تقرير اداة كموفوكس
ComboFix 09-05-30.03 - basil net 05/31/2009 5:04.6 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1256.966.1033.18.1022.406 [GMT 3:00]
Running from: d:\التحميلات\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\~.exe
c:\windows\system32\kakle.dll
c:\windows\system32\Ultra.dll
c:\windows\system32\videocore.dll
c:\windows\system32\videoformat.dll
c:\windows\system32\winitn.dll
.
((((((((((((((((((((((((( Files Created from 2009-04-28 to 2009-05-31 )))))))))))))))))))))))))))))))
.
2009-05-28 14:11 . 2009-05-30 18:21 -------- d-----w c:\program files\Bug Doctor
2009-05-28 00:15 . 2009-05-28 00:15 -------- d-----w C:\Hotspot Shield
2009-05-27 17:05 . 2009-05-27 17:05 -------- d-----w c:\program files\القرآن الكريم
2009-05-26 10:07 . 2009-05-26 10:07 -------- d-----w c:\documents and settings\basil net\Bluetooth Software
2009-05-26 08:52 . 2009-05-26 08:52 -------- d-----w c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2009-05-25 23:37 . 2009-05-25 23:37 -------- d-----w c:\documents and settings\LocalService\Local Settings\Application Data\Google
2009-05-25 23:37 . 2009-05-30 09:05 -------- d-----w c:\documents and settings\basil net\Local Settings\Application Data\Google
2009-05-25 23:37 . 2009-05-30 08:57 -------- d-----w c:\program files\Google
2009-05-25 21:00 . 1999-09-10 11:06 5600 ----a-w c:\windows\system\winaspi.dll
2009-05-25 21:00 . 1999-09-10 11:06 4672 ----a-w c:\windows\system\wowpost.exe
2009-05-25 21:00 . 1999-09-10 11:06 45056 ----a-w c:\windows\system32\wnaspi32.dll
2009-05-25 21:00 . 1999-09-10 11:06 25244 ----a-w c:\windows\system32\drivers\aspi32.sys
2009-05-25 18:33 . 2009-05-25 18:33 -------- d-----w c:\documents and settings\Administrator\Bluetooth Software
2009-05-25 18:32 . 2009-05-25 18:32 80040 ----a-w c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-25 18:32 . 2008-04-14 00:12 221184 ----a-w c:\windows\system32\wmpns.dll
2009-05-25 18:27 . 2007-07-12 10:48 67960 ----a-w c:\windows\system32\drivers\btwusb.sys
2009-05-25 18:27 . 2007-07-12 10:48 55352 ----a-w c:\windows\system32\drivers\btwhid.sys
2009-05-25 18:27 . 2007-07-12 10:48 37424 ----a-w c:\windows\system32\drivers\btport.sys
2009-05-25 18:27 . 2007-07-12 10:48 37280 ----a-w c:\windows\system32\drivers\btwmodem.sys
2009-05-25 18:27 . 2007-07-12 10:48 149123 ----a-w c:\windows\system32\drivers\btwdndis.sys
2009-05-25 18:27 . 2007-07-12 10:48 876384 ----a-w c:\windows\system32\drivers\btkrnl.sys
2009-05-25 18:27 . 2007-07-12 10:48 539072 ----a-w c:\windows\system32\drivers\btaudio.sys
2009-05-25 18:27 . 2009-05-25 18:27 -------- d-----w c:\program files\WIDCOMM
2009-05-24 10:06 . 2009-05-24 10:06 -------- d-----w c:\windows\Muslim Bag
2009-05-24 10:06 . 2009-05-24 10:06 -------- d-----w c:\program files\Muslim Bag
2009-05-23 22:48 . 2009-05-23 22:48 -------- d-----w c:\documents and settings\NetworkService\Local Settings\Application Data\PCHealth
2009-05-21 14:06 . 2009-05-18 20:52 507904 ----a-w c:\documents and settings\basil net\Application Data\Mozilla\Firefox\Profiles\1j0jwmat.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
2009-05-21 14:06 . 2009-05-18 20:52 565248 ----a-w c:\documents and settings\basil net\Application Data\Mozilla\Firefox\Profiles\1j0jwmat.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\bdqscan.dll
2009-05-19 02:10 . 2009-05-30 17:42 -------- d-----w c:\program files\a-squared Free
2009-05-18 21:39 . 2009-05-18 21:39 -------- d-----w c:\program files\CodeStuff
2009-05-16 22:35 . 2009-05-16 22:35 -------- d-----w c:\documents and settings\basil net\Application Data\vlc
2009-05-16 02:42 . 2009-05-16 02:42 -------- d--h--w c:\windows\PIF
2009-05-15 06:15 . 2009-05-15 06:15 -------- d-----w c:\documents and settings\LocalService\Local Settings\Application Data\Nokia
2009-05-15 06:12 . 2009-05-15 06:12 162840 ----a-w c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-05-15 05:09 . 2009-05-15 05:09 -------- d-----w c:\documents and settings\basil net\Local Settings\Application Data\Nokia
2009-05-15 05:08 . 2009-05-15 05:09 -------- d-----w c:\windows\Globalization
2009-05-15 05:06 . 2009-05-15 05:07 -------- d-----w c:\program files\Common Files\muvee Technologies
2009-05-14 00:09 . 2008-04-13 18:45 26112 ----a-w c:\windows\system32\drivers\usbser.sys
2009-05-14 00:08 . 2008-03-21 10:57 14640 ------w c:\windows\system32\spmsgXP_2k3.dll
2009-05-13 23:46 . 2009-05-13 23:46 -------- d-----w c:\program files\Common Files\PCSuite
2009-05-13 23:46 . 2009-05-15 05:06 -------- d-----w c:\program files\Common Files\Nokia
2009-05-13 23:44 . 2008-08-26 07:26 18816 ----a-w c:\windows\system32\drivers\pccsmcfd.sys
2009-05-13 23:44 . 2009-05-13 23:44 -------- d-----w c:\program files\PC Connectivity Solution
2009-05-13 23:42 . 2009-02-09 04:37 7808 ----a-w c:\windows\system32\drivers\usbser_lowerfltj.sys
2009-05-13 23:42 . 2009-02-09 04:37 7808 ----a-w c:\windows\system32\drivers\usbser_lowerflt.sys
2009-05-13 23:42 . 2009-02-09 04:37 22016 ----a-w c:\windows\system32\drivers\ccdcmbo.sys
2009-05-13 23:42 . 2009-02-09 04:37 659968 ----a-w c:\windows\system32\nmwcdcocls.dll
2009-05-13 23:42 . 2009-02-09 04:37 17664 ----a-w c:\windows\system32\drivers\ccdcmb.sys
2009-05-13 23:42 . 2009-02-09 04:32 1112288 ----a-w c:\windows\system32\wdfcoinstaller01007.dll
2009-05-13 23:42 . 2009-05-13 23:36 34649904 ----a-w c:\documents and settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Nokia_PC_Suite_7_1_26_0_ara.exe
2009-05-13 23:41 . 2009-05-13 23:41 8192 ----a-w c:\documents and settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstCCD.exe
