فيروس و مني عارف وش نوعه !!!

[AL-7arBi]

السلام عليكم و رحمه الله و بركاته

شباب الله يخليكم ساعدوني فيذا الفيروس

صار يلعب في ملفات جهازي

تعرفوا كيف؟؟

يغير احجام ملفات و يصير لما اضغط عليه يقول لي dont send الإرور المعروف

و انا جبت لكم تقرير من الهايجاك تفضلوا :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:07:39 م , on 03/04/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AirLive WL-5480USB WLAN USB\AirLive WL-5480USB WLAN USB\WlanUtil.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Documents and Settings\Administrator\Desktop\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = plimus.com,

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R3 - URLSearchHook: SrchHook Class - {F4F10C1D-87C7-404A-B4B3-000000000000} - C:\PROGRA~1\DAP\SBSearch.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ThunderAdvise - {97421D0D-E07F-40DF-8F07-99597B9585AD} - C:\WINDOWS\Downloaded Program Files\ThunderAdvise.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: DAPIELoader Class - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\DAP\DAPIEL~1.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKCU\..\Run: [DynDNS Updater] "C:\Program Files\DynDNS Updater\DynDNS.exe"
O4 - HKLM\..\Policies\Explorer\Run: [MPMKrnl] rundll32 "C:\WINDOWS\MKMKrnl.dll",KMainProc
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: AirLive WL-5480USB WLAN USB Utility.lnk = C:\Program Files\AirLive WL-5480USB WLAN USB\AirLive WL-5480USB WLAN USB\WlanUtil.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O21 - SSODL: ThunderAdvise - {97421D0D-E07F-40DF-8F07-99597B9585AD} - C:\WINDOWS\Downloaded Program Files\ThunderAdvise.dll
O21 - SSODL: msnmsg - {DA191DE0-AA86-4ED0-4B87-293D48B2AE99} - C:\Program Files\Messenger\msgmr.dll
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: npkcmsvc - INCA Internet Co., Ltd. - D:\RealMapleStory\npkcmsvc.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.32\bin\mysqld.exe

--
End of file - 6278 bytes
​

​

 

[AL-7arBi]

و هذا تقرير الـComboFix

ComboFix 09-04-01.01 - Administrator 04/03/2009 13:14:45.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.1.1033.18.510.226 [GMT 3:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
AV: a-squared Anti-Malware *On-access scanning disabled* (Updated)
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Administrator\Local Settings\Temporary Internet Files\ijjistarter_verinfo.dat
c:\program files\Messenger\msgmr.dll
c:\windows\AppPatch\AcXtrnel.sdb
c:\windows\Downloaded Program Files\ThunderAdvise.dll
c:\windows\Fonts\6e6EUdxVeWUYJynN.ttf
c:\windows\Fonts\bEtc8bhrp6SQmPrn.ttf
c:\windows\Fonts\bKkCsU7Z6YntjH4G.ttf
c:\windows\Fonts\cFDPmh3MDPjcHMPd.ttf
c:\windows\Fonts\d2MP6z9zUaFDsyqu.ttf
c:\windows\Fonts\DmYqJAPsv3KjBFCN.ttf
c:\windows\Fonts\dsdwAXRRUntk7EwY.ttf
c:\windows\Fonts\du3Q2JXbHYGxcSAe.ttf
c:\windows\Fonts\eCgMhGRkPUcdutd0.ttf
c:\windows\Fonts\EEUJgNKN6xmNqKr6.ttf
c:\windows\Fonts\fKzf9wP6bhq6Bcxa.ttf
c:\windows\Fonts\Framdee.ttf
c:\windows\Fonts\G49AhKxDmsj6uxnu.ttf
c:\windows\Fonts\JNwybEjgUVaxBU5d.ttf
c:\windows\Fonts\KXBqRpa2mrNPeXKb.ttf
c:\windows\Fonts\MhaUKGazkr3fZZKp.ttf
c:\windows\Fonts\PACNkAWTwg4Cyb3e.ttf
c:\windows\Fonts\pDuuqr4BgFn65AeW.ttf
c:\windows\Fonts\PrZWDcWgjaE3SQyr.ttf
c:\windows\Fonts\S8a8cnEuaydPJGg8.ttf
c:\windows\Fonts\tggjVkabXrzPWkM9.ttf
c:\windows\Fonts\tTRCPmKvA9gmv7zk.ttf
c:\windows\Fonts\ubZJmeB3bJjsGEbf.ttf
c:\windows\Fonts\xmAs4SNxpTUjdpJ5.ttf
c:\windows\Fonts\yKY54UdeQT3pEaq2.ttf
c:\windows\Fonts\YywxhF7TSnkktrJw.ttf
c:\windows\MKMKrnl.dll
c:\windows\system32\08223B03.dll
c:\windows\system32\122B901E.dll
c:\windows\system32\3D144530.dll
c:\windows\system32\5086CD29.dll
c:\windows\system32\56BC86C7.dll
c:\windows\system32\695C5A80.dll
c:\windows\system32\704C3595.dll
c:\windows\system32\76B9BA7A.dll
c:\windows\system32\A0C86020.dll
c:\windows\system32\A1A6BC2E.dll
c:\windows\system32\a643af61f812.dll
c:\windows\system32\BMsg6pdMD4ht.dll
c:\windows\system32\CC0EC2C9.dll
c:\windows\system32\CCCA2FB9.dll
c:\windows\system32\d7eb91606b0.dll
c:\windows\system32\D9C002DD.dll
c:\windows\system32\drivers\IsDrv118.sys
c:\windows\system32\E4814792.dll
c:\windows\system32\efc0c52cc1.dll
c:\windows\system32\etGBJk2YCXnM.dll
c:\windows\system32\J9mfQxkJ.dll
c:\windows\system32\MGmdqtJZG47.dll
c:\windows\system32\oleadp.dll
c:\windows\system32\VAHVqDG3.dll
c:\windows\system32\wS0GWMZ.dll
c:\windows\system32\x8RbVCvpMmw.dll
c:\windows\system32\XR5nPhu9.dll
c:\windows\temp\wmsetup.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NVMINI
-------\Service_IsDrv118


((((((((((((((((((((((((( Files Created from 2009-03-03 to 2009-04-03 )))))))))))))))))))))))))))))))
.

