[ تم حل المشكلة ] هذا تقرير HijackThis ارجوا المساعده

  • بادئ الموضوع بادئ الموضوع bin_malo0om
  • تاريخ البدء تاريخ البدء
  • المشاهدات 1,533
الحالة
مغلق و غير مفتوح للمزيد من الردود.
B

bin_malo0om

زيزوومى متألق
إنضم
12 نوفمبر 2007
المشاركات
362
مستوى التفاعل
1
النقاط
470
الإقامة
الإمارات العربية المتحدة
غير متصل
السلام عليكم و رحمه الله وبركاته


شحالكم


هذا التقرير ياليت تقولولي اذا جهازي مصاب بترجون او فايروس او ...............................الخ
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:28:31 م, on 23/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\WINDOWS\sm56hlpr.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
c:\docume~1\t-s-comd\applic~1\regsre~1\TICK DOWNLOAD PROGRAM.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-21-1123561945-448539723-1177238915-500\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Administrator')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل المحدّدة بفري داونلود مانيجر -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: تنزيل الكل بفري داونلود مانيجر -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: تنزيل بفري داونلود مانيجر -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
Files\Free Download Manager\dllink.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {3C8E8DD8-D86A-4E6D-AF37-AB3CA7FDF8CD} (IMS_Conference Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {9E45BE3C-DE06-4492-AB7D-E51447CF2ED0} (clsUMS Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} (ReadUid.UserControlMacEntry) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {C171FF59-8C55-4796-A398-4F5D02B4C763} (IMC_Sec Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 7945 bytes
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
استخدم هالادوات وبعد ماتخلص هات تقرير جديد

اداة ATF cleaner





يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي



و




يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي





التوافق : ويندوز اكسبيفقط




شرح الاستخدام ,,,,,,
دبل كلك على الاداة واصبر حتى تنتهي جميع النوافذ وتقف عند هذه النافذة




002.png





وعند ظهور هذه الشاشه ,, اضغط على Close ليتم اعادة تشغيل جهازك (( لتكملة عملية التنظيف ))




 
توقيع : البارون
تأييد 0
تسلم
الاداه الاولى 100%
اما الثانيه لمى يخلص من نوافذ الدوس
بعدين يطلع شكل البرنامج
يعلق البرنامج
تكون الصفحه بيضاء

وهذا تقرير

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:07:41 م, on 23/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\sm56hlpr.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Documents and Settings\t-s-comd\Application Data\cleaner\run.exe
C:\Documents and Settings\t-s-comd\Application Data\cleaner\PrivacySuite.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
c:\docume~1\t-s-comd\applic~1\regsre~1\TICK DOWNLOAD PROGRAM.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل المحدّدة بفري داونلود مانيجر -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: تنزيل الكل بفري داونلود مانيجر -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: تنزيل بفري داونلود مانيجر -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
Files\Free Download Manager\dllink.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {3C8E8DD8-D86A-4E6D-AF37-AB3CA7FDF8CD} (IMS_Conference Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {9E45BE3C-DE06-4492-AB7D-E51447CF2ED0} (clsUMS Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} (ReadUid.UserControlMacEntry) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {C171FF59-8C55-4796-A398-4F5D02B4C763} (IMC_Sec Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 7854 bytes
 
تأييد 0
اعمل الاتي يالغلا

عطل جميع برامج الحمايه

نزل هذه الاداة
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
 بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
 انتظر حتى يظهر لك تقرير ،، وبذلك يكون الفحص انتهى الصق التقرير بمشاركتك القادمة
 