2009-05-13 23:41 . 2009-05-13 23:41 61440 ----a-w c:\documents and settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-05-13 23:41 . 2009-05-13 23:41 10240 ----a-w c:\documents and settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCS.exe
2009-05-13 22:58 . 2009-05-13 22:58 -------- d-----w c:\program files\DIFX
2009-05-13 22:54 . 2009-02-09 04:37 91136 ----a-w c:\windows\system32\nmwcdcls.dll
2009-05-13 22:53 . 2008-09-16 02:57 27776592 ----a-w c:\documents and settings\All Users\Application Data\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Nokia_PC_Suite_rel_6_85_14_1_ara_web.exe
2009-05-13 22:51 . 2009-05-13 22:51 733783 ----a-w c:\documents and settings\All Users\Application Data\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Packages\Nokia_PC_Suite\CustomActions\NSU_Inst_fix.exe
2009-05-13 22:51 . 2009-05-13 22:51 8192 ----a-w c:\documents and settings\All Users\Application Data\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Installer\CommonCustomActions\UninstCCD.exe
2009-05-13 22:51 . 2009-05-13 22:51 61440 ----a-w c:\documents and settings\All Users\Application Data\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-05-13 22:51 . 2009-05-13 22:51 10240 ----a-w c:\documents and settings\All Users\Application Data\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Installer\CommonCustomActions\UninstPCS.exe
2009-05-13 21:59 . 2009-05-13 22:43 -------- d-----w c:\program files\PC Connectivity Solution(2)
2009-05-13 21:35 . 2009-05-13 23:28 -------- d-----w c:\documents and settings\All Users\Application Data\PC Suite
2009-05-13 21:34 . 2009-05-15 04:42 -------- d-----w c:\documents and settings\basil net\Application Data\Nokia
2009-05-13 21:31 . 2009-05-13 23:29 -------- d-----w c:\documents and settings\basil net\Application Data\PC Suite
2009-05-13 21:31 . 2009-05-15 05:04 -------- d-----w c:\program files\Nokia
2009-05-13 21:19 . 2009-05-13 23:42 -------- d-----w c:\documents and settings\All Users\Application Data\Installations
2009-05-11 22:19 . 2009-05-30 19:52 604416 ----a-w c:\windows\system32\TUProgSt.exe
2009-05-08 13:35 . 2009-03-26 14:04 110592 ----a-w c:\documents and settings\basil net\Application Data\Mozilla\Firefox\Profiles\1j0jwmat.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}\components\XpcomOpusConnector.dll
2009-05-08 08:48 . 2009-05-08 08:48 -------- d-----w c:\documents and settings\basil net\Application Data\TuneUp Software
2009-05-08 08:47 . 2009-05-08 08:47 -------- d-----w c:\documents and settings\All Users\Application Data\TuneUp Software
2009-05-08 08:47 . 2009-05-30 19:52 -------- d-----w c:\program files\TuneUp Utilities 2009
2009-05-08 08:45 . 2009-05-08 08:45 -------- d-sh--w c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-05-06 15:06 . 2009-05-06 15:06 -------- d-----w c:\windows\Sun
2009-05-06 14:59 . 2009-05-06 14:59 -------- dc-h--w c:\documents and settings\All Users\Application Data\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}
2009-05-06 14:28 . 2004-01-10 22:17 45568 ----a-w c:\windows\system32\YM11AUTH.DLL
2009-05-06 13:39 . 2009-05-06 13:39 -------- dc-h--w c:\documents and settings\All Users\Application Data\{92E7A367-8E12-4830-AA70-29C32E331A81}
2009-05-06 07:59 . 2003-08-07 12:01 237568 ----a-w c:\windows\system32\lame_enc.dll
2009-05-06 07:58 . 2009-05-06 07:58 -------- d-----w c:\program files\Ozone
2009-05-06 05:22 . 2009-05-18 13:06 -------- d-----w c:\program files\Real_SC
2009-05-05 16:42 . 2009-05-06 18:12 -------- d-----w c:\program files\Norton Security Scan
2009-05-05 13:34 . 2009-05-05 13:34 -------- d-----w c:\windows\system32\Adobe
2009-05-04 16:17 . 2009-05-04 16:17 410984 ----a-w c:\windows\system32\deploytk.dll
2009-05-04 16:17 . 2009-05-04 16:17 -------- d-----w c:\program files\Java
2009-05-04 16:14 . 2009-05-04 16:14 152576 ----a-w c:\documents and settings\basil net\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-05-03 23:47 . 2009-05-08 21:32 -------- d-----w c:\program files\Photo Story 3 for Windows
2009-05-03 22:48 . 2009-05-03 22:48 -------- d-----w c:\documents and settings\basil net\Application Data\Uniblue
2009-05-02 01:00 . 2009-05-29 23:55 -------- d-----w c:\program files\Fox Audio Recorder
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-31 01:15 . 2009-05-30 20:50 -------- d-----w c:\program files\Kaspersky Lab
2009-05-31 00:56 . 2009-04-09 11:48 -------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-05-30 20:06 . 2009-04-06 17:41 80040 ----a-w c:\documents and settings\basil net\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-30 19:52 . 2009-05-30 19:52 361216 ----a-w c:\windows\system32\TuneUpDefragService.exe
2009-05-30 09:05 . 2009-05-30 09:05 25214 ----a-r c:\documents and settings\basil net\Application Data\Microsoft\Installer\{9509674F-3972-11DE-806D-005056806466}\UNINST_Uninstall_G_408FFBEED62349E08B232864A94D2864.exe
2009-05-30 09:05 . 2009-05-30 09:05 25214 ----a-r c:\documents and settings\basil net\Application Data\Microsoft\Installer\{9509674F-3972-11DE-806D-005056806466}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
2009-05-30 09:05 . 2009-05-30 09:05 25214 ----a-r c:\documents and settings\basil net\Application Data\Microsoft\Installer\{9509674F-3972-11DE-806D-005056806466}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
2009-05-30 09:05 . 2009-05-30 09:05 25214 ----a-r c:\documents and settings\basil net\Application Data\Microsoft\Installer\{9509674F-3972-11DE-806D-005056806466}\googleearth.exe1_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
