البتال
عـضـو شـرف
- إنضم
- 29 أكتوبر 2007
- المشاركات
- 11,540
- مستوى التفاعل
- 987
- النقاط
- 920
- الإقامة
- مكة المكرمة
- الموقع الالكتروني
- forum.zyzoom.net
غير متصل
- بادئ الموضوع البتال
- تاريخ البدء
- 1,059
Demo-dash
داعم للمنتدى،(خبراء زيزووم )
داعــــم للمنتـــــدى
★★ نجم المنتدى ★★
كبار الشخصيات
فريق دعم البرامج العامة
غير متصل
السلام عليكم اي البتال
هل انتا مثبت برنامج الـ Net. Framework ؟
اذا لا .. حمل وثبت من هنا
وجرب هل مازالت الرسالة بالظهور ؟
هل انتا مثبت برنامج الـ Net. Framework ؟
اذا لا .. حمل وثبت من هنا
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
وجرب هل مازالت الرسالة بالظهور ؟
توقيع : Demo-dash
تأييد
0
البتال
عـضـو شـرف
- إنضم
- 29 أكتوبر 2007
- المشاركات
- 11,540
- مستوى التفاعل
- 987
- النقاط
- 920
- الإقامة
- مكة المكرمة
- الموقع الالكتروني
- forum.zyzoom.net
غير متصل
تأييد
0
البتال
عـضـو شـرف
- إنضم
- 29 أكتوبر 2007
- المشاركات
- 11,540
- مستوى التفاعل
- 987
- النقاط
- 920
- الإقامة
- مكة المكرمة
- الموقع الالكتروني
- forum.zyzoom.net
غير متصل
تأييد
0
Corporation
زيزوومى فضى
غير متصل
هات تقرير هايجاك يآخوي ,,
توقيع : Corporation
تأييد
0
البتال
عـضـو شـرف
- إنضم
- 29 أكتوبر 2007
- المشاركات
- 11,540
- مستوى التفاعل
- 987
- النقاط
- 920
- الإقامة
- مكة المكرمة
- الموقع الالكتروني
- forum.zyzoom.net
غير متصل
حياك الله يا غالي انا فحصت تقرير الهايجاك ولم يظهر شي ولكن ربما تكون خبرتكم أكبر فتفضل لفحصه بعين خبير نفع الله بكم
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\DOCUME~1\moon\LOCALS~1\Temp\Rar$EX00.859\sp_rsser.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ClamWin\bin\ClamTray.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Filseclab\Twister\twister.exe
C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe
C:\Program Files\Common Files\Filseclab\FilMsg.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Documents and Settings\moon\سطح المكتب\iexplore.exe
C:\Documents and Settings\moon\سطح المكتب\iexplore.exe
C:\PROGRA~1\IEACCE~1\IEAccelerator.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Documents and Settings\moon\سطح المكتب\iexplore.exe
C:\Documents and Settings\moon\سطح المكتب\iexplore.exe
C:\Documents and Settings\moon\سطح المكتب\iexplore.exe
C:\Documents and Settings\moon\سطح المكتب\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Pro Download Manager - {7233CF20-0BA7-4fc2-879E-04CEF6439F90} - C:\Program Files\ProDM\ProDM.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [twister] "C:\Program Files\Filseclab\Twister\twister.exe" -a
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Uniblue SpyEraser] "C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe" -m
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: Filseclab Messenger.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: إضافة إلى حاجب إعلان الشعار - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: إحصائيات حماية حركة زيارة الويب - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
O16 - DPF: {C237A80A-4C55-4C68-BAA9-CBE4408D12B2} (F-Secure Online Scanner 4.0 Launcher) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\DOCUME~1\moon\LOCALS~1\Temp\Rar$EX00.859\sp_rsser.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
أخوكم
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\DOCUME~1\moon\LOCALS~1\Temp\Rar$EX00.859\sp_rsser.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ClamWin\bin\ClamTray.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Filseclab\Twister\twister.exe
C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe
C:\Program Files\Common Files\Filseclab\FilMsg.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Documents and Settings\moon\سطح المكتب\iexplore.exe
C:\Documents and Settings\moon\سطح المكتب\iexplore.exe
C:\PROGRA~1\IEACCE~1\IEAccelerator.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Documents and Settings\moon\سطح المكتب\iexplore.exe
C:\Documents and Settings\moon\سطح المكتب\iexplore.exe
C:\Documents and Settings\moon\سطح المكتب\iexplore.exe
C:\Documents and Settings\moon\سطح المكتب\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Pro Download Manager - {7233CF20-0BA7-4fc2-879E-04CEF6439F90} - C:\Program Files\ProDM\ProDM.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [twister] "C:\Program Files\Filseclab\Twister\twister.exe" -a
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Uniblue SpyEraser] "C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe" -m
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: Filseclab Messenger.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: إضافة إلى حاجب إعلان الشعار - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: إحصائيات حماية حركة زيارة الويب - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O16 - DPF: {C237A80A-4C55-4C68-BAA9-CBE4408D12B2} (F-Secure Online Scanner 4.0 Launcher) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\DOCUME~1\moon\LOCALS~1\Temp\Rar$EX00.859\sp_rsser.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
أخوكم
توقيع : البتال
تأييد
0
البتال
عـضـو شـرف
- إنضم
- 29 أكتوبر 2007
- المشاركات
- 11,540
- مستوى التفاعل
- 987
- النقاط
- 920
- الإقامة
- مكة المكرمة
- الموقع الالكتروني
- forum.zyzoom.net
غير متصل
تفضل يا غالي
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\DOCUME~1\moon\LOCALS~1\Temp\Rar$EX00.859\sp_rsser.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ClamWin\bin\ClamTray.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Filseclab\Twister\twister.exe
C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe
C:\Program Files\Common Files\Filseclab\FilMsg.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Documents and Settings\moon\سطح المكتب\iexplore.exe
C:\Documents and Settings\moon\سطح المكتب\iexplore.exe
C:\PROGRA~1\IEACCE~1\IEAccelerator.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Documents and Settings\moon\سطح المكتب\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\moon\سطح المكتب\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Pro Download Manager - {7233CF20-0BA7-4fc2-879E-04CEF6439F90} - C:\Program Files\ProDM\ProDM.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [twister] "C:\Program Files\Filseclab\Twister\twister.exe" -a
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Uniblue SpyEraser] "C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe" -m
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: Filseclab Messenger.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: إضافة إلى حاجب إعلان الشعار - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: إحصائيات حماية حركة زيارة الويب - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
O16 - DPF: {C237A80A-4C55-4C68-BAA9-CBE4408D12B2} (F-Secure Online Scanner 4.0 Launcher) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\DOCUME~1\moon\LOCALS~1\Temp\Rar$EX00.859\sp_rsser.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
--
End of file - 8025 bytes
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\DOCUME~1\moon\LOCALS~1\Temp\Rar$EX00.859\sp_rsser.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ClamWin\bin\ClamTray.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Filseclab\Twister\twister.exe
C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe
C:\Program Files\Common Files\Filseclab\FilMsg.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Documents and Settings\moon\سطح المكتب\iexplore.exe
C:\Documents and Settings\moon\سطح المكتب\iexplore.exe
C:\PROGRA~1\IEACCE~1\IEAccelerator.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Documents and Settings\moon\سطح المكتب\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\moon\سطح المكتب\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Pro Download Manager - {7233CF20-0BA7-4fc2-879E-04CEF6439F90} - C:\Program Files\ProDM\ProDM.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [twister] "C:\Program Files\Filseclab\Twister\twister.exe" -a
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Uniblue SpyEraser] "C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe" -m
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: Filseclab Messenger.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: إضافة إلى حاجب إعلان الشعار - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: إحصائيات حماية حركة زيارة الويب - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O16 - DPF: {C237A80A-4C55-4C68-BAA9-CBE4408D12B2} (F-Secure Online Scanner 4.0 Launcher) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\DOCUME~1\moon\LOCALS~1\Temp\Rar$EX00.859\sp_rsser.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
--
End of file - 8025 bytes
أخوكم
توقيع : البتال
تأييد
0
البتال
عـضـو شـرف
- إنضم
- 29 أكتوبر 2007
- المشاركات
- 11,540
- مستوى التفاعل
- 987
- النقاط
- 920
- الإقامة
- مكة المكرمة
- الموقع الالكتروني
- forum.zyzoom.net
غير متصل
تأييد
0
KoNaMi
زيزوومى فضى
غير متصل
طيب يالغلااا جرب الاتي
حمل هذا الملف
بعد تشغيله ستظهر رساله نضغط موافق , ثم نعيد تشغيل الجهاز
وبلغني بالنتائج بعدين
حمل هذا الملف
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
بعد تشغيله ستظهر رساله نضغط موافق , ثم نعيد تشغيل الجهاز
وبلغني بالنتائج بعدين
توقيع : KoNaMi
تأييد
0
البتال
عـضـو شـرف
- إنضم
- 29 أكتوبر 2007
- المشاركات
- 11,540
- مستوى التفاعل
- 987
- النقاط
- 920
- الإقامة
- مكة المكرمة
- الموقع الالكتروني
- forum.zyzoom.net
غير متصل
تأييد
0
KoNaMi
زيزوومى فضى
غير متصل
يالغلاا هذة اداة للتخلص من اخطاء النظام بعمل تصليح لاخطاء الرجستري
طيب يابعدي اعمل الاتي
عطل جميع برامج الحمايه
نزل هذه الاداة
عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ،، وبذلك يكون الفحص انتهى الصق التقرير بمشاركتك القادمة
طيب يابعدي اعمل الاتي
عطل جميع برامج الحمايه
نزل هذه الاداة
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ،، وبذلك يكون الفحص انتهى الصق التقرير بمشاركتك القادمة
توقيع : KoNaMi
تأييد
0
البتال
عـضـو شـرف
- إنضم
- 29 أكتوبر 2007
- المشاركات
- 11,540
- مستوى التفاعل
- 987
- النقاط
- 920
- الإقامة
- مكة المكرمة
- الموقع الالكتروني
- forum.zyzoom.net
غير متصل
بارك الله فيك يا غالي تفضل التقرير
ComboFix 09-06-04.06 - moon 06/05/2009 3:42.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1256.966.1025.18.3061.2568 [GMT 3:00]
Running from: c:\documents and settings\moon\سطح المكتب\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
AV: Kaspersky Internet Security *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
AV: Spy Sweeper with AntiVirus *On-access scanning enabled* (Updated) {B3891867-7230-459B-9987-E7CCFA7A7D1D}
AV: Twister AntiTrojanVirus *On-access scanning disabled* (Updated) {FBD70C7C-71BD-4591-96BD-863C6980BE65}
FW: Kaspersky Internet Security *enabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\kakle.dll
c:\windows\system32\mfc45.dll
c:\windows\system32\Ultra.dll
.
