مشكلة في تنصيب البرامج<<طفشتني

  • بادئ الموضوع بادئ الموضوع سطيحان
  • تاريخ البدء تاريخ البدء
  • المشاهدات 1,591
س

سطيحان

زيزوومي جديد
إنضم
4 يونيو 2009
المشاركات
35
مستوى التفاعل
0
النقاط
40
غير متصل
0hmdymdwt.jpg
السلام عليكم ورحمة الله وبركاته
مشكلتي هي اذا جيت اثبت اي برنامج يقول لايمكن الوصول الى الملف المحدد
IMG%5D
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
تقرير الهايجك
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:41:19 ص, on 27/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\ClocX\ClocX.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Documents and Settings\ziad\سطح المكتب\كـشـف دمــج الورعين\TiGeR-Firewall.EXE
C:\WINDOWS\system32\WIND0WS.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\system32\WIND0WS.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\GIGABYTE\GBTUpd\RunUpd.exe
C:\Program Files\Gigabyte\ET5Pro\GUI.exe
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
D:\مجلد جديد\6512\الــهــايـجــك.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:9666
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\hssie\HssIE.dll
O3 - Toolbar: ZoneAlarm Spy Blocker Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [EasyTuneVPro] C:\Program Files\Gigabyte\ET5Pro\ETcall.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [GBTUpd] C:\Program Files\GIGABYTE\GBTUpd\PreRun.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [ClocX] C:\Program Files\ClocX\ClocX.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [TiGeR-Firewall] C:\Documents and Settings\ziad\سطح المكتب\كـشـف دمــج الورعين\TiGeR-Firewall.EXE
O4 - HKLM\..\Run: [WINDOWS] C:\WINDOWS\system32\WIND0WS.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [WINDOWS] C:\WINDOWS\system32\WIND0WS.exe
O4 - HKCU\..\Run: [Sysinternals Process Explorer] C:\Documents and Settings\ziad\سطح المكتب\كـشـف دمــج الورعين\procexp.exe
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKUS\S-1-5-21-606747145-2111687655-1417001333-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-606747145-2111687655-1417001333-1003\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot (User '?')
O4 - HKUS\S-1-5-21-606747145-2111687655-1417001333-1003\..\Run: [WINDOWS] C:\WINDOWS\system32\WIND0WS.exe (User '?')
O4 - HKUS\S-1-5-21-606747145-2111687655-1417001333-1003\..\Run: [Sysinternals Process Explorer] C:\Documents and Settings\ziad\سطح المكتب\كـشـف دمــج الورعين\procexp.exe (User '?')
O4 - HKUS\S-1-5-21-606747145-2111687655-1417001333-1003\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe" (User '?')
O4 - HKUS\S-1-5-21-606747145-2111687655-1417001333-1003\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: "إضافة إلى حاجب الدعايات" - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: تدوين هذا في المدونة - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &تدوين هذا في Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 11115 bytes
 
تأييد 0
لديك فيروس بجهازك اعمل تشيك على الجهاز من الفيروسات ثم اغلق الكمبيوتر سوف تفتح معك
 
توقيع : DCJ_99
تأييد 0
نزل الاداه الي قلت لك عليها تقضي على جميع الفيروسات وبدون تثبيت وبدون لاتمسح اي ملف
 
توقيع : سعود الشامان
تأييد 0
مُشاركه مكرره بالخطا :bleh:
 
تأييد 0
احذف التالي:

تقرير الهايجك



C:\WINDOWS\system32\WIND0WS.exe



مُكرر ..

C:\WINDOWS\system32\WIND0WS.exe

مُكرر ايضاً :

O4 - HKLM\..\Run: [WINDOWS] C:\WINDOWS\system32\WIND0WS.exe


مُكرر ايضاً :


O4 - HKCU\..\Run: [WINDOWS] C:\WINDOWS\system32\WIND0WS.exe

مُكرر ايضاً :

O4 - HKUS\S-1-5-21-606747145-2111687655-1417001333-1003\..\Run: [WINDOWS] C:\WINDOWS\system32\WIND0WS.exe (User '?')


O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User '?')


O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll/206 (file missing)




O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe



C:\Program Files\AskBarDis\bar\bin\AskService.exe





R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي




O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll



O3 - Toolbar: ZoneAlarm Spy Blocker Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll


O4 - HKLM\..\Run: [TiGeR-Firewall] C:\Documents and Settings\ziad\سطح المكتب\كـشـف دمــج الورعين\TiGeR-Firewall.EXE



يرجى التأكد من هذه وذلك من خلال فحصها في virustotal.com

O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
 
تأييد 0
تأييد 0
عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة
 
تأييد 0
ComboFix 09-06-26.02 - ziad 06/27/2009 20:53.2 - NTFSx86
Running from: c:\documents and settings\ziad\سطح المكتب\ComboFix.exe
AV: avast! antivirus 4.8.1201 [VPS 080516-1] *On-access scanning disabled* (Outdated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
ADS - system32: deleted 12 bytes in 1 streams.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\WinPCap
c:\program files\WinPCap\rpcapd.exe
c:\program files\WinPCap\WinPcapInstall.dll
c:\windows\Mylist.dll
c:\windows\vpeforhc.dll

.
((((((((((((((((((((((((( Files Created from 2009-05-27 to 2009-06-27 )))))))))))))))))))))))))))))))
.