No new files created in this timespan

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-03 10:18 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-04-02 14:57 --------- d-----w c:\program files\DynDNS Updater
2009-04-02 14:57 --------- d-----w c:\documents and settings\Administrator\Application Data\Kana Solution
2009-04-02 14:43 --------- d-----w c:\program files\Alfa Autorun Killer 2
2009-04-02 11:26 --------- d-----w c:\documents and settings\Administrator\Application Data\uTorrent
2009-03-30 21:59 --------- d-----w c:\documents and settings\Administrator\Application Data\Apple Computer
2009-03-30 21:58 --------- d-----w c:\program files\Safari
2009-03-30 21:58 --------- d-----w c:\program files\Bonjour
2009-03-30 21:58 --------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer
2009-03-30 21:57 --------- d-----w c:\program files\Apple Software Update
2009-03-30 21:57 --------- d-----w c:\documents and settings\All Users\Application Data\Apple
2009-03-28 12:32 --------- d-----w c:\documents and settings\Administrator\Application Data\BSplayer PRO
2009-03-28 09:02 --------- d-----w c:\documents and settings\Administrator\Application Data\DNA
2009-03-27 22:31 --------- d-----w c:\program files\DNA
2009-03-27 12:54 --------- d-----w c:\program files\Little Fighter 2.5 - v2.0
2009-03-27 12:42 --------- d-----w c:\program files\Google
2009-03-27 11:08 --------- d-----w c:\documents and settings\Administrator\Application Data\MySQL
2009-03-27 07:36 --------- d-----w c:\program files\DAP
2009-03-27 07:36 --------- d-----w c:\documents and settings\All Users\Application Data\SpeedBit
2009-03-27 07:35 50,688 ----a-w c:\windows\system32\wbhelp2.dll
2009-03-27 06:57 1,700,352 ----a-w c:\windows\system32\gdiplus.dll
2009-03-27 06:33 --------- d-----w c:\program files\Hide IP NG
2009-03-27 06:33 --------- d-----w c:\documents and settings\Administrator\Application Data\Hide IP NG
2009-03-27 05:36 --------- d--h--w c:\documents and settings\Administrator\Application Data\ijjigame
2009-03-27 05:28 --------- d-----w c:\documents and settings\All Users\Application Data\IJJIGame
2009-03-26 14:39 --------- d-----w c:\program files\Nero
2009-03-26 14:39 --------- d-----w c:\program files\Common Files\Ahead
2009-03-25 13:05 --------- d-----w c:\program files\MySQL
2009-03-24 21:22 --------- d-----w c:\documents and settings\Administrator\Application Data\does extra warn
2009-03-24 21:21 --------- d-----w c:\program files\does extra warn
2009-03-24 21:21 --------- d-----w c:\documents and settings\All Users\Application Data\chic web memo trust
2009-03-24 21:20 --------- d-----w c:\program files\Messenger Plus! Live
2009-03-24 20:56 --------- d-----w c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-03-24 14:44 --------- d-----w c:\documents and settings\All Users\Application Data\NexonUS
2009-03-24 11:35 --------- d-----w c:\documents and settings\Administrator\Application Data\CyberScrub
2009-03-24 11:35 --------- d-----w c:\documents and settings\Administrator\Application Data\cleaner
2009-03-23 22:04 --------- d-----w c:\documents and settings\All Users\Application Data\PMB Files
2009-03-23 21:28 --------- d-----w c:\program files\Total Video Converter
2009-03-23 15:08 --------- d-----w c:\program files\Pando Networks
2009-03-22 21:47 --------- d-----w c:\program files\a-squared Anti-Malware
2009-03-22 15:22 71,680 ----a-w c:\windows\system32\2A.tmp
2009-03-22 15:22 57,856 ----a-w c:\windows\system32\vmware-ufad.exe
2009-03-22 15:22 29,696 ----a-w c:\windows\system32\29.tmp
2009-03-22 14:53 71,680 ----a-w c:\windows\system32\25.tmp
2009-03-22 14:53 57,856 ----a-w c:\windows\system32\gcc.exe
2009-03-22 14:53 31,744 ----a-w c:\windows\system32\24.tmp
2009-03-22 12:28 71,680 ----a-w c:\windows\system32\11.tmp
2009-03-22 12:28 29,696 ----a-w c:\windows\system32\10.tmp
2009-03-22 12:28 188,928 ----a-w c:\windows\system32\i386kd.exe
2009-03-22 12:07 71,680 ----a-w c:\windows\system32\3B.tmp
2009-03-22 12:07 57,856 ----a-w c:\windows\system32\makehm.exe
2009-03-22 12:07 213,376 ----a-w c:\windows\system32\drivers\ndis.sys
2009-03-22 12:06 29,696 ----a-w c:\windows\system32\3A.tmp
2009-03-22 11:45 3,854 ----a-w c:\windows\system32\1E.tmp
2009-03-21 14:57 --------- d-----w c:\documents and settings\Administrator\Application Data\Ahead
2009-03-21 14:10 359,040 ----a-w c:\windows\system32\drivers\TCPIP.SYS.ORIGINAL
2009-03-21 14:10 359,040 ----a-w c:\windows\system32\drivers\TCPIP.SYS
2009-03-21 14:08 --------- d-----w c:\program files\uTorrent
2009-03-21 10:16 499,712 ----a-w c:\windows\system32\msvcp71.dll
2009-03-21 10:16 348,160 ----a-w c:\windows\system32\msvcr71.dll
2009-03-21 10:16 --------- d-----w c:\program files\Real
2009-03-21 10:16 --------- d-----w c:\program files\Common Files\xing shared
2009-03-21 10:16 --------- d-----w c:\program files\Common Files\Real
2009-03-21 05:56 --------- d-----w c:\program files\SecondLife
2009-03-21 05:55 --------- d-----w c:\documents and settings\Administrator\Application Data\SecondLife
2009-03-21 04:13 --------- d-----w c:\program files\Common Files\INCA Shared
2009-03-20 21:44 --------- d-----w c:\documents and settings\All Users\Application Data\FLEXnet
2009-03-20 19:48 --------- d-----w c:\program files\Windows Live
2009-03-20 18:53 --------- d-----w c:\documents and settings\Administrator\Application Data\Nexon
2009-03-20 18:46 --------- d-----w c:\program files\Windows Installer Clean Up
2009-03-20 18:46 --------- d-----w c:\program files\MSECACHE
2009-03-20 18:45 --------- d-----w c:\program files\Circe Developement
2009-03-20 18:39 --------- d-----w c:\program files\BreakPoint Software
2009-03-20 18:34 --------- d-----w c:\program files\Common Files\Adobe
2009-03-20 18:19 --------- d-----w c:\program files\The KMPlayer
2009-03-20 18:19 --------- d-----w c:\program files\Notepad++
2009-03-20 18:19 --------- d-----w c:\documents and settings\Administrator\Application Data\Notepad++
2009-03-20 18:18 --------- d-----w c:\program files\Common Files\Macrovision Shared
2009-03-20 18:07 --------- d-----w c:\program files\AMX Mod X
2009-03-20 18:04 410,984 ----a-w c:\windows\system32\deploytk.dll
2009-03-20 18:04 --------- d-----w c:\program files\Java
2009-03-20 17:39 --------- d-----w c:\program files\Sun
2009-03-20 17:37 --------- d-----w c:\program files\Webteh
2009-03-20 17:31 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-20 17:31 --------- d-----w c:\program files\AirLive WL-5480USB WLAN USB
2009-03-20 17:28 --------- d-----w c:\program files\Common Files\InstallShield
2009-03-20 16:29 --------- d-----w c:\program files\microsoft frontpage
2009-02-06 15:52 49,504 ----a-w c:\windows\system32\sirenacm.dll
.

