program Files\Bonjour\mDNSResponder.exe
F:\Program Files\Nero\Nero 7\InCD\InCD.exe
F:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
F:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
F:\Program Files\Java\jre6\bin\jqs.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
F:\WINDOWS\system32\nvsvc32.exe
F:\WINDOWS\system32\PnkBstrA.exe
F:\WINDOWS\system32\PnkBstrB.exe
F:\Program Files\CyberLink\Shared files\RichVideo.exe
f:\program files\idt\intelxpv_v83\wdm\STacSV.exe
F:\WINDOWS\System32\PAStiSvc.exe
F:\WINDOWS\system32\svchost.exe
F:\Program Files\MSN Messenger\usnsvc.exe
F:\WINDOWS\System32\svchost.exe
F:\Program Files\Internet Download Manager\IDMan.exe
F:\WINDOWS\system32\wuauclt.exe
F:\WINDOWS\explorer.exe
F:\Program Files\Internet Explorer\IEXPLORE.EXE
F:\Program Files\Mozilla Firefox\firefox.exe
F:\Program Files\MSN Messenger\msnmsgr.exe
F:\Documents and Settings\user\Desktop\Zyzoom_HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - F:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - F:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - F:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - F:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - F:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - F:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O4 - HKLM\..\Run: [AVP] "F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [SecurDisc] F:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [RemoteControl] "F:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LanguageShortcut] "F:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [InCD] F:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [GrooveMonitor] "F:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] F:\Program Files\Internet Download Manager\IDMan.exe /onboot
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Download All Links with IDM - F:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - F:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - F:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - F:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - F:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - F:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - F:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - F:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - F:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - F:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - F:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - F:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - F:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - F:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - F:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - f:\program files\idt\intelxpv_v83\wdm\STacSV.exe
O23 - Service: STI Simulator - Unknown owner - F:\WINDOWS\System32\PAStiSvc.exe
--
End of file - 7669 bytes

Ali-911 · 24 مارس 2009

صارت مشكله ثانيه باللغه ما يكتب عربي وانجليزي يا عربي يا انجليزي ولا عرفت اضبطه من الكنترول بنل

Ali-911 · 24 مارس 2009

للآن المشكله لم تذهب بل ظهر مشاكل جديده !

زمان الصمت · 24 مارس 2009

تأكد من الكيبورد واعدادات اللغه

Ali-911 · 24 مارس 2009

تأكدت وكنت اسويها دايم عادي بس الحين ودري وش فيها !

زمان الصمت · 25 مارس 2009

لماذا لم ترفع التقرير يا أخي وارفعه لو سمحت بدون كود

Ali-911 · 25 مارس 2009

ياخي رفعت التقرير بدون كود فوق

Ali-911 · 25 مارس 2009

مساعده يا اخوان !

MAAX · 25 مارس 2009

maax قال:
اهلاا بك
التقرير سليم

عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة

اشبك الايبود بالجهاز واعد هذا الفحص السابق

ومشكلة اللغة ما فهمت عليك
ياليت توضح ويفضل بالصور

Ali-911 · 25 مارس 2009

maax قال:
اشبك الايبود بالجهاز واعد هذا الفحص السابق

ومشكلة اللغة ما فهمت عليك
ياليت توضح ويفضل بالصور

المشكله لما احط اللغه عربي وانجليزي يجي اللغه وحده الي محددها انا واللغه الثانيه ما اقدر اغير من الكيبورد واكتب فيها !