((((((((((((((((((((((((( Files Created from 2009-05-05 to 2009-06-05 )))))))))))))))))))))))))))))))
.
2009-06-04 17:40 . 2009-06-04 17:41 -------- dc----w- c:\program files\Common Files\Filseclab
2009-06-04 17:40 . 2009-06-04 17:40 -------- dc----w- c:\program files\Filseclab
2009-06-04 17:40 . 2009-06-04 17:40 -------- dc----w- c:\documents and settings\moon\Application Data\InstallShield
2009-06-03 05:12 . 2009-02-17 10:32 2937720 -c--a-w- c:\documents and settings\moon\Application Data\Simply Super Software\Trojan Remover\uub1D.exe
2009-06-03 04:11 . 2009-06-03 04:11 -------- dc----w- c:\documents and settings\moon\Application Data\Grisoft
2009-06-03 04:11 . 2007-05-30 12:10 10872 -c--a-w- c:\windows\system32\drivers\AvgAsCln.sys
2009-06-03 04:11 . 2009-06-03 04:11 -------- dc----w- c:\documents and settings\All Users\Application Data\Grisoft
2009-06-02 23:09 . 2009-06-02 23:09 1251 -c--a-w- c:\documents and settings\moon\Application Data\iolo\restore.bat
2009-06-02 22:59 . 2009-06-02 22:59 -------- dc----w- c:\documents and settings\NetworkService\Application Data\iolo
2009-06-02 22:59 . 2009-05-29 12:54 940896 -c--a-w- c:\windows\system32\Incinerator.dll
2009-06-02 22:59 . 2008-04-17 07:45 9341 -c--a-w- c:\windows\system32\drivers\filedisk.sys
2009-06-02 22:59 . 2009-02-17 08:26 8192 -c--a-w- c:\windows\system32\smrgdf.exe
2009-06-02 22:59 . 2009-02-17 08:31 28672 -c--a-w- c:\windows\system32\iolobtdfg.exe
2009-06-02 22:59 . 2009-06-02 22:59 -------- dc----w- c:\program files\iolo
2009-06-02 22:57 . 2009-06-02 23:09 -------- dc----w- c:\documents and settings\moon\Application Data\iolo
2009-06-02 22:57 . 2009-06-02 23:04 -------- dc----w- c:\documents and settings\All Users\Application Data\iolo
2009-06-01 21:05 . 2009-06-02 23:24 -------- dc----w- c:\program files\Bug Doctor
2009-06-01 19:08 . 2009-06-03 05:12 -------- dc----w- c:\program files\Magellan Explorer 3
2009-06-01 04:35 . 2008-04-14 18:30 82944 -c--a-w- c:\windows\system32\dllcache\tp4mon.exe
2009-06-01 04:34 . 2008-04-13 19:04 166912 -c--a-w- c:\windows\system32\dllcache\s3gnbm.sys
2009-06-01 04:33 . 2001-09-18 07:44 128000 -c--a-w- c:\windows\system32\dllcache\n100325.sys
2009-06-01 04:32 . 2008-04-15 17:00 79872 -c--a-w- c:\windows\system32\dllcache\iislog51.dll
2009-06-01 04:31 . 2001-09-18 08:05 62976 -c--a-w- c:\windows\system32\dllcache\eqnloop.exe
2009-06-01 04:30 . 2008-04-14 18:29 15423 -c--a-w- c:\windows\system32\dllcache\ch7xxnt5.dll
2009-06-01 04:29 . 2008-04-15 17:00 367616 -c--a-w- c:\windows\system32\dllcache\asp51.dll
2009-05-31 13:38 . 2009-05-31 13:38 -------- dc----w- c:\documents and settings\All Users\Application Data\AVG7
2009-05-31 13:25 . 2009-05-31 13:46 -------- dc----w- c:\documents and settings\moon\Application Data\AVG7
2009-05-29 22:54 . 2009-05-29 22:54 6144 -c--a-w- c:\documents and settings\All Users\Application Data\Spyware Terminator\sp_rsdel.exe
2009-05-29 22:54 . 2009-05-29 22:54 5632 -c--a-w- c:\documents and settings\All Users\Application Data\Spyware Terminator\fileobjinfo.sys
2009-05-29 22:54 . 2009-05-29 22:54 142592 -c--a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2009-05-29 22:54 . 2009-06-04 19:11 -------- dc----w- c:\documents and settings\All Users\Application Data\Spyware Terminator
2009-05-29 22:54 . 2009-06-04 19:09 -------- dc----w- c:\documents and settings\moon\Application Data\Spyware Terminator
2009-05-28 16:50 . 2009-05-28 17:12 -------- d-----w- C:\kl.files
2009-05-28 11:46 . 2009-05-28 11:46 -------- dc----w- c:\documents and settings\moon\Application Data\Ashampoo
2009-05-27 23:17 . 2009-05-27 23:17 -------- dc----w- c:\program files\Microsoft Windows OneCare Live
2009-05-27 20:58 . 2009-05-27 23:17 -------- dc----w- c:\program files\Windows Live Safety Center
2009-05-27 20:10 . 2009-05-27 20:10 -------- dc----w- c:\documents and settings\moon\Local Settings\Application Data\Panda Software
2009-05-27 20:10 . 2009-05-27 20:55 -------- dc----w- C:\zyzoom_Panda_Antivirus_2008
2009-05-27 15:44 . 2009-05-27 17:54 -------- dc----w- c:\program files\a-squared Free
2009-05-26 15:46 . 2009-05-26 15:46 7680 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Error Repair Professional 3.9.6\4000001500002i\ClamTray.exe
2009-05-26 15:46 . 2009-05-26 15:46 7680 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Error Repair Professional 3.9.6\400000b000002i\PCSuite.exe
2009-05-26 15:46 . 2009-05-26 15:46 7680 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Error Repair Professional 3.9.6\40000016700002i\SpyEraser.exe
2009-05-25 09:31 . 2009-05-27 23:21 -------- dc----w- c:\documents and settings\moon\Application Data\.clamwin
2009-05-25 09:31 . 2009-05-25 09:31 -------- dc----w- c:\program files\ClamWin
2009-05-25 09:31 . 2009-05-25 09:31 -------- dc----w- c:\documents and settings\All Users\.clamwin
2009-05-24 03:29 . 2009-05-24 03:29 -------- dc----w- c:\program files\Reference Assemblies
2009-05-23 10:22 . 2009-05-23 10:22 -------- dc----w- c:\program files\eBook Workshop
2009-05-22 09:00 . 2009-06-05 00:47 -------- dc----w- c:\documents and settings\moon\Tracing
2009-05-22 08:08 . 2009-05-22 08:08 -------- dc----w- c:\documents and settings\All Users\Application Data\Uniblue
2009-05-22 08:08 . 2008-12-22 05:23 20232 -c--a-w- c:\windows\system32\AntiSpyNative64.exe
2009-05-22 08:08 . 2008-12-22 05:23 16648 -c--a-w- c:\windows\system32\AntiSpyNative32.exe
2009-05-22 08:00 . 2009-05-22 08:04 25254968 -c--a-w- c:\documents and settings\moon\Application Data\Uniblue\SpyEraser\SpyEraser_Setup_5_22_2009.exe
2009-05-22 04:37 . 2009-05-22 04:37 -------- dc----w- c:\program files\Foxit Software
2009-05-22 04:37 . 2009-05-22 04:37 -------- dc----w- c:\documents and settings\moon\Application Data\Foxit
2009-05-22 00:52 . 2009-05-22 00:52 -------- dc----w- c:\program files\Sophos
2009-05-22 00:50 . 2009-05-22 00:50 4776 -csha-w- c:\windows\system32\drivers\dbaF.DAT
2009-05-22 00:50 . 2009-05-22 00:50 4776 -csha-w- c:\windows\system32\drivers\c25E.DAT
2009-05-22 00:50 . 2009-05-22 00:50 4776 -csha-w- c:\windows\system32\drivers\026D.DAT
2009-05-21 23:26 . 2009-05-21 23:26 -------- dc----w- c:\documents and settings\moon\Application Data\Nokia Multimedia Player
2009-05-21 11:41 . 2009-05-21 11:41 -------- dc----w- c:\documents and settings\All Users\Application Data\PC Suite
2009-05-21 11:40 . 2009-05-21 11:41 -------- dc----w- c:\documents and settings\moon\Application Data\Nokia
2009-05-21 11:40 . 2009-05-21 11:40 -------- dc----w- c:\program files\DIFX
2009-05-21 11:40 . 2009-05-21 11:40 -------- dc----w- c:\program files\Common Files\PCSuite
2009-05-21 11:40 . 2009-05-21 11:40 -------- dc----w- c:\program files\Common Files\Nokia
2009-05-21 11:40 . 2009-05-21 11:41 -------- dc----w- c:\documents and settings\moon\Application Data\PC Suite
2009-05-21 11:40 . 2009-05-25 20:38 -------- dc----w- c:\program files\PC Connectivity Solution
2009-05-21 11:40 . 2009-05-21 11:40 -------- dc----w- c:\program files\Nokia
2009-05-21 11:40 . 2007-02-22 07:15 90624 -c--a-w- c:\windows\system32\nmwcdcls.dll
2009-05-21 11:39 . 2009-05-21 11:39 733783 -c--a-w- c:\documents and settings\All Users\Application Data\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Packages\Nokia_PC_Suite\CustomActions\NSU_Inst_fix.exe
2009-05-21 11:39 . 2009-05-21 11:39 8192 -c--a-w- c:\documents and settings\All Users\Application Data\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Installer\CommonCustomActions\UninstCCD.exe
2009-05-21 11:39 . 2009-05-21 11:39 61440 -c--a-w- c:\documents and settings\All Users\Application Data\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-05-21 11:39 . 2009-05-21 11:39 10240 -c--a-w- c:\documents and settings\All Users\Application Data\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Installer\CommonCustomActions\UninstPCS.exe
2009-05-21 11:39 . 2009-05-21 11:39 -------- dc----w- c:\documents and settings\All Users\Application Data\Installations
2009-05-20 00:36 . 2009-05-20 00:36 7680 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Error Repair Professional 3.9.6\4000003d00002i\TargetWebADSh.exe
2009-05-19 20:34 . 2009-05-19 20:34 -------- dc----w- c:\documents and settings\moon\DoctorWeb
2009-05-19 20:34 . 2009-05-19 20:38 -------- dc----w- C:\DrWebPortable
2009-05-18 22:31 . 2009-05-18 22:31 -------- dc----w- c:\documents and settings\moon\Local Settings\Application Data\Identities
2009-05-18 20:19 . 2009-05-18 20:19 -------- dc----w- c:\program files\ProDM
2009-05-18 18:04 . 2009-05-18 18:04 -------- dc----w- c:\documents and settings\All Users\Application Data\Fighters
2009-05-18 18:04 . 2009-05-18 18:04 -------- dc----w- c:\program files\Fighters
2009-05-18 09:18 . 2009-05-18 09:18 24576 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\SUPERAntiSpyware Free Edition\1000000600002i\svchost.exe
2009-05-18 09:17 . 2009-05-18 09:17 -------- dc----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-05-18 09:04 . 2009-05-18 09:04 -------- dc----w- C:\VundoFix Backups
2009-05-18 08:12 . 2009-05-18 08:12 26624 -c--a-w- c:\windows\system32\drivers\fsbts.sys