2009-05-30 09:05 . 2009-05-30 09:05 25214 ----a-r c:\documents and settings\basil net\Application Data\Microsoft\Installer\{9509674F-3972-11DE-806D-005056806466}\googleearth.exe_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
2009-05-30 09:05 . 2009-05-30 09:05 25214 ----a-r c:\documents and settings\basil net\Application Data\Microsoft\Installer\{9509674F-3972-11DE-806D-005056806466}\ARPPRODUCTICON.exe
2009-05-29 23:11 . 2009-04-17 23:28 -------- d-----w c:\documents and settings\basil net\Application Data\cleaner
2009-05-29 20:05 . 2009-04-07 21:24 -------- d-----w c:\documents and settings\basil net\Application Data\dvdcss
2009-05-28 14:45 . 2009-04-16 04:08 -------- d-----w c:\documents and settings\basil net\Application Data\QuickScan
2009-05-28 00:15 . 2009-04-06 19:03 -------- d-----w c:\program files\Hotspot Shield
2009-05-21 17:28 . 2009-04-08 20:19 1470464 ----a-w c:\windows\system32\viscomdata3.dll
2009-05-20 23:36 . 2009-04-13 17:42 -------- d-----w c:\program files\Common Files\InstallShield
2009-05-20 19:54 . 2009-04-17 10:29 33840 ----a-w c:\windows\system32\drivers\hssdrv.sys
2009-05-18 20:57 . 2009-04-06 19:04 -------- d-----w c:\program files\Messenger Plus! Live
2009-05-14 00:08 . 2009-05-14 00:08 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-05-14 00:08 . 2009-05-14 00:08 0 ---ha-w c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-05-10 05:57 . 2009-04-20 20:18 -------- d-----w c:\program files\Sony
2009-05-09 19:41 . 2009-04-20 18:43 -------- d-----w c:\program files\Sony Setup
2009-05-06 05:23 . 2009-04-06 18:14 1986560 ----a-w c:\windows\system32\akll.dll
2009-05-06 05:23 . 2009-04-06 18:14 196608 ----a-w c:\windows\system32\maag.dll
2009-05-06 05:23 . 2009-04-06 18:14 1212416 ----a-w c:\windows\system32\ckll.dll
2009-05-05 12:44 . 2009-04-27 06:11 -------- d-----w c:\program files\Common Files\delet
2009-04-29 01:32 . 2009-04-28 19:08 -------- d-----w c:\program files\RM to MP3 Converter
2009-04-28 20:00 . 2009-04-28 19:09 -------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-04-27 12:21 . 2009-05-30 19:52 28928 ----a-w c:\windows\system32\uxtuneup.dll
2009-04-25 09:39 . 2009-04-10 23:25 -------- d-----w c:\documents and settings\basil net\Application Data\Motive
2009-04-25 08:28 . 2009-05-25 18:31 -------- d-----w c:\documents and settings\Administrator\Application Data\Intel
2009-04-25 08:28 . 2009-04-12 19:25 -------- d-----w c:\documents and settings\متعب\Application Data\Intel
2009-04-25 08:28 . 2009-04-12 19:25 -------- d-----w c:\documents and settings\NetworkService\Application Data\Intel
2009-04-25 08:28 . 2009-04-12 19:25 -------- d-----w c:\documents and settings\LocalService\Application Data\Intel
2009-04-25 08:28 . 2009-04-12 19:25 -------- d-----w c:\documents and settings\Default User\Application Data\Intel
2009-04-25 08:28 . 2009-04-12 19:25 -------- d-----w c:\documents and settings\basil net\Application Data\Intel
2009-04-25 08:28 . 2009-04-12 19:24 -------- d-----w c:\documents and settings\All Users\Application Data\Intel
2009-04-25 08:28 . 2009-04-09 10:56 -------- d-----w c:\program files\Common Files\Intel
2009-04-25 08:28 . 2009-04-09 10:54 -------- d-----w c:\program files\Intel
2009-04-24 21:47 . 2009-04-24 21:47 2678 ----a-w c:\windows\java\Packages\Data\435ZH7Z1.DAT
2009-04-24 21:47 . 2009-04-24 21:47 2678 ----a-w c:\windows\java\Packages\Data\H7NB7LV1.DAT
2009-04-24 21:47 . 2009-04-24 21:47 2678 ----a-w c:\windows\java\Packages\Data\DVNZBZNN.DAT
2009-04-24 21:47 . 2009-04-24 21:47 2678 ----a-w c:\windows\java\Packages\Data\2ZPV3XRX.DAT
2009-04-24 21:47 . 2009-04-24 21:47 2678 ----a-w c:\windows\java\Packages\Data\MK24OJTV.DAT
2009-04-24 08:46 . 2009-04-08 18:40 -------- d-----w c:\program files\Folder Lock
2009-04-23 01:27 . 2009-04-23 01:27 -------- d-----w c:\documents and settings\basil net\Application Data\ZoomBrowser EX
2009-04-23 01:23 . 2009-04-10 20:33 -------- d-----w c:\program files\Windows Desktop Search
2009-04-23 01:21 . 2009-04-23 01:20 -------- d-----w c:\program files\Canon
2009-04-23 01:20 . 2009-04-23 01:20 -------- d-----w c:\documents and settings\All Users\Application Data\ZoomBrowser
2009-04-23 01:18 . 2009-04-23 01:18 -------- d-----w c:\program files\Common Files\Canon
2009-04-22 13:13 . 2009-04-22 13:13 -------- d-----w c:\program files\Xilisoft
2009-04-20 22:33 . 2009-04-20 22:33 -------- d-----w c:\documents and settings\basil net\Application Data\Apple Computer
2009-04-20 18:48 . 2009-04-20 18:48 -------- d-----w c:\documents and settings\basil net\Application Data\Sony
2009-04-19 12:43 . 2009-04-06 18:34 -------- d-----w c:\program files\Common Files\Adobe
2009-04-19 11:54 . 2009-04-19 11:54 -------- d-----w c:\documents and settings\basil net\Application Data\FastStone
2009-04-19 11:54 . 2009-04-19 11:54 -------- d-----w c:\program files\FastStone Image Viewer
2009-04-19 09:47 . 2009-04-19 09:47 -------- d-----w c:\program files\Apple Software Update
2009-04-19 09:47 . 2009-04-19 09:47 -------- d-----w c:\documents and settings\All Users\Application Data\Apple
2009-04-17 23:28 . 2009-04-17 23:28 -------- d-----w c:\documents and settings\basil net\Application Data\CyberScrub
2009-04-17 15:59 . 2009-04-17 15:59 -------- d-----w c:\documents and settings\basil net\Application Data\Windows Search
2009-04-17 13:11 . 2009-04-17 13:10 -------- d-----w c:\program files\Acoustica MP3 Audio Mixer
2009-04-17 01:08 . 2009-04-06 19:04 -------- d-----w c:\program files\Windows Live
2009-04-17 01:05 . 2009-04-10 20:34 -------- d-----w c:\program files\Microsoft
2009-04-15 18:12 . 2009-04-15 18:12 -------- d-----w c:\program files\Windows Live SkyDrive