2009-06-27 10:39 . 2009-06-27 10:39 -------- d-----w- c:\program files\Fixup Restrictions
2009-06-25 21:25 . 2009-06-25 21:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Trymedia
2009-06-25 21:23 . 2009-06-25 21:23 -------- d-----w- c:\program files\Hunting Unlimited 2008
2009-06-25 18:08 . 2009-06-25 18:09 287536 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\Taxi3Setup_933\Taxi3Setup.exe
2009-06-25 16:39 . 2009-06-25 16:39 -------- d-----w- C:\Hotspot Shield
2009-06-25 16:39 . 2009-06-25 16:39 -------- d-----w- c:\program files\Hotspot Shield
2009-06-24 11:06 . 2009-06-24 11:06 245169 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\kis_up8.0.0.506en_880\kis_up8.0.0.506en.exe
2009-06-24 09:28 . 2009-06-24 09:28 -------- d-----w- c:\program files\Circle Developement
2009-06-24 09:28 . 2009-06-24 09:28 -------- d-----w- c:\program files\Messenger Plus! Live
2009-06-23 19:02 . 2009-06-23 19:02 34816 ----a-w- c:\documents and settings\ziad\Application Data\Thinstall\avast! Antivirus\4000002b400002i\IDMan.exe
2009-06-23 19:01 . 2009-06-23 19:01 34816 ----a-w- c:\documents and settings\ziad\Application Data\Thinstall\avast! Antivirus\400000f00002i\ashChest.exe
2009-06-23 19:01 . 2009-06-23 19:01 34816 ----a-w- c:\documents and settings\ziad\Application Data\Thinstall\avast! Antivirus\4000002500002i\ashSimpl.exe
2009-06-23 18:59 . 2009-06-23 18:59 34816 ----a-w- c:\documents and settings\ziad\Application Data\Thinstall\avast! Antivirus\400000c00002i\jqsnotify.exe
2009-06-23 18:59 . 2009-06-23 18:59 34816 ----a-w- c:\documents and settings\ziad\Application Data\Thinstall\avast! Antivirus\4000004d00002i\firefox.exe
2009-06-23 18:59 . 2009-06-23 18:59 34816 ----a-w- c:\documents and settings\ziad\Application Data\Thinstall\avast! Antivirus\4000002400002i\ashServ.exe
2009-06-23 18:58 . 2009-06-23 18:58 34816 ----a-w- c:\documents and settings\ziad\Application Data\Thinstall\avast! Antivirus\400000600003i\aswUpdSv.exe
2009-06-23 08:48 . 2009-06-23 08:48 -------- d-----w- c:\program files\XP Codec Pack
2009-06-23 06:14 . 2009-06-23 06:14 -------- d-----w- c:\documents and settings\All Users\Application Data\WNR
2009-06-23 06:14 . 2009-06-23 06:14 -------- d-----w- c:\documents and settings\ziad\Application Data\WNR
2009-06-21 14:28 . 2009-06-21 14:28 -------- d-----w- c:\documents and settings\ziad\Local Settings\Application Data\Help
2009-06-21 10:43 . 2009-06-24 07:28 -------- d-----w- c:\program files\Windows Live Safety Center
2009-06-21 00:24 . 2009-06-21 08:01 -------- d-----w- c:\program files\BreakPoint Software
2009-06-21 00:16 . 2009-06-21 00:16 -------- d-----w- c:\documents and settings\ziad\Application Data\PE Explorer
2009-06-21 00:16 . 2009-06-21 00:16 -------- d-----w- c:\program files\PE Explorer
2009-06-20 08:54 . 2009-06-20 08:54 294795 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\4shared_Desktop_301_665\4shared_Desktop_301.exe
2009-06-20 06:00 . 2009-06-20 06:00 -------- d-----w- c:\documents and settings\ziad\Local Settings\Application Data\CometNetwork
2009-06-20 06:00 . 2009-06-20 06:00 -------- d-----w- c:\documents and settings\ziad\Application Data\CometNetwork
2009-06-20 05:59 . 2009-06-20 23:57 -------- d-----w- c:\program files\CometBird
2009-06-20 05:56 . 2009-06-27 07:54 -------- d-----w- C:\Downloads
2009-06-20 05:56 . 2009-06-20 05:56 1048576 ----a-w- c:\documents and settings\ziad\Application Data\Mozilla\Firefox\Profiles\qcsaup30.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
2009-06-20 05:56 . 2009-06-27 17:55 -------- d-----w- c:\program files\BitComet
2009-06-20 03:13 . 2009-06-20 03:13 -------- d-----w- C:\TechSmith
2009-06-19 00:15 . 2009-06-19 00:16 40334 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\keymaker_645\keymaker.exe
2009-06-18 22:34 . 2009-06-18 22:34 -------- d-----w- C:\Sandbox
2009-06-18 22:33 . 2009-06-18 22:44 -------- d-----w- c:\program files\Sandboxie
2009-06-18 22:28 . 2009-06-21 15:50 -------- d-----w- c:\program files\CodeLifter5
2009-06-18 05:28 . 2009-06-18 05:28 -------- d-----w- c:\documents and settings\ziad\Local Settings\Application Data\Thinstall
2009-06-18 03:13 . 2009-06-18 03:14 -------- d-----w- c:\program files\Windows Defender
2009-06-18 02:50 . 2009-06-18 02:50 -------- d-----w- c:\documents and settings\ziad\Local Settings\Application Data\Stardock
2009-06-18 00:26 . 2009-06-18 00:26 -------- d-----w- c:\program files\TechSmith
2009-06-16 23:59 . 2009-06-16 23:59 -------- d-----w- c:\program files\AskBarDis
2009-06-16 23:58 . 2009-06-16 23:58 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2009-06-16 23:58 . 2009-06-17 00:07 -------- d-----w- c:\windows\Internet Logs
2009-06-16 23:57 . 2009-06-17 00:00 504798 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\kav8.0.0.506ar_567\kav8.0.0.506ar.exe
2009-06-16 20:53 . 2009-06-16 20:53 -------- d-----w- c:\windows\Downloaded Installations
2009-06-16 20:45 . 2009-06-16 20:45 7168 ----a-w- c:\documents and settings\ziad\Application Data\Thinstall\Adobe Photoshop CS\40000013c100002i\ImageReady.exe
2009-06-16 20:37 . 2009-06-16 20:37 7168 ----a-w- c:\documents and settings\ziad\Application Data\Thinstall\Adobe Photoshop CS\400000500002i\AcroRd32Info.exe
2009-06-16 17:06 . 2008-11-11 10:59 24376 ----a-w- c:\windows\system32\drivers\ts_lb.sys
2009-06-16 17:05 . 2009-06-27 08:53 -------- d-----w- c:\program files\CommView
2009-06-16 17:05 . 2008-11-12 11:40 47144 ----a-w- c:\windows\system32\tsnotify.dll
2009-06-16 17:05 . 2008-11-12 11:40 39976 ----a-w- c:\windows\system32\drivers\tscomm.sys
2009-06-16 17:05 . 2008-11-11 11:04 18984 ----a-w- c:\windows\system32\drivers\cv2k1.sys
2009-06-16 14:32 . 2009-06-16 14:32 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-06-16 12:48 . 2009-06-16 12:48 -------- d-----w- c:\windows\system32\wbem\Repository
2009-06-16 12:36 . 2009-06-16 12:36 126562 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\Install_Messenger_837\Install_Messenger.exe
2009-06-16 00:51 . 2009-06-16 00:51 7168 ----a-w- c:\documents and settings\ziad\Application Data\Thinstall\Adobe Photoshop CS\400000c000002i\ACDSeeQV11.exe
2009-06-16 00:49 . 2009-06-16 00:49 7168 ----a-w- c:\documents and settings\ziad\Application Data\Thinstall\Adobe Photoshop CS\10000001000002i\rundll32.exe
2009-06-16 00:26 . 2009-06-17 18:02 -------- d-----w- c:\program files\nLite
2009-06-15 21:45 . 2009-06-15 21:53 1954017 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\_530\.exe
2009-06-15 17:01 . 2009-06-27 12:34 -------- d-----w- c:\documents and settings\ziad\Application Data\Skype
2009-06-15 17:01 . 2009-06-15 17:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-06-15 16:52 . 2009-06-15 17:48 -------- d-----r- c:\program files\Skype
2009-06-15 02:54 . 2009-06-15 02:54 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-06-15 02:54 . 2009-06-15 02:54 -------- d-----w- c:\documents and settings\ziad\Application Data\skypePM
2009-06-14 23:32 . 2009-06-14 23:32 -------- d-----w- c:\program files\PC Connectivity Solution
2009-06-14 23:32 . 2009-06-14 23:30 34369192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{AC4E9457-107B-448F-AD89-605E122E8C59}\Nokia_PC_Suite_7_1_26_1_ara_web.exe
2009-06-14 23:32 . 2009-06-14 23:32 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{AC4E9457-107B-448F-AD89-605E122E8C59}\Installer\CommonCustomActions\UninstCCD.exe
2009-06-14 23:32 . 2009-06-14 23:32 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{AC4E9457-107B-448F-AD89-605E122E8C59}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-06-14 23:32 . 2009-06-14 23:32 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{AC4E9457-107B-448F-AD89-605E122E8C59}\Installer\CommonCustomActions\UninstPCS.exe
2009-06-14 23:06 . 2009-06-14 23:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Downloaded Installations
2009-06-14 22:51 . 2009-06-14 22:51 -------- d-----w- c:\documents and settings\ziad\Application Data\Nokia
2009-06-14 22:51 . 2009-06-14 22:51 -------- d-----w- c:\documents and settings\ziad\Application Data\PC Suite
2009-06-14 22:51 . 2009-06-14 22:51 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite
2009-06-14 22:50 . 2009-06-14 22:50 -------- d-----w- c:\program files\DIFX
2009-06-14 22:50 . 2008-08-26 07:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2009-06-14 22:50 . 2009-02-09 04:37 91136 ----a-w- c:\windows\system32\nmwcdcls.dll
2009-06-14 22:50 . 2009-06-14 22:49 33642704 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{58FB2F9A-5F2D-40E8-82DF-4987E60AD8BD}\Nokia_PC_Suite_7_1_18_0_eng_web.exe
2009-06-14 22:50 . 2009-06-14 22:50 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{58FB2F9A-5F2D-40E8-82DF-4987E60AD8BD}\Installer\CommonCustomActions\UninstCCD.exe
2009-06-14 22:50 . 2009-06-14 22:50 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{58FB2F9A-5F2D-40E8-82DF-4987E60AD8BD}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-06-14 22:50 . 2009-06-14 22:50 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{58FB2F9A-5F2D-40E8-82DF-4987E60AD8BD}\Installer\CommonCustomActions\UninstPCS.exe
2009-06-14 22:49 . 2009-06-15 00:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations
2009-06-14 16:34 . 2009-06-14 16:34 -------- d-----w- C:\Programmer Bag
2009-06-14 16:32 . 2009-06-14 16:34 -------- d-----w- c:\windows\win32
2009-06-14 16:32 . 2009-06-14 16:32 -------- d-----w- c:\windows\The Programmer Bag
2009-06-14 16:32 . 2009-06-14 16:32 -------- d-----w- c:\program files\The Programmer Bag
2009-06-14 16:05 . 2009-06-14 16:05 -------- d-sh--w- c:\documents and settings\Administrator.ABU_MADA_XPSP3_\IETldCache
2009-06-14 03:06 . 2009-06-14 03:06 -------- d-----w- c:\program files\No-IP
2009-06-12 23:21 . 2009-06-12 23:21 13824 ----a-w- c:\windows\system32\drivers\splitcam.sys
2009-06-12 23:20 . 2009-06-18 05:45 -------- d-----w- c:\program files\SplitCam
2009-06-12 23:20 . 2009-06-14 04:47 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-12 21:15 . 2009-06-12 21:15 -------- d-----w- c:\windows\system32\xircom
2009-06-12 21:15 . 2009-06-12 21:15 -------- d-----w- c:\windows\system32\wbem\snmp
2009-06-12 21:15 . 2009-06-12 21:15 -------- d-----w- c:\program files\microsoft frontpage
2009-06-11 23:46 . 2009-06-11 23:46 -------- d-----w- c:\program files\Common Files\EZB Systems
2009-06-11 23:46 . 2009-06-11 23:46 -------- d-----w- c:\program files\UltraISO
2009-06-11 23:30 . 2009-04-27 12:21 28928 ----a-w- c:\windows\system32\uxtuneup.dll
2009-06-11 23:23 . 2009-06-11 23:23 -------- d-----w- c:\program files\TuneUp Utilities 2009
2009-06-11 23:01 . 2009-06-11 23:01 -------- d--h--w- c:\windows\PIF
2009-06-11 21:56 . 2009-06-11 22:57 -------- d-----w- c:\program files\USB Disk Security
2009-06-11 19:20 . 2003-03-18 18:12 1047552 ----a-w- c:\windows\system32\mfc71u.dll
2009-06-11 19:20 . 2004-07-26 14:16 476320 ----a-w- c:\windows\system32\imagXpr7.dll
2009-06-11 19:20 . 2004-07-26 14:16 471040 ----a-w- c:\windows\system32\imagXRA7.dll
2009-06-11 19:20 . 2004-07-26 14:16 262144 ----a-w- c:\windows\system32\imagXR7.dll
2009-06-11 19:20 . 2004-07-26 14:16 1568768 ----a-w- c:\windows\system32\imagX7.dll
2009-06-11 19:20 . 2004-07-09 06:43 364544 ----a-w- c:\windows\system32\TwnLib4.dll
2009-06-11 19:14 . 2009-06-11 19:14 3982 ----a-w- c:\windows\87t98.sys