فهمتني ولا لا ؟؟

MAAX · 25 مارس 2009

من خيارات اللغة تأكد من وجود الخيارات حسب الصورة

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Ali-911 · 25 مارس 2009

مشكله اللغه راحت بعد ما سويت الفحص

والتقرير هنا

ComboFix 09-03-23.01 - user 2009-03-25 15:54:00.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.966.1033.18.2046.1381 [GMT 3:00]
Running from: f:\documents and settings\user\Desktop\ComboFix.exe
AV: Kaspersky Anti-Virus *On-access scanning disabled* (Outdated)
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2009-02-25 to 2009-03-25 )))))))))))))))))))))))))))))))
.
2009-03-25 14:56 . 2009-03-25 14:56 <DIR> d-------- f:\program files\Malwarebytes' Anti-Malware
2009-03-25 14:56 . 2009-03-25 14:56 <DIR> d-------- f:\documents and settings\user\Application Data\Malwarebytes
2009-03-25 14:56 . 2009-03-25 14:56 <DIR> d-------- f:\documents and settings\All Users\Application Data\Malwarebytes
2009-03-25 14:56 . 2009-02-11 10:19 38,496 --a------ f:\windows\system32\drivers\mbamswissarmy.sys
2009-03-25 14:56 . 2009-02-11 10:19 15,504 --a------ f:\windows\system32\drivers\mbam.sys
2009-03-21 14:42 . 2009-03-21 14:42 <DIR> d-------- f:\documents and settings\user\Application Data\Research In Motion
2009-03-21 14:42 . 2009-03-21 14:57 256 --a------ f:\windows\system32\pool.bin
2009-03-21 14:41 . 2007-01-18 10:24 26,496 -ra------ f:\windows\system32\drivers\RimSerial.sys
2009-03-21 14:40 . 2009-03-21 14:40 <DIR> d-------- f:\program files\Common Files\Research In Motion
2009-03-13 15:01 . 2009-03-13 15:01 <DIR> d-------- f:\program files\GameHouse
2009-03-08 21:36 . 2009-03-08 21:36 <DIR> d--h----- f:\windows\PIF
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-25 12:56 --------- d-----w f:\documents and settings\user\Application Data\DMCache
2009-03-25 12:54 --------- d-----w f:\documents and settings\user\Application Data\uTorrent
2009-03-24 10:03 --------- d-----w f:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-03-24 10:01 876,576 --sha-w f:\windows\system32\drivers\fidbox2.dat
2009-03-24 10:01 6,461,984 --sha-w f:\windows\system32\drivers\fidbox.dat
2009-03-24 10:01 57,852 --sha-w f:\windows\system32\drivers\fidbox.idx
2009-03-24 10:01 10,364 --sha-w f:\windows\system32\drivers\fidbox2.idx
2009-03-23 11:46 --------- d-----w f:\program files\Steam
2009-03-23 11:46 --------- d-----w f:\documents and settings\user\Application Data\Xfire
2009-03-23 11:40 49,242 --sh--r F:\RavMon.exe
2009-03-06 17:50 --------- d-----w f:\documents and settings\user\Application Data\Paltalk
2009-03-06 17:48 --------- d-----w f:\program files\Paltalk Messenger
2009-03-03 21:03 --------- d-----w f:\documents and settings\user\Application Data\Apple Computer
2009-02-21 17:34 201,816 ----a-w f:\windows\system32\PnkBstrB.exe
2009-02-21 17:34 137,992 ----a-w f:\windows\system32\drivers\PnkBstrK.sys
2009-02-17 15:29 --------- d-----w f:\program files\Total Video Converter
2009-02-15 18:24 --------- d-----w f:\program files\Google
2009-02-13 21:09 --------- d-----w f:\documents and settings\user\Application Data\OpenOffice.org
2009-02-13 12:08 --------- d-----w f:\program files\No-IP
2009-02-09 11:46 --------- d-----w f:\program files\TechSmith
2009-02-09 11:46 --------- d-----w f:\documents and settings\All Users\Application Data\TechSmith
2009-02-09 11:44 --------- d-----w f:\program files\Common Files\Wise Installation Wizard
2009-02-08 11:10 --------- d--h--w f:\program files\InstallShield Installation Information
2009-02-08 11:07 --------- d-----w f:\program files\Visicron
2009-02-08 11:07 --------- d-----w f:\program files\icuii
2009-02-08 10:31 --------- d-----w f:\program files\AloeCam22
2009-02-08 10:29 --------- d-----w f:\program files\ChatStat Technologies
2009-02-07 20:05 --------- d-----w f:\program files\Opera
2009-02-04 11:32 --------- d-----w f:\program files\OpenOffice.org 3
2009-02-04 11:32 --------- d-----w f:\program files\JRE
2009-01-31 19:19 --------- d-----w f:\program files\Commander
2009-01-27 19:24 --------- d-----w f:\program files\DirectVobSub
2009-01-27 11:02 720,896 ----a-w f:\windows\iun6002.exe
2009-01-14 11:11 66,872 ----a-w f:\windows\system32\PnkBstrA.exe
2008-11-21 10:56 47,360 ----a-w f:\documents and settings\user\Application Data\pcouffin.sys
2008-11-20 18:49 87,608 ----a-w f:\documents and settings\user\Application Data\ezpinst.exe
2006-05-03 09:06 163,328 --sh--r f:\windows\system32\flvDX.dll
2007-02-21 10:47 31,232 --sh--r f:\windows\system32\msfDX.dll
2008-03-16 12:30 216,064 --sh--r f:\windows\system32\nbDX.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="f:\windows\system32\CTFMON.EXE" [2004-08-04 15360]
"IDMan"="f:\program files\Internet Download Manager\IDMan.exe" [2006-08-15 877056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVP"="f:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" [2008-07-29 206088]
"NvCplDaemon"="f:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"SysTrayApp"="f:\program files\IDT\WDM\sttray.exe" [2008-05-07 413696]
"SecurDisc"="f:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2007-05-15 1628208]
"RemoteControl"="f:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-12-07 30208]
"QuickTime Task"="f:\program files\QuickTime\qttask.exe" [2008-11-04 413696]
"LanguageShortcut"="f:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-05-18 49152]
"InCD"="f:\program files\Nero\Nero 7\InCD\InCD.exe" [2007-05-15 1057328]