توقيع : KoNaMi
تأييد 0
تسلم اخوي كونامي
هذا التقرير

ComboFix 09-04-23.A3 - t-s-comd 04/23/2009 22:35.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1256.971.1033.18.239.72 [GMT 4:00]
Running from: c:\documents and settings\t-s-comd\Desktop\ComboFix.exe
AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated)
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2009-05-23 to 2009-4-23 )))))))))))))))))))))))))))))))
.
2009-04-23 17:44 . 2009-04-23 17:44 -------- d-----w c:\documents and settings\t-s-comd\Application Data\CyberScrub
2009-04-23 17:43 . 2009-04-23 17:58 -------- d-----w c:\documents and settings\t-s-comd\Application Data\cleaner
2009-04-23 10:05 . 2009-04-23 10:05 -------- d-----w c:\documents and settings\t-s-comd\Local Settings\Application Data\Thinstall
2009-04-23 10:05 . 2009-04-23 10:05 -------- d-----w c:\documents and settings\t-s-comd\Application Data\Thinstall
2009-04-23 09:27 . 2009-04-23 09:27 206984 ----a-w c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-04-23 09:20 . 2009-04-23 09:20 -------- d-----w c:\windows\system32\XPSViewer
2009-04-23 09:00 . 2009-04-23 09:00 -------- d-----w c:\documents and settings\t-s-comd\Application Data\Windows Search
2009-04-22 17:17 . 2008-07-06 12:06 89088 -c----w c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-04-22 17:17 . 2008-07-06 12:06 117760 ------w c:\windows\system32\prntvpt.dll
2009-04-22 17:17 . 2008-07-06 12:06 575488 -c----w c:\windows\system32\dllcache\xpsshhdr.dll
2009-04-22 17:17 . 2008-07-06 12:06 575488 ------w c:\windows\system32\xpsshhdr.dll
2009-04-22 17:17 . 2008-07-06 12:06 1676288 -c----w c:\windows\system32\dllcache\xpssvcs.dll
2009-04-22 17:17 . 2008-07-06 12:06 1676288 ------w c:\windows\system32\xpssvcs.dll
2009-04-22 17:17 . 2008-07-06 10:50 597504 -c----w c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-04-22 17:02 . 2009-04-22 17:02 -------- d-----w c:\documents and settings\t-s-comd\Local Settings\Application Data\Identities
2009-04-22 17:00 . 2009-04-22 17:00 -------- d-----w c:\windows\system32\GroupPolicy
2009-04-22 16:54 . 2009-04-23 10:08 -------- d-----w c:\windows\system32\drivers\UMDF
2009-04-22 16:54 . 2009-04-22 16:54 -------- d-----w c:\windows\system32\LogFiles
2009-04-22 16:52 . 2009-04-22 16:52 -------- d-----w c:\windows\system32\tr-tr
2009-04-22 16:52 . 2009-04-22 16:52 -------- d-----w c:\windows\system32\th-th
2009-04-22 16:50 . 2009-04-22 16:50 -------- d-----w c:\windows\system32\he-il
2009-04-22 16:50 . 2009-04-22 16:50 -------- d-----w c:\windows\system32\fr-fr
2009-04-22 16:50 . 2009-04-22 16:50 -------- d-----w c:\windows\system32\fi-fi
2009-04-22 16:50 . 2009-04-22 16:50 -------- d-----w c:\windows\system32\et-ee
2009-04-22 16:50 . 2009-04-22 16:50 -------- d-----w c:\windows\system32\es-es
2009-04-22 16:50 . 2009-04-22 16:50 -------- d-----w c:\windows\system32\el-gr
2009-04-22 16:50 . 2009-04-22 16:50 -------- d-----w c:\windows\system32\de-de
2009-04-22 16:50 . 2009-04-22 16:50 -------- d-----w c:\windows\system32\da-dk
2009-04-22 16:50 . 2009-04-22 16:50 -------- d-----w c:\windows\system32\cs-cz
2009-04-22 16:50 . 2009-04-22 16:50 -------- d-----w c:\windows\system32\zh-tw
2009-04-22 16:50 . 2009-04-22 16:50 -------- d-----w c:\windows\system32\zh-cn
2009-04-22 16:50 . 2009-04-22 16:50 -------- d-----w c:\windows\system32\bg-bg
2009-04-21 16:43 . 2009-04-21 17:56 89601 ----a-w c:\windows\system32\drivers\klick.dat
2009-04-21 16:43 . 2009-04-21 17:56 101287 ----a-w c:\windows\system32\drivers\klin.dat
2009-04-21 16:42 . 2009-04-23 18:43 286752 --sha-w c:\windows\system32\drivers\fidbox2.dat
2009-04-21 16:42 . 2009-04-23 18:42 2060 --sha-w c:\windows\system32\drivers\fidbox2.idx
2009-04-21 16:42 . 2009-04-23 18:42 -------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-04-21 16:42 . 2009-04-23 18:40 1652256 --sha-w c:\windows\system32\drivers\fidbox.dat
2009-04-21 16:42 . 2009-04-23 18:40 13988 --sha-w c:\windows\system32\drivers\fidbox.idx
2009-04-21 16:36 . 2001-08-17 09:57 16128 -c--a-w c:\windows\system32\dllcache\modemcsa.sys
2009-04-21 16:36 . 2001-08-17 09:57 16128 ----a-w c:\windows\system32\drivers\MODEMCSA.sys
2009-04-20 09:04 . 2009-04-20 09:04 38 ----a-w c:\windows\avisplitter.INI
2009-04-20 08:54 . 2008-04-14 01:42 28672 -c--a-w c:\windows\system32\dllcache\vidcap.ax
2009-04-20 08:54 . 2008-04-14 01:42 28672 ----a-w c:\windows\system32\vidcap.ax
2009-04-20 08:54 . 2008-04-14 01:42 91136 -c--a-w c:\windows\system32\dllcache\kswdmcap.ax
2009-04-20 08:54 . 2008-04-14 01:42 91136 ----a-w c:\windows\system32\kswdmcap.ax
2009-04-20 08:54 . 2008-04-14 01:42 61952 -c--a-w c:\windows\system32\dllcache\kstvtune.ax
2009-04-20 08:54 . 2008-04-14 01:42 61952 ----a-w c:\windows\system32\kstvtune.ax
2009-04-20 08:54 . 2008-04-14 01:42 53760 -c--a-w c:\windows\system32\dllcache\vfwwdm32.dll
2009-04-20 08:54 . 2008-04-14 01:42 53760 ----a-w c:\windows\system32\vfwwdm32.dll
2009-04-20 08:54 . 2008-04-14 01:42 43008 -c--a-w c:\windows\system32\dllcache\ksxbar.ax
2009-04-20 08:54 . 2008-04-14 01:42 43008 ----a-w c:\windows\system32\ksxbar.ax
2009-04-20 08:54 . 2009-04-20 08:54 13824 ----a-w c:\windows\system32\drivers\splitcam.sys
2009-04-20 08:52 . 2003-05-14 17:07 389120 ----a-w c:\windows\system32\actskn43.ocx
2009-04-20 08:06 . 2009-04-20 08:06 -------- d-----w c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2009-04-20 07:21 . 2009-04-20 07:21 131 ----a-w c:\documents and settings\t-s-comd\Local Settings\Application Data\fusioncache.dat
2009-04-20 07:21 . 2009-04-20 08:00 -------- d-----w c:\documents and settings\t-s-comd\Local Settings\Application Data\ApplicationHistory
2009-04-20 07:01 . 2009-04-20 07:05 -------- d-----w c:\windows\system32\URTTemp
2009-04-20 06:47 . 2009-04-20 06:47 -------- d-----w c:\windows\Motorola
2009-04-20 04:46 . 2009-02-06 11:06 2145280 -c----w c:\windows\system32\dllcache\ntkrnlmp.exe
2009-04-20 04:46 . 2009-02-06 11:08 2189056 -c----w c:\windows\system32\dllcache\ntoskrnl.exe
2009-04-20 04:46 . 2009-02-06 10:32 2023936 -c----w c:\windows\system32\dllcache\ntkrpamp.exe
2009-04-20 04:41 . 2008-05-03 11:55 2560 ------w c:\windows\system32\xpsp4res.dll
2009-04-20 04:18 . 2008-10-24 11:21 455296 -c----w c:\windows\system32\dllcache\mrxsmb.sys
2009-04-20 04:08 . 2008-06-13 11:05 272128 -c----w c:\windows\system32\dllcache\bthport.sys
2009-04-20 04:08 . 2008-06-13 11:05 272128 ------w c:\windows\system32\drivers\bthport.sys
2009-04-20 03:47 . 2008-10-16 10:09 43544 ----a-w c:\windows\system32\wups2.dll
2009-04-20 03:47 . 2008-10-16 10:09 31768 ----a-w c:\windows\system32\wucltui.dll.mui
2009-04-20 03:47 . 2008-10-16 10:07 23576 ----a-w c:\windows\system32\wuaucpl.cpl.mui
2009-04-20 03:47 . 2008-10-16 10:07 18456 ----a-w c:\windows\system32\wuaueng.dll.mui
2009-04-20 03:47 . 2008-10-16 10:07 23576 ----a-w c:\windows\system32\wuapi.dll.mui
2009-04-18 19:32 . 2008-04-13 20:15 26112 -c--a-w c:\windows\system32\dllcache\usbser.sys
2009-04-18 19:32 . 2008-04-13 20:15 26112 ----a-w c:\windows\system32\drivers\usbser.sys
2009-04-18 19:32 . 2009-04-18 19:32 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-04-18 19:32 . 2009-04-18 19:32 0 ---ha-w c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-04-18 19:32 . 2008-03-21 09:57 14640 ------w c:\windows\system32\spmsgXP_2k3.dll
2009-04-16 13:59 . 2009-04-21 10:16 1555 ----a-w c:\windows\ata live update.ini
2009-04-15 18:36 . 2009-04-15 18:36 -------- d-----w c:\documents and settings\t-s-comd\Application Data\CyberLink
2009-04-15 17:56 . 2009-04-15 17:56 0 ----a-w c:\windows\nsreg.dat
2009-04-15 17:56 . 2009-04-15 17:56 -------- d-----w c:\documents and settings\t-s-comd\Local Settings\Application Data\Mozilla
2009-04-15 17:29 . 2009-04-22 16:50 -------- d-----w c:\windows\system32\ar-sa
2009-04-15 17:04 . 2007-11-30 11:18 26488 ----a-w c:\windows\system32\spupdsvc.exe
2009-04-15 16:59 . 2009-04-20 05:33 -------- d--h--w c:\windows\$hf_mig$
2009-04-15 16:48 . 2009-04-23 18:39 -------- d-----w c:\documents and settings\t-s-comd\Application Data\Free Download Manager
2009-04-15 16:45 . 2009-04-18 19:33 -------- d-----w c:\documents and settings\t-s-comd\Application Data\PC Suite
2009-04-15 16:45 . 2009-04-23 10:07 -------- d-----w c:\documents and settings\All Users\Application Data\PC Suite
2009-04-15 16:45 . 2009-04-18 19:33 -------- d-----w c:\documents and settings\t-s-comd\Application Data\Nokia
2009-04-15 16:34 . 2008-08-26 05:26 18816 ----a-w c:\windows\system32\drivers\pccsmcfd.sys
2009-04-15 16:30 . 2008-09-15 03:56 8064 ----a-w c:\windows\system32\drivers\usbser_lowerfltj.sys
2009-04-15 16:30 . 2008-09-15 03:56 8064 ----a-w c:\windows\system32\drivers\usbser_lowerflt.sys
2009-04-15 16:30 . 2008-09-15 03:56 22016 ----a-w c:\windows\system32\drivers\ccdcmbo.sys
2009-04-15 16:30 . 2008-09-15 03:56 659968 ----a-w c:\windows\system32\nmwcdcocls.dll
2009-04-15 16:30 . 2008-09-15 03:56 17664 ----a-w c:\windows\system32\drivers\ccdcmb.sys
2009-04-15 16:30 . 2008-09-15 03:29 1112288 ----a-w c:\windows\system32\wdfcoinstaller01007.dll
2009-04-15 16:30 . 2008-09-15 03:56 91136 ----a-w c:\windows\system32\nmwcdcls.dll
2009-04-15 16:23 . 2009-04-15 16:23 -------- d-----w c:\documents and settings\All Users\Application Data\Installations
2009-04-15 16:22 . 2009-04-15 16:22 -------- d-----w c:\documents and settings\t-s-comd\Application Data\COWON
2009-04-15 16:18 . 2009-04-15 16:19 -------- d-----w c:\windows\speech
2009-04-15 16:13 . 2009-04-15 16:13 -------- d-----w c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-04-15 16:12 . 2009-04-15 16:12 -------- d-sh--w c:\documents and settings\t-s-comd\UserData
2009-04-15 16:09 . 2009-04-15 16:09 -------- d-----w c:\documents and settings\t-s-comd\Application Data\InstallShield
2009-04-15 16:05 . 2009-04-15 16:05 -------- d-----w c:\documents and settings\All Users\Application Data\Long slow road itch
2009-04-15 16:05 . 2009-04-23 09:46 -------- d-----w c:\documents and settings\t-s-comd\Contacts
2009-04-15 16:04 . 2009-04-16 13:27 -------- d-----w c:\documents and settings\t-s-comd\Application Data\RegsRemoteLite
2009-04-15 16:02 . 2009-04-15 16:02 268 ---ha-w C:\sqmdata00.sqm
2009-04-15 16:02 . 2009-04-15 16:02 244 ---ha-w C:\sqmnoopt00.sqm
2009-04-15 16:01 . 2009-04-15 16:44 -------- dc----w c:\windows\system32\DRVSTORE
2009-04-15 15:46 . 2009-04-15 15:46 78144 ----a-w c:\windows\hpfins05.dat
2009-04-15 15:46 . 2005-05-23 19:44 1395 ------w c:\windows\hpfmdl05.dat
2009-04-15 15:45 . 2009-04-15 15:46 -------- d-----w c:\documents and settings\t-s-comd\Application Data\HP
2009-04-15 15:43 . 2006-04-10 10:03 48128 ----a-w c:\windows\system32\hpzll054.dll
2009-04-15 15:43 . 2008-04-13 20:15 15104 -c--a-w c:\windows\system32\dllcache\usbscan.sys
2009-04-15 15:43 . 2008-04-13 20:15 15104 ----a-w c:\windows\system32\drivers\usbscan.sys
2009-04-15 12:30 . 2009-04-15 12:30 -------- d-----w c:\documents and settings\t-s-comd\Application Data\Media Player Classic
2009-04-15 12:29 . 2009-04-15 12:29 -------- d-----w c:\documents and settings\t-s-comd\Application Data\Image Zone Express
2009-04-15 12:29 . 2009-04-15 12:29 -------- d-----w c:\documents and settings\All Users\Application Data\CyberLink
2009-04-15 05:19 . 2009-04-15 05:19 -------- d-----w c:\documents and settings\t-s-comd\Local Settings\Application Data\Ahead
2009-04-14 19:03 . 2008-04-14 11:00 70144 -c--a-w c:\windows\system32\dllcache\pintlphr.exe
2009-04-14 19:02 . 2008-04-14 05:39 6144 ----a-w c:\windows\system32\kbd106.dll
2009-04-14 19:01 . 2001-08-17 13:59 3072 ----a-w c:\windows\system32\drivers\audstub.sys
2009-04-14 19:01 . 2008-04-14 00:10 57600 ----a-w c:\windows\system32\drivers\redbook.sys
2009-04-14 19:00 . 2008-04-13 22:05 20992 ----a-w c:\windows\system32\drivers\RTL8139.sys
2009-04-14 19:00 . 2008-04-14 00:10 5504 ----a-w c:\windows\system32\drivers\intelide.sys
2009-04-14 19:00 . 2008-04-14 05:42 74240 ----a-w c:\windows\system32\usbui.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-23 17:52 . 2009-04-22 17:00 -------- d-----w c:\program files\Windows Desktop Search
2009-04-23 09:28 . 2009-04-14 16:36 105872 ----a-w c:\documents and settings\t-s-comd\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-23 09:20 . 2009-04-23 09:20 -------- d-----w c:\program files\MSBuild
2009-04-23 09:20 . 2009-04-23 09:20 -------- d-----w c:\program files\Reference Assemblies
2009-04-22 19:14 . 2009-04-22 19:14 -------- d-----w c:\program files\UPHClean
2009-04-22 16:58 . 2009-04-22 16:58 -------- d-----w c:\program files\Windows Media Connect 2
2009-04-22 10:26 . 2009-04-15 16:00 -------- d-----w c:\program files\MSN Messenger
2009-04-21 17:57 . 2008-01-29 14:29 33808 ----a-w c:\windows\system32\drivers\klbg.sys
2009-04-21 16:42 . 2009-04-21 16:42 -------- d-----w c:\program files\Kaspersky Lab
2009-04-21 12:12 . 2009-04-14 15:11 166455 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-04-20 15:36 . 2009-04-20 15:36 -------- d-----w c:\program files\Trend Micro
2009-04-20 08:52 . 2009-04-20 08:52 -------- d-----w c:\program files\SplitCam
2009-04-20 08:52 . 2009-04-14 15:51 -------- d--h--w c:\program files\InstallShield Installation Information
2009-04-20 08:52 . 2009-04-14 15:50 -------- d-----w c:\program files\Common Files\InstallShield
2009-04-20 05:16 . 2009-04-20 05:16 -------- d-----w c:\program files\MSXML 4.0
2009-04-15 18:36 . 2009-04-14 17:01 -------- d-----w c:\program files\Ahead
2009-04-15 17:42 . 2009-04-15 17:41 510 ----a-w C:\updatedatfix.log
2009-04-15 17:42 . 2009-04-14 16:41 -------- d-----w c:\program files\HP
2009-04-15 17:27 . 2009-04-15 16:48 -------- d-----w c:\program files\Free Download Manager
2009-04-15 16:39 . 2009-04-15 16:38 -------- d-----w c:\program files\Common Files\PCSuite
2009-04-15 16:38 . 2009-04-15 16:37 -------- d-----w c:\program files\Common Files\Nokia
2009-04-15 16:38 . 2009-04-15 16:30 -------- d-----w c:\program files\Nokia
2009-04-15 16:34 . 2009-04-15 16:34 -------- d-----w c:\program files\DIFX
2009-04-15 16:32 . 2009-04-15 16:32 -------- d-----w c:\program files\PC Connectivity Solution
2009-04-15 16:18 . 2009-04-15 16:16 -------- d-----w c:\program files\Golden Al-Wafi Translator
2009-04-15 16:16 . 2009-04-14 16:04 172032 ------w c:\windows\Setup1.exe
2009-04-15 16:16 . 2009-04-14 16:04 73216 ----a-w c:\windows\ST6UNST.EXE
2009-04-15 16:11 . 2009-04-15 16:10 -------- d-----w c:\program files\JetAudio
2009-04-15 16:11 . 2009-04-15 16:10 -------- d-----w c:\program files\Common Files\COWON
2009-04-15 16:06 . 2009-04-15 16:06 -------- d-----w c:\program files\MSECache
2009-04-15 16:04 . 2009-04-15 16:04 -------- d-----w c:\program files\RegsRemoteLite
2009-04-15 16:03 . 2009-04-15 16:03 -------- d-----w c:\program files\LtUcx
2009-04-15 16:03 . 2009-04-15 16:03 -------- d-----w c:\program files\Circle Develoement
2009-04-15 16:03 . 2009-04-15 16:02 -------- d-----w c:\program files\Messenger Plus! Live
2009-04-15 16:03 . 2009-04-15 16:03 -------- d-----w c:\program files\Windows Live
2009-04-15 15:44 . 2009-04-14 16:36 128376 ----a-w c:\windows\hpoins11.dat
2009-04-14 16:53 . 2009-04-14 16:53 -------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-04-14 16:47 . 2009-04-14 16:47 -------- d-----w c:\documents and settings\All Users\Application Data\HP
2009-04-14 16:46 . 2009-04-14 16:46 -------- d-----w c:\program files\Common Files\HP
2009-04-14 16:45 . 2009-04-14 16:44 -------- d-----w c:\program files\Hewlett-Packard
2009-04-14 16:44 . 2009-04-14 16:44 -------- d-----w c:\program files\Common Files\Hewlett-Packard
2009-04-14 16:06 . 2009-04-14 16:06 2232 ----a-w c:\windows\java\Packages\Data\ZH7V3NDB.DAT
2009-04-14 16:06 . 2009-04-14 16:06 155995 ----a-w c:\windows\java\Packages\JXV5V3VJ.ZIP
2009-04-14 16:06 . 2009-04-14 16:06 2678 ----a-w c:\windows\java\Packages\Data\PZLVJHNJ.DAT
2009-04-14 16:06 . 2009-04-14 16:06 2678 ----a-w c:\windows\java\Packages\Data\P33N1ZFN.DAT
2009-04-14 16:06 . 2009-04-14 16:06 2678 ----a-w c:\windows\java\Packages\Data\X39ZN3DF.DAT
2009-04-14 16:06 . 2009-04-14 16:06 2678 ----a-w c:\windows\java\Packages\Data\IOPR5Z5R.DAT
2009-04-14 16:06 . 2009-04-14 16:06 2678 ----a-w c:\windows\java\Packages\Data\8AB3FFR1.DAT
2009-04-14 15:57 . 2009-04-14 15:57 -------- d-----w c:\program files\Common Files\xing shared
2009-04-14 15:57 . 2009-04-14 15:56 -------- d-----w c:\program files\Real
2009-04-14 15:57 . 2009-04-14 15:56 -------- d-----w c:\program files\Common Files\Real
2009-04-14 15:56 . 2009-04-14 15:51 499712 ----a-w c:\windows\system32\msvcp71.dll
2009-04-14 15:56 . 2009-04-14 15:50 348160 ----a-w c:\windows\system32\msvcr71.dll
2009-04-14 15:52 . 2009-04-14 15:51 -------- d-----w c:\program files\CyberLink
2009-04-14 15:52 . 2009-04-14 15:51 -------- d-----w c:\program files\GoldWave
2009-04-14 15:51 . 2009-04-14 15:51 90112 ----a-w c:\windows\system32\agsaami.dll
2009-04-14 15:51 . 2009-04-14 15:51 610304 ----a-w c:\windows\system32\agsaamg.dll
2009-04-14 15:51 . 2009-04-14 15:51 372736 ----a-w c:\windows\system32\agsaamc.dll
2009-04-14 15:51 . 2009-04-14 15:51 2535424 ----a-w c:\windows\system32\agsaamj.dll
2009-04-14 15:51 . 2009-04-14 15:51 1986560 ----a-w c:\windows\system32\akll.dll
2009-04-14 15:51 . 2009-04-14 15:51 196608 ----a-w c:\windows\system32\maag.dll
2009-04-14 15:51 . 2009-04-14 15:51 1245184 ----a-w c:\windows\system32\bkll.dll
2009-04-14 15:51 . 2009-04-14 15:51 1212416 ----a-w c:\windows\system32\ckll.dll
2009-04-14 15:51 . 2009-04-14 15:51 -------- d-----w c:\program files\Real_SC
2009-04-14 15:50 . 2009-04-14 15:50 -------- d-----w c:\program files\K-Lite Codec Pack
2009-04-14 15:49 . 2009-04-14 15:49 -------- d-----w c:\program files\Macromedia
2009-04-14 15:38 . 2009-04-14 15:38 -------- d-----w c:\program files\Common Files\L&H
2009-04-14 15:38 . 2009-04-14 15:38 -------- d-----w c:\program files\Microsoft.NET
2009-04-14 15:38 . 2009-04-14 15:38 -------- d-----w c:\program files\Microsoft ActiveSync
2009-04-14 15:37 . 2009-04-14 15:37 -------- d-----w c:\program files\Microsoft Works
2009-04-14 15:12 . 2009-04-14 15:12 -------- d-----w c:\program files\microsoft frontpage
2009-04-14 15:08 . 2009-04-14 15:08 21640 ----a-w c:\windows\system32\emptyregdb.dat
2009-03-25 02:29 . 2009-03-25 02:29 130432 ----a-w c:\windows\system32\drivers\Rtnicxp.sys
2009-03-21 14:06 . 2008-04-14 11:00 56880 ----a-w c:\windows\system32\scvideo.dll