------- Sigcheck -------

03/21/2009 05:10 PM 359040 c81d6a930a7805f6daa0c7902b99037e c:\windows\system32\dllcache\TCPIP.SYS
03/21/2009 05:10 PM 359040 c81d6a930a7805f6daa0c7902b99037e c:\windows\system32\drivers\TCPIP.SYS

03/22/2009 03:07 PM 213376 f12d931aea2335ffe8e9e72ea1c6575a c:\windows\system32\dllcache\ndis.sys
03/22/2009 03:07 PM 213376 f12d931aea2335ffe8e9e72ea1c6575a c:\windows\system32\drivers\ndis.sys

08/04/2004 12:56 AM 1042944 20a2a37f355f9f70335dc8a055be41e2 c:\windows\explorer.exe
08/04/2004 12:56 AM 1042944 f5fdce794f3506d3e45ef54f5d0a1995 c:\windows\system32\dllcache\explorer.exe

08/04/2004 12:56 AM 26112 ac90d945a29678f489a653a9f72c8e5e c:\windows\system32\ctfmon.exe
08/04/2004 12:56 AM 26112 5109b66e12688752d0a155f6264d2e0d c:\windows\system32\dllcache\ctfmon.exe

08/04/2004 12:56 AM 134144 84aea1a1515550903d48a23e3c7e59f0 c:\windows\system32\spoolsv.exe
08/04/2004 12:56 AM 101376 5c1669440c0d5baa637c687d7cb2515d c:\windows\system32\dllcache\spoolsv.exe

08/04/2004 12:56 AM 220160 a39068db54701ea5550733b57cec46b0 c:\windows\system32\wuauclt.exe
08/04/2004 12:56 AM 154624 55589405701c24ad800136c61719c398 c:\windows\system32\dllcache\wuauclt.exe

08/04/2004 12:56 AM 35328 7bfe38275ccb291196b3669a30331c75 c:\windows\system32\userinit.exe
08/04/2004 12:56 AM 35328 1c935939d584ffe2fb6394aa764ab050 c:\windows\system32\dllcache\userinit.exe
.
((((((((((((((((((((((((((((( SnapShot@Mon 03-23-2009_14.35.44.93 )))))))))))))))))))))))))))))))))))))))))
.
- 2005-10-20 17:02:28 210,432 ----a-w c:\windows\ERDNT\subs\ERDNT.EXE
+ 2005-10-20 17:02:28 163,328 ----a-w c:\windows\ERDNT\subs\ERDNT.EXE
+ 2009-03-30 21:58:18 86,016 ----a-r c:\windows\Installer\{07287123-B8AC-41CE-8346-3D777245C35B}\PrntWzrdIco.exe
- 2009-03-20 19:48:59 29,926 ----a-r c:\windows\Installer\{508CE775-4BA4-4748-82DF-FE28DA9F03B0}\MsblIco.Exe
+ 2009-03-24 21:20:21 29,926 ----a-r c:\windows\Installer\{508CE775-4BA4-4748-82DF-FE28DA9F03B0}\MsblIco.Exe
+ 2009-03-30 21:58:00 27,136 ----a-r c:\windows\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe
+ 2009-03-30 21:58:52 307,200 ----a-r c:\windows\Installer\{AF10D7E4-D29A-45DA-8050-B116097B69B5}\SafariIco.exe
+ 2009-03-25 13:04:34 22,486 ----a-r c:\windows\Installer\{DBACBFE4-F79E-4AFB-A7C3-463555B8446B}\InstConfIcon.exe
+ 2009-03-25 13:04:34 23,558 ----a-r c:\windows\Installer\{DBACBFE4-F79E-4AFB-A7C3-463555B8446B}\MysqlCmdShell.exe
+ 2009-03-25 13:04:34 22,486 ----a-r c:\windows\Installer\{DBACBFE4-F79E-4AFB-A7C3-463555B8446B}\MySQLServer.exe
+ 2009-03-25 13:05:20 18,718 ----a-r c:\windows\Installer\{EC561602-C0B9-4FAA-A175-1B3273639AC3}\MAIcon.exe
+ 2009-03-25 13:05:20 17,318 ----a-r c:\windows\Installer\{EC561602-C0B9-4FAA-A175-1B3273639AC3}\MTIcon.exe
+ 2009-03-25 13:05:20 135,168 ----a-r c:\windows\Installer\{EC561602-C0B9-4FAA-A175-1B3273639AC3}\QBIcon.exe
+ 2009-03-25 13:05:20 18,718 ----a-r c:\windows\Installer\{EC561602-C0B9-4FAA-A175-1B3273639AC3}\SysTrayIcon.exe
- 2000-08-31 05:00:00 108,032 ----a-w c:\windows\NIRCMD.exe
+ 2000-08-31 05:00:00 75,264 ----a-w c:\windows\NIRCMD.exe
- 2000-08-31 05:00:00 173,056 ----a-w c:\windows\SWREG.exe
+ 2000-08-31 05:00:00 271,360 ----a-w c:\windows\SWREG.exe
- 2000-08-31 05:00:00 214,016 ----a-w c:\windows\SWSC.exe
+ 2000-08-31 05:00:00 246,784 ----a-w c:\windows\SWSC.exe
- 2000-08-31 05:00:00 223,232 ----a-w c:\windows\SWXCACLS.exe
+ 2000-08-31 05:00:00 288,768 ----a-w c:\windows\SWXCACLS.exe
+ 2009-03-19 15:45:16 131,072 ----a-w c:\windows\system32\Adobe\Director\np32dsw.dll
+ 2009-03-19 15:55:40 202,168 ----a-w c:\windows\system32\Adobe\Director\SwDir.dll
+ 2009-03-19 15:45:56 614,400 ----a-w c:\windows\system32\Adobe\Shockwave 11\Control.dll
+ 2009-03-19 15:24:48 1,798,144 ----a-w c:\windows\system32\Adobe\Shockwave 11\dirapi.dll
+ 2009-03-19 15:45:58 9,216 ----a-w c:\windows\system32\Adobe\Shockwave 11\DynaPlayer.dll
+ 2009-03-19 15:15:38 704,000 ----a-w c:\windows\system32\Adobe\Shockwave 11\gi.dll
+ 2009-03-19 15:15:40 1,145,896 ----atw c:\windows\system32\Adobe\Shockwave 11\gt.exe
+ 2009-03-19 15:15:38 52,288 ----a-w c:\windows\system32\Adobe\Shockwave 11\gtapi.dll
+ 2009-03-19 15:20:58 1,011,712 ----a-w c:\windows\system32\Adobe\Shockwave 11\iml32.dll
+ 2009-03-19 15:44:24 376,832 ----a-w c:\windows\system32\Adobe\Shockwave 11\Plugin.dll
+ 2009-03-19 15:46:20 442,368 ----a-w c:\windows\system32\Adobe\Shockwave 11\Proj.dll
+ 2009-03-19 15:55:14 460,216 ----a-w c:\windows\system32\Adobe\Shockwave 11\SwHelper_1150595.exe
+ 2009-03-19 15:43:36 114,688 ----a-w c:\windows\system32\Adobe\Shockwave 11\SwInit.exe
+ 2009-03-19 15:43:34 94,208 ----a-w c:\windows\system32\Adobe\Shockwave 11\SwMenu.dll
+ 2009-03-19 15:15:38 58,736 ----a-w c:\windows\system32\Adobe\Shockwave 11\SYMCCHECKER.DLL
+ 2009-03-27 12:44:11 78,487 ----a-w c:\windows\system32\Adobe\uninstaller.exe
- 2009-03-23 11:33:23 32,768 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2009-04-03 10:18:18 32,768 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2009-03-23 11:33:23 49,152 ----a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-04-03 10:18:18 49,152 ----a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2009-03-23 11:33:23 81,920 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-04-03 10:18:18 81,920 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2006-02-28 09:41:34 106,496 ----a-w c:\windows\system32\dns-sd.exe
+ 2008-12-12 08:18:16 87,336 ----a-w c:\windows\system32\dns-sd.exe
- 2006-02-28 09:41:22 53,248 ----a-w c:\windows\system32\dnssd.dll
+ 2008-12-12 08:11:46 61,440 ----a-w c:\windows\system32\dnssd.dll
- 2009-03-21 18:25:46 1,474,416 ----a-w c:\windows\system32\FNTCACHE.DAT
+ 2009-03-25 17:13:40 1,474,528 ----a-w c:\windows\system32\FNTCACHE.DAT
+ 2009-03-30 22:05:28 33,004 ---ha-w c:\windows\system32\mlfcache.dat
+ 2004-08-03 21:56:48 221,184 ----a-w c:\windows\system32\wmpns.dll
+ 2009-04-03 10:18:21 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_65c.dat
- 2000-08-31 05:00:00 129,892 ----a-w c:\windows\VFIND.exe
+ 2000-08-31 05:00:00 162,660 ----a-w c:\windows\VFIND.exe
- 2000-08-31 05:00:00 78,848 ----a-w c:\windows\zip.exe
+ 2000-08-31 05:00:00 111,616 ----a-w c:\windows\zip.exe
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{F4F10C1D-87C7-404A-B4B3-000000000000}"= "c:\progra~1\DAP\SBSearch.dll" [03/27/2009 10:35 AM 38384]