2009-06-11 15:04 . 2009-06-11 15:04 -------- d-----w- c:\program files\Common Files\Skype
2009-06-09 23:34 . 2009-06-09 23:34 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2009-06-09 21:39 . 2009-04-30 21:13 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2009-06-09 21:39 . 2009-04-30 21:13 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll
2009-06-09 20:48 . 2009-06-09 20:48 -------- d-----w- c:\program files\AutoPlay Media Studio 6.0
2009-06-09 20:48 . 2009-06-09 20:48 -------- d-----w- c:\windows\AutoPlay Media Studio 6.0
2009-06-09 17:55 . 2009-06-09 17:55 0 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\BugdoctorSetup_388\BugdoctorSetup.exe
2009-06-09 17:49 . 2009-06-09 17:55 9412645 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\ams70ev_386\ams70ev.exe
2009-06-09 17:47 . 2009-06-09 20:49 -------- d-----w- c:\documents and settings\ziad\Application Data\IndigoRose
2009-06-09 17:47 . 2009-06-09 17:47 8704 ----a-w- c:\documents and settings\ziad\Application Data\Thinstall\KB884016\400000500002h\flasget.exe
2009-06-09 17:47 . 2009-06-26 10:50 -------- d-----w- c:\documents and settings\ziad\Application Data\Thinstall
2009-06-09 17:13 . 2009-06-09 17:13 -------- d-----w- c:\documents and settings\ziad\Application Data\Downloaded Installations
2009-06-09 14:41 . 2009-06-09 14:41 -------- d-----w- c:\program files\Common Files\xing shared
2009-06-09 14:13 . 2009-06-09 14:13 188193 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\klmcodec485_378\klmcodec485.exe
2009-06-09 13:11 . 2009-06-09 13:11 198064 ----a-w- c:\documents and settings\ziad\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
2009-06-09 12:14 . 2009-06-12 16:17 -------- d-----w- c:\program files\Unlocker
2009-06-09 12:01 . 2009-06-09 12:01 -------- d-----w- c:\documents and settings\ziad\Application Data\Malwarebytes
2009-06-09 12:00 . 2009-06-09 12:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-06-09 11:37 . 2009-06-09 11:38 2927168 ----a-w- c:\documents and settings\ziad\Application Data\IDM\idmupdt.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-27 17:55 . 2009-05-26 20:15 -------- d-----w- c:\documents and settings\ziad\Application Data\DMCache
2009-06-27 12:10 . 2009-05-26 20:15 -------- d-----w- c:\documents and settings\ziad\Application Data\IDM
2009-06-27 11:41 . 2009-05-26 19:55 24944 ----a-w- c:\windows\system32\drivers\GVTDrv.sys
2009-06-27 11:40 . 2009-05-26 20:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-06-27 11:39 . 2009-05-26 20:12 6184 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-06-27 11:39 . 2009-05-26 20:12 573472 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-06-27 11:39 . 2009-05-26 20:12 2193440 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-06-27 11:39 . 2009-05-26 20:12 21360 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-06-22 09:18 . 2009-05-27 16:47 -------- d-----w- c:\program files\Common Files\Adobe
2009-06-21 09:02 . 2009-05-26 19:44 16608 ----a-w- c:\windows\gdrv.sys
2009-06-16 14:35 . 2009-05-26 19:50 27848 ----a-w- c:\documents and settings\ziad\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-16 14:32 . 2009-05-26 21:05 -------- d-----w- c:\program files\Windows Live
2009-06-16 13:31 . 2009-05-27 12:15 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-06-13 23:32 . 2009-05-26 19:59 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip
2009-06-12 23:21 . 2009-05-26 20:02 -------- d-----w- c:\documents and settings\ziad\Application Data\Paltalk
2009-06-12 16:41 . 2009-06-12 16:41 -------- d-----w- c:\documents and settings\ziad\Application Data\CyberScrub
2009-06-12 16:41 . 2009-06-12 16:41 -------- d-----w- c:\documents and settings\ziad\Application Data\cleaner
2009-06-12 13:34 . 2009-05-26 20:07 -------- d-----w- c:\program files\Nero
2009-06-11 23:40 . 2009-05-27 18:13 -------- d-----w- c:\documents and settings\ziad\Application Data\Resource Tuner
2009-06-11 19:14 . 2009-06-11 19:14 6693 ----a-w- c:\windows\system32\drivers\15KP9.s38
2009-06-10 01:35 . 2009-05-26 20:00 -------- d-----w- c:\program files\Internet Download Manager
2009-06-09 14:41 . 2009-05-26 20:19 -------- d-----w- c:\program files\Common Files\Real
2009-06-09 14:41 . 2009-05-26 20:19 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-06-09 14:41 . 2009-05-26 20:01 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-06-09 14:39 . 2009-06-09 14:39 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-06-08 22:08 . 2009-05-26 20:01 -------- d-----w- c:\program files\CCleaner
2009-06-07 18:27 . 2009-05-26 19:40 -------- d-----w- c:\program files\Windows Media Connect 2
2009-06-05 15:08 . 2001-09-19 18:00 67438 ----a-w- c:\windows\system32\perfc001.dat
2009-06-05 15:08 . 2001-09-19 18:00 366874 ----a-w- c:\windows\system32\perfh001.dat
2009-06-04 16:52 . 2009-05-27 12:15 -------- d-----w- c:\documents and settings\ziad\Application Data\URSoft
2009-06-04 12:04 . 2009-05-26 19:37 358912 ----a-w- c:\windows\system32\wbem\wmic.exe
2009-06-04 12:04 . 2009-05-26 19:37 16896 ----a-w- c:\windows\system32\wbem\unsecapp.exe
2009-06-04 12:04 . 2009-05-26 19:37 117760 ----a-w- c:\windows\system32\wbem\wbemtest.exe
2009-06-04 12:04 . 2009-05-26 19:37 36352 ----a-w- c:\windows\system32\wbem\scrcons.exe
2009-06-04 12:04 . 2009-05-26 19:37 16384 ----a-w- c:\windows\system32\wbem\mofcomp.exe
2009-06-04 12:01 . 2009-05-26 19:37 20992 ----a-w- c:\windows\system32\msg.exe
2009-06-04 12:00 . 2008-04-14 21:29 19968 ----a-w- c:\windows\system32\cacls.exe
2009-06-04 11:55 . 2009-05-26 22:34 15360 ----a-w- c:\windows\TASKMAN.EXE
2009-06-04 11:55 . 2009-05-26 19:47 86016 ----a-w- c:\windows\SoundMan.exe
2009-06-04 11:55 . 2009-05-26 19:47 1826816 ----a-w- c:\windows\SkyTel.exe
2009-06-04 11:55 . 2009-05-26 19:47 1191936 ----a-w- c:\windows\RtlUpd.exe
2009-06-04 11:55 . 2009-05-26 19:47 9716736 ----a-w- c:\windows\RTLCPL.exe
2009-06-04 11:55 . 2009-05-26 19:47 2166784 ----a-w- c:\windows\MicCal.exe
2009-06-04 11:55 . 2009-05-26 19:47 315392 ----a-w- c:\windows\HideWin.exe
2009-06-04 11:55 . 2009-05-26 19:47 2811392 ----a-w- c:\windows\alcwzrd.exe
2009-06-04 10:55 . 2009-06-04 10:06 79360 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\WS2Fix.exe
2009-06-04 10:55 . 2009-06-04 10:06 90112 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\VACFix.exe
2009-06-04 10:55 . 2009-06-04 10:06 80896 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\UIFix.exe
2009-06-04 10:55 . 2009-06-04 10:06 245760 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\unzip.exe
2009-06-04 10:55 . 2009-06-04 10:06 80896 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\swxcacls.exe
2009-06-04 10:55 . 2009-06-04 10:06 44032 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\swsc.exe
2009-06-04 10:55 . 2009-06-04 10:06 24576 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\Reboot.exe
2009-06-04 10:55 . 2009-06-04 10:06 20480 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\SmiUpdate.exe
2009-06-04 10:55 . 2009-06-04 10:06 136704 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\swreg.exe
2009-06-04 10:54 . 2009-06-04 10:06 85504 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\IEDFix.exe
2009-06-04 10:54 . 2009-06-04 10:06 83456 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\o4Patch.exe
2009-06-04 10:54 . 2009-06-04 10:06 3584 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\Policies.exe
2009-06-04 10:54 . 2009-06-04 10:06 180224 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\ProxyDisable.exe
2009-06-04 10:54 . 2009-06-04 10:06 85504 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\IEDFix.C.exe
2009-06-04 10:54 . 2009-06-04 10:06 85504 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\GenericRenosFix.exe
2009-06-04 10:54 . 2009-06-04 10:06 80896 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\HostsChk.exe
2009-06-04 10:54 . 2009-06-04 10:06 51200 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\dumphive.exe
2009-06-04 10:54 . 2009-06-04 10:06 1536 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\exit.exe
2009-06-04 10:54 . 2009-06-04 10:06 84992 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\404Fix.exe
2009-06-04 10:54 . 2009-06-04 10:06 81408 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\Agent.OMZ.Fix.exe
2009-06-04 10:49 . 2009-05-26 19:37 16896 ----a-w- c:\windows\system32\wbem\winmgmt.exe
2009-06-04 10:49 . 2008-04-14 21:30 56320 ----a-w- c:\windows\system32\tlntsvr.exe
2009-06-04 10:49 . 2008-04-14 21:30 57856 ----a-w- c:\windows\system32\spoolsv.exe
2009-06-04 10:49 . 2008-04-14 21:30 71680 ----a-w- c:\windows\system32\smlogsvc.exe
2009-06-03 16:30 . 2009-05-26 20:07 -------- d-----w- c:\program files\Common Files\Ahead
2009-06-02 16:26 . 2009-05-27 18:13 -------- d-----w- c:\program files\Resource Tuner
2009-06-02 08:56 . 2009-06-04 10:06 2180123 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\SmitfraudFix.cmd
2009-05-31 17:54 . 2008-04-14 21:30 14848 ----a-w- c:\windows\system32\svchost.exe
2009-05-31 06:17 . 2006-10-18 20:03 100864 ----a-w- c:\windows\system32\logagent.exe
2009-05-30 10:46 . 2008-04-14 21:30 155648 ------w- c:\windows\system32\wscript.exe
2009-05-30 10:46 . 2008-04-14 21:30 110592 ----a-w- c:\windows\system32\services.exe
2009-05-30 10:46 . 2008-04-14 21:30 110592 ----a-w- c:\windows\system32\services(2)(2).exe
2009-05-30 10:46 . 2008-04-14 21:29 139264 ------w- c:\windows\system32\cscript.exe
2009-05-30 10:46 . 2001-09-19 18:00 35328 ------w- c:\windows\system32\sc.exe
2009-05-29 14:31 . 2009-05-27 15:40 33280 ----a-w- c:\windows\system32\rundll32.exe
2009-05-29 09:48 . 2008-04-14 21:29 11264 ----a-w- c:\windows\system32\dumprep.exe
2009-05-29 09:48 . 2008-04-14 21:29 45056 ----a-w- c:\windows\system32\alg.exe
2009-05-28 22:25 . 2001-09-19 18:00 12800 ----a-w- c:\windows\system32\mrinfo.exe
2009-05-28 22:17 . 2008-04-14 21:29 1031168 ----a-w- c:\windows\explorer.exe
2009-05-28 22:14 . 2008-04-14 21:29 15360 ----a-w- c:\windows\system32\ctfmon.exe
2009-05-28 22:05 . 2008-04-14 21:29 180224 ----a-w- c:\windows\system32\dwwin.exe
2009-05-28 11:15 . 2009-05-28 11:15 -------- d-----w- c:\documents and settings\ziad\Application Data\Media Player Classic
2009-05-28 09:59 . 2008-04-14 21:29 64512 ------w- c:\windows\system32\cleanmgr.exe
2009-05-28 09:59 . 2009-05-26 19:47 16859136 ------r- c:\windows\RTHDCPL.exe
2009-05-28 09:59 . 2001-09-19 18:00 33792 ------w- c:\windows\system32\wupdmgr.exe
2009-05-28 09:59 . 2008-04-14 21:30 50176 ------w- c:\windows\system32\utilman.exe
2009-05-28 09:59 . 2008-04-14 21:29 143360 ------w- c:\windows\system32\mobsync.exe
2009-05-28 09:59 . 2008-04-14 21:29 389632 ------w- c:\windows\system32\cmd.exe
2009-05-28 09:59 . 2008-04-14 21:30 35840 ------w- c:\windows\system32\rcimlby.exe
2009-05-28 09:58 . 2001-09-19 18:00 347136 ------w- c:\windows\system32\tourstart.exe
2009-05-27 23:22 . 2009-05-26 19:40 86327 ------w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-05-27 17:07 . 2009-05-27 17:07 -------- d-----w- c:\program files\GetData
2009-05-27 16:49 . 2009-05-27 16:48 -------- d-----w- c:\program files\Hewlett-Packard
2009-05-27 13:43 . 2009-05-27 13:27 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{81D4BDA8-1F33-4633-B176-8A7E942ABDE1}
2009-05-27 13:28 . 2009-05-27 13:28 -------- d-----w- c:\documents and settings\ziad\Application Data\Uniblue
.