"GrooveMonitor"="f:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
"TkBellExe"="f:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-10-23 185896]
"nwiz"="nwiz.exe" [2006-10-22 f:\windows\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="f:\windows\system32\CTFMON.EXE" [2004-08-04 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.ACDV"= ACDV.dll
"msacm.speexacm"= speex32.acm
"VIDC.XFR1"= xfcodec.dll
[HKLM\~\startupfolder\F:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=f:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
backup=f:\windows\pss\Adobe Gamma Loader.lnkCommon Startup
[HKLM\~\startupfolder\F:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=f:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=f:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\F:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=f:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=f:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup
[HKLM\~\startupfolder\F:^Documents and Settings^All Users^Start Menu^Programs^Startup^PalTalk.lnk]
path=f:\documents and settings\All Users\Start Menu\Programs\Startup\PalTalk.lnk
backup=f:\windows\pss\PalTalk.lnkCommon Startup
[HKLM\~\startupfolder\F:^Documents and Settings^All Users^Start Menu^Programs^Startup^SnagIt 9.lnk]
path=f:\documents and settings\All Users\Start Menu\Programs\Startup\SnagIt 9.lnk
backup=f:\windows\pss\SnagIt 9.lnkCommon Startup
[HKLM\~\startupfolder\F:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=f:\documents and settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=f:\windows\pss\WinZip Quick Pick.lnkCommon Startup
[HKLM\~\startupfolder\F:^Documents and Settings^user^Start Menu^Programs^Startup^Xfire.lnk]
path=f:\documents and settings\user\Start Menu\Programs\Startup\Xfire.lnk
backup=f:\windows\pss\Xfire.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
--a------ 2007-01-02 00:22 3739648 f:\program files\Google\Google Talk\googletalk.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
--a------ 2006-08-15 20:11 877056 f:\program files\Internet Download Manager\IDMan.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-11-20 13:20 290088 f:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2007-03-01 15:57 153136 f:\program files\Common Files\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
--a------ 2008-11-11 22:29 1410296 f:\program files\Steam\Steam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--------- 2008-10-23 18:42 185896 f:\program files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"f:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"f:\\Program Files\\MSN Messenger\\livecall.exe"=
"f:\\Program Files\\Skype\\Phone\\Skype.exe"=
"f:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"f:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"f:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"f:\\Program Files\\uTorrent\\uTorrent.exe"=
"f:\\Program Files\\Steam\\SteamApps\\wldabumt3b\\counter-strike source\\hl2.exe"=
"f:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"f:\\Program Files\\iTunes\\iTunes.exe"=
"f:\\Program Files\\Electronic Arts\\Battlefield 2142\\BF2142.exe"=
"f:\\Program Files\\Xfire\\xfire.exe"=
"f:\\Documents and Settings\\user\\Application Data\\Thinstall\\CuteFTP 8 Professional\\4000001d000002i\\ftpte.exe"=
"f:\\Program Files\\Internet Download Manager\\IDMan.exe"=
"f:\\Program Files\\Camfrog\\Camfrog Video Chat\\Camfrog Video Chat.exe"=
"f:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"f:\\Program Files\\Paltalk Messenger\\paltalk.exe"=
R0 klbg;Kaspersky Lab Boot Guard Driver;f:\windows\system32\drivers\klbg.sys [2008-01-29 32784]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;f:\windows\system32\drivers\klim5.sys [2008-04-30 24592]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;f:\windows\system32\drivers\ManyCam.sys [2008-01-14 21632]
R3 PhTVTune;Philips WDM TV Tuner;f:\windows\system32\drivers\PhTVTune.sys [2008-10-23 14624]
S3 PAC207;VideoCAM GF112;f:\windows\system32\drivers\PFC027.sys [2005-04-08 162176]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5879f629-c2ae-11dd-8fdb-001676690ef9}]
\Shell\AutoRun\command - e:\wd_windows_tools\WDSetup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{72dd47ab-b7ad-11dd-8fd0-001676690ef9}]
\Shell\AutoRun\command - E:\WDSetup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{72dd47cb-b7ad-11dd-8fd0-001676690ef9}]
\Shell\AutoRun\command - e:\wd_windows_tools\WDSetup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a3980c99-b181-11dd-8fcc-001676690ef9}]
\Shell\AutoRun\command - e:\wd_windows_tools\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a3980c9a-b181-11dd-8fcc-001676690ef9}]
\Shell\AutoRun\command - e:\wd_windows_tools\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a3980cc0-b181-11dd-8fcc-001676690ef9}]
\Shell\AutoRun\command - e:\wd_windows_tools\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a6742733-e601-11dd-8ff0-001676690ef9}]
\Shell\Auto\command - auto.exe
\Shell\AutoRun\command - auto.exe
\Shell\Open(&0)\command - Recycled\ctfmon.exe
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = local
IE: Download All Links with IDM - f:\program files\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - f:\program files\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - f:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: Microsoft XML Parser for Java -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