2009-04-15 06:50 . 2009-04-06 19:10 -------- d-----w c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-04-13 20:18 . 2009-04-13 20:18 -------- d-----w c:\program files\Common Files\Windows Live
2009-04-13 19:10 . 2009-04-13 19:10 -------- d-----w c:\program files\MSBuild
2009-04-13 19:09 . 2009-04-13 19:09 -------- d-----w c:\program files\Reference Assemblies
2009-04-13 17:43 . 2009-04-13 17:43 -------- d--h--w c:\program files\InstallShield Installation Information
2009-04-13 17:43 . 2009-04-13 17:43 -------- d-----w c:\program files\Realtek
2009-04-13 17:01 . 2009-04-07 18:33 -------- d-----w c:\documents and settings\basil net\Application Data\IEPro
2009-04-13 16:57 . 2009-04-13 12:39 -------- d-----w c:\documents and settings\basil net\Application Data\SlipStream
2009-04-12 19:25 . 2009-04-12 19:25 -------- d-----w c:\windows\system32\config\systemprofile\Application Data\Intel
2009-04-12 17:46 . 2009-04-12 17:40 -------- d-----w c:\program files\ma-config.com
2009-04-12 17:46 . 2009-04-12 17:40 -------- d-----w c:\documents and settings\All Users\Application Data\ma-config.com
2009-04-12 10:05 . 2009-04-12 10:05 -------- d-----w c:\program files\MSECache
2009-04-11 00:20 . 2009-04-11 00:19 -------- d-----w c:\program files\FAHESS
2009-04-10 23:24 . 2009-04-10 23:24 -------- d-----w c:\program files\Fahess_Activation
2009-04-10 23:24 . 2009-04-10 23:23 -------- d-----w c:\program files\Common Files\Motive
2009-04-10 23:22 . 2009-04-10 23:22 -------- d-----w c:\documents and settings\All Users\Application Data\Motive
2009-04-10 21:30 . 2009-04-10 21:30 132 ----a-w c:\documents and settings\basil net\Local Settings\Application Data\fusioncache.dat
2009-04-10 20:32 . 2009-04-10 20:32 -------- d-----w c:\program files\Windows Media Connect 2
2009-04-09 11:30 . 2009-04-09 11:30 -------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-04-09 10:57 . 2009-04-09 10:56 -------- d-----w c:\documents and settings\All Users\Application Data\FLEXnet
2009-04-09 10:56 . 2009-04-09 10:56 -------- d-----w c:\program files\Common Files\Macrovision Shared
2009-04-08 20:22 . 2009-04-08 20:19 344064 ----a-w c:\windows\system32\dkll.dll
2009-04-08 18:40 . 2009-04-08 18:40 35363 ----a-w c:\windows\system32\windrvNT.sys
2009-04-07 19:09 . 2009-04-07 19:09 203776 ----a-w c:\windows\system32\clrviddc.dll
2009-04-07 18:53 . 2009-04-07 18:53 -------- d-----w c:\program files\Microsoft Silverlight
2009-04-07 18:39 . 2009-04-07 18:38 -------- d-----w c:\documents and settings\basil net\Application Data\MiniDm
2009-04-07 18:33 . 2009-04-07 18:33 -------- d-----w c:\program files\IEPro
2009-04-07 18:20 . 2009-04-07 18:20 -------- d-----w c:\program files\Microsoft SQL Server Compact Edition
2009-04-07 18:20 . 2009-04-07 18:08 -------- dcsh--w c:\program files\Common Files\WindowsLiveInstaller
2009-04-07 18:08 . 2009-04-07 18:08 -------- d-----w c:\documents and settings\All Users\Application Data\WLInstaller
2009-04-07 17:39 . 2009-04-07 17:38 -------- d-----w c:\documents and settings\basil net\Application Data\Media Player Classic
2009-04-07 17:16 . 2009-04-07 17:16 -------- d-----w c:\program files\Common Files\xing shared
2009-04-07 17:15 . 2009-04-06 18:12 -------- d-----w c:\program files\Common Files\Real
2009-04-07 17:14 . 2009-04-06 18:12 499712 ----a-w c:\windows\system32\msvcp71.dll
2009-04-07 17:14 . 2009-04-06 18:10 348160 ----a-w c:\windows\system32\msvcr71.dll
2009-04-07 17:13 . 2009-04-06 17:33 166455 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
.
((((((((((((((((((((((((((((( SnapShot_2009-05-18_11.44.33 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-05-31 01:03 . 2009-05-31 01:03 16384 c:\windows\temp\Perflib_Perfdata_644.dat
- 2009-04-08 20:19 . 2009-05-16 22:13 81920 c:\windows\system32\viscomwave.dll
+ 2009-04-08 20:19 . 2009-05-21 17:29 81920 c:\windows\system32\viscomwave.dll
+ 2009-04-08 20:19 . 2009-05-21 17:29 98304 c:\windows\system32\viscomtran.dll
- 2009-04-08 20:19 . 2009-05-16 22:13 98304 c:\windows\system32\viscomtran.dll
+ 2009-04-08 20:19 . 2009-05-21 17:29 48640 c:\windows\system32\viscomsamplerate.dll
- 2009-04-08 20:19 . 2009-05-16 22:13 48640 c:\windows\system32\viscomsamplerate.dll
+ 2009-04-08 20:19 . 2009-05-21 17:29 86016 c:\windows\system32\viscomframe.dll
- 2009-04-08 20:19 . 2009-05-16 22:13 86016 c:\windows\system32\viscomframe.dll
- 2009-04-08 20:19 . 2009-05-16 22:13 94208 c:\windows\system32\viscomaudiodata.dll
+ 2009-04-08 20:19 . 2009-05-21 17:28 94208 c:\windows\system32\viscomaudiodata.dll
+ 2009-04-08 20:19 . 2009-05-21 17:28 90112 c:\windows\system32\ssvideo.dll
- 2009-04-08 20:19 . 2009-05-16 22:13 90112 c:\windows\system32\ssvideo.dll
+ 2009-04-17 18:32 . 2009-05-30 20:04 86352 c:\windows\system32\Restore\rstrlog.dat
+ 2009-05-24 09:56 . 2009-05-24 09:56 88590 c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
- 2009-04-06 17:38 . 2009-05-18 08:08 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-04-06 17:38 . 2009-05-31 00:47 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-04-06 17:38 . 2009-05-31 00:47 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2009-04-06 17:38 . 2009-05-18 08:08 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2009-04-06 17:38 . 2009-05-18 08:08 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2009-04-06 17:38 . 2009-05-31 00:47 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2007-04-01 05:37 . 2007-04-01 05:37 24576 c:\windows\system32\BtXpShell.dll
+ 2007-04-01 05:39 . 2007-04-01 05:39 45056 c:\windows\system32\btwpimif.dll
+ 2007-04-01 05:59 . 2007-04-01 05:59 90112 c:\windows\system32\BtWiaExt.dll
+ 2007-04-01 05:44 . 2007-04-01 05:44 49152 c:\windows\system32\btsendto_notes.dll