2009-03-06 14:22 . 2008-04-14 11:00 284160 ----a-w c:\windows\system32\pdh.dll
2009-03-03 08:18 . 2009-03-03 08:18 73728 ----a-w c:\windows\system32\RtNicProp32.dll
2009-03-03 00:18 . 2008-04-14 11:00 826368 ----a-w c:\windows\system32\wininet.dll
2009-02-21 04:25 . 2009-02-21 04:25 691592 ----a-w c:\windows\system32\OGACheckControl.DLL
2009-02-20 18:09 . 2008-04-14 11:00 78336 ----a-w c:\windows\system32\ieencode.dll
2009-02-09 12:10 . 2008-04-14 11:00 729088 ----a-w c:\windows\system32\lsasrv.dll
2009-02-09 12:10 . 2008-04-14 11:00 714752 ----a-w c:\windows\system32\ntdll.dll
2009-02-09 12:10 . 2008-04-14 11:00 617472 ----a-w c:\windows\system32\advapi32.dll
2009-02-09 12:10 . 2008-04-14 11:00 401408 ----a-w c:\windows\system32\rpcss.dll
2009-02-09 11:13 . 2008-04-14 11:00 1846784 ----a-w c:\windows\system32\win32k.sys
2009-02-06 11:11 . 2008-04-14 11:00 110592 ----a-w c:\windows\system32\services.exe
2009-02-06 11:06 . 2008-04-14 11:00 2145280 ----a-w c:\windows\system32\ntoskrnl.exe
2009-02-06 10:39 . 2008-04-14 11:00 35328 ----a-w c:\windows\system32\sc.exe
2009-02-06 10:32 . 2008-04-14 00:01 2023936 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-02-03 19:59 . 2008-04-14 11:00 56832 ----a-w c:\windows\system32\secur32.dll
.
------- Sigcheck -------
[-] 2008-12-01 06:09 1614848 362BC5AF8EAF712832C58CC13AE05750 c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-04-21_15.57.18 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-09-28 14:56 . 2006-09-28 14:56 55808 c:\windows\system32\WudfSvc.dll
+ 2006-09-28 16:13 . 2006-09-28 16:13 95344 c:\windows\system32\WUDFCoinstaller.dll
+ 2006-10-18 17:47 . 2006-10-18 17:47 38400 c:\windows\system32\wpdshextres.dll
+ 2006-10-18 16:00 . 2006-10-18 16:00 17408 c:\windows\system32\wpdshextautoplay.exe
+ 2006-10-18 17:47 . 2006-10-18 17:47 63488 c:\windows\system32\wpdmtpus.dll
+ 2006-10-18 17:47 . 2006-10-18 17:47 35840 c:\windows\system32\wpdconns.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 99840 c:\windows\system32\wmpshell.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 37376 c:\windows\system32\wmdmps.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 33792 c:\windows\system32\wmdmlog.dll
+ 2008-07-29 17:10 . 2008-07-29 17:10 26112 c:\windows\system32\TsWpfWrp.exe
+ 2009-04-22 17:19 . 2008-07-06 12:06 89088 c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
+ 2009-04-22 16:59 . 2007-07-27 05:41 16760 c:\windows\system32\spmsg.dll
+ 2008-07-29 15:59 . 2008-07-29 15:59 43544 c:\windows\system32\PresentationHostProxy.dll
+ 2008-04-14 11:00 . 2009-04-23 09:29 71176 c:\windows\system32\perfc009.dat
- 2008-04-14 11:00 . 2008-04-14 11:00 98304 c:\windows\system32\nlhtml.dll
+ 2008-04-14 11:00 . 2008-03-07 17:02 98304 c:\windows\system32\nlhtml.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 15360 c:\windows\system32\mui\0409\mscorees.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 27136 c:\windows\system32\mspmsnsv.dll
+ 2009-04-14 15:07 . 2008-04-14 11:00 19429 c:\windows\system32\MsDtc\Trace\msdtcvtr.bat
+ 2008-07-25 07:16 . 2008-07-25 07:16 83968 c:\windows\system32\mscories.dll
+ 2008-04-14 11:00 . 2008-03-07 17:02 29696 c:\windows\system32\mimefilt.dll
- 2008-04-14 11:00 . 2008-04-14 11:00 29696 c:\windows\system32\mimefilt.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 11264 c:\windows\system32\LAPRXY.dll
+ 2008-07-29 15:24 . 2008-07-29 15:24 97800 c:\windows\system32\infocardapi.dll
+ 2008-07-29 15:24 . 2008-07-29 15:24 11264 c:\windows\system32\icardres.dll
+ 2008-07-29 17:10 . 2008-07-29 17:10 73720 c:\windows\system32\dxva2.dll
+ 2006-09-28 15:00 . 2006-09-28 15:00 82944 c:\windows\system32\drivers\WudfRd.sys
+ 2006-09-28 14:55 . 2006-09-28 14:55 77568 c:\windows\system32\drivers\WudfPf.sys
+ 2006-10-18 16:00 . 2006-10-18 16:00 38528 c:\windows\system32\drivers\wpdusb.sys
+ 2008-07-29 16:20 . 2008-07-29 16:20 24774 c:\windows\system32\drivers\klopp.dat
- 2009-04-19 09:52 . 2008-03-25 16:07 24592 c:\windows\system32\drivers\klim5.sys
+ 2008-04-30 14:06 . 2008-04-30 14:06 24592 c:\windows\system32\drivers\klim5.sys
+ 2008-04-14 11:00 . 2006-10-18 17:47 99840 c:\windows\system32\dllcache\wmpshell.dll
+ 2009-04-14 15:09 . 2006-10-18 17:46 64000 c:\windows\system32\dllcache\wmplayer.exe
+ 2009-04-14 15:09 . 2006-10-18 17:47 96256 c:\windows\system32\dllcache\wmpband.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 37376 c:\windows\system32\dllcache\wmdmps.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 33792 c:\windows\system32\dllcache\wmdmlog.dll
+ 2008-04-14 11:00 . 2008-03-07 17:02 98304 c:\windows\system32\dllcache\nlhtml.dll
- 2008-04-14 11:00 . 2008-04-14 11:00 98304 c:\windows\system32\dllcache\nlhtml.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 27136 c:\windows\system32\dllcache\mspmsnsv.dll
+ 2008-04-14 11:00 . 2008-03-07 17:02 29696 c:\windows\system32\dllcache\mimefilt.dll
- 2008-04-14 11:00 . 2008-04-14 11:00 29696 c:\windows\system32\dllcache\mimefilt.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 11264 c:\windows\system32\dllcache\LAPRXY.dll
+ 2008-07-25 07:16 . 2008-07-25 07:16 96760 c:\windows\system32\dfshim.dll
+ 2008-07-29 19:40 . 2008-07-29 19:40 70648 c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
+ 2008-07-29 19:40 . 2008-07-29 19:40 91136 c:\windows\Microsoft.NET\Framework\v3.5\MSBuild.exe
+ 2008-07-29 19:40 . 2008-07-29 19:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.VisualC.STLCLR.dll
+ 2008-07-29 19:40 . 2008-07-29 19:40 40960 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Data.Entity.Build.Tasks.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 89080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2052.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 92664 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1042.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 95224 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1041.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 89592 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1028.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 84480 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2052.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 94720 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1042.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 97792 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1041.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 84992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1028.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 97280 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\DeleteTemp.exe
+ 2008-07-29 19:40 . 2008-07-29 19:40 95224 c:\windows\Microsoft.NET\Framework\v3.5\EdmGen.exe
+ 2008-07-29 19:40 . 2008-07-29 19:40 78856 c:\windows\Microsoft.NET\Framework\v3.5\DataSvcUtil.exe
+ 2008-07-29 19:40 . 2008-07-29 19:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\AddInUtil.exe
+ 2008-07-29 19:40 . 2008-07-29 19:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess32.exe
+ 2008-07-29 19:40 . 2008-07-29 19:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess.exe
+ 2008-07-29 17:10 . 2008-07-29 17:10 46104 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
+ 2008-07-29 15:59 . 2008-07-29 15:59 32768 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationCFFRasterizer.dll
+ 2008-07-29 17:10 . 2008-07-29 17:10 71160 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PenIMC.dll
+ 2008-07-29 15:32 . 2008-07-29 15:32 17448 c:\windows\Microsoft.NET\Framework\v3.0\Windows Workflow Foundation\PerformanceCounterInstaller.exe
+ 2008-07-29 15:16 . 2008-07-29 15:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2008-07-29 15:16 . 2008-07-29 15:16 73728 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.Install.dll
+ 2008-07-29 15:16 . 2008-07-29 15:16 20504 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceMonikerSupport.dll
+ 2008-07-29 15:16 . 2008-07-29 15:16 11280 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 37896 c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 81400 c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
+ 2008-07-25 07:17 . 2008-07-25 07:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 57392 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 95232 c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 16896 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 61952 c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
+ 2008-07-25 07:17 . 2008-07-25 07:17 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
+ 2008-07-25 07:17 . 2008-07-25 07:17 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
+ 2008-07-25 07:17 . 2008-07-25 07:17 88584 c:\windows\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 24584 c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 31744 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 19456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
+ 2008-07-25 07:16 . 2008-07-25 07:16 18944 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 77312 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 46592 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
+ 2008-07-25 07:16 . 2008-07-25 07:16 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
+ 2008-07-25 07:16 . 2008-07-25 07:16 97792 c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
+ 2008-07-25 07:16 . 2008-07-25 07:16 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-07-25 07:16 . 2008-07-25 07:16 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
+ 2008-07-25 07:16 . 2008-07-25 07:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-25 07:16 . 2008-07-25 07:16 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
+ 2008-07-25 07:16 . 2008-07-25 07:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
+ 2008-07-25 07:16 . 2008-07-25 07:16 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
+ 2008-07-25 07:17 . 2008-07-25 07:17 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 65032 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
+ 2008-07-25 07:17 . 2008-07-25 07:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
+ 2008-07-25 07:16 . 2008-07-25 07:16 18936 c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
+ 2008-07-25 07:16 . 2008-07-25 07:16 62968 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
+ 2008-07-25 07:16 . 2008-07-25 07:16 35320 c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
+ 2008-07-25 07:17 . 2008-07-25 07:17 69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 27136 c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
+ 2008-07-25 07:16 . 2008-07-25 07:16 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
+ 2008-07-25 07:16 . 2008-07-25 07:16 80376 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2008-07-25 07:17 . 2008-07-25 07:17 89608 c:\windows\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2008-07-25 07:16 . 2008-07-25 07:16 33792 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2008-07-25 07:16 . 2008-07-25 07:16 34312 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2008-07-25 07:16 . 2008-07-25 07:16 33288 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
+ 2008-07-25 07:16 . 2008-07-25 07:16 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
+ 2008-07-25 07:16 . 2008-07-25 07:16 84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2008-07-25 07:16 . 2008-07-25 07:16 33800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2008-07-25 07:16 . 2008-07-25 07:16 17416 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
+ 2008-07-25 07:16 . 2008-07-25 07:16 22024 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
+ 2008-07-25 07:16 . 2008-07-25 07:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2008-07-25 07:17 . 2008-07-25 07:17 58880 c:\windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2008-07-25 07:16 . 2008-07-25 07:16 98808 c:\windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
+ 2008-07-25 07:16 . 2008-07-25 07:16 13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
+ 2008-07-25 07:16 . 2008-07-25 07:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2008-07-25 07:16 . 2008-07-25 07:16 96768 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 16896 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2008-07-25 07:16 . 2008-07-25 07:16 16896 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2008-07-25 07:16 . 2008-07-25 07:16 82944 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2009-04-22 19:14 . 2009-04-22 19:14 25214 c:\windows\Installer\{FF77941A-2BFA-4A18-BE2E-69B9498E4D55}\_294823.exe
- 2009-04-15 16:01 . 2009-04-15 16:01 29926 c:\windows\Installer\{B3FB6C13-AEC8-4FC8-8B96-919BAB1F2FC7}\MsblIco.Exe
+ 2009-04-22 10:26 . 2009-04-22 10:26 29926 c:\windows\Installer\{B3FB6C13-AEC8-4FC8-8B96-919BAB1F2FC7}\MsblIco.Exe
+ 2009-04-22 17:17 . 2008-07-06 12:06 89088 c:\windows\Driver Cache\i386\filterpipelineprintproc.dll
+ 2009-04-22 17:19 . 2009-04-22 17:19 32768 c:\windows\assembly\tmp\YHBUKKX1\System.ServiceModel.WasHosting.dll
+ 2009-04-22 17:19 . 2009-04-22 17:19 46104 c:\windows\assembly\tmp\XS5RB2UN\PresentationFontCache.exe
+ 2009-04-22 17:19 . 2009-04-22 17:19 40960 c:\windows\assembly\tmp\C4KX1TT3\UIAutomationProvider.dll
+ 2009-04-22 17:19 . 2009-04-22 17:19 73728 c:\windows\assembly\tmp\ANFSKYW2\System.ServiceModel.Install.dll
+ 2009-04-22 17:19 . 2009-04-22 17:19 98304 c:\windows\assembly\tmp\7KO1URP0\UIAutomationTypes.dll
+ 2009-04-22 17:19 . 2009-04-22 17:19 32768 c:\windows\assembly\tmp\4EWOGHM7\PresentationCFFRasterizer.dll
+ 2009-04-22 17:19 . 2009-04-22 17:19 94208 c:\windows\assembly\tmp\0P8YD5OT\WindowsFormsIntegration.dll
+ 2009-04-23 09:36 . 2009-04-23 09:36 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\8f5c0e1b77c840d99a68897898317b79\UIAutomationProvider.ni.dll
+ 2009-04-23 09:34 . 2009-04-23 09:34 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\9469981a17c01dd154c540127e678b35\PresentationFontCache.ni.exe
+ 2009-04-23 09:33 . 2009-04-23 09:33 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\487c1bc20f6e73e8e79503898d17d102\PresentationCFFRasterizer.ni.dll
+ 2009-04-23 08:02 . 2009-04-23 08:02 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\36dbc4689f7c51e393504230004c9dec\Microsoft.Build.Framework.ni.dll
+ 2009-04-23 08:01 . 2009-04-23 08:01 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\a2865dcec9c5d3cc9c55f026cbad6fcc\dfsvc.ni.exe
+ 2009-04-23 08:01 . 2009-04-23 08:01 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\c2af7cfbb47c077029a2645930b4eeac\Accessibility.ni.dll
+ 2009-04-23 09:20 . 2009-04-23 09:20 94208 c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2009-04-23 09:20 . 2009-04-23 09:20 98304 c:\windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2009-04-23 09:20 . 2009-04-23 09:20 40960 c:\windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2009-04-23 09:31 . 2009-04-23 09:31 12288 c:\windows\assembly\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2009-04-23 09:31 . 2009-04-23 09:31 61440 c:\windows\assembly\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\System.Web.Routing.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2009-04-23 09:31 . 2009-04-23 09:31 32768 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll
+ 2009-04-23 09:31 . 2009-04-23 09:31 77824 c:\windows\assembly\GAC_MSIL\System.Web.Abstractions\3.5.0.0__31bf3856ad364e35\System.Web.Abstractions.dll
+ 2009-04-23 09:20 . 2009-04-23 09:20 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2009-04-23 09:20 . 2009-04-23 09:20 73728 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2009-04-23 09:30 . 2009-04-23 09:30 53248 c:\windows\assembly\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2009-04-23 09:31 . 2009-04-23 09:31 57344 c:\windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2009-04-23 09:30 . 2009-04-23 09:30 45056 c:\windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2009-04-23 09:20 . 2009-04-23 09:20 46104 c:\windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
+ 2009-04-23 09:20 . 2009-04-23 09:20 32768 c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2009-04-23 09:30 . 2009-04-23 09:30 41984 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2009-04-23 09:30 . 2009-04-23 09:30 94208 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll
+ 2009-04-23 09:30 . 2009-04-23 09:30 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 4096 c:\windows\system32\wmvdmoe2.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 4096 c:\windows\system32\wmvdmod.dll
+ 2006-10-18 17:47 . 2006-10-18 17:47 4096 c:\windows\system32\WMVADVE.DLL
+ 2006-10-18 17:47 . 2006-10-18 17:47 4096 c:\windows\system32\WMVADVD.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 4096 c:\windows\system32\wmsdmoe2.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 4096 c:\windows\system32\wmsdmod.dll
+ 2006-10-18 17:58 . 2006-10-18 17:58 8704 c:\windows\system32\wdfmgr.exe
+ 2006-10-18 17:47 . 2006-10-18 17:47 4096 c:\windows\system32\wdfapi.dll
+ 2006-10-18 17:58 . 2006-10-18 17:58 8704 c:\windows\system32\uwdf.exe
+ 2008-04-14 11:00 . 2006-10-18 17:47 4096 c:\windows\system32\MPG4DMOD.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 4096 c:\windows\system32\MP4SDMOD.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 4096 c:\windows\system32\MP43DMOD.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 4096 c:\windows\system32\dllcache\wmvdmoe2.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 4096 c:\windows\system32\dllcache\wmvdmod.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 4096 c:\windows\system32\dllcache\wmsdmoe2.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 4096 c:\windows\system32\dllcache\wmsdmod.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 4096 c:\windows\system32\dllcache\MPG4DMOD.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 4096 c:\windows\system32\dllcache\MP4SDMOD.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 4096 c:\windows\system32\dllcache\MP43DMOD.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 7168 c:\windows\system32\dllcache\asferror.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 7168 c:\windows\system32\asferror.dll
+ 2008-07-29 19:40 . 2008-07-29 19:40 5632 c:\windows\Microsoft.NET\Framework\v3.5\Sentinel.v3.5Client.dll