------- Sigcheck -------

[-] 2009-05-31 17:54 14848 6DBDAE7658CD81B2E45DB0DA2D0C0961 c:\windows\system32\svchost.exe

[-] 2009-05-28 22:17 1031168 AEC443583A7AAF1DEB50EE62A3EB5F0A c:\windows\explorer.exe

[-] 2009-05-30 10:46 111104 9BD755964CEA5FDD0E0CCA43496641EB c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2009-05-30 10:46 110592 ABD17858C840083966513CFA661E50A8 c:\windows\system32\services.exe
[-] 2009-05-30 10:46 110592 ABD17858C840083966513CFA661E50A8 c:\windows\system32\dllcache\services.exe

[-] 2009-05-28 22:14 15360 00EA61EEFF6B0B54361C0364F2C5F799 c:\windows\system32\ctfmon.exe

[-] 2009-06-04 10:49 57856 F847A3B1397DDD1C7373395D6B97FCE6 c:\windows\system32\spoolsv.exe

[-] 2009-05-27 12:41 26112 37E445BA6F57F538ADB92BFE6A5A53DE c:\windows\system32\userinit.exe
.
((((((((((((((((((((((((((((( SnapShot@2009-06-12_21.15.57 )))))))))))))))))))))))))))))))))))))))))
.
+ 2001-09-19 18:00 . 2008-04-15 21:00 25600 c:\windows\twunk_32.exe
- 2001-09-19 18:00 . 2009-06-04 11:55 25600 c:\windows\twunk_32.exe
+ 2009-06-27 11:40 . 2009-06-27 11:40 16384 c:\windows\Temp\Perflib_Perfdata_588.dat
+ 2006-11-02 16:10 . 2006-11-02 16:10 80912 c:\windows\system32\sherlock2.exe
- 2008-04-14 21:30 . 2009-06-04 12:02 76800 c:\windows\system32\sdbinst.exe
+ 2008-04-14 21:30 . 2008-04-15 21:00 76800 c:\windows\system32\sdbinst.exe
+ 2008-04-14 21:29 . 2009-03-21 14:08 56880 c:\windows\system32\scvideo.dll
+ 2004-08-10 06:52 . 2004-08-10 06:52 49221 c:\windows\system32\rv40.dll
+ 2004-08-10 06:52 . 2004-08-10 06:52 49221 c:\windows\system32\rv30.dll
+ 2004-08-10 06:51 . 2004-08-10 06:51 57411 c:\windows\system32\rv20.dll
+ 2004-08-10 06:50 . 2004-08-10 06:50 49216 c:\windows\system32\rv10.dll
+ 2009-06-15 16:20 . 2006-10-26 08:48 27136 c:\windows\system32\ReinstallBackups\0014\DriverFiles\tapvpn.sys
+ 2008-04-14 21:30 . 2008-04-15 21:00 69632 c:\windows\system32\odbcconf.exe
- 2008-04-14 21:30 . 2009-06-04 12:02 69632 c:\windows\system32\odbcconf.exe
+ 2008-04-14 21:30 . 2008-04-15 21:00 32768 c:\windows\system32\odbcad32.exe
- 2008-04-14 21:29 . 2008-04-14 21:41 16896 c:\windows\system32\msyuv.dll
+ 2008-04-14 21:29 . 2008-04-14 18:29 16896 c:\windows\system32\msyuv.dll
+ 2008-04-14 21:29 . 2008-04-14 18:29 47616 c:\windows\system32\iyuv_32.dll
- 2008-04-14 21:29 . 2008-04-14 21:41 47616 c:\windows\system32\iyuv_32.dll
+ 2007-01-09 17:05 . 2007-01-09 17:05 26112 c:\windows\system32\ff_wmv9.dll
+ 2009-06-14 23:32 . 2008-08-26 07:26 18816 c:\windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.sys
+ 2009-06-14 23:32 . 2009-02-09 04:37 22016 c:\windows\system32\DRVSTORE\ccdcmbo_A1774E014D770CB0E09594945F8CE0BA1E16FE0B\ccdcmbo.sys
+ 2009-06-14 23:32 . 2009-02-09 04:37 91136 c:\windows\system32\DRVSTORE\ccdcmb_A1774E014D770CB0E09594945F8CE0BA1E16FE0B\nmwcdcls.dll
+ 2009-06-14 23:32 . 2009-02-09 04:37 17664 c:\windows\system32\DRVSTORE\ccdcmb_A1774E014D770CB0E09594945F8CE0BA1E16FE0B\ccdcmb.sys
- 2008-01-23 21:25 . 2008-01-23 21:25 27136 c:\windows\system32\drivers\tapvpn.sys
+ 2008-01-23 21:25 . 2006-10-26 08:48 27136 c:\windows\system32\drivers\tapvpn.sys
- 2009-05-20 19:54 . 2009-05-20 19:54 33840 c:\windows\system32\drivers\HssDrv.sys
+ 2009-06-01 18:13 . 2009-06-01 18:13 33840 c:\windows\system32\drivers\HssDrv.sys
+ 2009-06-08 23:29 . 2008-04-14 18:29 53760 c:\windows\system32\dllcache\vfwwdm32.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 30749 c:\windows\system32\dllcache\vbajet32.dll
+ 2001-09-19 18:00 . 2008-04-15 21:00 25600 c:\windows\system32\dllcache\twunk_32.exe
+ 2001-09-19 18:00 . 2001-09-19 18:00 49680 c:\windows\system32\dllcache\twunk_16.exe
+ 2009-06-15 00:34 . 2003-03-24 13:52 16384 c:\windows\system32\dllcache\tcptsat.dll
+ 2009-06-15 00:34 . 2003-03-24 13:52 32827 c:\windows\system32\dllcache\tcptest.exe
+ 2008-04-14 00:15 . 2008-04-13 21:15 49408 c:\windows\system32\dllcache\stream.sys
+ 2008-04-14 21:29 . 2008-04-14 21:29 25088 c:\windows\system32\dllcache\slayerxp.dll
+ 2009-06-15 00:34 . 2003-03-24 13:52 16437 c:\windows\system32\dllcache\shtml.exe
+ 2009-06-15 00:34 . 2003-03-24 13:52 20536 c:\windows\system32\dllcache\shtml.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 65024 c:\windows\system32\dllcache\shimeng.dll
+ 2008-04-14 21:30 . 2008-04-15 21:00 76800 c:\windows\system32\dllcache\sdbinst.exe
+ 2008-04-14 21:29 . 2008-04-14 21:29 64000 c:\windows\system32\dllcache\samlib.dll
+ 2009-06-15 00:34 . 2001-09-18 11:03 66048 c:\windows\system32\dllcache\s3legacy.dll
+ 2008-05-07 05:08 . 2009-03-08 01:31 46592 c:\windows\system32\dllcache\pngfilt.dll
- 2009-02-20 16:50 . 2009-03-08 01:31 46592 c:\windows\system32\dllcache\pngfilt.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 84992 c:\windows\system32\dllcache\olepro32.dll
+ 2009-05-26 19:38 . 2008-04-14 21:29 65536 c:\windows\system32\dllcache\oledb32r.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 20511 c:\windows\system32\dllcache\odtext32.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 20510 c:\windows\system32\dllcache\odpdx32.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 20510 c:\windows\system32\dllcache\odfox32.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 20510 c:\windows\system32\dllcache\odexl32.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 20511 c:\windows\system32\dllcache\oddbse32.dll
+ 2008-04-14 21:28 . 2008-04-14 21:28 57375 c:\windows\system32\dllcache\odbcji32.dll
+ 2008-04-13 21:05 . 2008-04-13 21:05 94208 c:\windows\system32\dllcache\odbcint.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 65536 c:\windows\system32\dllcache\odbccu32.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 65536 c:\windows\system32\dllcache\odbccr32.dll
+ 2008-04-14 21:30 . 2008-04-15 21:00 69632 c:\windows\system32\dllcache\odbcconf.exe
+ 2008-04-14 21:30 . 2008-04-15 21:00 32768 c:\windows\system32\dllcache\odbcad32.exe
+ 2008-04-14 21:29 . 2008-04-14 21:29 16384 c:\windows\system32\dllcache\odbc32gt.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 67584 c:\windows\system32\dllcache\ocmanage.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 64000 c:\windows\system32\dllcache\nwapi32.dll
+ 2001-09-19 18:00 . 2001-09-19 18:00 17408 c:\windows\system32\dllcache\nwapi16.dll
+ 2009-05-26 19:39 . 2008-04-14 21:29 10240 c:\windows\system32\dllcache\npwmsdrm.dll
+ 2008-04-14 00:50 . 2008-04-14 00:50 91520 c:\windows\system32\dllcache\ndiswan.sys
+ 2008-04-14 21:29 . 2008-04-14 18:29 16896 c:\windows\system32\dllcache\msyuv.dll
+ 2009-05-26 19:38 . 2008-04-14 21:29 24576 c:\windows\system32\dllcache\msxactps.dll
+ 2008-04-14 00:00 . 2008-04-14 00:00 61440 c:\windows\system32\dllcache\msvcrt40.dll
+ 2007-04-02 18:19 . 2007-04-02 18:19 60192 c:\windows\system32\dllcache\msjter40.dll
+ 2008-05-07 05:08 . 2009-03-08 01:31 48128 c:\windows\system32\dllcache\mshtmler.dll
- 2009-03-08 01:31 . 2009-03-08 01:31 48128 c:\windows\system32\dllcache\mshtmler.dll
+ 2008-05-07 05:08 . 2009-03-08 01:31 66560 c:\windows\system32\dllcache\mshtmled.dll
- 2009-02-20 16:50 . 2009-03-08 01:31 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2008-05-07 05:08 . 2009-03-08 01:31 45568 c:\windows\system32\dllcache\mshta.exe
- 2009-03-08 01:31 . 2009-03-08 01:31 45568 c:\windows\system32\dllcache\mshta.exe
+ 2009-05-26 19:38 . 2008-04-14 21:29 36864 c:\windows\system32\dllcache\msdfmap.dll
+ 2009-05-26 19:38 . 2008-04-14 21:29 20480 c:\windows\system32\dllcache\msdatt.dll
+ 2009-05-26 19:38 . 2008-04-13 21:05 16384 c:\windows\system32\dllcache\msdasqlr.dll