FF - ProfilePath - f:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\afzaoj6i.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1959912&SearchSource=3&q=
FF - prefs.js: browser.search.selectedEngine - saleh.alqhtani Customized Web Search
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-03-25 15:56:09
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{49aec333-7c35-4776-a171-c4191373f5d5}]
@Denied: (Full) (Everyone)
"Model"=dword:0000001f
"Therad"=dword:00000011
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):c9,d4,b5,10,ec,0d,75,4e,ab,64,5a,a2,df,e5,dd,95,e9,43,74,bc,38,
be,02,d1,8d,6a,d2,2d,c1,e7,df,f4,bd,85,88,1f,26,8b,c0,bc,00,00,00,00,00,00,\
.
Completion time: 2009-03-25 15:57:48
ComboFix-quarantined-files.txt 2009-03-25 12:57:45
ComboFix2.txt 2009-03-24 18:50:18
ComboFix3.txt 2008-11-17 20:24:29
Pre-Run: 18,649,006,080 bytes free
Post-Run: 18,795,347,968 bytes free
206

Ali-911 · 25 مارس 2009

انا مسويها من زمان واعرف لها

بس المشكله ما كان يحول

but now its work << حركات

MAAX · 25 مارس 2009

تماام

والايبود كيف احواله ؟
جربته على جهاز ثاني ؟

Ali-911 · 25 مارس 2009

انا قبل لا اسوي طلبك السابق جربته وفتحت الـitunes واشتغل بس للحين احاول اشبك الفأره تطلع لي نفس الرساله

ويوم شبكت الiPod بعد ظهرت نفس الرساله

MAAX · 25 مارس 2009

مع الاسف ما عندي غير السابق
كحل اخير جرب اصلاح الوندوز

اصلاح الوندوز

عند الاقلاع من قرص الوندوز اكسبي

عند ظهور هذه الشاشة أضغط انتر

من هذه الشاشة لاحظ أنه يظهر أمر الاصلاح وهو الامر الثاني ولكن ليس هو غايتنا

اضغط على أنتر لتكمل ولتصل لخيار الأصلاح

من هذه الشاشة أضغط على F8

من هنا الآن نضغط على الحرف R

الآن لانضغط على شيئ لأننا لانريد الأقلاع من السيدي مرة ثانية

ثم نتابع التنصيب حتى النهاية وهكذا نكون قد أتممنا عملية الاصلاح

[/B][/B][/B]

زيزوومى مميز

توقيع : Ali-911

عضوشرف

زيزوومى مميز

توقيع : Ali-911

زيزوومى فضى

توقيع : Corporation

زيزوومى مميز

توقيع : Ali-911

زيزوومى مميز

توقيع : Ali-911

زيزوومى مميز

توقيع : Ali-911

زيزوومى متألق

توقيع : زمان الصمت

زيزوومى مميز

توقيع : Ali-911

زيزوومى متألق

توقيع : زمان الصمت

زيزوومى مميز

توقيع : Ali-911

زيزوومى مميز

توقيع : Ali-911

عضوشرف

زيزوومى مميز

توقيع : Ali-911

عضوشرف

زيزوومى مميز

توقيع : Ali-911

زيزوومى مميز

توقيع : Ali-911

عضوشرف

زيزوومى مميز

توقيع : Ali-911

عضوشرف