+ 2007-04-01 05:46 . 2007-04-01 05:46 81920 c:\windows\system32\btsendto_ie.dll
+ 2007-04-01 05:48 . 2007-04-01 05:48 98304 c:\windows\system32\btsec.dll
+ 2007-04-01 05:30 . 2007-04-01 05:30 94208 c:\windows\system32\btrezxp.dll
+ 2007-04-01 05:41 . 2007-04-01 05:41 90112 c:\windows\system32\btprn2k.dll
+ 2007-03-31 14:35 . 2007-03-31 14:35 65536 c:\windows\system32\BTNCopy.dll
+ 2007-04-01 06:00 . 2007-07-12 10:47 86016 c:\windows\system32\BtMmHook.dll
+ 2007-04-01 05:31 . 2007-04-01 05:31 36864 c:\windows\system32\btdev.dll
+ 2007-04-01 05:37 . 2007-04-01 05:37 77824 c:\windows\system32\BtAudioHelper.dll
+ 2009-04-08 20:19 . 2009-05-21 17:29 90112 c:\windows\system32\ALOAudioFormatSettings3.dll
- 2009-04-08 20:19 . 2009-05-16 22:13 90112 c:\windows\system32\ALOAudioFormatSettings3.dll
- 2009-04-06 18:14 . 2009-05-16 22:14 90112 c:\windows\system32\agsaami.dll
+ 2009-04-06 18:14 . 2009-05-21 17:29 90112 c:\windows\system32\agsaami.dll
+ 2009-05-30 08:58 . 2009-05-30 08:58 25214 c:\windows\Installer\{CFA3D1B0-415C-11DE-8251-005056806466}\UNINST_Uninstall_G_BCEEAF790189405A8B93BFE1E41FCD64.exe
+ 2009-05-30 08:58 . 2009-05-30 08:58 10134 c:\windows\Installer\{CFA3D1B0-415C-11DE-8251-005056806466}\ARPPRODUCTICON.exe
- 2009-04-06 18:44 . 2009-05-15 09:08 23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2009-04-06 18:44 . 2009-05-19 02:45 23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2009-04-06 18:44 . 2009-05-15 09:08 61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2009-04-06 18:44 . 2009-05-19 02:45 61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2009-04-06 18:44 . 2009-05-19 02:45 27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2009-04-06 18:44 . 2009-05-15 09:08 27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2009-04-06 18:44 . 2009-05-15 09:08 11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2009-04-06 18:44 . 2009-05-19 02:45 11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2009-04-06 18:44 . 2009-05-15 09:08 86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2009-04-06 18:44 . 2009-05-19 02:45 86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2009-04-06 18:44 . 2009-05-19 02:45 12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2009-04-06 18:44 . 2009-05-15 09:08 12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2009-05-25 18:27 . 2009-05-25 18:27 33982 c:\windows\Installer\{84814E6B-2581-46EC-926A-823BD1C670F6}\ARPPRODUCTICON.exe
+ 2009-05-29 20:25 . 2009-05-29 20:25 26694 c:\windows\Installer\{1E04F83B-2AB9-4301-9EF7-E86307F79C72}\UNINST_Uninstall_G_3DE5E7D47B88403CA3FD2017A8240C5B.exe
+ 2009-05-29 20:25 . 2009-05-29 20:25 65536 c:\windows\Installer\{1E04F83B-2AB9-4301-9EF7-E86307F79C72}\NewShortcut2_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
+ 2009-05-29 20:25 . 2009-05-29 20:25 65536 c:\windows\Installer\{1E04F83B-2AB9-4301-9EF7-E86307F79C72}\NewShortcut1_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
+ 2009-05-29 20:25 . 2009-05-29 20:25 26694 c:\windows\Installer\{1E04F83B-2AB9-4301-9EF7-E86307F79C72}\googleearth.exe1_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
+ 2009-05-29 20:25 . 2009-05-29 20:25 26694 c:\windows\Installer\{1E04F83B-2AB9-4301-9EF7-E86307F79C72}\googleearth.exe_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
+ 2009-05-29 20:25 . 2009-05-29 20:25 26694 c:\windows\Installer\{1E04F83B-2AB9-4301-9EF7-E86307F79C72}\ARPPRODUCTICON.exe
+ 2008-11-12 13:44 . 2008-11-12 13:44 27904 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\uxtuneupx86.dll
+ 2008-11-20 13:30 . 2008-11-20 13:30 11008 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\tux64thk.exe
+ 2008-11-20 13:30 . 2008-11-20 13:30 15104 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\TUMessages.exe
+ 2008-11-20 13:30 . 2008-11-20 13:30 57600 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\TUInstallHelper.exe
+ 2008-11-12 13:44 . 2008-11-12 13:44 27392 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\SDShelEx86.dll
+ 2008-11-20 13:28 . 2008-11-20 13:28 85760 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\RegWiz.exe
+ 2008-11-20 13:28 . 2008-11-20 13:28 16640 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\RegistryDefragHelper.exe
+ 2008-11-20 13:28 . 2008-11-20 13:28 38144 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\PMLauncher.exe
+ 2008-11-20 13:28 . 2008-11-20 13:28 42752 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\OneClickStarter.exe
+ 2008-11-12 13:44 . 2008-11-12 13:44 25856 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\DseShExtx86.dll
+ 2008-11-12 13:44 . 2008-11-12 13:44 17152 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\authuitu_x86.dll
+ 2009-04-06 18:44 . 2009-05-19 02:45 4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2009-04-06 18:44 . 2009-05-15 09:08 4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2007-04-01 05:22 . 2007-04-01 05:22 581632 c:\windows\system32\WidcommSdk.dll
+ 2007-04-01 05:23 . 2007-04-01 05:23 491581 c:\windows\system32\wbtapi.dll
- 2009-04-08 20:19 . 2009-05-16 22:13 118784 c:\windows\system32\viscomrmenc.dll
+ 2009-04-08 20:19 . 2009-05-21 17:29 118784 c:\windows\system32\viscomrmenc.dll
- 2009-04-08 20:19 . 2009-05-16 22:13 147456 c:\windows\system32\viscomqtenc.dll
+ 2009-04-08 20:19 . 2009-05-21 17:29 147456 c:\windows\system32\viscomqtenc.dll
- 2009-04-08 20:19 . 2009-05-16 22:13 602112 c:\windows\system32\viscomqtde.dll
+ 2009-04-08 20:19 . 2009-05-21 17:29 602112 c:\windows\system32\viscomqtde.dll
+ 2009-04-08 20:19 . 2009-05-21 17:28 118784 c:\windows\system32\viscomflvdec.dll