2009-05-18 07:50 . 2009-05-18 07:50 7680 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Error Repair Professional 3.9.6\10000006600002i\regedit.exe
2009-05-18 07:42 . 2009-05-18 07:42 7680 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Error Repair Professional 3.9.6\40000022c00002i\RegDoctor.exe
2009-05-18 07:42 . 2009-05-18 07:42 7680 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Error Repair Professional 3.9.6\4000003300002i\avp.exe
2009-05-18 07:42 . 2009-05-18 07:42 7680 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Error Repair Professional 3.9.6\4000003200002i\realsched.exe
2009-05-18 07:42 . 2009-05-18 07:42 7680 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Error Repair Professional 3.9.6\4000003b900002i\msnmsgr.exe
2009-05-18 07:42 . 2009-05-18 07:42 7680 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Error Repair Professional 3.9.6\40000014000002i\SpyEraser.exe
2009-05-18 07:42 . 2009-05-18 07:42 7680 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Error Repair Professional 3.9.6\4000002b000002i\IDMan.exe
2009-05-18 07:42 . 2009-05-18 07:42 7680 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Error Repair Professional 3.9.6\400000600002i\ctfmon.exe
2009-05-18 07:42 . 2009-05-18 07:42 7680 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Error Repair Professional 3.9.6\4000001f400002i\RegistryBooster.exe
2009-05-18 07:42 . 2009-05-18 07:42 -------- dc----w- c:\documents and settings\moon\Local Settings\Application Data\Thinstall
2009-05-18 02:27 . 2009-06-05 00:42 -------- dc----w- c:\windows\system32\CatRoot2
2009-05-17 00:05 . 2009-05-17 00:05 -------- dc----w- c:\windows\system32\xircom
2009-05-17 00:05 . 2009-05-17 00:05 -------- dc----w- c:\windows\system32\wbem\snmp
2009-05-17 00:04 . 2009-05-17 00:04 -------- dc----w- c:\program files\microsoft frontpage
2009-05-17 00:02 . 2009-05-17 00:02 -------- dc----w- c:\program files\xp-AntiSpy
2009-05-16 23:52 . 2008-12-11 05:38 159600 -c--a-w- c:\windows\system32\drivers\pctgntdi.sys
2009-05-16 23:52 . 2009-04-03 08:18 130936 -c--a-w- c:\windows\system32\drivers\PCTCore.sys
2009-05-16 23:52 . 2008-12-18 09:16 73840 -c--a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2009-05-16 23:52 . 2009-05-16 23:52 -------- dc----w- c:\program files\Common Files\PC Tools
2009-05-16 23:52 . 2008-12-10 08:36 64392 -c--a-w- c:\windows\system32\drivers\pctplsg.sys
2009-05-16 23:52 . 2009-05-16 23:52 -------- dc----w- c:\program files\Spyware Doctor
2009-05-16 23:52 . 2009-05-16 23:52 -------- dc----w- c:\documents and settings\moon\Application Data\PC Tools
2009-05-16 23:52 . 2009-05-16 23:52 -------- dc----w- c:\documents and settings\All Users\Application Data\PC Tools
2009-05-16 00:48 . 2009-05-28 09:06 -------- dc----w- c:\program files\Microsoft Bootvis
2009-05-16 00:48 . 2009-05-28 08:57 1078 -c--a-r- c:\documents and settings\moon\Application Data\Microsoft\Installer\{0F9196C6-58B4-445B-B56E-B1200FECC151}\_4ae13d6c.exe
2009-05-16 00:48 . 2009-05-28 08:57 1078 -c--a-r- c:\documents and settings\moon\Application Data\Microsoft\Installer\{0F9196C6-58B4-445B-B56E-B1200FECC151}\_2cd672ae.exe
2009-05-16 00:48 . 2009-05-28 08:57 1078 -c--a-r- c:\documents and settings\moon\Application Data\Microsoft\Installer\{0F9196C6-58B4-445B-B56E-B1200FECC151}\_294823.exe
2009-05-16 00:48 . 2009-05-28 08:57 1078 -c--a-r- c:\documents and settings\moon\Application Data\Microsoft\Installer\{0F9196C6-58B4-445B-B56E-B1200FECC151}\_18be6784.exe
2009-05-13 00:25 . 2009-05-13 00:25 -------- dc----w- c:\documents and settings\All Users\Application Data\Webroot
2009-05-13 00:25 . 2009-05-13 00:25 -------- dc----w- c:\documents and settings\moon\Application Data\Webroot
2009-05-13 00:25 . 2009-05-13 00:25 -------- dc----w- c:\documents and settings\NetworkService\Application Data\Webroot
2009-05-13 00:25 . 2009-05-19 21:09 -------- dc----w- C:\Zyzoom_Spy Sweeper
2009-05-13 00:01 . 2009-06-03 03:09 -------- dc----w- C:\zbit11
2009-05-09 22:50 . 2006-05-18 21:00 10752 -c----w- c:\windows\system32\aamd532.dll
2009-05-09 22:50 . 2009-05-09 22:53 -------- dc----w- c:\program files\PC Accelerator Professional
2009-05-09 21:52 . 2009-05-16 23:07 -------- dc----w- c:\program files\Common Files\delet
2009-05-09 02:24 . 2009-05-09 02:24 -------- dc----w- c:\documents and settings\All Users\Application Data\Avira
2009-05-08 22:35 . 2009-05-08 22:36 -------- dc----w- C:\z0120
2009-05-08 22:15 . 2009-05-08 22:15 -------- dc----w- c:\documents and settings\moon\Local Settings\Application Data\Runscanner.net
2009-05-08 19:36 . 2009-05-08 19:36 -------- dc----w- c:\program files\Godlike Developers
2009-05-08 16:46 . 2009-02-05 21:11 1256296 -c--a-w- c:\windows\system32\aswBoot.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-05 00:47 . 2009-04-14 16:51 -------- dc----w- c:\documents and settings\moon\Application Data\DMCache
2009-06-05 00:46 . 2009-04-16 16:38 -------- dc----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-06-05 00:44 . 2009-04-16 16:38 3220 -csha-w- c:\windows\system32\drivers\fidbox2.idx
2009-06-05 00:44 . 2009-04-16 16:38 319520 -csha-w- c:\windows\system32\drivers\fidbox2.dat
2009-06-05 00:44 . 2009-04-16 16:38 13452 -csha-w- c:\windows\system32\drivers\fidbox.idx
2009-06-05 00:44 . 2009-04-16 16:38 1315360 -csha-w- c:\windows\system32\drivers\fidbox.dat
2009-06-05 00:20 . 2001-09-19 18:00 68396 ----a-w- c:\windows\system32\perfc001.dat
2009-06-05 00:20 . 2001-09-19 18:00 375078 ----a-w- c:\windows\system32\perfh001.dat
2009-06-04 19:20 . 2009-05-04 22:00 227 -c-ha-w- c:\windows\winshell.dat
2009-06-04 19:17 . 2009-06-04 19:16 918045 -c-ha-w- C:\DH Temp.tmp
2009-06-04 19:07 . 2001-10-17 14:09 66 -c--a-w- c:\windows\anticrash.dat
2009-06-04 17:40 . 2009-04-14 08:44 -------- dc-h--w- c:\program files\InstallShield Installation Information
2009-06-03 05:12 . 2009-05-05 17:10 -------- dc--a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-06-01 21:15 . 2009-04-28 17:18 -------- dc----w- c:\documents and settings\All Users\Application Data\ThumbsPlus
2009-06-01 19:30 . 2009-04-28 17:19 -------- dc----w- c:\documents and settings\moon\Application Data\ThumbsPlus
2009-06-01 00:47 . 2009-04-14 16:51 -------- dc----w- c:\documents and settings\moon\Application Data\IDM
2009-05-27 20:55 . 2009-05-03 11:58 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{92E7A367-8E12-4830-AA70-29C32E331A81}
2009-05-26 21:28 . 2009-04-14 08:44 94752 -c--a-w- c:\documents and settings\moon\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-21 05:08 . 2009-04-16 16:38 94643 -c--a-w- c:\windows\system32\drivers\klick.dat
2009-05-21 05:08 . 2009-04-16 16:38 105395 -c--a-w- c:\windows\system32\drivers\klin.dat
2009-05-18 09:17 . 2009-04-15 04:37 -------- dc----w- c:\documents and settings\moon\Application Data\Thinstall
2009-05-18 06:52 . 2009-04-20 22:25 -------- dc----w- c:\program files\Common Files\Wise Installation Wizard
2009-05-18 02:18 . 2009-04-21 18:19 -------- dc----w- c:\program files\TuneUp Utilities 2009
2009-05-13 00:37 . 2009-05-05 17:09 -------- dc----w- c:\program files\Trojan Remover
2009-05-12 20:50 . 2009-05-03 11:59 -------- dc----w- c:\documents and settings\moon\Application Data\Uniblue
2009-05-12 20:19 . 2009-05-03 11:59 -------- dc----w- c:\program files\Uniblue
2009-05-07 16:56 . 2009-04-14 09:01 -------- dc----w- c:\program files\Common Files\Real
2009-05-07 16:56 . 2009-04-14 09:01 499712 -c--a-w- c:\windows\system32\msvcp71.dll
2009-05-07 16:35 . 2009-05-05 19:45 -------- dc----w- c:\program files\Spybot - Search & Destroy
2009-05-07 16:33 . 2009-05-05 19:45 -------- dc----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-05-05 20:23 . 2009-05-05 20:23 737280 -c--a-w- c:\windows\iun6002.exe
2009-05-05 17:09 . 2009-05-05 17:09 -------- dc----w- c:\documents and settings\moon\Application Data\Simply Super Software
2009-05-05 17:09 . 2009-05-05 17:09 -------- dc----w- c:\documents and settings\All Users\Application Data\Simply Super Software
2009-05-04 22:00 . 2009-05-04 22:00 -------- dc----w- c:\program files\Dachshund Software
2009-05-03 20:22 . 2009-05-03 18:34 -------- dc----w- c:\program files\arabic2regclean
2009-05-03 18:34 . 2009-05-03 18:34 40960 -c--a-w- c:\windows\system32\SSubTmr6.dll
2009-05-01 18:56 . 2009-05-01 18:55 -------- dc----w- c:\program files\IE Accelerator
2009-04-28 21:25 . 2009-04-14 16:51 -------- dc----w- c:\program files\Internet Download Manager
2009-04-28 17:19 . 2009-04-28 17:18 -------- dc----w- c:\program files\Thumbs7
2009-04-28 15:21 . 2009-04-28 15:21 5973 -c--a-w- c:\program files\un_Internet Download Manager_16575.txt
2009-04-28 12:28 . 2009-04-26 22:37 -------- dc----w- c:\program files\Error Repair Professional
2009-04-27 02:40 . 2009-04-27 02:40 -------- dc----w- c:\program files\Ashampoo
2009-04-26 23:40 . 2009-04-15 05:28 -------- dc----w- c:\program files\Registry Winner
2009-04-26 23:15 . 2009-04-26 23:15 -------- dc----w- c:\program files\Speed Gear 5
2009-04-26 23:12 . 2009-04-26 23:12 120240 -c--a-w- c:\documents and settings\moon\Application Data\IDM\idmmzcc02\components\idmmzcc.dll