[HKEY_CLASSES_ROOT\clsid\{f4f10c1d-87c7-404a-b4b3-000000000000}]
[HKEY_CLASSES_ROOT\SearchHook.SrchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}]
[HKEY_CLASSES_ROOT\SearchHook.SrchHook]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [08/16/2007 04:19 PM 5728112]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [08/04/2004 12:56 AM 26112]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [08/04/2004 01:06 AM 1711104]
"DownloadAccelerator"="c:\program files\DAP\DAP.EXE" [03/27/2009 10:36 AM 2811392]
"DynDNS Updater"="c:\program files\DynDNS Updater\DynDNS.exe" [09/17/2006 10:32 AM 1363456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [12/11/2007 06:59 PM 167936]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [03/20/2009 09:04 PM 148888]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [03/21/2009 01:16 PM 198160]
"a-squared"="c:\program files\a-squared Anti-Malware\a2guard.exe" [03/22/2009 07:53 PM 2805904]
"AGRSMMSG"="AGRSMMSG.exe" [06/30/2005 06:27 AM 88204 c:\windows\AGRSMMSG.exe]
"SoundMan"="SOUNDMAN.EXE" [06/30/2005 06:26 AM 589824 c:\windows\SOUNDMAN.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [08/16/2007 04:19 PM 5728112]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
AirLive WL-5480USB WLAN USB Utility.lnk - c:\program files\AirLive WL-5480USB WLAN USB\AirLive WL-5480USB WLAN USB\WlanUtil.exe [2009-03-20 491520]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\HelpSvc.exe]
"Debugger"=ntsd -d

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\UIHost.kxp]
"Debugger"=ntsd -d

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"e:\\Valve\\hl.exe"=
"c:\\Program Files\\SecondLife\\SLVoice.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"e:\combatarms\Combat Arms\CombatArms.exe"= e:\combatarms\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe
"e:\combatarms\Combat Arms\Engine.exe"= e:\combatarms\Combat Arms\Engine.exe:*Enabled:Engine.exe
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"58011:TCP"= 58011:TCPando Media Booster
"58011:UDP"= 58011:UDPando Media Booster

R3 ZD1211BU(AirLive);AirLive WL-5480USB WLAN USB Driver(AirLive);c:\windows\system32\drivers\ZD1211BU.sys [2009-03-20 402432]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - NVMINI
*Deregistered* - nvmini

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{16850bae-15dc-11de-95b8-004f66004a55}]
\Shell\AutoRun\command - I:\w98.com
\Shell\open\Command - I:\w98.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1df90f2e-15cf-11de-95b7-004f66004a55}]
\shell\explore\Command - H:\boot.exe
\shell\open\Command - H:\boot.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{80983363-157b-11de-95b6-004f66004a55}]
\shell\explore\Command - H:\boot.exe
\shell\open\Command - H:\boot.exe
.
Contents of the 'Scheduled Tasks' folder

2009-04-03 c:\windows\Tasks\AB9856B99187CC11.job
- c:\docume~1\admini~1\applic~1\doesex~1\Junk Show Bird.exe [03/25/2009 12:22 AM]

2009-03-30 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [07/30/2008 12:34 PM]
.
- - - - ORPHANS REMOVED - - - -

HKLM-Explorer_Run-MPMKrnl - c:\windows\MKMKrnl.dll
ShellExecuteHooks-{3FA3CAD1-C5D8-48B9-800A-A7B2D2A23044} - c:\windows\system32\J9mfQxkJ.dll
ShellExecuteHooks-{695C5A80-18A5-4CD2-A911-4DBEBE92F18D} - c:\windows\system32\695C5A80.dll
ShellExecuteHooks-{737858A9-9AEA-4838-9B49-54DA731F7F37} - c:\windows\system32\BMsg6pdMD4ht.dll
ShellExecuteHooks-{A0C86020-5935-4B87-B20E-0B656D450264} - c:\windows\system32\A0C86020.dll
ShellExecuteHooks-{CCCA2FB9-2D5D-4481-8BFE-1CDDC458A3F4} - c:\windows\system32\CCCA2FB9.dll
ShellExecuteHooks-{704C3595-DB85-40F6-A601-8D6F346907BD} - c:\windows\system32\704C3595.dll
ShellExecuteHooks-{5086CD29-ED02-41A0-B571-ACDA0C33BA94} - c:\windows\system32\5086CD29.dll
ShellExecuteHooks-{6AF45C53-676C-451F-A4A9-DC8D61D9D46A} - c:\windows\system32\VAHVqDG3.dll
ShellExecuteHooks-{3A5700C3-2847-4CBE-A3E5-F0C394690C9A} - c:\windows\system32\wS0GWMZ.dll
ShellExecuteHooks-{CC2B89B8-6A27-4D4A-BBBE-D2CD655A47C2} - c:\windows\system32\d7eb91606b0.dll
ShellExecuteHooks-{92E496B3-2E80-4FE0-B6F8-B3308BB6BFB9} - c:\windows\system32\x8RbVCvpMmw.dll
ShellExecuteHooks-{D90958B6-FA15-4643-942E-8AC717BB15D1} - c:\windows\system32\a643af61f812.dll


.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.speedbit.com/
uInternet Settings,ProxyServer = socks=
uInternet Settings,ProxyOverride = plimus.com,

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\8h7xtzep.default\
FF - component: c:\program files\DAP\DAPFireFox\components\DAPFireFox.dll
FF - plugin: c:\documents and settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npijjiCHPlugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll
.