- 2009-04-08 20:19 . 2009-05-16 22:13 118784 c:\windows\system32\viscomflvdec.dll
+ 2009-04-08 20:19 . 2009-05-21 17:28 110592 c:\windows\system32\viscomaudioencoder.dll
- 2009-04-08 20:19 . 2009-05-16 22:13 110592 c:\windows\system32\viscomaudioencoder.dll
+ 2009-02-03 02:11 . 2009-02-03 02:11 240544 c:\windows\system32\Macromed\Flash\FlashUtil10b.exe
- 2009-02-03 02:07 . 2009-02-03 02:07 240544 c:\windows\system32\Macromed\Flash\FlashUtil10b.exe
+ 2008-07-29 17:21 . 2008-07-29 17:21 218376 c:\windows\system32\klogon(2).dll
- 2009-04-06 20:19 . 2009-05-15 06:13 302824 c:\windows\system32\FNTCACHE.DAT
+ 2009-04-06 20:19 . 2009-05-30 20:05 302824 c:\windows\system32\FNTCACHE.DAT
+ 2007-04-01 05:37 . 2007-04-01 05:37 106496 c:\windows\system32\BTXPPanel.dll
+ 2007-04-01 05:51 . 2007-04-01 05:51 987201 c:\windows\system32\BtWizard.dll
+ 2007-04-01 05:52 . 2007-04-01 05:52 229376 c:\windows\system32\btwhidcs.dll
+ 2007-04-01 05:45 . 2007-04-01 05:45 155699 c:\windows\system32\btsendto_wab.dll
+ 2007-04-01 05:46 . 2007-04-01 05:46 176128 c:\windows\system32\btsendto_office.dll
+ 2007-04-01 05:39 . 2007-04-01 05:39 217088 c:\windows\system32\btsendto.dll
+ 2007-04-01 05:30 . 2007-07-12 10:48 749568 c:\windows\system32\btrez.dll
+ 2007-04-01 05:43 . 2007-04-01 05:43 143360 c:\windows\system32\btosif_olx.dll
+ 2007-04-01 05:43 . 2007-04-01 05:43 208896 c:\windows\system32\btosif_ol.dll
+ 2007-04-01 05:42 . 2007-04-01 05:42 159744 c:\windows\system32\btosif_notes.dll
+ 2007-04-01 05:38 . 2007-04-01 05:38 122880 c:\windows\system32\btosif.dll
+ 2007-04-01 05:50 . 2007-04-01 05:50 962637 c:\windows\system32\BTNeighborhood.dll
+ 2007-04-01 05:31 . 2007-04-01 05:31 417792 c:\windows\system32\btins.dll
+ 2007-04-01 05:41 . 2007-04-01 05:41 126976 c:\windows\system32\bthcrpui.dll
+ 2007-04-01 05:40 . 2007-04-01 05:40 114688 c:\windows\system32\bthcrp.dll
+ 2007-04-01 05:48 . 2007-04-01 05:48 421947 c:\windows\system32\btcss.dll
+ 2007-04-01 05:39 . 2007-04-01 05:39 618496 c:\windows\system32\BTChooser.dll
+ 2007-04-01 05:22 . 2007-04-01 05:22 159744 c:\windows\system32\btbip.dll
+ 2007-04-01 05:37 . 2007-04-01 05:37 135168 c:\windows\system32\btbigbmp.dll
+ 2007-04-01 05:32 . 2007-04-01 05:32 135233 c:\windows\system32\bt2k_ins.dll
+ 2009-04-08 20:19 . 2009-05-21 17:29 215552 c:\windows\system32\ALOWMVFile.dll
- 2009-04-08 20:19 . 2009-05-16 22:13 215552 c:\windows\system32\ALOWMVFile.dll
+ 2009-04-08 20:19 . 2009-05-21 17:29 403968 c:\windows\system32\ALOWMAFile2.dll
- 2009-04-08 20:19 . 2009-05-16 22:13 403968 c:\windows\system32\ALOWMAFile2.dll
+ 2009-04-08 20:19 . 2009-05-21 17:29 188416 c:\windows\system32\ALOVideoFile.dll
- 2009-04-08 20:19 . 2009-05-16 22:13 188416 c:\windows\system32\ALOVideoFile.dll
- 2009-04-08 20:19 . 2009-05-16 22:13 495104 c:\windows\system32\ALOVideoCoreM.dll
+ 2009-04-08 20:19 . 2009-05-21 17:29 495104 c:\windows\system32\ALOVideoCoreM.dll
- 2009-04-08 20:19 . 2009-05-16 22:13 780288 c:\windows\system32\ALOVideoCompress.dll
+ 2009-04-08 20:19 . 2009-05-21 17:29 780288 c:\windows\system32\ALOVideoCompress.dll
+ 2009-04-08 20:19 . 2009-05-21 17:29 249856 c:\windows\system32\ALOQuickTimeFile.dll
- 2009-04-08 20:19 . 2009-05-16 22:13 249856 c:\windows\system32\ALOQuickTimeFile.dll
- 2009-04-08 20:19 . 2009-05-16 22:13 382464 c:\windows\system32\ALOAVIFile.dll
+ 2009-04-08 20:19 . 2009-05-21 17:29 382464 c:\windows\system32\ALOAVIFile.dll
+ 2009-04-08 20:19 . 2009-05-21 17:29 877568 c:\windows\system32\ALOAudioFile2.dll
- 2009-04-08 20:19 . 2009-05-16 22:13 877568 c:\windows\system32\ALOAudioFile2.dll
- 2009-04-08 20:19 . 2009-05-16 22:13 778240 c:\windows\system32\ALOAudioCompress2.dll
+ 2009-04-08 20:19 . 2009-05-21 17:29 778240 c:\windows\system32\ALOAudioCompress2.dll
- 2009-04-08 20:19 . 2009-05-16 22:14 626688 c:\windows\system32\agsaamh.dll
+ 2009-04-08 20:19 . 2009-05-21 17:29 626688 c:\windows\system32\agsaamh.dll
+ 2009-04-06 18:14 . 2009-05-21 17:29 753664 c:\windows\system32\agsaamg.dll
- 2009-04-06 18:14 . 2009-05-16 22:14 753664 c:\windows\system32\agsaamg.dll
+ 2009-04-08 20:19 . 2009-05-21 17:29 551424 c:\windows\system32\agsaame.dll
- 2009-04-08 20:19 . 2009-05-16 22:14 551424 c:\windows\system32\agsaame.dll
+ 2009-04-08 20:19 . 2009-05-21 17:29 544256 c:\windows\system32\agsaamd.dll
- 2009-04-08 20:19 . 2009-05-16 22:14 544256 c:\windows\system32\agsaamd.dll
- 2009-04-06 18:14 . 2009-05-16 22:14 372736 c:\windows\system32\agsaamc.dll
+ 2009-04-06 18:14 . 2009-05-21 17:29 372736 c:\windows\system32\agsaamc.dll
+ 2009-04-08 20:19 . 2009-05-21 17:29 538624 c:\windows\system32\agsaamb.dll
- 2009-04-08 20:19 . 2009-05-16 22:14 538624 c:\windows\system32\agsaamb.dll
- 2009-04-08 20:19 . 2009-05-16 22:14 331776 c:\windows\system32\agsaama.dll
+ 2009-04-08 20:19 . 2009-05-21 17:29 331776 c:\windows\system32\agsaama.dll
+ 2009-04-06 18:44 . 2009-05-19 02:45 409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2009-04-06 18:44 . 2009-05-15 09:08 409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2009-04-06 18:44 . 2009-05-15 09:08 286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2009-04-06 18:44 . 2009-05-19 02:45 286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2009-04-06 18:44 . 2009-05-19 02:45 249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2009-04-06 18:44 . 2009-05-15 09:08 249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2009-04-06 18:44 . 2009-05-15 09:08 794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2009-04-06 18:44 . 2009-05-19 02:45 794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2009-04-06 18:44 . 2009-05-15 09:08 135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2009-04-06 18:44 . 2009-05-19 02:45 135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2009-04-06 18:44 . 2009-05-15 09:08 593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2009-04-06 18:44 . 2009-05-19 02:45 593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2008-11-20 13:30 . 2008-11-20 13:30 915712 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\WinStyler.exe