2009-04-26 21:48 . 2009-04-26 21:47 -------- dc----w- c:\program files\Windows Live
2009-04-26 21:48 . 2009-04-26 21:48 -------- dc----w- c:\program files\Microsoft
2009-04-26 21:47 . 2009-04-26 21:47 -------- dc----w- c:\program files\Windows Live SkyDrive
2009-04-26 21:42 . 2009-04-26 21:42 -------- dc----w- c:\program files\Common Files\Windows Live
2009-04-22 07:51 . 2009-04-22 07:51 7168 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Internet Download Manager\1000000600002i\svchost.exe
2009-04-21 18:27 . 2009-04-21 18:27 362240 -c--a-w- c:\windows\system32\TuneUpDefragService.exe
2009-04-21 18:19 . 2009-04-21 18:19 -------- dc----w- c:\documents and settings\moon\Application Data\TuneUp Software
2009-04-21 18:19 . 2009-04-21 18:19 -------- dc----w- c:\documents and settings\All Users\Application Data\TuneUp Software
2009-04-21 00:26 . 2009-04-21 00:26 7168 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Internet Download Manager\4000009c00002i\iexplore.exe
2009-04-21 00:24 . 2009-04-21 00:24 7168 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Internet Download Manager\40000050700002i\mplayerc.exe
2009-04-20 23:36 . 2009-04-20 23:36 7168 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Internet Download Manager\4000002af00002i\IDMan.exe
2009-04-20 22:26 . 2009-04-20 22:26 -------- dc----w- c:\program files\TechSmith
2009-04-20 22:26 . 2009-04-20 22:26 -------- dc----w- c:\documents and settings\All Users\Application Data\TechSmith
2009-04-20 21:47 . 2009-04-20 21:47 7168 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Internet Download Manager\1000000b00002i\verclsid.exe
2009-04-20 21:47 . 2009-04-20 21:47 7168 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Internet Download Manager\10000001400002i\NOTEPAD.EXE
2009-04-20 21:47 . 2009-04-20 21:47 7168 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Internet Download Manager\400000b300002i\ACDSeeQVPro2.exe
2009-04-20 21:31 . 2009-04-20 21:31 7168 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Internet Download Manager\40000013500002i\WinRAR.exe
2009-04-20 21:28 . 2009-04-20 21:28 7168 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Internet Download Manager\4000001100002i\RealOneMessageCenter.exe
2009-04-20 21:28 . 2009-04-20 21:28 7168 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Internet Download Manager\400000600002i\rphelperapp.exe
2009-04-20 21:28 . 2009-04-20 21:28 7168 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Internet Download Manager\4000008100002i\RealPlay.exe
2009-04-20 21:22 . 2009-04-20 21:22 7168 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Internet Download Manager\10000001300002i\wmplayer.exe
2009-04-18 19:15 . 2009-04-18 19:15 -------- dc----w- c:\program files\iVocalize Web Conference 4
2009-04-17 19:14 . 2009-04-17 19:14 -------- dc----w- c:\documents and settings\moon\Application Data\Moyea
2009-04-17 19:14 . 2009-04-17 19:14 -------- dc----w- c:\program files\Moyea
2009-04-16 16:50 . 2008-01-29 14:29 33808 -c--a-w- c:\windows\system32\drivers\klbg.sys
2009-04-16 16:50 . 2009-04-16 16:50 206088 -c--a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\avp.exe
2009-04-16 16:50 . 2009-04-16 16:50 33808 -c--a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\klbg.sys
2009-04-16 16:50 . 2009-04-16 16:50 226832 -c--a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\XP\klif.sys
2009-04-16 16:38 . 2009-04-16 16:38 -------- dc----w- c:\program files\Kaspersky Lab
2009-04-16 16:33 . 2009-04-16 16:33 -------- dc----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-04-15 12:06 . 2009-04-15 12:06 -------- dc----w- c:\documents and settings\moon\Application Data\ACD Systems
2009-04-15 06:00 . 2009-04-14 09:11 -------- dc----w- c:\program files\Microsoft Works
2009-04-15 05:06 . 2009-04-15 05:06 -------- dc----w- c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2009-04-15 04:37 . 2009-04-15 04:37 7168 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Internet Download Manager\4000004000002i\IEMonitor.exe
2009-04-15 04:37 . 2009-04-15 04:37 198064 -c--a-w- c:\documents and settings\moon\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
2009-04-14 23:26 . 2009-04-14 23:26 -------- dc----w- c:\documents and settings\moon\Application Data\Media Player Classic
2009-04-14 16:56 . 2009-04-14 16:55 2814112 -c--a-w- c:\documents and settings\moon\Application Data\IDM\idmupdt.exe
2009-04-14 09:12 . 2009-04-14 09:12 -------- dc----w- c:\program files\Microsoft.NET
2009-04-14 09:04 . 2009-04-14 09:04 -------- dc----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-04-14 09:04 . 2009-04-14 09:04 -------- dc----w- c:\program files\Ringz Studio
2009-04-14 09:01 . 2009-04-14 09:01 348160 -c--a-w- c:\windows\system32\msvcr71.dll
2009-04-14 09:01 . 2009-04-14 09:01 -------- dc----w- c:\program files\Real
2009-04-14 09:01 . 2009-04-14 09:01 -------- dc----w- c:\program files\Common Files\ACD Systems
2009-04-14 09:01 . 2009-04-14 09:01 -------- dc----w- c:\documents and settings\All Users\Application Data\ACD Systems
2009-04-14 09:01 . 2009-04-14 09:01 -------- dc----w- c:\program files\ACD Systems
2009-04-14 08:45 . 2009-04-14 08:45 -------- dc----w- c:\program files\Intel
2009-04-14 08:44 . 2009-04-14 08:44 -------- dc----w- c:\program files\Realtek
2009-04-14 08:44 . 2009-04-14 08:44 315392 -c--a-w- c:\windows\HideWin.exe
2009-04-14 08:44 . 2009-04-14 08:44 -------- dc----w- c:\program files\Common Files\InstallShield
2009-04-14 08:32 . 2009-04-14 08:32 -------- dc----w- c:\program files\Windows Media Connect 2
2009-04-14 08:29 . 2009-04-14 08:29 22144 -c--a-w- c:\windows\system32\emptyregdb.dat
2009-03-08 01:34 . 2008-05-07 05:08 914944 -c--a-w- c:\windows\system32\wininet.dll
2009-03-08 01:34 . 2008-05-07 05:08 43008 -c--a-w- c:\windows\system32\licmgr10.dll
2009-03-08 01:33 . 2008-05-07 05:08 18944 -c--a-w- c:\windows\system32\corpol.dll
2009-03-08 01:33 . 2008-04-14 21:29 420352 -c--a-w- c:\windows\system32\vbscript.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Uniblue RegistryBooster 2009"="c:\program files\Uniblue\RegistryBooster\RegistryBooster.exe" [2008-08-26 2019624]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"Uniblue SpyEraser"="c:\program files\Uniblue\SpyEraser\SpyEraser.exe" [2008-12-22 1431816]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-04-27 2799024]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-05-07 198160]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-04-16 206088]
"ClamWin"="c:\program files\ClamWin\bin\ClamTray.exe" [2009-04-14 86016]
"!AVG Anti-Spyware"="c:\program files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 6731312]
"twister"="c:\program files\Filseclab\Twister\twister.exe" [2009-01-22 565248]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 1294336]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
c:\documents and settings\All Users\çںê، ں §ڑ\ںé ©ںê¤\ §ک ں颬نïé\
Filseclab Messenger.lnk - c:\program files\Common Files\Filseclab\FilMsg.exe [2009-6-4 319488]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoConfigPage"= 0 (0x0)
"NoDevMgrPage"= 0 (0x0)
"NoFileSysPage"= 0 (0x0)
"NoVirtMemPage"= 0 (0x0)
"NoSecCpl"= 0 (0x0)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"NoConfigPage"= 0 (0x0)
"NoDevMgrPage"= 0 (0x0)
"NoFileSysPage"= 0 (0x0)
"NoVirtMemPage"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoChangeAnimation"= 1 (0x1)
"NoStrCmpLogical"= 1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoStrCmpLogical"= 1 (0x1)
"NoStartMenuSubFolders"= 0 (0x0)
"NoCommonGroups"= 0 (0x0)
"NoPrinters"= 0 (0x0)
"NoRecentDocsNetHood"= 0 (0x0)
"NoChangeAnimation"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"IDMan"=c:\program files\Internet Download Manager\IDMan.exe /onboot
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" /background
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [18/05/2009 11:12 ص 26624]
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 05:29 م 33808]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [17/05/2009 02:52 ص 130936]
R0 ulsata2;ulsata2;c:\windows\system32\drivers\ulsata2.sys [07/05/2008 08:09 ص 124928]
R1 filar;Filseclab Dynamic Defense System Driver;c:\progra~1\COMMON~1\FILSEC~1\filar.sys [04/06/2009 08:41 م 10896]
R2 ioloFileInfoList;iolo FileInfoList Service;c:\program files\iolo\Common\Lib\ioloServiceManager.exe [03/06/2009 01:59 ص 600944]
R2 ioloSystemService;iolo System Service;c:\program files\iolo\Common\Lib\ioloServiceManager.exe [03/06/2009 01:59 ص 600944]
R3 filpp;filpp;c:\progra~1\COMMON~1\FILSEC~1\filpp.sys [04/06/2009 08:41 م 9776]
R3 IMMDRV;IMMDRV;c:\progra~1\FILSEC~1\Twister\immdrv.sys [04/06/2009 08:40 م 151984]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/04/2008 05:06 م 24592]
S3 clr_optimization_v4.0.20506_32;.NET Runtime Optimization Service v4.0.20506_X86;c:\windows\Microsoft.NET\Framework\v4.0.20506\mscorsvw.exe [06/05/2009 09:08 ص 104272]
S3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [13/03/2008 06:02 م 26640]
S3 utezmza0;AVZ Kernel Driver;\??\c:\windows\system32\Drivers\utezmza0.sys --> c:\windows\system32\Drivers\utezmza0.sys [?]