**************************************************************************

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-04-03 13:18:51
Windows 5.1.2600 Service Pack 2 NTFS

detected NTDLL code modification:
ZwOpenFile

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


c:\windows\linkinfo.dll 46592 bytes executable
c:\windows\system32\drivers\nvmini.sys 17152 bytes executable
c:\windows\system32\linkinfo.dll 18944 bytes executable
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a00df0c1-3b81-1c7c-fe95-7e08d2ce46bd 5000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a01bc392-0da0-b0d3-ec2c-23ea9432e709 33000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a027cb6a-c917-7f9c-4b13-e6dcfe332f14 12000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a07c0c6a-fef0-71c9-eb7d-d177893f23e9 4369 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a09697fe-59c0-3e17-075f-121b71a261a0 8112 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a0badda9-dfd9-358f-6269-d534ea6a108b 6974 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a0caabb5-5dba-60a3-ca28-4f38c8e7c896 97424 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a0ce8c4d-74d1-a38c-53c0-0819c24b32b4 48258 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a0ce9a6a-cf2b-8c6c-fe45-66329ddc4669 6019 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\aa03607a-e466-1ef1-1b40-c8d728fc281a 1618 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\aa23e79c-2634-95e1-1862-a82985e93319 1647 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\aa34ab21-6a55-77a2-d994-01d963de7357 8030 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\aa80e1b6-3a8d-4e81-3783-23345611ceae 2914 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\aa81f7af-1a6c-4e69-a272-7f29970c60ed 3000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\aa8bb814-aa8f-5248-1ff5-2bc25947de4d 2000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\aaa25248-eaa8-a099-4990-4446dcb8ad21 12218 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\aaace53c-9cd9-1145-c6ec-33e051f82f41 1000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a38e65f6-e0a3-a1d7-3669-168ac59fb001 942 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a399a6a8-9f14-f8af-5ec2-c46f0169ec86 413 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a3d83607-a044-dbfc-3979-3c675ca9356e 11559 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a3d9037a-5842-c84d-0ffb-7622b7d6c3cc 2613 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a3e68902-c3fc-725e-9607-7e31e51cd8d1 6272 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a407a66a-d301-e13a-02c7-3353c32b54ad 23864 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a41d9081-0861-db4b-9c8c-9b1113515fc2 24684 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a44f9b53-ba05-0401-3f97-1ec70db499ae 97592 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a468e3ab-1138-4f10-229f-1f86ab440dca 245 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a47ce15a-e1ae-aa44-5c01-ea31843eb3e9 4000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a4cddc0a-bcb4-073d-5d06-65cee207d70e 12000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a4e54541-1a2a-5774-f415-4ac09e650907 610 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a58b7f80-5f8b-e8e4-0612-5b7fde24cccb 8000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\ad6c271e-2433-7b3c-2c0f-25d67faee080 23726 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\ad7bc975-a5cd-ca8a-4567-7bac3bb06965 43000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\ad8a9974-9456-e966-acff-d94163e6f428 1000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\ad8ebc56-5518-eff2-f6ef-76ba1c0f4bb9 6000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\ad92b3c8-03a1-cf98-8f40-b26c8d492abf 3000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\ad9f6962-c222-e6de-2668-83e925c6fd03 23954 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\adaed0fc-e4cb-d0b1-6d26-40902e1f6bc6 2448 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a6e24562-880e-bbf2-ea66-9c2bb9d3eef8 24000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a6eecf78-69a7-1551-0a92-4980ecd84857 24457 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a6ef075f-848d-3e8b-c12c-7df3d93d29d3 1774 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a6f7aa24-4c3d-7d68-bbaf-17e8a1ff0668 2452 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a714c681-a85e-a940-792b-96ed93df8ed5 2000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a71d099f-25ba-726b-7e7b-4bce7bdde4ba 11044 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a72e938c-eb04-65bb-0d7c-2e5347a9021c 128540 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a7484a40-4115-2c3a-052e-1b95d4a60780 2000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a74d118a-78f1-33ec-0b11-ccdac0becc7c 23696 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a77e9e61-c106-142f-66f0-f7df8154d102 1000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a7933341-be3a-a0f5-6a47-9f1d4ac1a9c4 4248 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a7a3a8ae-ab0c-67f5-87f7-3cc95cac87b9 8000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a0d5f5f2-03c6-3174-562d-e86fae06dbc0 1000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a2e108fe-bcb3-4b57-532d-8e05259a979b 97483 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a38749c0-1f7a-72df-aa77-8b9b2bf81ecc 7000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a5fa2486-8f76-7ad1-7919-772161c7e8a7 12000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a6d24dae-e462-2b96-3218-4659ca8639dd 1000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a7cd6d70-4d8f-76fa-9f69-e4d3af87c989 2427 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a8e4a04a-8445-61e1-e481-c78974f070e4 3000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a9c17e99-9f1a-c473-364f-a693b7575f43 724 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\aabe7a26-2e5c-2c08-27ab-89ce1978564f 7098 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\ac660d48-8989-7f18-7c48-67e469cf3362 2897 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\ad3ff1cb-8bbe-3a59-b07d-7c977bed309d 1719 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\add1326c-6847-9359-ee04-55af91a31ca4 2590 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\aee42d65-5900-4607-9841-27f9aaa2664b 6000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a2f59a3d-643f-5b0a-a1bc-fae27f6ba6c0 3686 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a2f73474-1986-73af-75dd-e187a03d13a9 41529 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a30e37fc-5482-53de-5b3a-7ff06f47e7eb 6000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a322731d-d69a-cf24-fbcd-92978d23d053 1000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a352dff5-432f-f14f-ba5c-b05311345082 24000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a365827c-629f-d63d-045e-e6f6e657e7c1 928 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a372222f-bb7c-f173-034b-13838a657b32 41000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a37395e4-645a-0bfc-5d0b-d7cfcaac215f 3000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a7e574cf-1ad4-df7e-9765-255a8597ff65 4068 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a7eb9f9e-98bd-2b4d-ddda-706c35bfebec 2791 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a8098997-0617-4008-d463-32ecda44ba12 39 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a82244c3-0002-7137-f438-9a479a6c2248 6000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a8924432-4831-18fb-688d-e6d65fa7139e 3564 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a8cd6988-36b7-f2b0-6457-101957082d60 10000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a8d2d729-dce7-38ea-25c8-ec396ed3d2ca 2594 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\acac50ab-3e91-70de-bb46-d994af7828b9 3974 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\acb313a0-645e-ab5c-6791-cdda00be76bc 931 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\acb396c0-5eec-05d1-b08e-8ce5573d3db6 8000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\ad0824e7-6196-ba2f-1bbe-bf360af246e8 608 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\ad12b855-a21d-c7f5-cad3-1e480abf0ad0 6000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\ad1debe6-b14e-8b0b-d4ea-3156227d3b9b 244 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\ad3029f7-798f-79b3-5d1a-388f454d8e5e 4651 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\ad3f1f42-d6f4-4ebf-acba-5dbc01749f1f 11662 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a61b0648-e8fa-cf59-b4bc-290865e531d7 2237 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a63b28c4-7bec-70d5-d53b-2c0881800729 4687 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a63e1fa1-36c0-9bbc-de99-44b3fce4aa36 40000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a642a2f1-9752-7a30-78f9-5dc9e337fcc7 1000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a65aa756-f6b3-a645-4fee-c1fe75f6d435 1000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a669d82f-95fe-8eb5-64ba-e84a32ef7cd9 32855 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a67363da-9680-aa13-3e0f-9d9a85f82e34 4000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a692ce40-eef0-8c21-3391-649a1564325e 934 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a6b800c3-b6be-cb29-f52e-9fbde9146aa2 8000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a6c7b3f2-f94f-6760-fd2f-432cfac72d76 7850 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a6c7d8ae-c7ce-dbb3-8d78-82a37476b07d 97666 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\aeec9050-ad1c-8736-d677-2beb13b17d03 1832 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\af0ea373-6a50-70c6-d770-76cfec1a4f29 6000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\af1e5ad1-200e-14b4-9599-cd29046c232e 18787 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\af22ae8f-bdde-23e3-b3b6-01392b359cd5 23685 