+ 2008-07-25 07:16 . 2008-07-25 07:16 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2008-07-25 07:16 . 2008-07-25 07:16 5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2009-04-23 09:30 . 2009-04-23 09:30 5632 c:\windows\assembly\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2007-11-06 22:19 . 2007-11-06 22:19 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll
+ 2007-11-06 22:19 . 2007-11-06 22:19 568832 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll
+ 2007-11-06 17:23 . 2007-11-06 17:23 224768 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 635904 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 558080 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcm80.dll
+ 2008-07-29 17:26 . 2008-07-29 17:26 301568 c:\windows\system32\XPSViewer\XPSViewer.exe
+ 2006-09-28 14:56 . 2006-09-28 14:56 316416 c:\windows\system32\WUDFx.dll
+ 2008-10-29 07:24 . 2008-10-29 07:24 831048 c:\windows\system32\WudfUpdate_01005.dll
+ 2006-09-28 14:56 . 2006-09-28 14:56 165376 c:\windows\system32\WudfPlatform.dll
+ 2006-09-28 14:56 . 2006-09-28 14:56 146432 c:\windows\system32\WudfHost.exe
+ 2006-10-18 17:47 . 2006-10-18 17:47 356352 c:\windows\system32\wpdsp.dll
+ 2006-10-18 17:47 . 2006-10-18 17:47 133632 c:\windows\system32\WPDShServiceObj.dll
+ 2006-10-18 17:47 . 2006-10-18 17:47 154624 c:\windows\system32\wpdmtp.dll
+ 2006-10-18 17:47 . 2006-10-18 17:47 629760 c:\windows\system32\wpd_ci.dll
+ 2006-10-18 17:47 . 2006-10-18 17:47 656896 c:\windows\system32\WMVXENCD.dll
+ 2006-10-18 17:47 . 2006-10-18 17:47 767488 c:\windows\system32\WMVSENCD.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 603648 c:\windows\system32\WMSPDMOD.dll
+ 2006-10-18 17:47 . 2006-10-18 17:47 204288 c:\windows\system32\wmpsrcwp.dll
+ 2006-10-18 17:47 . 2006-10-18 17:47 130048 c:\windows\system32\wmpps.dll
+ 2006-10-18 17:47 . 2006-10-18 17:47 613376 c:\windows\system32\wmpmde.dll
+ 2006-10-18 17:47 . 2008-06-24 14:12 295936 c:\windows\system32\wmpeffects.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 314880 c:\windows\system32\wmpdxm.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 242688 c:\windows\system32\wmpasf.dll
+ 2008-04-14 11:00 . 2008-06-18 01:03 938496 c:\windows\system32\WMNetmgr.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 157184 c:\windows\system32\wmidx.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 227328 c:\windows\system32\wmerror.dll
+ 2006-10-18 17:47 . 2006-10-18 17:47 535040 c:\windows\system32\wmdrmsdk.dll
+ 2006-10-18 17:47 . 2006-10-18 17:47 348672 c:\windows\system32\wmdrmnet.dll
+ 2006-10-18 17:47 . 2006-10-18 17:47 429056 c:\windows\system32\wmdrmdev.dll
+ 2008-04-14 11:00 . 2007-10-27 13:40 222720 c:\windows\system32\wmasf.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 757248 c:\windows\system32\WMADMOD.dll
+ 2008-07-29 15:59 . 2008-07-29 15:59 161296 c:\windows\system32\UIAutomationCore.dll
+ 2009-04-22 17:18 . 2008-07-06 12:06 765440 c:\windows\system32\spool\XPSEP\i386\mxdwdrv.dll
+ 2009-04-22 17:18 . 2008-07-06 12:06 765440 c:\windows\system32\spool\XPSEP\i386\i386\mxdwdrv.dll
+ 2009-04-22 17:18 . 2008-07-06 12:06 748032 c:\windows\system32\spool\XPSEP\amd64\mxdwdrv.dll
+ 2009-04-22 17:18 . 2008-07-06 12:06 748032 c:\windows\system32\spool\XPSEP\amd64\amd64\mxdwdrv.dll
+ 2009-04-22 17:19 . 2008-07-06 12:06 147456 c:\windows\system32\spool\prtprocs\x64\filterpipelineprintproc.dll
+ 2009-04-22 17:17 . 2008-07-06 10:50 597504 c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
+ 2009-04-15 15:43 . 2008-03-13 04:52 761344 c:\windows\system32\spool\drivers\w32x86\3\unires.dll
+ 2009-04-15 15:43 . 2008-07-06 12:06 744960 c:\windows\system32\spool\drivers\w32x86\3\unidrvui.dll
+ 2009-04-15 15:43 . 2008-07-06 12:06 373248 c:\windows\system32\spool\drivers\w32x86\3\unidrv.dll
+ 2009-04-22 17:17 . 2008-07-06 12:06 198656 c:\windows\system32\spool\drivers\w32x86\3\mxdwdui.dll
+ 2009-04-22 17:17 . 2008-07-06 12:06 765440 c:\windows\system32\spool\drivers\w32x86\3\mxdwdrv.dll
+ 2006-08-24 12:15 . 2006-08-24 12:15 150808 c:\windows\system32\rgb9rast_2.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 211456 c:\windows\system32\qasf.dll
+ 2008-07-29 15:59 . 2008-07-29 15:59 781344 c:\windows\system32\PresentationNative_v0300.dll
+ 2008-07-29 16:35 . 2008-07-29 16:35 326160 c:\windows\system32\PresentationHost.exe
+ 2008-07-29 15:59 . 2008-07-29 15:59 105016 c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
+ 2006-10-18 17:47 . 2006-10-18 17:47 199168 c:\windows\system32\PortableDeviceWMDRM.dll
+ 2006-10-18 17:47 . 2006-10-18 17:47 132096 c:\windows\system32\PortableDeviceWiaCompat.dll
+ 2006-10-18 17:47 . 2006-10-18 17:47 166912 c:\windows\system32\PortableDeviceTypes.dll
+ 2006-10-18 17:47 . 2006-10-18 17:47 101888 c:\windows\system32\PortableDeviceClassExtension.dll
+ 2006-10-18 17:47 . 2006-10-18 17:47 284160 c:\windows\system32\PortableDeviceApi.dll
+ 2008-04-14 11:00 . 2009-04-23 09:29 441432 c:\windows\system32\perfh009.dat
+ 2008-04-14 11:00 . 2008-03-07 17:02 192000 c:\windows\system32\offfilt.dll
- 2008-04-14 11:00 . 2008-04-14 11:00 192000 c:\windows\system32\offfilt.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 321536 c:\windows\system32\mswmdm.dll
+ 2008-04-14 11:00 . 2006-12-04 12:21 414720 c:\windows\system32\msscp.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 175616 c:\windows\system32\mspmsp.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 179712 c:\windows\system32\msnetobj.dll
+ 2006-10-02 11:28 . 2006-10-02 11:28 312128 c:\windows\system32\msdelta.dll
+ 2008-07-25 07:16 . 2008-07-25 07:16 158720 c:\windows\system32\mscorier.dll
+ 2008-07-25 07:16 . 2008-07-25 07:16 282112 c:\windows\system32\mscoree.dll
+ 2006-10-18 17:47 . 2006-10-18 17:47 259072 c:\windows\system32\MPG4DECD.dll
+ 2006-10-18 17:47 . 2006-10-18 17:47 317440 c:\windows\system32\MP4SDECD.dll
+ 2006-10-18 17:47 . 2006-10-18 17:47 259072 c:\windows\system32\MP43DECD.dll
+ 2006-10-18 17:47 . 2006-10-18 17:47 212992 c:\windows\system32\MFPLAT.dll
+ 2008-04-14 11:00 . 2008-06-17 21:09 100864 c:\windows\system32\logagent.exe
+ 2008-07-29 16:21 . 2008-07-29 16:21 218376 c:\windows\system32\klogon.dll
+ 2008-07-29 15:24 . 2008-07-29 15:24 622080 c:\windows\system32\icardagt.exe
+ 2009-04-14 18:57 . 2009-04-23 17:52 362528 c:\windows\system32\FNTCACHE.DAT
+ 2008-07-29 17:10 . 2008-07-29 17:10 493048 c:\windows\system32\evr.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 991744 c:\windows\system32\drmv2clt.dll
+ 2006-10-18 16:00 . 2006-10-18 16:00 249856 c:\windows\system32\drmupgds.exe
+ 2006-10-18 17:47 . 2006-10-18 17:47 671232 c:\windows\system32\drivers\UMDF\wpdmtpdr.dll
+ 2008-10-29 07:29 . 2008-10-29 07:29 531968 c:\windows\system32\drivers\UMDF\PCCSWpdDriver.dll
+ 2009-04-21 16:41 . 2009-04-21 17:57 213520 c:\windows\system32\drivers\klif.sys
- 2009-04-19 09:54 . 2009-04-16 10:57 213520 c:\windows\system32\drivers\klif.sys
+ 2008-07-21 14:34 . 2008-07-21 14:34 121872 c:\windows\system32\drivers\kl1.sys
+ 2008-04-14 11:00 . 2006-10-18 17:47 603648 c:\windows\system32\dllcache\WMSPDMOD.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 314880 c:\windows\system32\dllcache\wmpdxm.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 242688 c:\windows\system32\dllcache\wmpasf.dll
+ 2008-04-14 11:00 . 2008-06-18 01:03 938496 c:\windows\system32\dllcache\WMNetmgr.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 157184 c:\windows\system32\dllcache\wmidx.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 227328 c:\windows\system32\dllcache\wmerror.dll
+ 2008-04-14 11:00 . 2007-10-27 13:40 222720 c:\windows\system32\dllcache\wmasf.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 757248 c:\windows\system32\dllcache\WMADMOD.dll
+ 2008-04-14 11:00 . 2007-06-26 18:10 317440 c:\windows\system32\dllcache\unregmp2.exe
+ 2008-04-14 11:00 . 2006-10-18 17:47 211456 c:\windows\system32\dllcache\qasf.dll
+ 2008-04-14 11:00 . 2008-03-07 17:02 192000 c:\windows\system32\dllcache\offfilt.dll
- 2008-04-14 11:00 . 2008-04-14 11:00 192000 c:\windows\system32\dllcache\offfilt.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 321536 c:\windows\system32\dllcache\mswmdm.dll
+ 2008-04-14 11:00 . 2006-12-04 12:21 414720 c:\windows\system32\dllcache\msscp.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 175616 c:\windows\system32\dllcache\mspmsp.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 179712 c:\windows\system32\dllcache\msnetobj.dll
+ 2009-04-14 15:09 . 2006-10-18 17:47 243712 c:\windows\system32\dllcache\mpvis.dll
+ 2008-04-14 11:00 . 2008-06-17 21:09 100864 c:\windows\system32\dllcache\logagent.exe
+ 2008-04-14 11:00 . 2006-10-18 17:47 991744 c:\windows\system32\dllcache\drmv2clt.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 229376 c:\windows\system32\dllcache\cewmdm.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 542720 c:\windows\system32\dllcache\blackbox.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 229376 c:\windows\system32\cewmdm.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 542720 c:\windows\system32\blackbox.dll
+ 2006-10-18 17:47 . 2006-10-18 17:47 276992 c:\windows\system32\audiodev.dll
+ 2008-07-29 19:40 . 2008-07-29 19:40 196104 c:\windows\Microsoft.NET\Framework\v3.5\WFServicesReg.exe
+ 2008-07-29 19:40 . 2008-07-29 19:40 802816 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Build.Tasks.v3.5.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 984056 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapUI.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.3082.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2070.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1055.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 105976 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1053.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 107000 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1049.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1046.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 109048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1045.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1044.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1043.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1040.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1038.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 101368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1037.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 112120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1036.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1035.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 113656 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1032.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 111608 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1031.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1030.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1029.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 102904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1025.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 689152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsscenario.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 413184 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsbasereqs.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 632320 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs70uimgr.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 110080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 131584 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.3082.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 131072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2070.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1055.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1053.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 123904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1049.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 122880 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1046.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1045.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 121856 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1044.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 129024 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1043.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1040.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 132096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1038.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 111104 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1037.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 133120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1036.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 122368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1035.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 137728 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1032.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 130048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1031.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 126464 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1030.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 125440 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1029.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 113152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1025.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 269304 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
+ 2008-07-29 14:47 . 2008-07-29 14:47 177152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\HtmlLite.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 276984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\dlmgr.dll
+ 2008-07-29 19:15 . 2008-07-29 19:15 225490 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\baseline.dat
+ 2008-07-29 19:40 . 2008-07-29 19:40 233976 c:\windows\Microsoft.NET\Framework\v3.5\1033\vbc7ui.dll
+ 2008-07-29 19:40 . 2008-07-29 19:40 168448 c:\windows\Microsoft.NET\Framework\v3.5\1033\cscompui.dll
+ 2008-07-29 16:35 . 2008-07-29 16:35 864256 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationUI.dll
+ 2008-07-29 15:59 . 2008-07-29 15:59 132120 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2008-07-29 17:10 . 2008-07-29 17:10 806928 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NaturalLanguage6.dll
+ 2008-07-29 15:16 . 2008-07-29 15:16 152576 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe
+ 2008-07-29 15:16 . 2008-07-29 15:16 966656 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
+ 2008-07-29 15:16 . 2008-07-29 15:16 132096 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
+ 2008-07-29 15:16 . 2008-07-29 15:16 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2008-07-29 15:16 . 2008-07-29 15:16 156688 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe
+ 2008-07-29 15:16 . 2008-07-29 15:16 163840 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-07-29 15:16 . 2008-07-29 15:16 397312 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll
+ 2008-07-29 15:24 . 2008-07-29 15:24 881664 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
+ 2008-07-29 15:16 . 2008-07-29 15:16 168968 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe
+ 2008-07-25 07:16 . 2008-07-25 07:16 438272 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 261632 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 303104 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 626688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
+ 2008-07-25 07:16 . 2008-07-25 07:16 970752 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 745472 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 486400 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 392184 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 118784 c:\windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
+ 2008-07-25 07:16 . 2008-07-25 07:16 143360 c:\windows\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 100856 c:\windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2008-07-25 07:17 . 2008-07-25 07:17 230912 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 345600 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 114176 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 367104 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 308224 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 998408 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 659456 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-07-25 07:16 . 2008-07-25 07:16 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2008-07-25 07:16 . 2008-07-25 07:16 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2008-07-25 07:16 . 2008-07-25 07:16 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2008-07-25 07:17 . 2008-07-25 07:17 798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 575496 c:\windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2008-07-25 07:16 . 2008-07-25 07:16 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
+ 2008-07-25 07:16 . 2008-07-25 07:16 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2008-07-25 07:17 . 2008-07-25 07:17 147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
+ 2008-07-25 07:16 . 2008-07-25 07:16 218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
+ 2008-07-25 07:16 . 2008-07-25 07:16 145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
+ 2008-04-14 11:00 . 2007-06-26 18:10 317440 c:\windows\inf\unregmp2.exe
+ 2009-04-22 16:50 . 2007-06-27 06:38 371424 c:\windows\ie7updates\IE7-MUI\spuninst\updspapi.dll
+ 2009-04-22 16:50 . 2007-06-27 06:38 213216 c:\windows\ie7updates\IE7-MUI\spuninst\spuninst.exe
+ 2009-04-22 17:17 . 2008-03-13 04:52 761344 c:\windows\Driver Cache\i386\unires.dll
+ 2009-04-22 17:17 . 2008-07-06 12:06 744960 c:\windows\Driver Cache\i386\unidrvui.dll
+ 2009-04-22 17:17 . 2008-07-06 12:06 373248 c:\windows\Driver Cache\i386\unidrv.dll
+ 2009-04-22 17:17 . 2008-07-06 12:06 198656 c:\windows\Driver Cache\i386\mxdwdui.dll
+ 2009-04-22 17:17 . 2008-07-06 12:06 765440 c:\windows\Driver Cache\i386\mxdwdrv.dll