+ 2008-11-20 13:30 . 2008-11-20 13:30 218880 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\UpdateWizard.exe
+ 2008-11-20 13:30 . 2008-11-20 13:30 280320 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\UninstallManager.exe
+ 2008-11-20 13:30 . 2008-11-20 13:30 238336 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\Undelete.exe
+ 2008-11-12 13:44 . 2008-11-12 13:44 887552 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\TUDefragService.dll
+ 2009-01-25 16:57 . 2009-01-25 16:57 343808 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\SystemInformation.exe
+ 2009-01-25 00:55 . 2009-01-25 00:55 129280 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\SystemControl.exe
+ 2008-11-20 13:30 . 2008-11-20 13:30 352000 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\StartUpManager.exe
+ 2008-11-20 13:30 . 2008-11-20 13:30 921344 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\SilentUpdater.exe
+ 2008-11-20 13:29 . 2008-11-20 13:29 173824 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\Shredder.exe
+ 2008-11-20 13:29 . 2008-11-20 13:29 227072 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\ShortcutCleaner.exe
+ 2008-11-20 13:29 . 2008-11-20 13:29 197376 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\RescueCenter.exe
+ 2008-11-20 13:29 . 2008-11-20 13:29 166144 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\RepairWizard.exe
+ 2008-11-20 13:28 . 2008-11-20 13:28 327936 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\RegistryEditor.exe
+ 2008-11-20 13:28 . 2008-11-20 13:28 160000 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\RegistryDefrag.exe
+ 2008-11-20 13:28 . 2008-11-20 13:28 504576 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\RegistryCleaner.exe
+ 2008-11-20 13:28 . 2008-11-20 13:28 272952 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\ProductInfo.dat
+ 2008-11-20 13:28 . 2008-11-20 13:28 397568 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\ProcessManager.exe
+ 2008-11-20 13:28 . 2008-11-20 13:28 593152 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\OneClick.exe
+ 2008-11-20 13:28 . 2008-11-20 13:28 155904 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\MemOptimizer.exe
+ 2008-11-20 13:28 . 2008-11-20 13:28 221952 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\DriveDefrag.exe
+ 2008-11-20 13:28 . 2008-11-20 13:28 463104 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\DiskExplorer.exe
+ 2008-11-20 13:28 . 2008-11-20 13:28 163584 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\DiskDoctor.exe
+ 2009-04-08 20:19 . 2009-05-21 17:29 1470464 c:\windows\system32\viscomm4aenc.dll
- 2009-04-08 20:19 . 2009-05-16 22:13 1470464 c:\windows\system32\viscomm4aenc.dll
+ 2009-04-08 20:19 . 2009-05-21 17:29 1462272 c:\windows\system32\viscomflvenc.dll
- 2009-04-08 20:19 . 2009-05-16 22:13 1462272 c:\windows\system32\viscomflvenc.dll
- 2009-04-08 20:19 . 2009-05-16 22:13 1454080 c:\windows\system32\viscomdata2.dll
+ 2009-04-08 20:19 . 2009-05-21 17:28 1454080 c:\windows\system32\viscomdata2.dll
+ 2009-04-08 20:19 . 2009-05-21 17:28 1462272 c:\windows\system32\viscomdata1.dll
- 2009-04-08 20:19 . 2009-05-16 22:13 1462272 c:\windows\system32\viscomdata1.dll
+ 2009-04-08 20:19 . 2009-05-21 17:28 1454080 c:\windows\system32\viscomamrenc.dll
- 2009-04-08 20:19 . 2009-05-16 22:13 1454080 c:\windows\system32\viscomamrenc.dll
- 2009-04-08 20:19 . 2009-05-16 22:13 1462272 c:\windows\system32\viscom3gpenc.dll
+ 2009-04-08 20:19 . 2009-05-21 17:28 1462272 c:\windows\system32\viscom3gpenc.dll
- 2009-04-08 20:19 . 2009-05-16 22:13 6963712 c:\windows\system32\videotrans.dll
+ 2009-04-08 20:19 . 2009-05-21 17:28 6963712 c:\windows\system32\videotrans.dll
- 2009-04-08 20:19 . 2009-05-16 22:13 1128128 c:\windows\system32\NMSDVDXU.dll
+ 2009-04-08 20:19 . 2009-05-21 17:28 1128128 c:\windows\system32\NMSDVDXU.dll
+ 2008-03-20 15:06 . 2009-02-06 09:35 1486208 c:\windows\system32\LegitCheckControl.DLL
+ 2001-11-14 10:56 . 2001-11-14 10:56 1802240 c:\windows\system32\lcppn21.dll
+ 2007-04-01 06:00 . 2007-04-01 06:00 2842624 c:\windows\system32\btwicons.dll
+ 2009-04-06 18:14 . 2009-05-21 17:29 1245184 c:\windows\system32\bkll.dll
- 2009-04-06 18:14 . 2009-05-16 22:13 1245184 c:\windows\system32\bkll.dll
- 2009-04-08 20:19 . 2009-05-16 22:13 2846720 c:\windows\system32\ALOAudioCompress3.dll
+ 2009-04-08 20:19 . 2009-05-21 17:29 2846720 c:\windows\system32\ALOAudioCompress3.dll
- 2009-04-06 18:14 . 2009-05-16 22:14 2846720 c:\windows\system32\agsaamj.dll
+ 2009-04-06 18:14 . 2009-05-21 17:29 2846720 c:\windows\system32\agsaamj.dll
+ 2008-11-20 13:30 . 2008-11-20 13:30 1182464 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\SpeedOptimizer.exe
- 2009-04-08 20:19 . 2009-05-16 22:13 18628608 c:\windows\system32\viscomavi.dll
+ 2009-04-08 20:19 . 2009-05-21 17:28 18628608 c:\windows\system32\viscomavi.dll
+ 2009-04-08 20:19 . 2009-05-21 17:28 18599936 c:\windows\system32\videoencode.dll
- 2009-04-08 20:19 . 2009-05-16 22:13 18599936 c:\windows\system32\videoencode.dll
+ 2009-04-08 20:19 . 2009-05-21 17:28 18595840 c:\windows\system32\coredata.dll
- 2009-04-08 20:19 . 2009-05-16 22:13 18595840 c:\windows\system32\coredata.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