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\af36f591-4f1f-c2e1-c90b-72a7658a50a2 2473 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\af465822-f776-b037-57a0-5bd8ca402b11 8000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\af52b5ba-2464-cdf0-fc3a-627d5c5d12dc 789 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\af5a210d-7a1b-c049-f1b4-88da7872cdc4 5404 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\af9aedcd-fdf5-2edf-9e98-0608fb4439a4 6000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\afb800ce-33ac-5a16-f26e-6af178bdc170 3110 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\afc5f7f0-8c6b-4556-3438-a367ee0037b1 26000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\afdc9afc-d8a7-faac-f0f9-28df4d0800ee 925 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a1238db5-0b22-212e-dd5b-f793e5eae9db 3000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a132bb4a-8990-ec3b-3854-c5eb45f2499e 32137 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a17688da-f51b-0522-2914-95ab59b013ca 9867 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a18ba921-3b00-991e-2cc8-d9fc70e1dfc9 32146 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a18c969b-df89-8046-fe8a-b9c87c72d170 23926 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a1a6f90e-e52b-1aa1-57c4-73443a63f8f3 3000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a1e8321c-67c4-cc42-b90f-33d03b6d2081 236 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a2172817-64f4-0f6c-967e-7a638b1c47fd 10000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a21eb257-17dc-f7fb-1fa4-4061c193eae1 1000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a25bebc8-4739-453d-d44e-fc522cf95488 48527 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a2773262-5cb8-26b7-b0bf-f3efbeee89cb 19395 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a27d31a5-39f6-f0ce-8ded-a599623f5bd5 1000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\ab8fc54b-4e75-afee-3817-c1da40bf3e81 2679 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\ab965aba-25b5-872a-c3de-e4e54f9a84d0 2034 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\ab97061d-ebb5-793f-13b9-4062aae14662 5670 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\abd4b7f7-b6e8-8ca2-9551-9c45bace3ffd 2000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\ac0208c4-b561-c1ed-ecbe-0610e9f8ee4e 284 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\ac113ba7-e308-5852-7bb4-0f26a062ea30 591 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\ac1d5e47-f743-8a2f-fa9c-0c5d20119f04 36000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\ac22d525-d61a-5643-9cfe-43feb77f80f6 21166 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\ac51b438-2e86-1d74-a47c-d28447644c3d 3569 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a8ef34f1-e63c-3599-edb7-5124dc0043c6 63000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a928b855-ced0-6632-6af6-6e30ae0fa73d 31000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a970627c-4e2f-078d-8664-17e146f4703a 24000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a97eb729-8a6e-d4db-f01d-6193b7e1b937 11131 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a9955bf5-1fee-bbdf-f2b4-30508a63a05c 824 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a9ac6f81-d44d-70e4-65b4-19690c975b8c 4000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a9ae2ae2-a93a-b18b-15c3-08196782e20a 2000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\a9b0c52e-30cd-6f00-f9ea-b7016143d9b0 1619 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\adf297cc-fd86-e774-e22d-3e349a001058 6730 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\ae13e126-e693-4854-2498-fd7a843d769a 750 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\ae28dfd1-a1ac-57f4-19b8-1fb6ea32ec87 2335 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\ae56f0ca-097a-fa83-2bde-e0f42c6b43c9 7571 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\aea2381d-52d8-bb6d-3530-568330b8f544 11533 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\aebbfcf5-0408-ef01-77d8-4085552e69db 277 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\a\aed676ad-1ede-4029-85c3-3f9113ffbf93 1000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b01e4de2-2cd7-6133-cd5f-8017515e6156 119472 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b040cd76-812b-0d1c-2e2b-57530b61bcc5 2374 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b0998b3e-5614-7c94-371a-8816fcd23620 121890 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b0b0d1c5-c528-80bd-a1bf-1e8eac857671 3000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b0d8c0c0-2487-393c-1a6c-146905e7f424 448 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b0f196be-1643-fdc8-d251-6506a4b7591d 11934 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b0fbd13f-88c5-52db-d226-059ae68a5885 1000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b10569bd-9371-7054-c376-6a56d8afdd71 8000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b14eb835-d98f-fab1-8874-e065a75eef76 3239 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b159ad23-0d22-f089-7a68-a2eae61a8aee 1000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b16d0d72-55f2-35ff-5ce9-0a6d7c5a624e 3000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b17ae3f9-079d-1c7a-3102-d234460f9acb 23739 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b1980e51-0975-6da1-9f49-20bac9a1a5f9 326 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b708e484-aeef-8cc9-3896-dd661d4e6807 1000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b72d48a2-1670-8fcd-7eef-d4cb61e6c104 2000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b734b1fe-86bf-65c3-b965-6376507e0799 1000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b74e9dea-1247-ee40-f98e-efeff21bdf68 23807 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b769526b-0c68-1e3f-6ada-38e450b50e6c 1960 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b773134f-6c74-13cb-7e57-22128921f695 8929 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b77b8add-e639-551a-0214-8c9bc67d8f5e 1000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b781454b-a93a-be9c-dfbd-c02cbb8d9fb5 6000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b794c3eb-6bd3-6e4b-e489-0d26594dda18 4000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\ba1930d0-5b35-ad1b-684b-d602fefe831d 97240 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\ba1b402e-0259-5512-e925-a83213b84bf7 906 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\ba5e0c41-6b2f-9d74-8afa-bb6ba7a97821 9373 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\ba74fa5e-7e41-43e6-58d4-ca322c2bd64c 1000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\ba8abb2e-9998-fda0-9701-8f1bfdad3210 3068 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bab303f2-717d-ef7f-01da-7a6aa409b588 12518 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\baf307a5-22bc-5324-81fa-37839aa62a9e 7587 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bb03959a-e018-f767-956d-01b597de3c35 914 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bb03e388-6dc2-c016-509f-93e2c3ba310f 18653 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bb1ec5cd-4903-1359-1fc6-920454dc476e 12075 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bb2011cd-f022-1145-9934-f0a205995099 13000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bb31f5da-71e4-13ea-2440-b72798a72208 24000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bb513c22-5a48-a80d-3832-43350a345bee 3000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b3c8b2d9-c8a1-ce95-1c5b-da12031aaace 7592 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b4047423-6923-c511-4717-fb80b848377d 1416 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b4153cbd-e873-0633-ad97-94c4160c62f4 3000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b4212d41-d4a3-f885-7b4f-557fe5faa3a3 8000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b438d4be-0729-fbaa-b747-4ba49f7518a8 9283 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b4571349-40d9-1d6e-1d6a-e270f0362d0b 4528 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b467e969-ccba-317d-a8c0-773f984c84c1 1000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b8db909b-e6c3-fa0e-3103-580371123b44 3000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b93ae387-ef81-f39d-2df3-564bd4c60e91 5929 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b94ad7f1-ca3b-0216-e5d4-8b729898bfed 23946 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b951095a-611c-9d6a-488b-b8ea432ad627 2098 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b951568e-223d-9d66-3d5c-ebcf65ae5084 129955 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b95a5632-b65a-4542-a485-17a960988c4e 49000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b96994c3-f5d8-7b7a-71de-0fa5b0b805f2 19000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b9818d72-f72b-ace6-9aae-cf2991a5a4b0 62000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b986603d-d4a3-0655-9a1b-a90ca281d18b 18 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b998a736-19ba-61b3-d77f-3ee3e9005278 6000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b9fc1994-d9b5-e858-05ce-a648243abbaf 6169 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b9fc674a-5f8b-eed2-358d-81208f9dc608 2431 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\ba0cf297-cfb6-80f9-f1c2-30eefb43d3f2 6000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b1b34927-fd64-4b8b-fe01-123034631571 929 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b2cb13f0-eee4-f88e-8f3a-146b1d6532d5 1039 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b3b7949a-e7ec-5fb9-bb50-784720c5db79 3000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b46bc1aa-a78d-5da6-beab-3529fbcc60b1 697 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b5845b9d-0e76-c966-cad5-48fb1f62ea6d 2000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b64b1b9f-bb6d-dad5-3832-07059e06fd8e 