+ 2009-05-26 19:38 . 2008-04-13 21:05 16384 c:\windows\system32\dllcache\msdaremr.dll
+ 2009-05-26 19:38 . 2008-04-13 21:05 16384 c:\windows\system32\dllcache\msdaprsr.dll
+ 2009-05-26 19:38 . 2008-04-14 21:29 77824 c:\windows\system32\dllcache\msdaosp.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 36864 c:\windows\system32\dllcache\mscpxl32.dll
+ 2009-05-26 19:38 . 2008-04-14 21:29 57344 c:\windows\system32\dllcache\msadrh15.dll
+ 2009-05-26 19:38 . 2008-04-14 21:29 57344 c:\windows\system32\dllcache\msador15.dll
+ 2009-05-26 19:38 . 2008-04-13 21:05 24576 c:\windows\system32\dllcache\msader15.dll
+ 2009-05-26 19:38 . 2008-04-13 21:05 24576 c:\windows\system32\dllcache\msaddsr.dll
+ 2009-05-26 19:38 . 2008-04-14 21:29 53248 c:\windows\system32\dllcache\msadcs.dll
+ 2009-05-26 19:38 . 2008-04-13 21:05 16384 c:\windows\system32\dllcache\msadcor.dll
+ 2009-05-26 19:38 . 2008-04-13 21:05 16384 c:\windows\system32\dllcache\msadcfr.dll
+ 2009-05-26 19:38 . 2008-04-14 21:29 61440 c:\windows\system32\dllcache\msadcf.dll
+ 2009-05-26 19:38 . 2008-04-13 21:05 20480 c:\windows\system32\dllcache\msadcer.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 22528 c:\windows\system32\dllcache\mfcsubs.dll
+ 2008-05-07 05:08 . 2009-03-08 01:34 43008 c:\windows\system32\dllcache\licmgr10.dll
- 2009-03-08 01:34 . 2009-03-08 01:34 43008 c:\windows\system32\dllcache\licmgr10.dll
+ 2006-10-18 21:47 . 2006-10-18 21:47 11264 c:\windows\system32\dllcache\laprxy.dll
- 2009-02-20 16:50 . 2009-04-30 21:13 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2008-05-07 05:08 . 2009-04-30 21:13 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2008-04-14 21:29 . 2008-04-14 18:29 47616 c:\windows\system32\dllcache\iyuv_32.dll
+ 2009-06-15 00:34 . 2008-04-15 21:00 68608 c:\windows\system32\dllcache\isatq.dll
+ 2008-04-14 00:49 . 2008-04-14 00:49 75264 c:\windows\system32\dllcache\ipsec.sys
- 2009-03-08 01:32 . 2009-03-08 01:32 94720 c:\windows\system32\dllcache\inseng.dll
+ 2008-05-07 05:08 . 2009-03-08 01:32 94720 c:\windows\system32\dllcache\inseng.dll
+ 2009-06-15 00:34 . 2008-04-15 21:00 13312 c:\windows\system32\dllcache\infoadmn.dll
+ 2009-06-15 00:34 . 2008-04-15 21:00 19968 c:\windows\system32\dllcache\inetsloc.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 36921 c:\windows\system32\dllcache\imeshare.dll
+ 2009-06-15 00:34 . 2008-04-15 21:00 30720 c:\windows\system32\dllcache\iisrstas.exe
+ 2009-06-15 00:34 . 2008-04-15 21:00 14336 c:\windows\system32\dllcache\iisreset.exe
+ 2009-06-15 00:34 . 2008-04-15 21:00 64000 c:\windows\system32\dllcache\iismap.dll
+ 2009-06-15 00:34 . 2008-04-15 21:00 68608 c:\windows\system32\dllcache\iisext51.dll
- 2009-03-08 01:32 . 2009-03-08 01:32 71680 c:\windows\system32\dllcache\iesetup.dll
+ 2008-05-07 05:08 . 2009-03-08 01:32 71680 c:\windows\system32\dllcache\iesetup.dll
- 2009-02-20 16:50 . 2009-03-08 01:32 55808 c:\windows\system32\dllcache\iernonce.dll
+ 2008-04-14 21:29 . 2009-03-08 01:32 55808 c:\windows\system32\dllcache\iernonce.dll
+ 2009-06-15 00:34 . 2003-03-24 13:52 20538 c:\windows\system32\dllcache\fpremadm.exe
+ 2009-06-15 00:34 . 2003-03-24 13:52 20541 c:\windows\system32\dllcache\fpexedll.dll
+ 2009-06-15 00:34 . 2003-03-24 13:52 14608 c:\windows\system32\dllcache\fp98sadm.exe
+ 2009-06-15 00:34 . 2003-03-24 13:52 49212 c:\windows\system32\dllcache\fp4awebs.dll
+ 2009-06-15 00:34 . 2003-03-24 13:52 32826 c:\windows\system32\dllcache\fp4avss.dll
+ 2009-06-15 00:34 . 2003-03-24 13:52 41020 c:\windows\system32\dllcache\fp4avnb.dll
+ 2009-06-15 00:34 . 2003-03-24 13:52 49210 c:\windows\system32\dllcache\fp4areg.dll
+ 2009-06-15 00:34 . 2003-03-24 13:52 82035 c:\windows\system32\dllcache\fp4anscp.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 16384 c:\windows\system32\dllcache\ds32gt.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 87040 c:\windows\system32\dllcache\drmstor.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 32768 c:\windows\system32\dllcache\dispex.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 39936 c:\windows\system32\dllcache\dimsroam.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 19456 c:\windows\system32\dllcache\dimsntfy.dll
+ 2001-09-19 18:00 . 2001-09-19 18:00 27136 c:\windows\system32\dllcache\ctl3d32.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 62464 c:\windows\system32\dllcache\cryptsvc.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 64512 c:\windows\system32\dllcache\cryptnet.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 53760 c:\windows\system32\dllcache\cryptext.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 33280 c:\windows\system32\dllcache\cryptdll.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 74752 c:\windows\system32\dllcache\cryptdlg.dll
+ 2008-05-07 05:08 . 2009-03-08 01:33 18944 c:\windows\system32\dllcache\corpol.dll
- 2009-03-08 01:33 . 2009-03-08 01:33 18944 c:\windows\system32\dllcache\corpol.dll
+ 2009-06-15 00:34 . 2008-04-15 21:00 46592 c:\windows\system32\dllcache\coadmin.dll
+ 2008-04-14 21:28 . 2008-04-14 21:28 16896 c:\windows\system32\dllcache\cfgmgr32.dll
+ 2009-06-15 00:34 . 2003-03-24 13:52 16439 c:\windows\system32\dllcache\author.exe
+ 2009-06-15 00:34 . 2003-03-24 13:52 20540 c:\windows\system32\dllcache\author.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 30208 c:\windows\system32\dllcache\atmlib.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 65024 c:\windows\system32\dllcache\asycfilt.dll
+ 2008-04-14 21:29 . 2008-04-15 21:00 98304 c:\windows\system32\dllcache\ahui.exe
+ 2007-04-02 23:56 . 2007-04-02 23:56 20992 c:\windows\system32\dllcache\agt0410.dll
+ 2009-05-26 22:34 . 2007-04-02 23:56 19968 c:\windows\system32\dllcache\agt040e.dll
+ 2009-05-26 22:34 . 2007-04-02 23:56 19456 c:\windows\system32\dllcache\agt040d.dll
+ 2007-04-02 23:56 . 2007-04-02 23:56 21504 c:\windows\system32\dllcache\agt040c.dll
+ 2007-04-02 23:56 . 2007-04-02 23:56 19456 c:\windows\system32\dllcache\agt040b.dll
+ 2008-04-13 23:02 . 2008-04-13 23:02 19968 c:\windows\system32\dllcache\agt0409.dll
+ 2009-05-26 22:34 . 2007-04-02 23:56 22016 c:\windows\system32\dllcache\agt0408.dll
+ 2007-04-02 23:56 . 2007-04-02 23:56 21504 c:\windows\system32\dllcache\agt0407.dll
+ 2007-04-02 23:56 . 2007-04-02 23:56 19456 c:\windows\system32\dllcache\agt0406.dll
+ 2009-05-26 22:34 . 2007-04-02 23:56 19456 c:\windows\system32\dllcache\agt0405.dll
+ 2009-05-26 22:34 . 2007-04-02 23:56 19456 c:\windows\system32\dllcache\agt0401.dll
+ 2009-06-15 00:34 . 2008-04-13 21:06 44928 c:\windows\system32\dllcache\agpcpq.sys
+ 2009-06-15 00:34 . 2008-04-13 21:06 42368 c:\windows\system32\dllcache\agp440.sys
+ 2008-04-14 21:29 . 2008-04-14 21:29 44032 c:\windows\system32\dllcache\agentsr.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 24064 c:\windows\system32\dllcache\agentpsh.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 49152 c:\windows\system32\dllcache\agentmpx.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 57344 c:\windows\system32\dllcache\agentdpv.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 42496 c:\windows\system32\dllcache\agentdp2.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 24064 c:\windows\system32\dllcache\agentanm.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 68096 c:\windows\system32\dllcache\adsmsext.dll
+ 2009-06-15 00:34 . 2008-04-15 21:00 49664 c:\windows\system32\dllcache\adrot.dll