2009-04-28 12:04 332776 ----a-w c:\program files\Hotspot Shield\hssie\HssIE.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"TuneUp MemOptimizer"="c:\program files\TuneUp Utilities 2009\MemOptimizer.exe" [2009-04-27 163072]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-03-20 1312256]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-04-07 198160]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-4-1 568176]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"FAHESS_McciTrayApp"=c:\program files\FAHESS\McciTrayApp.exe
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\IEPro\\MiniDM.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
R1 SMBHC;Microsoft SM Bus Host Controller Driver;c:\windows\system32\drivers\smbhc.sys [06/04/2009 11:22 م 6784]
R2 HssSrv;Hotspot Shield Helper Service;c:\program files\Hotspot Shield\HssWPR\hsssrv.exe [22/04/2009 04:12 ص 328752]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [12/05/2009 01:19 ص 604416]
R3 HssDrv;Hotspot Shield Helper Miniport;c:\windows\system32\drivers\hssdrv.sys [17/04/2009 01:29 م 33840]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/04/2008 06:06 م 24592]
R3 SMBBATT;Microsoft Smart Battery Driver;c:\windows\system32\drivers\smbbatt.sys [06/04/2009 11:22 م 16000]
R3 VST_DPV;VST_DPV;c:\windows\system32\drivers\VSTDPV3.SYS [06/04/2009 08:49 م 987648]
R3 VSTHWICH;VSTHWICH;c:\windows\system32\drivers\VSTICH3.SYS [06/04/2009 08:49 م 242176]
S2 gupdate1c9dd91c62cfee0;خدمة تحديث Google (gupdate1c9dd91c62cfee0);c:\program files\Google\Update\GoogleUpdate.exe [26/05/2009 02:37 ص 133104]
S3 HssTrayService;Hotspot Shield Tray Service;c:\program files\Hotspot Shield\bin\HssTrayService.exe [21/05/2009 01:29 ص 34352]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [15/03/2009 09:34 ص 216232]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{0676CE18-9B5E-3DB3-E313-6BA337B14FE2}]
c:\docume~1\BASILN~1\LOCALS~1\Temp\hr.exe
.
Contents of the 'Scheduled Tasks' folder
2009-05-31 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-04-27 13:37]
2009-05-26 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 09:34]
2009-05-30 c:\windows\Tasks\BugDoctorbasil net.job
- c:\program files\Bug Doctor\BugDoctor.exe [2009-05-28 10:36]
2009-05-31 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-25 23:37]
2009-05-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-57989841-1708537768-854245398-1003.job
- c:\documents and settings\basil net\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-30 09:02]
2009-05-30 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 14:04]
2009-05-31 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 14:04]
2009-05-31 c:\windows\Tasks\الصيانة بنقرة واحدة.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-04-27 13:37]
.
- - - - ORPHANS REMOVED - - - -
SafeBoot-procexp90.Sys
.
------- Supplementary Scan -------
.
uStart Page = about:blank
mStart Page = about:blank
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\basil net\Application Data\Mozilla\Firefox\Profiles\1j0jwmat.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1561552&SearchSource=3&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.oyoon7.com/vb/index.php
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: network.proxy.type - 2
FF - component: c:\documents and settings\basil net\Application Data\Mozilla\Firefox\Profiles\1j0jwmat.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}\components\XpcomOpusConnector.dll
FF - component: c:\documents and settings\basil net\Application Data\Mozilla\Firefox\Profiles\1j0jwmat.default\extensions\{9d613b03-9b7c-4fa0-b2f8-32f7cc24873f}\components\SDIIntegrator.dll
FF - component: c:\documents and settings\basil net\Application Data\Mozilla\Firefox\Profiles\1j0jwmat.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\bdqscan.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\documents and settings\basil net\Application Data\Mozilla\Firefox\Profiles\1j0jwmat.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - plugin: c:\program files\Google\Update\1.2.145.5\npGoogleOneClick8.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.switch.threshold - 600000
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
Rootkit scan 2009-05-31 05:07
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files:
**************************************************************************
.
Completion time: 2009-05-31 5:08
ComboFix-quarantined-files.txt 2009-05-31 02:08
ComboFix2.txt 2009-05-21 14:12
ComboFix3.txt 2009-05-18 11:45
ComboFix4.txt 2009-05-15 00:07
ComboFix5.txt 2009-05-31 02:03
Pre-Run: 45,995,274,240 bytes free
Post-Run: 46,067,589,120 bytes free
542 --- E O F --- 2009-05-19 02:45
وهذا تقرير الهاي جاك
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 05:10:15, on 31/05/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TuneUp Utilities 2009\MemOptimizer.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: مساعد رابط Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\hssie\HssIE.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2009\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} -
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) -
O16 - DPF: {E001C731-5E37-4538-A5CB-8168736A2360} (Confirmation) -
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: خدمة تحديث Google (gupdate1c9dd91c62cfee0) (gupdate1c9dd91c62cfee0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Helper Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: Windows Search (WSearch) - Unknown owner - C:\WINDOWS\system32\SearchIndexer.exe (file missing)
--
End of file - 8048 bytes