+ 2009-04-22 17:19 . 2009-04-22 17:19 167936 c:\windows\assembly\tmp\ZVBH0NRP\UIAutomationClient.dll
+ 2009-04-22 17:19 . 2009-04-22 17:19 598016 c:\windows\assembly\tmp\UOWNAEI1\PresentationBuildTasks.dll
+ 2009-04-22 17:19 . 2009-04-22 17:19 430080 c:\windows\assembly\tmp\TP4EJQHL\System.IdentityModel.dll
+ 2009-04-22 17:19 . 2009-04-22 17:19 397312 c:\windows\assembly\tmp\PWWUBH4M\Microsoft.Transactions.Bridge.dll
+ 2009-04-22 17:19 . 2009-04-22 17:19 163840 c:\windows\assembly\tmp\NIXW0A8Z\Microsoft.Transactions.Bridge.Dtc.dll
+ 2009-04-22 17:19 . 2009-04-22 17:19 131072 c:\windows\assembly\tmp\KUM8ULJ2\System.IO.Log.dll
+ 2009-04-22 17:19 . 2009-04-22 17:19 368640 c:\windows\assembly\tmp\FZQ3GI77\System.Printing.dll
+ 2009-04-22 17:19 . 2009-04-22 17:19 540672 c:\windows\assembly\tmp\EXQ2DYBP\System.Workflow.Runtime.dll
+ 2009-04-22 17:19 . 2009-04-22 17:19 385024 c:\windows\assembly\tmp\CDQDPUSS\UIAutomationClientsideProviders.dll
+ 2009-04-22 17:19 . 2009-04-22 17:19 688128 c:\windows\assembly\tmp\9SNFQNFY\System.Speech.dll
+ 2009-04-22 17:19 . 2009-04-22 17:19 528384 c:\windows\assembly\tmp\78XNLCVR\ReachFramework.dll
+ 2009-04-22 17:19 . 2009-04-22 17:19 966656 c:\windows\assembly\tmp\1V5A4USQ\System.Runtime.Serialization.dll
+ 2009-04-22 17:19 . 2009-04-22 17:19 110592 c:\windows\assembly\tmp\1SO6QW6Q\SMdiagnostics.dll
+ 2009-04-23 09:36 . 2009-04-23 09:36 239616 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\a18dff8832712a0f6cccaaefbcc45861\WindowsFormsIntegration.ni.dll
+ 2009-04-23 09:36 . 2009-04-23 09:36 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\dbb2fcd246efaf3df823410597cd1677\UIAutomationTypes.ni.dll
+ 2009-04-23 09:36 . 2009-04-23 09:36 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\d255ab525d10d8fefe5df9ba092b2df8\UIAutomationClient.ni.dll
+ 2009-04-23 08:03 . 2009-04-23 08:03 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\70764208219715962d310336b5959dfa\System.Web.RegularExpressions.ni.dll
+ 2009-04-23 08:02 . 2009-04-23 08:02 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\12903c3843fe923d1977801ffa3cf26c\System.Transactions.ni.dll
+ 2009-04-23 08:02 . 2009-04-23 08:02 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\a9e71dda6389403be4db7b567592e3b8\System.ServiceProcess.ni.dll
+ 2009-04-23 08:02 . 2009-04-23 08:02 676352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\0418eb6dbffe9b46aa4c989153d6a3b5\System.Security.ni.dll
+ 2009-04-23 08:02 . 2009-04-23 08:02 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5f9cd5bfebcb94175d440ebab3aa412f\System.EnterpriseServices.Wrapper.dll
+ 2009-04-23 08:02 . 2009-04-23 08:02 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5f9cd5bfebcb94175d440ebab3aa412f\System.EnterpriseServices.ni.dll
+ 2009-04-22 19:15 . 2009-04-22 19:15 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\5f5d64dd0e7991aaaad2d98ee52afe42\System.Drawing.Design.ni.dll
+ 2009-04-23 08:02 . 2009-04-23 08:02 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\44de75caba2b9711b3d9030a30767f8b\System.DirectoryServices.Protocols.ni.dll
+ 2009-04-23 08:02 . 2009-04-23 08:02 970752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb4cb21d14767292e079366a5d3d76cd\System.Configuration.ni.dll
+ 2009-04-23 09:35 . 2009-04-23 09:35 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ef1a93d10c3a91b728745dbfcc79c2c7\PresentationFramework.Classic.ni.dll
+ 2009-04-23 09:35 . 2009-04-23 09:35 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\b4dc4bd8534d90fbb7430926ad990cd9\PresentationFramework.Luna.ni.dll
+ 2009-04-23 09:35 . 2009-04-23 09:35 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\9e71fd0d299c5668c96a54e4a63479fa\PresentationFramework.Aero.ni.dll
+ 2009-04-23 09:35 . 2009-04-23 09:35 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\79c2fd29b1e46c943960278051b4e1b9\PresentationFramework.Royale.ni.dll
+ 2009-04-23 08:02 . 2009-04-23 08:02 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\43dceeb2d0601d79af40752fb20283c2\Microsoft.Build.Utilities.ni.dll
+ 2009-04-23 08:01 . 2009-04-23 08:01 838656 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\daf5ff5e06c80eefa80c6fcc79aec963\Microsoft.Build.Engine.ni.dll
+ 2009-04-23 08:01 . 2009-04-23 08:01 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\e148983beeb0f30918b0564849a16456\CustomMarshalers.ni.dll
+ 2009-04-23 08:01 . 2009-04-23 08:01 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\c7ffd8c23e8de4018a88185b3b60631e\AspNetMMCExt.ni.dll
+ 2009-04-23 09:20 . 2009-04-23 09:20 385024 c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2009-04-23 09:20 . 2009-04-23 09:20 167936 c:\windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2009-04-23 09:31 . 2009-04-23 09:31 139264 c:\windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2009-04-23 09:30 . 2009-04-23 09:30 507904 c:\windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll
+ 2009-04-23 09:20 . 2009-04-23 09:20 540672 c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2009-04-23 09:31 . 2009-04-23 09:31 335872 c:\windows\assembly\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll
+ 2009-04-23 09:30 . 2009-04-23 09:30 139264 c:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll
+ 2009-04-23 09:30 . 2009-04-23 09:30 131072 c:\windows\assembly\GAC_MSIL\System.Web.Entity.Design\3.5.0.0__b77a5c561934e089\System.Web.Entity.Design.dll
+ 2009-04-23 09:31 . 2009-04-23 09:31 225280 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll
+ 2009-04-23 09:20 . 2009-04-23 09:20 688128 c:\windows\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2009-04-23 09:30 . 2009-04-23 09:30 569344 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2009-04-23 09:20 . 2009-04-23 09:20 966656 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2009-04-23 09:31 . 2009-04-23 09:31 233472 c:\windows\assembly\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2009-04-23 09:30 . 2009-04-23 09:30 143360 c:\windows\assembly\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2009-04-23 09:20 . 2009-04-23 09:20 131072 c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2009-04-23 09:20 . 2009-04-23 09:20 430080 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2009-04-23 09:21 . 2009-04-23 09:21 126976 c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2009-04-23 09:30 . 2009-04-23 09:30 286720 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2009-04-23 09:30 . 2009-04-23 09:30 442368 c:\windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll
+ 2009-04-23 09:30 . 2009-04-23 09:30 114688 c:\windows\assembly\GAC_MSIL\System.Data.Services.Design\3.5.0.0__b77a5c561934e089\System.Data.Services.Design.dll
+ 2009-04-23 09:30 . 2009-04-23 09:30 294912 c:\windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2009-04-23 09:30 . 2009-04-23 09:30 684032 c:\windows\assembly\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2009-04-23 09:30 . 2009-04-23 09:30 229376 c:\windows\assembly\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll
+ 2009-04-23 09:30 . 2009-04-23 09:30 667648 c:\windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2009-04-23 09:30 . 2009-04-23 09:30 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2009-04-23 09:20 . 2009-04-23 09:20 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2009-04-23 09:20 . 2009-04-23 09:20 528384 c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2009-04-23 09:20 . 2009-04-23 09:20 864256 c:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2009-04-23 09:20 . 2009-04-23 09:20 163840 c:\windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2009-04-23 09:20 . 2009-04-23 09:20 397312 c:\windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2009-04-23 09:20 . 2009-04-23 09:20 139264 c:\windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2009-04-23 09:20 . 2009-04-23 09:20 196608 c:\windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2009-04-23 09:20 . 2009-04-23 09:20 598016 c:\windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2009-04-23 09:20 . 2009-04-23 09:20 397312 c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2009-04-23 09:30 . 2009-04-23 09:30 802816 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.dll
+ 2009-04-23 09:30 . 2009-04-23 09:30 733184 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-04-23 09:30 . 2009-04-23 09:30 106496 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2009-04-23 09:20 . 2009-04-23 09:20 368640 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2009-04-23 09:20 . 2009-04-23 09:20 163840 c:\windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2006-10-18 17:47 . 2006-10-18 17:47 2603008 c:\windows\system32\WpdShext.dll
+ 2006-10-18 17:47 . 2006-10-18 17:47 1382912 c:\windows\system32\WMVSDECD.dll
+ 2006-10-18 17:47 . 2006-10-18 17:47 1574912 c:\windows\system32\WMVENCOD.dll
+ 2006-10-18 17:47 . 2006-10-18 17:47 1543680 c:\windows\system32\WMVDECOD.dll
+ 2008-04-14 11:00 . 2008-06-18 01:03 2458112 c:\windows\system32\WMVCore.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 1329152 c:\windows\system32\WMSPDMOE.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 8231936 c:\windows\system32\wmploc.dll
+ 2006-10-18 17:47 . 2006-10-18 17:47 1661440 c:\windows\system32\wmpencen.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 1117696 c:\windows\system32\WMADMOE.dll
+ 2009-04-22 17:18 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\XPSEP\i386\xpssvcs.dll
+ 2009-04-22 17:18 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\XPSEP\i386\i386\xpssvcs.dll
+ 2009-04-22 17:18 . 2008-07-06 13:36 2936832 c:\windows\system32\spool\XPSEP\amd64\xpssvcs.dll
+ 2009-04-22 17:18 . 2008-07-06 13:36 2936832 c:\windows\system32\spool\XPSEP\amd64\amd64\xpssvcs.dll
+ 2009-04-22 17:17 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\drivers\w32x86\3\XpsSvcs.dll
+ 2008-04-14 11:00 . 2008-06-18 01:03 2458112 c:\windows\system32\dllcache\WMVCore.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 1329152 c:\windows\system32\dllcache\WMSPDMOE.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 8231936 c:\windows\system32\dllcache\wmploc.dll
+ 2008-04-14 11:00 . 2006-10-18 17:47 1117696 c:\windows\system32\dllcache\WMADMOE.dll
+ 2009-04-14 15:09 . 2006-11-01 14:31 1669120 c:\windows\system32\dllcache\setup_wm.exe
+ 2008-07-29 19:40 . 2008-07-29 19:40 1720824 c:\windows\Microsoft.NET\Framework\v3.5\vbc.exe
+ 2008-07-29 14:47 . 2008-07-29 14:47 1054208 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 1364992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\SITSetup.dll
+ 2008-07-29 14:47 . 2008-07-29 14:47 1064448 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\gencomp.dll
+ 2008-07-29 19:40 . 2008-07-29 19:40 1548280 c:\windows\Microsoft.NET\Framework\v3.5\csc.exe
+ 2008-07-29 15:59 . 2008-07-29 15:59 1738760 c:\windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
+ 2008-07-29 17:10 . 2008-07-29 17:10 2637840 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsLexicons0009.dll
+ 2008-07-29 17:10 . 2008-07-29 17:10 4883464 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsData0009.dll
+ 2008-07-29 15:16 . 2008-07-29 15:16 5931008 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
+ 2008-07-25 07:16 . 2008-07-25 07:16 1344000 c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 1172472 c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2008-07-25 07:17 . 2008-07-25 07:17 2048000 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 5238784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 3149824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 2933248 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
+ 2008-07-25 07:16 . 2008-07-25 07:16 5815296 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2008-07-25 07:17 . 2008-07-25 07:17 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2008-07-25 07:16 . 2008-07-25 07:16 1163768 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
+ 2009-04-22 17:19 . 2009-04-22 17:19 1630208 c:\windows\assembly\tmp\V4HSJ2OA\System.Workflow.ComponentModel.dll
+ 2009-04-22 17:19 . 2009-04-22 17:19 4210688 c:\windows\assembly\tmp\H486AVF7\PresentationCore.dll
+ 2009-04-22 17:19 . 2009-04-22 17:19 1138688 c:\windows\assembly\tmp\7I0WW7SW\System.Workflow.Activities.dll
+ 2009-04-22 17:19 . 2009-04-22 17:19 5931008 c:\windows\assembly\tmp\50K8FSK3\System.ServiceModel.dll
+ 2009-04-22 17:19 . 2009-04-22 17:19 1245184 c:\windows\assembly\tmp\3MIVATRD\WindowsBase.dll
+ 2009-04-23 09:33 . 2009-04-23 09:33 3311104 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\df20e56b59b1b1a595af305ddc0777ba\WindowsBase.ni.dll
+ 2009-04-23 09:36 . 2009-04-23 09:36 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\8698f073a59ef0db10a3258b1f1deaee\UIAutomationClientsideProviders.ni.dll
+ 2009-04-22 19:12 . 2009-04-22 19:12 7867392 c:\windows\assembly\NativeImages_v2.0.50727_32\System\aa7926460a336408c8041330ad90929d\System.ni.dll
+ 2009-04-22 19:16 . 2009-04-22 19:16 5449728 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\36f3953f24d4f0b767bf172331ad6f3e\System.Xml.ni.dll
+ 2009-04-23 08:03 . 2009-04-23 08:03 1840128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\1dad08772eb89d48a8a0cfe9b0467eb0\System.Web.Services.ni.dll
+ 2009-04-23 08:03 . 2009-04-23 08:03 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\e5995a34d44ad5af7d9f335075bded4d\System.Web.Mobile.ni.dll
+ 2009-04-23 09:36 . 2009-04-23 09:36 1912832 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\2e7a6c977ac9f8d46ebe2982697a0c8d\System.Speech.ni.dll
+ 2009-04-23 09:36 . 2009-04-23 09:36 1035264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\db428f231a2ccaf490ae219efd2edc69\System.Printing.ni.dll
+ 2009-04-22 19:15 . 2009-04-22 19:15 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6978f2e90f13bc720d57fa6895c911e2\System.Drawing.ni.dll
+ 2009-04-23 08:02 . 2009-04-23 08:02 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\6bcc481030a56c24d5990d199812c594\System.DirectoryServices.ni.dll
+ 2009-04-23 08:02 . 2009-04-23 08:02 1800704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\df1efcbac5973454c608890f72eb994d\System.Deployment.ni.dll
+ 2009-04-22 19:14 . 2009-04-22 19:14 6614016 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\0b40341027c01716cec1dd97592698e0\System.Data.ni.dll
+ 2009-04-23 09:36 . 2009-04-23 09:36 2510848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\fa206c73f39721cd2c55829b9853de44\System.Data.Linq.ni.dll
+ 2009-04-23 09:36 . 2009-04-23 09:36 2294784 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\6c69930d05c557da70144bcc0add7065\System.Core.ni.dll
+ 2009-04-23 09:36 . 2009-04-23 09:36 2125824 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\5c59991df60164cae10fd81b88a8e5b1\ReachFramework.ni.dll
+ 2009-04-23 09:35 . 2009-04-23 09:35 1656832 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\87fb973e4ab6a21fd00e45656fa7c115\PresentationUI.ni.dll
+ 2009-04-23 09:33 . 2009-04-23 09:33 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\b6bfb51dec7f8cc42c21c5928470c773\PresentationBuildTasks.ni.dll
+ 2009-04-23 08:02 . 2009-04-23 08:02 1711104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\5b3d048d8c003d743ea5e72caf07773a\Microsoft.VisualBasic.ni.dll
+ 2009-04-23 08:02 . 2009-04-23 08:02 1620480 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\152cf75db013f0523933ac45177b4217\Microsoft.Build.Tasks.ni.dll
+ 2009-04-23 09:20 . 2009-04-23 09:20 1245184 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2009-04-23 09:20 . 2009-04-23 09:20 1630208 c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
+ 2009-04-23 09:20 . 2009-04-23 09:20 1138688 c:\windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2009-04-23 09:31 . 2009-04-23 09:31 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2009-04-23 09:20 . 2009-04-23 09:20 5931008 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2009-04-23 09:30 . 2009-04-23 09:30 2879488 c:\windows\assembly\GAC_MSIL\System.Data.Entity\3.5.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2009-04-23 09:20 . 2009-04-23 09:20 5283840 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 5238784 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2009-04-23 09:20 . 2009-04-23 09:20 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2009-04-22 17:15 . 2009-04-22 17:15 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2008-04-14 11:00 . 2007-06-11 19:51 10834944 c:\windows\system32\wmp.dll
+ 2008-04-14 11:00 . 2007-06-11 19:51 10834944 c:\windows\system32\dllcache\wmp.dll
+ 2009-04-22 19:15 . 2009-04-22 19:15 12428800 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\9a254c455892c02355ab0ab0f0727c5b\System.Windows.Forms.ni.dll
+ 2009-04-23 08:02 . 2009-04-23 08:02 11791360 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\50ea744ffc3cb7f09b027fd6c5c93b2b\System.Web.ni.dll
+ 2009-04-22 19:15 . 2009-04-22 19:15 10681344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\204db7071fb26343b0fd3f3d140c0bf8\System.Design.ni.dll
+ 2009-04-23 09:35 . 2009-04-23 09:35 14320128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\9519494798a88867406b5755e1dbded6\PresentationFramework.ni.dll
+ 2009-04-23 09:34 . 2009-04-23 09:34 12213248 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\12dcb10b76012416357bdbb010fdaa97\PresentationCore.ni.dll
+ 2009-04-22 19:09 . 2009-04-22 19:09 11485184 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9adb89fa22fd5b4ce433b5aca7fb1b07\mscorlib.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-12-03 1205760]
"Free Download Manager"="c:\program files\Free Download Manager\fdm.exe" [2006-08-23 2068527]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 56928]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-05 54832]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-04-14 185896]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" [2009-04-21 206088]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2007-04-16 577536]
"SMSERIAL"="sm56hlpr.exe" - c:\windows\sm56hlpr.exe [2004-12-29 544768]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32
"wave1"= serwvdrv.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
S0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2009-04-21 33808]
S3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\DRIVERS\klim5.sys [2008-04-30 24592]