+ 2009-06-15 00:34 . 2001-08-17 09:11 46112 c:\windows\system32\dllcache\adptsf50.sys
+ 2001-09-19 18:00 . 2001-09-19 18:00 26112 c:\windows\system32\dllcache\adptif.dll
+ 2009-06-15 00:34 . 2008-04-15 21:00 43520 c:\windows\system32\dllcache\admwprox.dll
- 2009-03-08 01:32 . 2009-03-08 01:32 72704 c:\windows\system32\dllcache\admparse.dll
+ 2008-05-07 05:08 . 2009-03-08 01:32 72704 c:\windows\system32\dllcache\admparse.dll
+ 2009-06-15 00:34 . 2008-04-13 19:06 10880 c:\windows\system32\dllcache\admjoy.sys
+ 2009-06-15 00:34 . 2003-03-24 13:52 16439 c:\windows\system32\dllcache\admin.exe
+ 2009-06-15 00:34 . 2003-03-24 13:52 20540 c:\windows\system32\dllcache\admin.dll
+ 2009-06-15 00:34 . 2008-04-15 21:00 29696 c:\windows\system32\dllcache\admexs.dll
+ 2009-06-15 00:34 . 2001-08-17 09:11 20160 c:\windows\system32\dllcache\adm8511.sys
+ 2008-04-14 21:29 . 2008-04-14 21:29 98304 c:\windows\system32\dllcache\actxprxy.dll
+ 2001-09-19 18:00 . 2001-09-19 18:00 11648 c:\windows\system32\dllcache\acpiec.sys
+ 2009-06-15 00:34 . 2001-09-18 11:03 61440 c:\windows\system32\dllcache\acerscad.dll
+ 2009-05-26 19:39 . 2001-09-19 18:00 64512 c:\windows\system32\dllcache\acctres.dll
+ 2009-06-15 00:34 . 2008-04-13 19:06 84480 c:\windows\system32\dllcache\ac97via.sys
+ 2009-06-15 00:34 . 2001-08-17 09:20 96256 c:\windows\system32\dllcache\ac97intc.sys
+ 2009-06-15 00:34 . 2001-08-17 10:52 23552 c:\windows\system32\dllcache\abp480n5.sys
+ 2001-09-19 18:00 . 2001-09-19 18:00 25600 c:\windows\system32\dllcache\aaaamon.dll
+ 2009-06-15 00:34 . 2001-09-18 11:03 98304 c:\windows\system32\dllcache\a3d.dll
+ 2009-06-15 00:34 . 2001-09-18 11:03 38400 c:\windows\system32\dllcache\8514a.dll
+ 2009-06-15 00:34 . 2008-04-13 21:16 48128 c:\windows\system32\dllcache\61883.sys
+ 2009-06-15 00:34 . 2008-04-13 21:10 12288 c:\windows\system32\dllcache\4mmdat.sys
+ 2009-06-15 00:34 . 2001-08-17 11:06 11264 c:\windows\system32\dllcache\1394vdbg.sys
+ 2009-06-15 00:34 . 2008-04-13 21:16 53376 c:\windows\system32\dllcache\1394bus.sys
+ 2004-08-10 06:50 . 2004-08-10 06:50 65602 c:\windows\system32\cook.dll
+ 2009-06-15 23:34 . 2009-06-25 05:11 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-05-26 19:43 . 2009-06-25 05:11 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2009-05-26 19:43 . 2009-05-31 17:43 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-05-26 19:43 . 2009-06-25 05:11 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2009-05-26 19:43 . 2009-05-31 17:43 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2004-08-10 06:50 . 2004-08-10 06:50 77889 c:\windows\system32\atrc.dll
+ 2008-04-14 21:29 . 2008-04-15 21:00 98304 c:\windows\system32\ahui.exe
- 2008-04-14 21:29 . 2009-06-04 12:00 98304 c:\windows\system32\ahui.exe
+ 2009-06-14 23:32 . 2009-06-14 23:32 10134 c:\windows\Installer\{B7CB0BF3-791E-44D3-9F04-786E36D51C9D}\ARPPRODUCTICON.exe
- 2009-06-05 20:27 . 2009-06-05 20:27 80395 c:\windows\Installer\{83502B7E-BE3F-436D-8F5D-268560AA3681}\MsblIco.Exe
+ 2009-06-16 14:31 . 2009-06-16 14:31 80395 c:\windows\Installer\{83502B7E-BE3F-436D-8F5D-268560AA3681}\MsblIco.Exe
+ 2009-06-16 14:32 . 2009-06-16 14:32 58945 c:\windows\Installer\{11C04DD7-27C6-43D3-86AA-728BAE4609AF}\wlmail.exe
- 2009-05-26 21:06 . 2009-05-26 21:06 58945 c:\windows\Installer\{11C04DD7-27C6-43D3-86AA-728BAE4609AF}\wlmail.exe
+ 2009-06-16 14:34 . 2009-06-16 14:34 47616 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\5700a35086393fff09a46fd10d2e39b5\WindowsLiveWriter.ni.exe
- 2009-06-01 20:54 . 2009-06-01 20:54 47616 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\5700a35086393fff09a46fd10d2e39b5\WindowsLiveWriter.ni.exe
+ 2009-06-16 14:34 . 2009-06-16 14:34 99840 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\4a5ba9683bf7be94c307bd076fa568bf\WindowsLive.Writer.Api.ni.dll
- 2009-06-01 20:55 . 2009-06-01 20:55 99840 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\4a5ba9683bf7be94c307bd076fa568bf\WindowsLive.Writer.Api.ni.dll
+ 2009-06-16 14:34 . 2009-06-16 14:34 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\ec83ec80653eb20ccc6ed42075c90aee\Microsoft.VisualC.ni.dll
- 2009-06-01 20:55 . 2009-06-01 20:55 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\ec83ec80653eb20ccc6ed42075c90aee\Microsoft.VisualC.ni.dll
- 2001-09-18 14:05 . 2001-09-19 18:00 8192 c:\windows\system32\tsbyuv.dll
+ 2001-09-18 14:05 . 2001-09-18 11:05 8192 c:\windows\system32\tsbyuv.dll
- 2001-09-19 18:00 . 2009-06-04 12:02 9728 c:\windows\system32\sfc.exe
+ 2001-09-19 18:00 . 2008-04-15 21:00 9728 c:\windows\system32\sfc.exe
+ 2009-06-14 23:32 . 2009-03-19 10:48 8320 c:\windows\system32\DRVSTORE\nmwcdnsuc_A1774E014D770CB0E09594945F8CE0BA1E16FE0B\nmwcdnsuc.sys
+ 2009-06-14 23:32 . 2009-02-09 04:37 7808 c:\windows\system32\DRVSTORE\ccdcmbm_A1774E014D770CB0E09594945F8CE0BA1E16FE0B\usbser_lowerflt.sys
+ 2009-06-14 23:32 . 2009-02-09 04:37 7808 c:\windows\system32\DRVSTORE\ccdcmbcj_A1774E014D770CB0E09594945F8CE0BA1E16FE0B\usbser_lowerfltj.sys
+ 2009-06-15 00:34 . 2008-04-15 21:00 7168 c:\windows\system32\dllcache\wamregps.dll
+ 2001-09-18 14:05 . 2001-09-18 11:05 8192 c:\windows\system32\dllcache\tsbyuv.dll
+ 2009-06-15 00:34 . 2008-04-15 21:00 8192 c:\windows\system32\dllcache\staxmem.dll
+ 2001-09-19 18:00 . 2008-04-15 21:00 9728 c:\windows\system32\dllcache\sfc.exe
+ 2008-04-14 21:29 . 2008-04-14 21:29 5120 c:\windows\system32\dllcache\sfc.dll
+ 2006-12-31 07:57 . 2006-12-31 07:57 4569 c:\windows\system32\dllcache\secupd.dat
+ 2001-09-19 18:00 . 2001-09-19 18:00 3584 c:\windows\system32\dllcache\riched32.dll
+ 2001-09-19 18:00 . 2001-09-19 18:00 4463 c:\windows\system32\dllcache\oembios.dat
+ 2001-09-19 18:00 . 2001-09-19 18:00 4608 c:\windows\system32\dllcache\mssip32.dll
+ 2008-04-14 21:28 . 2008-04-14 21:28 4126 c:\windows\system32\dllcache\msdxmlc.dll
+ 2009-05-26 19:38 . 2008-04-14 21:29 4096 c:\windows\system32\dllcache\msdaurl.dll
+ 2009-05-26 19:38 . 2008-04-14 21:29 4096 c:\windows\system32\dllcache\msdasc.dll
+ 2009-05-26 19:38 . 2008-04-14 21:29 4096 c:\windows\system32\dllcache\msdaer.dll
+ 2009-05-26 19:38 . 2008-04-14 21:29 4096 c:\windows\system32\dllcache\msdaenum.dll
+ 2009-05-26 19:38 . 2008-04-14 21:29 4096 c:\windows\system32\dllcache\msdadc.dll
+ 2009-05-26 19:39 . 2008-04-14 21:29 4639 c:\windows\system32\dllcache\mplayer2.exe
+ 2008-04-14 21:28 . 2008-04-14 21:28 6144 c:\windows\system32\dllcache\kbdpash.dll
+ 2008-04-14 21:28 . 2008-04-14 21:28 6144 c:\windows\system32\dllcache\kbdnepr.dll
+ 2009-05-26 21:32 . 2001-08-17 19:36 8192 c:\windows\system32\dllcache\kbdkor.dll
+ 2009-05-26 21:32 . 2001-08-17 19:36 8704 c:\windows\system32\dllcache\kbdjpn.dll
+ 2008-04-14 21:28 . 2008-04-14 21:28 6144 c:\windows\system32\dllcache\kbdiultn.dll
+ 2008-04-14 21:28 . 2008-04-14 21:28 6144 c:\windows\system32\dllcache\kbdbhc.dll
+ 2009-05-26 21:32 . 2008-04-14 18:28 6144 c:\windows\system32\dllcache\kbd106.dll
+ 2009-05-26 21:32 . 2001-08-17 11:55 5632 c:\windows\system32\dllcache\kbd103.dll
+ 2009-05-26 21:32 . 2001-08-17 11:55 6144 c:\windows\system32\dllcache\kbd101c.dll
+ 2009-05-26 21:32 . 2001-08-17 11:55 6144 c:\windows\system32\dllcache\kbd101b.dll
+ 2009-06-15 00:34 . 2008-04-15 21:00 7680 c:\windows\system32\dllcache\inetmgr.exe
+ 2009-06-15 00:34 . 2008-04-15 21:00 5632 c:\windows\system32\dllcache\iisrstap.dll
+ 2009-06-15 00:34 . 2008-04-15 21:00 6144 c:\windows\system32\dllcache\ftpsapi2.dll
+ 2009-06-15 00:34 . 2001-09-18 11:03 5632 c:\windows\system32\dllcache\EXCH_adsiisex.dll