.
Contents of the 'Scheduled Tasks' folder
2009-05-11 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-11-20 13:28]
2009-05-06 c:\windows\Tasks\Registry Winner Schedule.job
- c:\program files\Registry Winner\RegistryWinner.exe [2009-04-15 08:17]
2009-06-01 c:\windows\Tasks\SLOW-PCfighter.job
- c:\program files\Fighters\SLOW-PCfighter\SLOW-PCfighter.exe [2009-05-05 11:23]
2009-05-22 c:\windows\Tasks\Uniblue SpyEraser.job
- c:\program files\Uniblue\SpyEraser\SpyEraser.exe [2009-05-12 05:23]
2009-05-11 c:\windows\Tasks\User_Feed_Synchronization-{E9D9BFE4-2A29-43D0-ACD9-B81B20BA2DBA}.job
- c:\windows\system32\msfeedssync.exe [2008-05-07 01:31]
.
- - - - ORPHANS REMOVED - - - -
SafeBoot-AVG Anti-Spyware Driver
SafeBoot-procexp90.Sys
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.sa/
IE: إضافة إلى حاجب إعلان الشعار - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
IE: تحميل الكل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى FLV بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetVL.htm
.
.
------- File Associations -------
.
JSEFile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1
vbefile\shell\edit\command=%SystemRoot%\System32\Notepad.exe %1
vbsfile\shell\edit\command=c:\windows\Notepad.exe %1
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
Rootkit scan 2009-06-05 03:47
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(3896)
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 6\phonebrowser.dll
c:\program files\Nokia\Nokia PC Suite 6\PCSCM.dll
c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_ara.nlr
c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\a-squared Free\a2service.exe
c:\program files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Internet Download Manager\IEMonitor.exe
.
**************************************************************************
.
Completion time: 2009-06-05 3:48 - machine was rebooted
ComboFix-quarantined-files.txt 2009-06-05 00:48
Pre-Run: 17,648,705,536 bytes free
Post-Run: 17,686,163,456 bytes free
391 --- E O F --- 2009-05-09 08:21
ComboFix 09-06-04.06 - moon 06/05/2009 3:42.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1256.966.1025.18.3061.2568 [GMT 3:00]
Running from: c:\documents and settings\moon\سطح المكتب\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
AV: Kaspersky Internet Security *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
AV: Spy Sweeper with AntiVirus *On-access scanning enabled* (Updated) {B3891867-7230-459B-9987-E7CCFA7A7D1D}
AV: Twister AntiTrojanVirus *On-access scanning disabled* (Updated) {FBD70C7C-71BD-4591-96BD-863C6980BE65}
FW: Kaspersky Internet Security *enabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\kakle.dll
c:\windows\system32\mfc45.dll
c:\windows\system32\Ultra.dll
.
((((((((((((((((((((((((( Files Created from 2009-05-05 to 2009-06-05 )))))))))))))))))))))))))))))))
.
2009-06-04 17:40 . 2009-06-04 17:41 -------- dc----w- c:\program files\Common Files\Filseclab
2009-06-04 17:40 . 2009-06-04 17:40 -------- dc----w- c:\program files\Filseclab
2009-06-04 17:40 . 2009-06-04 17:40 -------- dc----w- c:\documents and settings\moon\Application Data\InstallShield
2009-06-03 05:12 . 2009-02-17 10:32 2937720 -c--a-w- c:\documents and settings\moon\Application Data\Simply Super Software\Trojan Remover\uub1D.exe
2009-06-03 04:11 . 2009-06-03 04:11 -------- dc----w- c:\documents and settings\moon\Application Data\Grisoft
2009-06-03 04:11 . 2007-05-30 12:10 10872 -c--a-w- c:\windows\system32\drivers\AvgAsCln.sys
2009-06-03 04:11 . 2009-06-03 04:11 -------- dc----w- c:\documents and settings\All Users\Application Data\Grisoft
2009-06-02 23:09 . 2009-06-02 23:09 1251 -c--a-w- c:\documents and settings\moon\Application Data\iolo\restore.bat
2009-06-02 22:59 . 2009-06-02 22:59 -------- dc----w- c:\documents and settings\NetworkService\Application Data\iolo
2009-06-02 22:59 . 2009-05-29 12:54 940896 -c--a-w- c:\windows\system32\Incinerator.dll
2009-06-02 22:59 . 2008-04-17 07:45 9341 -c--a-w- c:\windows\system32\drivers\filedisk.sys
2009-06-02 22:59 . 2009-02-17 08:26 8192 -c--a-w- c:\windows\system32\smrgdf.exe
2009-06-02 22:59 . 2009-02-17 08:31 28672 -c--a-w- c:\windows\system32\iolobtdfg.exe
2009-06-02 22:59 . 2009-06-02 22:59 -------- dc----w- c:\program files\iolo
2009-06-02 22:57 . 2009-06-02 23:09 -------- dc----w- c:\documents and settings\moon\Application Data\iolo
2009-06-02 22:57 . 2009-06-02 23:04 -------- dc----w- c:\documents and settings\All Users\Application Data\iolo
2009-06-01 21:05 . 2009-06-02 23:24 -------- dc----w- c:\program files\Bug Doctor
2009-06-01 19:08 . 2009-06-03 05:12 -------- dc----w- c:\program files\Magellan Explorer 3
2009-06-01 04:35 . 2008-04-14 18:30 82944 -c--a-w- c:\windows\system32\dllcache\tp4mon.exe
2009-06-01 04:34 . 2008-04-13 19:04 166912 -c--a-w- c:\windows\system32\dllcache\s3gnbm.sys
2009-06-01 04:33 . 2001-09-18 07:44 128000 -c--a-w- c:\windows\system32\dllcache\n100325.sys
2009-06-01 04:32 . 2008-04-15 17:00 79872 -c--a-w- c:\windows\system32\dllcache\iislog51.dll
2009-06-01 04:31 . 2001-09-18 08:05 62976 -c--a-w- c:\windows\system32\dllcache\eqnloop.exe
2009-06-01 04:30 . 2008-04-14 18:29 15423 -c--a-w- c:\windows\system32\dllcache\ch7xxnt5.dll
2009-06-01 04:29 . 2008-04-15 17:00 367616 -c--a-w- c:\windows\system32\dllcache\asp51.dll
2009-05-31 13:38 . 2009-05-31 13:38 -------- dc----w- c:\documents and settings\All Users\Application Data\AVG7
2009-05-31 13:25 . 2009-05-31 13:46 -------- dc----w- c:\documents and settings\moon\Application Data\AVG7
2009-05-29 22:54 . 2009-05-29 22:54 6144 -c--a-w- c:\documents and settings\All Users\Application Data\Spyware Terminator\sp_rsdel.exe
2009-05-29 22:54 . 2009-05-29 22:54 5632 -c--a-w- c:\documents and settings\All Users\Application Data\Spyware Terminator\fileobjinfo.sys
2009-05-29 22:54 . 2009-05-29 22:54 142592 -c--a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2009-05-29 22:54 . 2009-06-04 19:11 -------- dc----w- c:\documents and settings\All Users\Application Data\Spyware Terminator
2009-05-29 22:54 . 2009-06-04 19:09 -------- dc----w- c:\documents and settings\moon\Application Data\Spyware Terminator
2009-05-28 16:50 . 2009-05-28 17:12 -------- d-----w- C:\kl.files
2009-05-28 11:46 . 2009-05-28 11:46 -------- dc----w- c:\documents and settings\moon\Application Data\Ashampoo
2009-05-27 23:17 . 2009-05-27 23:17 -------- dc----w- c:\program files\Microsoft Windows OneCare Live
2009-05-27 20:58 . 2009-05-27 23:17 -------- dc----w- c:\program files\Windows Live Safety Center
2009-05-27 20:10 . 2009-05-27 20:10 -------- dc----w- c:\documents and settings\moon\Local Settings\Application Data\Panda Software
2009-05-27 20:10 . 2009-05-27 20:55 -------- dc----w- C:\zyzoom_Panda_Antivirus_2008
2009-05-27 15:44 . 2009-05-27 17:54 -------- dc----w- c:\program files\a-squared Free
2009-05-26 15:46 . 2009-05-26 15:46 7680 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Error Repair Professional 3.9.6\4000001500002i\ClamTray.exe
2009-05-26 15:46 . 2009-05-26 15:46 7680 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Error Repair Professional 3.9.6\400000b000002i\PCSuite.exe
2009-05-26 15:46 . 2009-05-26 15:46 7680 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Error Repair Professional 3.9.6\40000016700002i\SpyEraser.exe
2009-05-25 09:31 . 2009-05-27 23:21 -------- dc----w- c:\documents and settings\moon\Application Data\.clamwin
2009-05-25 09:31 . 2009-05-25 09:31 -------- dc----w- c:\program files\ClamWin
2009-05-25 09:31 . 2009-05-25 09:31 -------- dc----w- c:\documents and settings\All Users\.clamwin
2009-05-24 03:29 . 2009-05-24 03:29 -------- dc----w- c:\program files\Reference Assemblies
2009-05-23 10:22 . 2009-05-23 10:22 -------- dc----w- c:\program files\eBook Workshop
2009-05-22 09:00 . 2009-06-05 00:47 -------- dc----w- c:\documents and settings\moon\Tracing
2009-05-22 08:08 . 2009-05-22 08:08 -------- dc----w- c:\documents and settings\All Users\Application Data\Uniblue
2009-05-22 08:08 . 2008-12-22 05:23 20232 -c--a-w- c:\windows\system32\AntiSpyNative64.exe
2009-05-22 08:08 . 2008-12-22 05:23 16648 -c--a-w- c:\windows\system32\AntiSpyNative32.exe
2009-05-22 08:00 . 2009-05-22 08:04 25254968 -c--a-w- c:\documents and settings\moon\Application Data\Uniblue\SpyEraser\SpyEraser_Setup_5_22_2009.exe