2000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b7074f98-1c6c-a645-69ab-8bdda28ed555 1000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b79993cf-5cdd-6582-6764-086946a3a352 6000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b8d497f0-51e3-c12b-aa7e-1c6415a19589 1984 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\ba15d16c-452b-4656-8a20-49bc91980ff5 2809 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bb5e9eda-3b82-e324-be98-bebaab60de78 2000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bd086028-884d-9dce-84c1-4d8f63b50f0d 1000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\be38ee24-76e3-4789-6d2c-58b2b0584354 1000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bf43c99e-cef7-60ee-9464-2e2cd3f578b4 623 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bd115f66-b96d-bcdc-2e53-a13ecfc081ce 4604 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bd2111ad-901f-ec19-5436-db9dac03cfa0 6000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bd3acc0f-0483-0e9c-15fa-b3b03907bc9e 49000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bd9939bc-7172-454e-f7f3-d59cff0eaa93 575 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bd9b0680-06b2-fd11-d4ee-639b26447ae4 6000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bdd586db-31d1-6a04-991e-ead4bf2b8a81 2737 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bdf0bf2f-ffbc-47c2-b959-79de0e8e61c8 277 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\be06ee25-74a8-0cce-1a84-4d8863058353 378 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\be176a4c-13a7-a471-2f32-b7b8a1e717e9 39000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\be293869-d0d9-0a69-5989-ad27f1946fd4 280 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\be3845fc-7b2a-c72d-96a9-df5f0da290d4 7107 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b586a0a9-1bb4-7123-3fdd-176d146bfc65 2720 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b5895343-63ad-2bcc-7109-ae48a02571a1 2281 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b5b435a4-01dc-cfa4-a808-19b83d25b458 1306 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b5c6c015-317e-cba0-a727-183975f61f08 27389 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b5d1c1a9-c59e-9a2d-e299-00fca52ccc44 1000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b5e482b9-35e1-b3cd-5056-6885c09cbb7d 1558 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b612c21c-34af-b3c3-b413-5f10e3429633 2864 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b636f9e2-24ee-a52f-c77f-9265c9c8710b 74000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b1b5518f-c096-cb2f-f4ef-201eb5f52487 2717 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b1c5df1e-c7a6-1827-0452-c16573c96979 1000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b21b3d02-9e68-736a-b294-54b26ef02a23 1000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b221d10c-acaf-3d5c-6f49-df1c4931dea5 12000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b22f8eaf-170d-064f-db5d-bf309bd9e179 8534 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b236959c-4a09-8aa1-1f57-e53a9a77353b 2612 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b25cbea3-dc56-6635-3b8d-deb07d645ade 23811 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b280da6f-29dd-fe72-69f0-71e4e9f11cc6 2000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b2861af0-841e-a194-426c-04c3f9a2eb8b 2747 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b293f0f5-64f0-9ccc-67c9-dd804a81fa34 19458 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b2aa28b7-d788-c7d0-86d4-2975b2cada7a 3575 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b2c6b442-a26e-ba3f-3043-ce2869b3fcee 2461 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\be605d73-8d70-aad6-9d8b-27e202a13623 3583 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\be643cba-7acc-ac89-103e-3399e891c068 1000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\be775f2c-10fe-e7cd-d7a0-8e5466304f39 7000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\be783ded-a1f7-6643-23ed-d4d3ccaa3c0c 5867 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bea82b0f-27c6-730b-fd7f-733f2340b449 588 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\beb92ee2-ca4a-a9ee-1032-93a74f3de347 110520 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bed70b4c-1296-0ed0-2592-ccb3188f0c30 9144 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b654021a-3b77-3c10-b084-a7175353bd44 3997 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b664bdf1-e06a-20dc-187c-e556cb73e7a6 6055 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b6790d8b-d071-d2e6-14f4-a5ae4458270c 1437 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b67b093a-f240-8c33-4fd7-80d05409c7f0 1000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b6b2ab9e-a9e8-4983-f3a8-3c52ae0ec8cd 137655 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b6c5c46c-2e6e-1cba-b9bc-6885e7ee7425 18000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b6c62840-88ef-6a4b-42cd-1df8e7f0318a 14552 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b6d81b2d-697a-1aae-1d35-1aa308d7167a 2002 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b6e823a3-6378-644c-965a-d422b4abbe96 1000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b6ed4b8e-2cbc-4d55-a617-d8597ea3eded 7346 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bb828c9b-7a51-f088-4972-a11d43e109da 12248 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bb9054f4-66e1-d8b2-b08d-6c7133044ae1 7425 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bb9a37ee-ea90-e80d-09c9-780718f14d2d 27000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bbc59d91-30f8-a287-68fc-edcfda7d876f 8000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bbce7a23-7f75-28ea-eb54-439d492f3133 2000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bc362b83-772d-ce6a-dab1-776495fa3ca9 6000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bc56be54-457e-8311-ade3-90e6d160c598 8000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bc750209-502e-1062-f5fa-372e4d3534e4 2748 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bcc3c7c4-8fee-b963-ecfb-7ee84b5fd788 32134 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bccf04f9-656c-5871-4182-235bbaeb05ce 6000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bcdb43f1-aed5-22dc-ffce-47db0e7f1678 928 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bcea3e34-415a-e043-e9b3-c94927a7fd83 53000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bcf66593-f05d-071e-2882-9e533d362d1b 2369 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b4a9cf9c-6f61-e9d9-a1e2-7c50ac6a7359 8000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b4b94102-1ee1-d344-b5c3-9164227a3ee5 2765 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b4cf8d76-716a-14a6-6645-b57b1f98ac21 2671 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b4ed65b4-e9d5-de8c-8e98-884d75555c27 1000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b511fea4-5802-34b7-af9c-aa040059f09a 49000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b51558c5-abe0-a7de-02eb-596ddf76ee02 3677 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b51d105d-1df9-8f95-c71e-6aa0ed969e43 724 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b544e6fc-81a6-1504-f8bf-4ed7a3859701 2000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b54ccc7d-aeec-5084-a0fe-c2dd5f9c2d52 2375 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b581deb0-a927-43a2-d5ab-657cc670efdd 37719 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b2de1a2a-0536-bbc1-5118-e9dc967ec11f 5428 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b2e7394f-5e54-aa12-6e1c-ef327b6bed9e 2000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b3094809-2504-1475-863c-0dafc6ffe100 1878 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b3105481-df79-90ae-1273-b1af32fdb94f 48544 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b37c3353-32ad-b455-d4fa-b25c66c25a47 12000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b37f2954-dd0f-2570-922c-bcc2602fc46e 160588 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b3813ca4-08e0-78d9-f6d1-71dc0f04d39a 2000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b386e2a1-f3da-8ce3-04c6-f9e6944d352d 908 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b39d596c-3101-0827-9d1d-a7faaaa3ee87 10000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b7e5bb2f-fd93-131d-1d0a-1d3b4a32272c 2469 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b81406d5-61cb-7006-803e-402431db1863 8000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b825407b-9d5f-370e-3031-2cf8c7664268 5581 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b83cee8d-0a52-7b9d-cec7-1b79b649ed83 3000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b859f6f6-4dfc-290e-ed59-56ad54aabcbd 97330 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b8698a7c-0204-339d-704e-895847241fe2 2303 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b86f1d95-f4d9-c57f-fe0f-d4f13ac22c21 2000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b87a3598-f181-f31e-4585-1808a4f61f20 47000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b88e7e88-011f-91b5-95ee-af84b561412a 963 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\b89240c2-ace7-476b-3eba-192bd707bd1a 11554 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bf74339e-e424-3f4b-a967-3257254c5591 48377 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bf7e4e55-9081-ddf5-a76f-f51343026712 2000 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bf8aaa38-64c2-4465-9143-5b63afa5d3bf 7388 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bfa19c04-3080-a34e-99da-eb9a309d73cb 138 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bfb6c168-0375-ddc6-0967-2f7ba8f533e5 5696 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bfe40276-f39e-b7d1-2f27-3529594f292b 97269 bytes
c:\documents and settings\Administrator\Application Data\SecondLife\cache\textures\b\bfe76b51-8679-4059-0ffa-dc2f925af7e9 6000 bytes