+ 2009-05-26 19:39 . 2008-04-14 21:29 7168 c:\windows\system32\dllcache\bitsprx4.dll
+ 2006-12-01 10:51 . 2006-12-01 07:51 6656 c:\windows\system32\dllcache\asferror.dll
+ 2009-06-15 00:34 . 2008-04-14 18:29 3775 c:\windows\system32\dllcache\adv11nt5.dll
+ 2009-06-15 00:34 . 2008-04-14 18:29 3711 c:\windows\system32\dllcache\adv09nt5.dll
+ 2009-06-15 00:34 . 2008-04-14 18:29 3135 c:\windows\system32\dllcache\adv08nt5.dll
+ 2009-06-15 00:34 . 2008-04-14 18:29 3647 c:\windows\system32\dllcache\adv07nt5.dll
+ 2009-06-15 00:34 . 2008-04-14 18:29 3615 c:\windows\system32\dllcache\adv05nt5.dll
+ 2009-06-15 00:34 . 2008-04-14 18:29 3967 c:\windows\system32\dllcache\adv02nt5.dll
+ 2009-06-15 00:34 . 2008-04-14 18:29 4255 c:\windows\system32\dllcache\adv01nt5.dll
+ 2009-06-15 00:34 . 2008-04-15 21:00 6144 c:\windows\system32\dllcache\admxprox.dll
+ 2009-06-15 00:34 . 2001-08-17 10:53 7424 c:\windows\system32\dllcache\adicvls.sys
+ 2008-04-14 21:29 . 2008-04-15 21:00 4096 c:\windows\system32\dllcache\actmovie.exe
- 2008-04-14 21:29 . 2009-06-04 12:00 4096 c:\windows\system32\actmovie.exe
+ 2008-04-14 21:29 . 2008-04-15 21:00 4096 c:\windows\system32\actmovie.exe
+ 2009-06-14 23:32 . 2009-06-14 23:32 3262 c:\windows\Installer\{82427977-8776-4087-90CA-9F65174D3C4D}\ARPPRODUCTICON.exe
+ 2006-06-05 11:14 . 2006-06-05 11:14 626688 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll
+ 2006-06-05 11:14 . 2006-06-05 11:14 548864 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcp80.dll
+ 2006-06-05 11:14 . 2006-06-05 11:14 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcm80.dll
+ 2008-03-23 02:59 . 2007-01-12 18:09 733184 c:\windows\win32\RestoreXp.exe
+ 2008-03-23 02:59 . 2004-11-05 16:28 458422 c:\windows\win32\powerpoint.exe
+ 2008-03-23 02:59 . 2004-07-12 08:21 718451 c:\windows\win32\make_network_cable.exe
+ 2009-06-14 16:32 . 2009-06-14 16:32 451072 c:\windows\The Programmer Bag\uninstall.exe
+ 2009-06-09 14:39 . 2004-11-28 18:09 679936 c:\windows\system32\xvidcore.dll
+ 2008-04-14 13:54 . 2008-04-14 13:54 147456 c:\windows\system32\WIND0WS.exe
+ 2007-09-03 13:35 . 2007-09-03 13:35 966656 c:\windows\system32\VSFilter.dll
- 2008-04-14 21:30 . 2009-06-04 12:02 105984 c:\windows\system32\sysocmgr.exe
+ 2008-04-14 21:30 . 2008-04-15 21:00 105984 c:\windows\system32\sysocmgr.exe
+ 2004-08-10 06:50 . 2004-08-10 06:50 106561 c:\windows\system32\sipr.dll
+ 2009-06-09 14:39 . 2008-07-23 19:23 185944 c:\windows\system32\rmoc3260.dll
+ 2009-05-28 09:52 . 2009-06-16 12:49 276356 c:\windows\system32\Restore\rstrlog.dat
+ 2003-11-25 23:32 . 2003-11-25 23:32 123392 c:\windows\system32\pncrt.dll
+ 2004-04-20 22:00 . 2004-04-20 22:00 172032 c:\windows\system32\OptimFROG.dll
+ 2007-06-17 11:43 . 2007-06-17 11:43 405504 c:\windows\system32\libmplayer.dll
+ 2004-08-10 06:52 . 2004-08-10 06:52 241723 c:\windows\system32\hxltcolor.dll
+ 2009-05-26 22:31 . 2009-06-23 16:10 157952 c:\windows\system32\FNTCACHE.DAT
+ 2007-07-01 10:59 . 2007-07-01 10:59 517632 c:\windows\system32\ff_x264.dll
+ 2007-06-12 11:21 . 2007-06-12 11:21 208896 c:\windows\system32\ff_theora.dll
+ 2004-10-03 17:50 . 2004-10-03 17:50 129024 c:\windows\system32\ff_mpeg2enc.dll
+ 2009-06-14 23:32 . 2008-10-29 09:24 831048 c:\windows\system32\DRVSTORE\pccswpddri_3E7DA20DF10674E832F650CC36C8BD55CB7CB42E\WudfUpdate_01005.dll
+ 2009-06-14 23:32 . 2008-10-29 09:29 531968 c:\windows\system32\DRVSTORE\pccswpddri_3E7DA20DF10674E832F650CC36C8BD55CB7CB42E\PCCSWpdDriver.dll
+ 2009-06-14 23:32 . 2009-03-19 10:48 136704 c:\windows\system32\DRVSTORE\nmwcdnsu_A1774E014D770CB0E09594945F8CE0BA1E16FE0B\nmwcdnsu.sys
+ 2009-06-14 23:32 . 2009-02-09 04:37 659968 c:\windows\system32\DRVSTORE\ccdcmb_A1774E014D770CB0E09594945F8CE0BA1E16FE0B\nmwcdcocls.dll
+ 2004-11-24 19:25 . 2004-11-24 19:25 335872 c:\windows\system32\drvc.dll
+ 2004-08-10 06:51 . 2004-08-10 06:51 176195 c:\windows\system32\drv2.dll
+ 2004-08-10 06:50 . 2004-08-10 06:50 102464 c:\windows\system32\drv1.dll
+ 2006-12-01 10:53 . 2006-12-01 07:53 208896 c:\windows\system32\dllcache\wmerror.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 176640 c:\windows\system32\dllcache\wintrust.dll
+ 2008-04-14 21:30 . 2008-04-14 21:30 506880 c:\windows\system32\dllcache\winlogon.exe
+ 2008-05-07 05:08 . 2009-05-13 05:02 915456 c:\windows\system32\dllcache\wininet.dll
- 2009-03-03 00:06 . 2009-05-13 05:02 915456 c:\windows\system32\dllcache\wininet.dll
+ 2008-04-14 21:29 . 2009-03-08 01:33 420352 c:\windows\system32\dllcache\vbscript.dll
- 2008-05-09 10:53 . 2009-03-08 01:33 420352 c:\windows\system32\dllcache\vbscript.dll
- 2009-02-20 16:50 . 2009-03-08 01:34 105984 c:\windows\system32\dllcache\url.dll
+ 2008-05-07 05:08 . 2009-03-08 01:34 105984 c:\windows\system32\dllcache\url.dll
+ 2006-12-01 12:03 . 2008-09-19 22:43 317952 c:\windows\system32\dllcache\unregmp2.exe
+ 2008-04-14 21:29 . 2008-04-14 21:29 122880 c:\windows\system32\dllcache\umpnpmgr.dll
+ 2001-09-19 18:00 . 2001-09-19 18:00 177856 c:\windows\system32\dllcache\typelib.dll
+ 2008-04-14 21:30 . 2008-04-15 21:00 105984 c:\windows\system32\dllcache\sysocmgr.exe
- 2009-05-27 06:11 . 2008-10-03 10:03 247326 c:\windows\system32\dllcache\strmdll.dll
+ 2008-04-14 21:29 . 2008-10-03 10:03 247326 c:\windows\system32\dllcache\strmdll.dll
+ 2009-06-15 00:34 . 2008-04-15 21:00 189440 c:\windows\system32\dllcache\smtpadm.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 984064 c:\windows\system32\dllcache\setupapi.dll
- 2008-05-09 10:53 . 2008-05-09 10:53 172032 c:\windows\system32\dllcache\scrrun.dll
+ 2008-04-14 21:29 . 2008-05-09 10:53 172032 c:\windows\system32\dllcache\scrrun.dll
+ 2008-04-14 21:29 . 2008-05-09 10:53 180224 c:\windows\system32\dllcache\scrobj.dll
- 2008-05-09 10:53 . 2008-05-09 10:53 180224 c:\windows\system32\dllcache\scrobj.dll
- 2008-12-05 06:56 . 2008-12-05 06:56 144896 c:\windows\system32\dllcache\schannel.dll
+ 2008-04-14 21:29 . 2008-12-05 06:56 144896 c:\windows\system32\dllcache\schannel.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 421376 c:\windows\system32\dllcache\samsrv.dll
+ 2008-04-13 23:07 . 2008-04-13 23:07 208384 c:\windows\system32\dllcache\rsaenh.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 433664 c:\windows\system32\dllcache\riched20.dll
+ 2009-05-26 19:38 . 2008-04-14 21:29 487424 c:\windows\system32\dllcache\oledb32.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 551936 c:\windows\system32\dllcache\oleaut32.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 147456 c:\windows\system32\dllcache\odbctrac.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 278559 c:\windows\system32\dllcache\odbcjt32.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 106496 c:\windows\system32\dllcache\odbccp32.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 135168 c:\windows\system32\dllcache\odbcconf.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 249856 c:\windows\system32\dllcache\odbc32.dll
+ 2008-04-14 00:45 . 2008-04-14 00:45 574976 c:\windows\system32\dllcache\ntfs.sys
- 2009-05-27 06:28 . 2009-02-09 10:51 693760 c:\windows\system32\dllcache\ntdll.dll
+ 2008-04-14 21:29 . 2009-02-09 10:51 693760 c:\windows\system32\dllcache\ntdll.dll
+ 2009-05-26 19:39 . 2008-04-14 21:29 364544 c:\windows\system32\dllcache\npdsplay.dll
- 2009-05-27 06:04 . 2008-10-15 16:35 337408 c:\windows\system32\dllcache\netapi32.dll
+ 2008-04-14 21:29 . 2008-10-15 16:35 337408 c:\windows\system32\dllcache\netapi32.dll