2009-05-22 04:37 . 2009-05-22 04:37 -------- dc----w- c:\program files\Foxit Software
2009-05-22 04:37 . 2009-05-22 04:37 -------- dc----w- c:\documents and settings\moon\Application Data\Foxit
2009-05-22 00:52 . 2009-05-22 00:52 -------- dc----w- c:\program files\Sophos
2009-05-22 00:50 . 2009-05-22 00:50 4776 -csha-w- c:\windows\system32\drivers\dbaF.DAT
2009-05-22 00:50 . 2009-05-22 00:50 4776 -csha-w- c:\windows\system32\drivers\c25E.DAT
2009-05-22 00:50 . 2009-05-22 00:50 4776 -csha-w- c:\windows\system32\drivers\026D.DAT
2009-05-21 23:26 . 2009-05-21 23:26 -------- dc----w- c:\documents and settings\moon\Application Data\Nokia Multimedia Player
2009-05-21 11:41 . 2009-05-21 11:41 -------- dc----w- c:\documents and settings\All Users\Application Data\PC Suite
2009-05-21 11:40 . 2009-05-21 11:41 -------- dc----w- c:\documents and settings\moon\Application Data\Nokia
2009-05-21 11:40 . 2009-05-21 11:40 -------- dc----w- c:\program files\DIFX
2009-05-21 11:40 . 2009-05-21 11:40 -------- dc----w- c:\program files\Common Files\PCSuite
2009-05-21 11:40 . 2009-05-21 11:40 -------- dc----w- c:\program files\Common Files\Nokia
2009-05-21 11:40 . 2009-05-21 11:41 -------- dc----w- c:\documents and settings\moon\Application Data\PC Suite
2009-05-21 11:40 . 2009-05-25 20:38 -------- dc----w- c:\program files\PC Connectivity Solution
2009-05-21 11:40 . 2009-05-21 11:40 -------- dc----w- c:\program files\Nokia
2009-05-21 11:40 . 2007-02-22 07:15 90624 -c--a-w- c:\windows\system32\nmwcdcls.dll
2009-05-21 11:39 . 2009-05-21 11:39 733783 -c--a-w- c:\documents and settings\All Users\Application Data\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Packages\Nokia_PC_Suite\CustomActions\NSU_Inst_fix.exe
2009-05-21 11:39 . 2009-05-21 11:39 8192 -c--a-w- c:\documents and settings\All Users\Application Data\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Installer\CommonCustomActions\UninstCCD.exe
2009-05-21 11:39 . 2009-05-21 11:39 61440 -c--a-w- c:\documents and settings\All Users\Application Data\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-05-21 11:39 . 2009-05-21 11:39 10240 -c--a-w- c:\documents and settings\All Users\Application Data\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Installer\CommonCustomActions\UninstPCS.exe
2009-05-21 11:39 . 2009-05-21 11:39 -------- dc----w- c:\documents and settings\All Users\Application Data\Installations
2009-05-20 00:36 . 2009-05-20 00:36 7680 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Error Repair Professional 3.9.6\4000003d00002i\TargetWebADSh.exe
2009-05-19 20:34 . 2009-05-19 20:34 -------- dc----w- c:\documents and settings\moon\DoctorWeb
2009-05-19 20:34 . 2009-05-19 20:38 -------- dc----w- C:\DrWebPortable
2009-05-18 22:31 . 2009-05-18 22:31 -------- dc----w- c:\documents and settings\moon\Local Settings\Application Data\Identities
2009-05-18 20:19 . 2009-05-18 20:19 -------- dc----w- c:\program files\ProDM
2009-05-18 18:04 . 2009-05-18 18:04 -------- dc----w- c:\documents and settings\All Users\Application Data\Fighters
2009-05-18 18:04 . 2009-05-18 18:04 -------- dc----w- c:\program files\Fighters
2009-05-18 09:18 . 2009-05-18 09:18 24576 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\SUPERAntiSpyware Free Edition\1000000600002i\svchost.exe
2009-05-18 09:17 . 2009-05-18 09:17 -------- dc----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-05-18 09:04 . 2009-05-18 09:04 -------- dc----w- C:\VundoFix Backups
2009-05-18 08:12 . 2009-05-18 08:12 26624 -c--a-w- c:\windows\system32\drivers\fsbts.sys
2009-05-18 07:50 . 2009-05-18 07:50 7680 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Error Repair Professional 3.9.6\10000006600002i\regedit.exe
2009-05-18 07:42 . 2009-05-18 07:42 7680 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Error Repair Professional 3.9.6\40000022c00002i\RegDoctor.exe
2009-05-18 07:42 . 2009-05-18 07:42 7680 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Error Repair Professional 3.9.6\4000003300002i\avp.exe
2009-05-18 07:42 . 2009-05-18 07:42 7680 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Error Repair Professional 3.9.6\4000003200002i\realsched.exe
2009-05-18 07:42 . 2009-05-18 07:42 7680 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Error Repair Professional 3.9.6\4000003b900002i\msnmsgr.exe
2009-05-18 07:42 . 2009-05-18 07:42 7680 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Error Repair Professional 3.9.6\40000014000002i\SpyEraser.exe
2009-05-18 07:42 . 2009-05-18 07:42 7680 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Error Repair Professional 3.9.6\4000002b000002i\IDMan.exe
2009-05-18 07:42 . 2009-05-18 07:42 7680 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Error Repair Professional 3.9.6\400000600002i\ctfmon.exe
2009-05-18 07:42 . 2009-05-18 07:42 7680 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Error Repair Professional 3.9.6\4000001f400002i\RegistryBooster.exe
2009-05-18 07:42 . 2009-05-18 07:42 -------- dc----w- c:\documents and settings\moon\Local Settings\Application Data\Thinstall
2009-05-18 02:27 . 2009-06-05 00:42 -------- dc----w- c:\windows\system32\CatRoot2
2009-05-17 00:05 . 2009-05-17 00:05 -------- dc----w- c:\windows\system32\xircom
2009-05-17 00:05 . 2009-05-17 00:05 -------- dc----w- c:\windows\system32\wbem\snmp
2009-05-17 00:04 . 2009-05-17 00:04 -------- dc----w- c:\program files\microsoft frontpage
2009-05-17 00:02 . 2009-05-17 00:02 -------- dc----w- c:\program files\xp-AntiSpy
2009-05-16 23:52 . 2008-12-11 05:38 159600 -c--a-w- c:\windows\system32\drivers\pctgntdi.sys
2009-05-16 23:52 . 2009-04-03 08:18 130936 -c--a-w- c:\windows\system32\drivers\PCTCore.sys
2009-05-16 23:52 . 2008-12-18 09:16 73840 -c--a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2009-05-16 23:52 . 2009-05-16 23:52 -------- dc----w- c:\program files\Common Files\PC Tools
2009-05-16 23:52 . 2008-12-10 08:36 64392 -c--a-w- c:\windows\system32\drivers\pctplsg.sys
2009-05-16 23:52 . 2009-05-16 23:52 -------- dc----w- c:\program files\Spyware Doctor
2009-05-16 23:52 . 2009-05-16 23:52 -------- dc----w- c:\documents and settings\moon\Application Data\PC Tools
2009-05-16 23:52 . 2009-05-16 23:52 -------- dc----w- c:\documents and settings\All Users\Application Data\PC Tools
2009-05-16 00:48 . 2009-05-28 09:06 -------- dc----w- c:\program files\Microsoft Bootvis
2009-05-16 00:48 . 2009-05-28 08:57 1078 -c--a-r- c:\documents and settings\moon\Application Data\Microsoft\Installer\{0F9196C6-58B4-445B-B56E-B1200FECC151}\_4ae13d6c.exe
2009-05-16 00:48 . 2009-05-28 08:57 1078 -c--a-r- c:\documents and settings\moon\Application Data\Microsoft\Installer\{0F9196C6-58B4-445B-B56E-B1200FECC151}\_2cd672ae.exe
2009-05-16 00:48 . 2009-05-28 08:57 1078 -c--a-r- c:\documents and settings\moon\Application Data\Microsoft\Installer\{0F9196C6-58B4-445B-B56E-B1200FECC151}\_294823.exe
2009-05-16 00:48 . 2009-05-28 08:57 1078 -c--a-r- c:\documents and settings\moon\Application Data\Microsoft\Installer\{0F9196C6-58B4-445B-B56E-B1200FECC151}\_18be6784.exe
2009-05-13 00:25 . 2009-05-13 00:25 -------- dc----w- c:\documents and settings\All Users\Application Data\Webroot
2009-05-13 00:25 . 2009-05-13 00:25 -------- dc----w- c:\documents and settings\moon\Application Data\Webroot
2009-05-13 00:25 . 2009-05-13 00:25 -------- dc----w- c:\documents and settings\NetworkService\Application Data\Webroot
2009-05-13 00:25 . 2009-05-19 21:09 -------- dc----w- C:\Zyzoom_Spy Sweeper
2009-05-13 00:01 . 2009-06-03 03:09 -------- dc----w- C:\zbit11
2009-05-09 22:50 . 2006-05-18 21:00 10752 -c----w- c:\windows\system32\aamd532.dll
2009-05-09 22:50 . 2009-05-09 22:53 -------- dc----w- c:\program files\PC Accelerator Professional
2009-05-09 21:52 . 2009-05-16 23:07 -------- dc----w- c:\program files\Common Files\delet
2009-05-09 02:24 . 2009-05-09 02:24 -------- dc----w- c:\documents and settings\All Users\Application Data\Avira
2009-05-08 22:35 . 2009-05-08 22:36 -------- dc----w- C:\z0120
2009-05-08 22:15 . 2009-05-08 22:15 -------- dc----w- c:\documents and settings\moon\Local Settings\Application Data\Runscanner.net
2009-05-08 19:36 . 2009-05-08 19:36 -------- dc----w- c:\program files\Godlike Developers