--- Other Services/Drivers In Memory ---
*Deregistered* - AFD
*Deregistered* - ALG
*Deregistered* - AudioSrv
*Deregistered* - audstub
*Deregistered* - AVP
*Deregistered* - Beep
*Deregistered* - BITS
*Deregistered* - Browser
*Deregistered* - Cdfs
*Deregistered* - clr_optimization_v2.0.50727_32
*Deregistered* - CryptSvc
*Deregistered* - DcomLaunch
*Deregistered* - Dhcp
*Deregistered* - dmio
*Deregistered* - dmload
*Deregistered* - dmserver
*Deregistered* - ERSvc
*Deregistered* - EventSystem
*Deregistered* - Fastfat
*Deregistered* - FastUserSwitchingCompatibility
*Deregistered* - Fips
*Deregistered* - FltMgr
*Deregistered* - Ftdisk
*Deregistered* - Gpc
*Deregistered* - helpsvc
*Deregistered* - HTTP
*Deregistered* - ImapiService
*Deregistered* - IpNat
*Deregistered* - IPSec
*Deregistered* - kl1
*Deregistered* - klbg
*Deregistered* - KLIF
*Deregistered* - klim5
*Deregistered* - KSecDD
*Deregistered* - LanmanServer
*Deregistered* - lanmanworkstation
*Deregistered* - LmHosts
*Deregistered* - MDM
*Deregistered* - mnmdd
*Deregistered* - MountMgr
*Deregistered* - MRxDAV
*Deregistered* - MRxSmb
*Deregistered* - Msfs
*Deregistered* - mssmbios
*Deregistered* - Mup
*Deregistered* - NDIS
*Deregistered* - NdisTapi
*Deregistered* - Ndisuio
*Deregistered* - NdisWan
*Deregistered* - NDProxy
*Deregistered* - NetBIOS
*Deregistered* - NetBT
*Deregistered* - Netman
*Deregistered* - Nla
*Deregistered* - Npfs
*Deregistered* - Ntfs
*Deregistered* - Null
*Deregistered* - PartMgr
*Deregistered* - ParVdm
*Deregistered* - PCIIde
*Deregistered* - Pml Driver HPZ12
*Deregistered* - PolicyAgent
*Deregistered* - PptpMiniport
*Deregistered* - ProtectedStorage
*Deregistered* - PSched
*Deregistered* - RasAcd
*Deregistered* - Rasl2tp
*Deregistered* - RasMan
*Deregistered* - RasPppoe
*Deregistered* - Raspti
*Deregistered* - Rdbss
*Deregistered* - RDPCDD
*Deregistered* - rdpdr
*Deregistered* - RemoteRegistry
*Deregistered* - RichVideo
*Deregistered* - RpcSs
*Deregistered* - SamSs
*Deregistered* - Schedule
*Deregistered* - seclogon
*Deregistered* - SENS
*Deregistered* - ServiceLayer
*Deregistered* - SharedAccess
*Deregistered* - ShellHWDetection
*Deregistered* - SPLITCAM
*Deregistered* - Spooler
*Deregistered* - sr
*Deregistered* - srservice
*Deregistered* - Srv
*Deregistered* - SSDPSRV
*Deregistered* - stisvc
*Deregistered* - swenum
*Deregistered* - TapiSrv
*Deregistered* - Tcpip
*Deregistered* - TermDD
*Deregistered* - TermService
*Deregistered* - Themes
*Deregistered* - TrkWks
*Deregistered* - Update
*Deregistered* - UPHClean
*Deregistered* - uphcleanhlp
*Deregistered* - usnjsvc
*Deregistered* - VgaSave
*Deregistered* - VolSnap
*Deregistered* - W32Time
*Deregistered* - Wanarp
*Deregistered* - WebClient
*Deregistered* - winmgmt
*Deregistered* - wscsvc
*Deregistered* - wuauserv
*Deregistered* - WZCSVC
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c27ccc85-29e2-11de-a055-0016767c08e1}]
\Shell\AutoRun\command - em8tqm.cmd
\Shell\open\Command - em8tqm.cmd
.
Contents of the 'Scheduled Tasks' folder
2009-04-23 c:\windows\Tasks\AD727E9D9195F2D5.job
- c:\docume~1\t-s-comd\applic~1\regsre~1\TICK DOWNLOAD PROGRAM.exe [2009-04-15 16:07]
.
- - - - ORPHANS REMOVED - - - -
SafeBoot-Wdf01000.sys