scan completed successfully
hidden files: 315

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\nvmini]
"ImagePath"="system32\DRIVERS\nvmini.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MySQL]
"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.0\bin\mysqld-nt\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.0\my.ini\" MySQL"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(644)
c:\program files\Bonjour\mdnsNSP.dll

- - - - - - - > 'Explorer.EXE'(1468)
c:\program files\Bonjour\mdnsNSP.dll
c:\docume~1\ADMINI~1\LOCALS~1\Temp\wmsetup.dll
c:\windows\system32\XR5nPhu9.dll
c:\windows\system32\efc0c52cc1.dll
c:\windows\system32\56BC86C7.dll
c:\windows\system32\gggg6sZAbKcD.dll
c:\windows\system32\D9C002DD.dll
c:\windows\system32\76B9BA7A.dll
c:\windows\system32\08223B03.dll
c:\windows\system32\CC0EC2C9.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\a-squared Anti-Malware\a2service.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
d:\realmaplestory\npkcmsvc.exe
c:\windows\system32\wscntfy.exe
c:\program files\Java\jre6\bin\jucheck.exe
c:\windows\system32\rundll32.exe
c:\program files\Internet Explorer\IEXPLORE.EXE
.
**************************************************************************
.
Completion time: 04/03/2009 13:29:33 - machine was rebooted
ComboFix-quarantined-files.txt 2009-04-03 10:28:36
ComboFix2.txt 2009-03-23 17:00:10
ComboFix3.txt 2009-03-23 11:36:46

Pre-Run: 8,043,991,040 bytes free
Post-Run: 7,403,933,696 bytes free

717

​

 

[AL-7arBi]

وين الشباب ..

وين المساعدة؟؟

 

[Mr_Tornado]

يغير احجام ملفات و يصير لما اضغط عليه يقول لي dont send الإرور المعروف

ممكن اسماء الملفات الى اتغير حجمها وصوره من رسالة dont send

 

[MAAX]

عطل استعادة النظام حسب الشرح التالي

ثم

حمل الاداة التالية

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

شغلها فتظهر لك واجهة الاداة
احتر خيار التنظيف فتظهر شاشة الدوس للفحص
اتركها حتى تنتهي ويظهر التقرير
انسخه والصقه بمشاركتك القادمة​