2009-05-08 16:46 . 2009-02-05 21:11 1256296 -c--a-w- c:\windows\system32\aswBoot.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-05 00:47 . 2009-04-14 16:51 -------- dc----w- c:\documents and settings\moon\Application Data\DMCache
2009-06-05 00:46 . 2009-04-16 16:38 -------- dc----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-06-05 00:44 . 2009-04-16 16:38 3220 -csha-w- c:\windows\system32\drivers\fidbox2.idx
2009-06-05 00:44 . 2009-04-16 16:38 319520 -csha-w- c:\windows\system32\drivers\fidbox2.dat
2009-06-05 00:44 . 2009-04-16 16:38 13452 -csha-w- c:\windows\system32\drivers\fidbox.idx
2009-06-05 00:44 . 2009-04-16 16:38 1315360 -csha-w- c:\windows\system32\drivers\fidbox.dat
2009-06-05 00:20 . 2001-09-19 18:00 68396 ----a-w- c:\windows\system32\perfc001.dat
2009-06-05 00:20 . 2001-09-19 18:00 375078 ----a-w- c:\windows\system32\perfh001.dat
2009-06-04 19:20 . 2009-05-04 22:00 227 -c-ha-w- c:\windows\winshell.dat
2009-06-04 19:17 . 2009-06-04 19:16 918045 -c-ha-w- C:\DH Temp.tmp
2009-06-04 19:07 . 2001-10-17 14:09 66 -c--a-w- c:\windows\anticrash.dat
2009-06-04 17:40 . 2009-04-14 08:44 -------- dc-h--w- c:\program files\InstallShield Installation Information
2009-06-03 05:12 . 2009-05-05 17:10 -------- dc--a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-06-01 21:15 . 2009-04-28 17:18 -------- dc----w- c:\documents and settings\All Users\Application Data\ThumbsPlus
2009-06-01 19:30 . 2009-04-28 17:19 -------- dc----w- c:\documents and settings\moon\Application Data\ThumbsPlus
2009-06-01 00:47 . 2009-04-14 16:51 -------- dc----w- c:\documents and settings\moon\Application Data\IDM
2009-05-27 20:55 . 2009-05-03 11:58 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{92E7A367-8E12-4830-AA70-29C32E331A81}
2009-05-26 21:28 . 2009-04-14 08:44 94752 -c--a-w- c:\documents and settings\moon\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-21 05:08 . 2009-04-16 16:38 94643 -c--a-w- c:\windows\system32\drivers\klick.dat
2009-05-21 05:08 . 2009-04-16 16:38 105395 -c--a-w- c:\windows\system32\drivers\klin.dat
2009-05-18 09:17 . 2009-04-15 04:37 -------- dc----w- c:\documents and settings\moon\Application Data\Thinstall
2009-05-18 06:52 . 2009-04-20 22:25 -------- dc----w- c:\program files\Common Files\Wise Installation Wizard
2009-05-18 02:18 . 2009-04-21 18:19 -------- dc----w- c:\program files\TuneUp Utilities 2009
2009-05-13 00:37 . 2009-05-05 17:09 -------- dc----w- c:\program files\Trojan Remover
2009-05-12 20:50 . 2009-05-03 11:59 -------- dc----w- c:\documents and settings\moon\Application Data\Uniblue
2009-05-12 20:19 . 2009-05-03 11:59 -------- dc----w- c:\program files\Uniblue
2009-05-07 16:56 . 2009-04-14 09:01 -------- dc----w- c:\program files\Common Files\Real
2009-05-07 16:56 . 2009-04-14 09:01 499712 -c--a-w- c:\windows\system32\msvcp71.dll
2009-05-07 16:35 . 2009-05-05 19:45 -------- dc----w- c:\program files\Spybot - Search & Destroy
2009-05-07 16:33 . 2009-05-05 19:45 -------- dc----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-05-05 20:23 . 2009-05-05 20:23 737280 -c--a-w- c:\windows\iun6002.exe
2009-05-05 17:09 . 2009-05-05 17:09 -------- dc----w- c:\documents and settings\moon\Application Data\Simply Super Software
2009-05-05 17:09 . 2009-05-05 17:09 -------- dc----w- c:\documents and settings\All Users\Application Data\Simply Super Software
2009-05-04 22:00 . 2009-05-04 22:00 -------- dc----w- c:\program files\Dachshund Software
2009-05-03 20:22 . 2009-05-03 18:34 -------- dc----w- c:\program files\arabic2regclean
2009-05-03 18:34 . 2009-05-03 18:34 40960 -c--a-w- c:\windows\system32\SSubTmr6.dll
2009-05-01 18:56 . 2009-05-01 18:55 -------- dc----w- c:\program files\IE Accelerator
2009-04-28 21:25 . 2009-04-14 16:51 -------- dc----w- c:\program files\Internet Download Manager
2009-04-28 17:19 . 2009-04-28 17:18 -------- dc----w- c:\program files\Thumbs7
2009-04-28 15:21 . 2009-04-28 15:21 5973 -c--a-w- c:\program files\un_Internet Download Manager_16575.txt
2009-04-28 12:28 . 2009-04-26 22:37 -------- dc----w- c:\program files\Error Repair Professional
2009-04-27 02:40 . 2009-04-27 02:40 -------- dc----w- c:\program files\Ashampoo
2009-04-26 23:40 . 2009-04-15 05:28 -------- dc----w- c:\program files\Registry Winner
2009-04-26 23:15 . 2009-04-26 23:15 -------- dc----w- c:\program files\Speed Gear 5
2009-04-26 23:12 . 2009-04-26 23:12 120240 -c--a-w- c:\documents and settings\moon\Application Data\IDM\idmmzcc02\components\idmmzcc.dll
2009-04-26 21:48 . 2009-04-26 21:47 -------- dc----w- c:\program files\Windows Live
2009-04-26 21:48 . 2009-04-26 21:48 -------- dc----w- c:\program files\Microsoft
2009-04-26 21:47 . 2009-04-26 21:47 -------- dc----w- c:\program files\Windows Live SkyDrive
2009-04-26 21:42 . 2009-04-26 21:42 -------- dc----w- c:\program files\Common Files\Windows Live
2009-04-22 07:51 . 2009-04-22 07:51 7168 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Internet Download Manager\1000000600002i\svchost.exe
2009-04-21 18:27 . 2009-04-21 18:27 362240 -c--a-w- c:\windows\system32\TuneUpDefragService.exe
2009-04-21 18:19 . 2009-04-21 18:19 -------- dc----w- c:\documents and settings\moon\Application Data\TuneUp Software
2009-04-21 18:19 . 2009-04-21 18:19 -------- dc----w- c:\documents and settings\All Users\Application Data\TuneUp Software
2009-04-21 00:26 . 2009-04-21 00:26 7168 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Internet Download Manager\4000009c00002i\iexplore.exe
2009-04-21 00:24 . 2009-04-21 00:24 7168 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Internet Download Manager\40000050700002i\mplayerc.exe
2009-04-20 23:36 . 2009-04-20 23:36 7168 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Internet Download Manager\4000002af00002i\IDMan.exe
2009-04-20 22:26 . 2009-04-20 22:26 -------- dc----w- c:\program files\TechSmith
2009-04-20 22:26 . 2009-04-20 22:26 -------- dc----w- c:\documents and settings\All Users\Application Data\TechSmith
2009-04-20 21:47 . 2009-04-20 21:47 7168 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Internet Download Manager\1000000b00002i\verclsid.exe
2009-04-20 21:47 . 2009-04-20 21:47 7168 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Internet Download Manager\10000001400002i\NOTEPAD.EXE
2009-04-20 21:47 . 2009-04-20 21:47 7168 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Internet Download Manager\400000b300002i\ACDSeeQVPro2.exe
2009-04-20 21:31 . 2009-04-20 21:31 7168 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Internet Download Manager\40000013500002i\WinRAR.exe
2009-04-20 21:28 . 2009-04-20 21:28 7168 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Internet Download Manager\4000001100002i\RealOneMessageCenter.exe
2009-04-20 21:28 . 2009-04-20 21:28 7168 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Internet Download Manager\400000600002i\rphelperapp.exe
2009-04-20 21:28 . 2009-04-20 21:28 7168 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Internet Download Manager\4000008100002i\RealPlay.exe
2009-04-20 21:22 . 2009-04-20 21:22 7168 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Internet Download Manager\10000001300002i\wmplayer.exe
2009-04-18 19:15 . 2009-04-18 19:15 -------- dc----w- c:\program files\iVocalize Web Conference 4
2009-04-17 19:14 . 2009-04-17 19:14 -------- dc----w- c:\documents and settings\moon\Application Data\Moyea
2009-04-17 19:14 . 2009-04-17 19:14 -------- dc----w- c:\program files\Moyea
2009-04-16 16:50 . 2008-01-29 14:29 33808 -c--a-w- c:\windows\system32\drivers\klbg.sys
2009-04-16 16:50 . 2009-04-16 16:50 206088 -c--a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\avp.exe
2009-04-16 16:50 . 2009-04-16 16:50 33808 -c--a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\klbg.sys
2009-04-16 16:50 . 2009-04-16 16:50 226832 -c--a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\XP\klif.sys
2009-04-16 16:38 . 2009-04-16 16:38 -------- dc----w- c:\program files\Kaspersky Lab
2009-04-16 16:33 . 2009-04-16 16:33 -------- dc----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-04-15 12:06 . 2009-04-15 12:06 -------- dc----w- c:\documents and settings\moon\Application Data\ACD Systems
2009-04-15 06:00 . 2009-04-14 09:11 -------- dc----w- c:\program files\Microsoft Works
2009-04-15 05:06 . 2009-04-15 05:06 -------- dc----w- c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2009-04-15 04:37 . 2009-04-15 04:37 7168 -c--a-w- c:\documents and settings\moon\Application Data\Thinstall\Internet Download Manager\4000004000002i\IEMonitor.exe