.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.ae/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: تحميل المحدّدة بفري داونلود مانيجر -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
files\Free Download Manager\dlselected.htm
IE: تنزيل الكل بفري داونلود مانيجر -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
files\Free Download Manager\dlall.htm
IE: تنزيل بفري داونلود مانيجر -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
files\Free Download Manager\dllink.htm
DPF: Microsoft XML Parser for Java -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

DPF: {3C8E8DD8-D86A-4E6D-AF37-AB3CA7FDF8CD} - hxxp://qtr16.talkok.com/imscp/talkc38.cab
DPF: {9E45BE3C-DE06-4492-AB7D-E51447CF2ED0} - hxxp://qtr16.talkok.com/imscp/talka.cab
DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} - hxxp://209.11.240.197:1999/ReadUid.CAB
DPF: {C171FF59-8C55-4796-A398-4F5D02B4C763} - hxxp://76.76.19.29/imscp/talks3n.cab
FF - ProfilePath - c:\documents and settings\t-s-comd\Application Data\Mozilla\Firefox\Profiles\h63wdhyv.default\
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-04-23 22:44
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(3576)
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_ara.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\UPHClean\uphclean.exe
c:\program files\HP\Digital Imaging\bin\hpqtra08.exe
c:\program files\HP\Digital Imaging\bin\hpqste08.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\program files\MSN Messenger\usnsvc.exe
.
**************************************************************************
.
Completion time: 2009-04-23 22:51 - machine was rebooted
ComboFix-quarantined-files.txt 2009-04-23 18:51
ComboFix2.txt 2009-04-21 16:01
Pre-Run: 17,331,908,608 bytes free
Post-Run: 17,281,929,216 bytes free
1086
 