2009-04-15 04:37 . 2009-04-15 04:37 198064 -c--a-w- c:\documents and settings\moon\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
2009-04-14 23:26 . 2009-04-14 23:26 -------- dc----w- c:\documents and settings\moon\Application Data\Media Player Classic
2009-04-14 16:56 . 2009-04-14 16:55 2814112 -c--a-w- c:\documents and settings\moon\Application Data\IDM\idmupdt.exe
2009-04-14 09:12 . 2009-04-14 09:12 -------- dc----w- c:\program files\Microsoft.NET
2009-04-14 09:04 . 2009-04-14 09:04 -------- dc----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-04-14 09:04 . 2009-04-14 09:04 -------- dc----w- c:\program files\Ringz Studio
2009-04-14 09:01 . 2009-04-14 09:01 348160 -c--a-w- c:\windows\system32\msvcr71.dll
2009-04-14 09:01 . 2009-04-14 09:01 -------- dc----w- c:\program files\Real
2009-04-14 09:01 . 2009-04-14 09:01 -------- dc----w- c:\program files\Common Files\ACD Systems
2009-04-14 09:01 . 2009-04-14 09:01 -------- dc----w- c:\documents and settings\All Users\Application Data\ACD Systems
2009-04-14 09:01 . 2009-04-14 09:01 -------- dc----w- c:\program files\ACD Systems
2009-04-14 08:45 . 2009-04-14 08:45 -------- dc----w- c:\program files\Intel
2009-04-14 08:44 . 2009-04-14 08:44 -------- dc----w- c:\program files\Realtek
2009-04-14 08:44 . 2009-04-14 08:44 315392 -c--a-w- c:\windows\HideWin.exe
2009-04-14 08:44 . 2009-04-14 08:44 -------- dc----w- c:\program files\Common Files\InstallShield
2009-04-14 08:32 . 2009-04-14 08:32 -------- dc----w- c:\program files\Windows Media Connect 2
2009-04-14 08:29 . 2009-04-14 08:29 22144 -c--a-w- c:\windows\system32\emptyregdb.dat
2009-03-08 01:34 . 2008-05-07 05:08 914944 -c--a-w- c:\windows\system32\wininet.dll
2009-03-08 01:34 . 2008-05-07 05:08 43008 -c--a-w- c:\windows\system32\licmgr10.dll
2009-03-08 01:33 . 2008-05-07 05:08 18944 -c--a-w- c:\windows\system32\corpol.dll
2009-03-08 01:33 . 2008-04-14 21:29 420352 -c--a-w- c:\windows\system32\vbscript.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Uniblue RegistryBooster 2009"="c:\program files\Uniblue\RegistryBooster\RegistryBooster.exe" [2008-08-26 2019624]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"Uniblue SpyEraser"="c:\program files\Uniblue\SpyEraser\SpyEraser.exe" [2008-12-22 1431816]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-04-27 2799024]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-05-07 198160]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-04-16 206088]
"ClamWin"="c:\program files\ClamWin\bin\ClamTray.exe" [2009-04-14 86016]
"!AVG Anti-Spyware"="c:\program files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 6731312]
"twister"="c:\program files\Filseclab\Twister\twister.exe" [2009-01-22 565248]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 1294336]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
c:\documents and settings\All Users\çںê، ں §ڑ\ںé ©ںê¤\ §ک ں颬نïé\
Filseclab Messenger.lnk - c:\program files\Common Files\Filseclab\FilMsg.exe [2009-6-4 319488]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoConfigPage"= 0 (0x0)
"NoDevMgrPage"= 0 (0x0)
"NoFileSysPage"= 0 (0x0)
"NoVirtMemPage"= 0 (0x0)
"NoSecCpl"= 0 (0x0)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"NoConfigPage"= 0 (0x0)
"NoDevMgrPage"= 0 (0x0)
"NoFileSysPage"= 0 (0x0)
"NoVirtMemPage"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoChangeAnimation"= 1 (0x1)
"NoStrCmpLogical"= 1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoStrCmpLogical"= 1 (0x1)
"NoStartMenuSubFolders"= 0 (0x0)
"NoCommonGroups"= 0 (0x0)
"NoPrinters"= 0 (0x0)
"NoRecentDocsNetHood"= 0 (0x0)
"NoChangeAnimation"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"IDMan"=c:\program files\Internet Download Manager\IDMan.exe /onboot
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" /background
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [18/05/2009 11:12 ص 26624]
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 05:29 م 33808]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [17/05/2009 02:52 ص 130936]
R0 ulsata2;ulsata2;c:\windows\system32\drivers\ulsata2.sys [07/05/2008 08:09 ص 124928]
R1 filar;Filseclab Dynamic Defense System Driver;c:\progra~1\COMMON~1\FILSEC~1\filar.sys [04/06/2009 08:41 م 10896]
R2 ioloFileInfoList;iolo FileInfoList Service;c:\program files\iolo\Common\Lib\ioloServiceManager.exe [03/06/2009 01:59 ص 600944]
R2 ioloSystemService;iolo System Service;c:\program files\iolo\Common\Lib\ioloServiceManager.exe [03/06/2009 01:59 ص 600944]
R3 filpp;filpp;c:\progra~1\COMMON~1\FILSEC~1\filpp.sys [04/06/2009 08:41 م 9776]
R3 IMMDRV;IMMDRV;c:\progra~1\FILSEC~1\Twister\immdrv.sys [04/06/2009 08:40 م 151984]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/04/2008 05:06 م 24592]
S3 clr_optimization_v4.0.20506_32;.NET Runtime Optimization Service v4.0.20506_X86;c:\windows\Microsoft.NET\Framework\v4.0.20506\mscorsvw.exe [06/05/2009 09:08 ص 104272]
S3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [13/03/2008 06:02 م 26640]
S3 utezmza0;AVZ Kernel Driver;\??\c:\windows\system32\Drivers\utezmza0.sys --> c:\windows\system32\Drivers\utezmza0.sys [?]
.
Contents of the 'Scheduled Tasks' folder
2009-05-11 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-11-20 13:28]
2009-05-06 c:\windows\Tasks\Registry Winner Schedule.job
- c:\program files\Registry Winner\RegistryWinner.exe [2009-04-15 08:17]
2009-06-01 c:\windows\Tasks\SLOW-PCfighter.job
- c:\program files\Fighters\SLOW-PCfighter\SLOW-PCfighter.exe [2009-05-05 11:23]
2009-05-22 c:\windows\Tasks\Uniblue SpyEraser.job
- c:\program files\Uniblue\SpyEraser\SpyEraser.exe [2009-05-12 05:23]
2009-05-11 c:\windows\Tasks\User_Feed_Synchronization-{E9D9BFE4-2A29-43D0-ACD9-B81B20BA2DBA}.job
- c:\windows\system32\msfeedssync.exe [2008-05-07 01:31]
.
- - - - ORPHANS REMOVED - - - -
SafeBoot-AVG Anti-Spyware Driver
SafeBoot-procexp90.Sys
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.sa/
IE: إضافة إلى حاجب إعلان الشعار - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
IE: تحميل الكل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى FLV بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetVL.htm
.
.
------- File Associations -------
.
JSEFile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1
vbefile\shell\edit\command=%SystemRoot%\System32\Notepad.exe %1
vbsfile\shell\edit\command=c:\windows\Notepad.exe %1
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
Rootkit scan 2009-06-05 03:47
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(3896)
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 6\phonebrowser.dll
c:\program files\Nokia\Nokia PC Suite 6\PCSCM.dll
c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_ara.nlr
c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\a-squared Free\a2service.exe
c:\program files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Internet Download Manager\IEMonitor.exe
.
**************************************************************************
.
Completion time: 2009-06-05 3:48 - machine was rebooted
ComboFix-quarantined-files.txt 2009-06-05 00:48
Pre-Run: 17,648,705,536 bytes free
Post-Run: 17,686,163,456 bytes free
391 --- E O F --- 2009-05-09 08:21
أخوكم
توقيع : البتال
تأييد
0
MMA_LORD_735
زيزوومي جديد
- إنضم
- 17 مايو 2008
- المشاركات
- 3,645
- مستوى التفاعل
- 7
- النقاط
- 0
غير متصل
مرحباً ...
أن شالله تكون بخير أستاذ البتال
...
المهم ... سؤال يالغلا ...
هل كان شغال معك تمام و بعدين ظهرت هل مشكلة ؟
أن شالله تكون بخير أستاذ البتال
... المهم ... سؤال يالغلا ...
هل كان شغال معك تمام و بعدين ظهرت هل مشكلة ؟
توقيع : MMA_LORD_735
تأييد
0
البتال
عـضـو شـرف
- إنضم
- 29 أكتوبر 2007
- المشاركات
- 11,540
- مستوى التفاعل
- 987
- النقاط
- 920
- الإقامة
- مكة المكرمة
- الموقع الالكتروني
- forum.zyzoom.net
غير متصل
تأييد
0
MMA_LORD_735
زيزوومي جديد
- إنضم
- 17 مايو 2008
- المشاركات
- 3,645
- مستوى التفاعل
- 7
- النقاط
- 0
غير متصل
:q:
ما فهمتك عزيزي ؟
أنا أقصد ... أنت كنت تشتغل على نود من قبل و تسوي فحص و عادي ؟
ولا أنت محمل النود من جديد و لما تسوي فحص تظهر هل مشكلة ؟
توقيع : MMA_LORD_735
تأييد
0
البتال
عـضـو شـرف
- إنضم
- 29 أكتوبر 2007
- المشاركات
- 11,540
- مستوى التفاعل
- 987
- النقاط
- 920
- الإقامة
- مكة المكرمة
- الموقع الالكتروني
- forum.zyzoom.net
غير متصل
تأييد
0