تأييد 0
اوكي يالغلا الحين اديني تقرير جديد للهاجيك ...
 
توقيع : KoNaMi
تأييد 0
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:30:37 م, on 23/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\sm56hlpr.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
c:\docume~1\t-s-comd\applic~1\regsre~1\TICK DOWNLOAD PROGRAM.exe
C:\Program Files\SplitCam\SplitCam.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل المحدّدة بفري داونلود مانيجر -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: تنزيل الكل بفري داونلود مانيجر -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: تنزيل بفري داونلود مانيجر -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
Files\Free Download Manager\dllink.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {3C8E8DD8-D86A-4E6D-AF37-AB3CA7FDF8CD} (IMS_Conference Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {9E45BE3C-DE06-4492-AB7D-E51447CF2ED0} (clsUMS Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} (ReadUid.UserControlMacEntry) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {C171FF59-8C55-4796-A398-4F5D02B4C763} (IMC_Sec Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 7692 bytes
 
تأييد 0
الحين اعمل الاتي يالغلا

عطلي نقطة الاستعادة مثل الموجود في الشرح التالي


jpg





::::



حمل اداة الكاسبر من الرابط التالي


...
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
...

او من هنا

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

او من هنا
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


او من هنا

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي



بعد التحميل ،، دبل كلك وسيتم استخراج ملف الاداة الى مجلد بسطح المكتب لحظات وتبدأ الاداة بالعمل




تابع الشرح لفحص الجهاز وتنظيفه وارفاق التقرير








zyzoom-3d6517b067.png







zyzoom-7717063ed7.png







zyzoom-cda271da05.png






zyzoom-26888dbf15.png







zyzoom-3f4576c288.png








ثم قوم بضغط التقرير ورفعه هنا>>>>
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
[/B]




 
التعديل الأخير بواسطة المشرف:
توقيع : KoNaMi
تأييد 0
طيب يالغلا استخدم هذة الاداة

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


واعمل تنظيف
 
توقيع : KoNaMi
تأييد 0
konami قال:
طيب يالغلا استخدم هذة الاداة


يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

واعمل تنظيف
أنقر للتوسيع...

يالغلا بكره نكمل
لانه حجمه 55 ميقا
بكره ارسلك رساله ع الخاص ونكمل
تسلم بااااااااااي
 
تأييد 0
طيب اديني تقرير جديد للهاجيك ..
 
توقيع : KoNaMi
تأييد 0
KoNaMi قال:
طيب اديني تقرير جديد للهاجيك ..
أنقر للتوسيع...

هلا وغلا

سوري تعبتك معاي

وهذا التقرير

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:43:24 م, on 24/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\sm56hlpr.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: is-BCNI9.lnk = C:\Documents and Settings\t-s-comd\Desktop\Virus Removal Tool\is-BCNI9\startup.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل المحدّدة بفري داونلود مانيجر -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: تنزيل الكل بفري داونلود مانيجر -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: تنزيل بفري داونلود مانيجر -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
Files\Free Download Manager\dllink.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {3C8E8DD8-D86A-4E6D-AF37-AB3CA7FDF8CD} (IMS_Conference Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {9E45BE3C-DE06-4492-AB7D-E51447CF2ED0} (clsUMS Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} (ReadUid.UserControlMacEntry) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {C171FF59-8C55-4796-A398-4F5D02B4C763} (IMC_Sec Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 7623 bytes
 
تأييد 0
احذف التالي يالغلا

O16 - DPF: {C171FF59-8C55-4796-A398-4F5D02B4C763} (IMC_Sec Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


O16 - DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} (ReadUid.UserControlMacEntry) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


O16 - DPF: {9E45BE3C-DE06-4492-AB7D-E51447CF2ED0} (clsUMS Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


O16 - DPF: {3C8E8DD8-D86A-4E6D-AF37-AB3CA7FDF8CD} (IMS_Conference Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
طريقة الحذف للاكس بي


mg%20%283%29.png



mg%20%284%29.png


وبعدين استخدم هذة الاداة

قبل تحميل الاداة اعمل للكاسبر خروج
i72j1t42q3.jpg



رابط تحميل آخر تحديث للاداة

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

لتنظيف جهازك من هذه الدعايات
و عمل تقرير بالعمليه حتى ترفقه بردك القادم ,,

شرح الاستخدام ,,,,,,

قم بتشغيل الملف SmitfraudFix.exe ,, وتابع الشرح كماا بهذه الصور



000.png



001.png




002.png




003.png




004.png




005.png


 
التعديل الأخير بواسطة المشرف:
توقيع : KoNaMi
تأييد 0
الحالة
مغلق و غير مفتوح للمزيد من الردود.
عودة
أعلى