+ 2007-04-02 18:22 . 2007-04-02 18:22 355104 c:\windows\system32\dllcache\msxbde40.dll
+ 2008-04-13 21:05 . 2008-04-13 21:05 621344 c:\windows\system32\dllcache\mswstr10.dll
+ 2007-04-02 18:21 . 2007-04-02 18:21 838432 c:\windows\system32\dllcache\mswdat10.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 343040 c:\windows\system32\dllcache\msvcrt.dll
- 2009-02-20 16:50 . 2009-03-08 01:32 611840 c:\windows\system32\dllcache\mstime.dll
+ 2008-05-07 05:08 . 2009-03-08 01:32 611840 c:\windows\system32\dllcache\mstime.dll
+ 2007-04-02 18:21 . 2007-04-02 18:21 264992 c:\windows\system32\dllcache\mstext40.dll
+ 2007-04-02 18:21 . 2007-04-02 18:21 559904 c:\windows\system32\dllcache\msrepl40.dll
+ 2007-04-02 18:20 . 2007-04-02 18:20 322336 c:\windows\system32\dllcache\msrd3x40.dll
+ 2007-04-02 18:20 . 2007-04-02 18:20 432928 c:\windows\system32\dllcache\msrd2x40.dll
- 2009-02-20 16:50 . 2009-03-08 01:34 193536 c:\windows\system32\dllcache\msrating.dll
+ 2008-05-07 05:08 . 2009-03-08 01:34 193536 c:\windows\system32\dllcache\msrating.dll
+ 2007-04-02 18:20 . 2007-04-02 18:20 355104 c:\windows\system32\dllcache\mspbde40.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 143360 c:\windows\system32\dllcache\msorcl32.dll
+ 2007-04-02 18:19 . 2007-04-02 18:19 219936 c:\windows\system32\dllcache\msltus40.dll
+ 2007-04-02 18:19 . 2007-04-02 18:19 248608 c:\windows\system32\dllcache\msjtes40.dll
+ 2009-05-26 19:38 . 2008-04-14 21:29 102400 c:\windows\system32\dllcache\msjro.dll
+ 2008-04-13 21:05 . 2008-04-13 21:05 158496 c:\windows\system32\dllcache\msjint40.dll
+ 2007-04-02 18:18 . 2007-04-02 18:18 326432 c:\windows\system32\dllcache\msexcl40.dll
+ 2007-04-02 18:17 . 2007-04-02 18:17 518944 c:\windows\system32\dllcache\msexch40.dll
+ 2009-05-26 19:38 . 2008-04-14 21:29 315392 c:\windows\system32\dllcache\msdasql.dll
+ 2009-05-26 19:38 . 2008-04-14 21:29 118784 c:\windows\system32\dllcache\msdarem.dll
+ 2009-05-26 19:38 . 2008-04-14 21:29 204800 c:\windows\system32\dllcache\msdaps.dll
+ 2009-05-26 19:38 . 2008-04-14 21:29 200704 c:\windows\system32\dllcache\msdaprst.dll
+ 2009-05-26 19:38 . 2008-04-14 21:29 233472 c:\windows\system32\dllcache\msdaora.dll
+ 2009-05-26 19:38 . 2008-04-14 21:29 200704 c:\windows\system32\dllcache\msadox.dll
+ 2009-05-26 19:38 . 2008-04-14 21:29 180224 c:\windows\system32\dllcache\msadomd.dll
+ 2009-05-26 19:38 . 2008-04-14 21:29 536576 c:\windows\system32\dllcache\msado15.dll
+ 2009-05-26 19:38 . 2008-04-14 21:29 155648 c:\windows\system32\dllcache\msadds.dll
+ 2009-05-26 19:38 . 2008-04-14 21:29 143360 c:\windows\system32\dllcache\msadco.dll
+ 2009-05-26 19:38 . 2008-05-01 14:34 331776 c:\windows\system32\dllcache\msadce.dll
- 2009-05-27 06:06 . 2008-05-01 14:34 331776 c:\windows\system32\dllcache\msadce.dll
+ 2007-04-03 08:44 . 2007-04-03 08:44 981760 c:\windows\system32\dllcache\mfc42u.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 927504 c:\windows\system32\dllcache\mfc40u.dll
+ 2001-09-19 18:00 . 2001-09-19 18:00 924432 c:\windows\system32\dllcache\mfc40.dll
+ 2008-04-14 21:29 . 2009-02-09 10:51 723456 c:\windows\system32\dllcache\lsasrv.dll
- 2009-05-27 06:28 . 2009-02-09 10:51 723456 c:\windows\system32\dllcache\lsasrv.dll
+ 2008-06-17 22:09 . 2009-05-31 06:17 100864 c:\windows\system32\dllcache\logagent.exe
+ 2008-04-14 00:46 . 2008-04-13 21:46 141056 c:\windows\system32\dllcache\ks.sys
+ 2008-04-14 21:29 . 2009-03-08 01:33 726528 c:\windows\system32\dllcache\jscript.dll
- 2008-05-09 10:53 . 2009-03-08 01:33 726528 c:\windows\system32\dllcache\jscript.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 138240 c:\windows\system32\dllcache\itss.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 155136 c:\windows\system32\dllcache\itircl.dll
+ 2009-06-15 00:34 . 2008-04-15 21:00 829952 c:\windows\system32\dllcache\inetmgr.dll
+ 2009-06-15 00:34 . 2008-04-15 21:00 169984 c:\windows\system32\dllcache\iisui.dll
+ 2009-06-15 00:34 . 2008-04-15 21:00 133632 c:\windows\system32\dllcache\iisrtl.dll
+ 2009-05-26 19:38 . 2009-03-08 11:09 638816 c:\windows\system32\dllcache\iexplore.exe
- 2009-02-28 04:54 . 2009-03-08 11:09 638816 c:\windows\system32\dllcache\iexplore.exe
+ 2008-05-07 05:08 . 2009-03-08 01:31 183808 c:\windows\system32\dllcache\iepeers.dll
- 2009-03-08 01:31 . 2009-03-08 01:31 183808 c:\windows\system32\dllcache\iepeers.dll
+ 2008-05-07 05:08 . 2009-03-08 01:32 163840 c:\windows\system32\dllcache\ieakui.dll
- 2009-02-20 05:14 . 2009-03-08 01:32 163840 c:\windows\system32\dllcache\ieakui.dll
+ 2008-05-07 05:08 . 2009-03-08 01:33 229376 c:\windows\system32\dllcache\ieaksie.dll
- 2009-02-20 16:50 . 2009-03-08 01:33 229376 c:\windows\system32\dllcache\ieaksie.dll
- 2009-02-20 16:50 . 2009-03-08 01:33 125952 c:\windows\system32\dllcache\ieakeng.dll
+ 2008-05-07 05:08 . 2009-03-08 01:33 125952 c:\windows\system32\dllcache\ieakeng.dll
+ 2009-06-15 00:34 . 2003-03-24 13:52 208896 c:\windows\system32\dllcache\fpmmcsat.dll
+ 2009-06-15 00:34 . 2004-05-12 21:39 598071 c:\windows\system32\dllcache\fpmmc.dll
+ 2009-06-15 00:34 . 2003-03-24 13:52 188494 c:\windows\system32\dllcache\fpcount.exe
+ 2009-06-15 00:34 . 2003-03-24 13:52 109328 c:\windows\system32\dllcache\fp98swin.exe
+ 2009-06-15 00:34 . 2004-05-12 21:39 876653 c:\windows\system32\dllcache\fp4awel.dll
+ 2009-06-15 00:34 . 2003-03-24 13:52 102509 c:\windows\system32\dllcache\fp4atxt.dll
+ 2009-06-15 00:34 . 2003-03-24 13:52 147513 c:\windows\system32\dllcache\fp4apws.dll
+ 2009-06-15 00:34 . 2004-05-12 21:39 184435 c:\windows\system32\dllcache\fp4amsft.dll
+ 2008-04-14 00:44 . 2008-04-14 00:44 143744 c:\windows\system32\dllcache\fastfat.sys
+ 2008-04-14 21:29 . 2008-04-14 21:29 380445 c:\windows\system32\dllcache\expsrv.dll
+ 2008-05-07 05:08 . 2009-03-08 01:31 216064 c:\windows\system32\dllcache\dxtrans.dll
- 2009-02-20 16:50 . 2009-03-08 01:31 216064 c:\windows\system32\dllcache\dxtrans.dll
- 2009-02-20 16:50 . 2009-03-08 01:31 348160 c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-05-07 05:08 . 2009-03-08 01:31 348160 c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 498230 c:\windows\system32\dllcache\dxmasf.dll
+ 2008-04-13 23:07 . 2008-04-13 23:07 138752 c:\windows\system32\dllcache\dssenh.dll
+ 2008-04-14 21:30 . 2008-04-14 21:30 299520 c:\windows\system32\dllcache\drmclien.dll
+ 2009-05-26 19:38 . 2008-01-19 16:34 554008 c:\windows\system32\dllcache\dao360.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 499712 c:\windows\system32\dllcache\cryptui.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 598016 c:\windows\system32\dllcache\crypt32.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 252928 c:\windows\system32\dllcache\compatui.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 406016 c:\windows\system32\dllcache\comdlg32.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 617472 c:\windows\system32\dllcache\comctl32.dll
+ 2009-06-15 00:34 . 2003-03-24 13:52 188480 c:\windows\system32\dllcache\cfgwiz.exe
+ 2008-04-14 21:29 . 2008-04-14 21:29 233472 c:\windows\system32\dllcache\azroles.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 125952 c:\windows\system32\dllcache\apphelp.dll
+ 2008-04-14 21:29 . 2008-04-15 21:00 256512 c:\windows\system32\dllcache\agentsvr.exe
+ 2008-04-14 21:29 . 2008-04-14 21:29 214016 c:\windows\system32\dllcache\agentctl.dll
- 2008-06-20 11:40 . 2008-08-14 10:04 138496 c:\windows\system32\dllcache\afd.sys
+ 2008-04-14 00:49 . 2008-08-14 10:04 138496 c:\windows\system32\dllcache\afd.sys
+ 2009-05-26 19:49 . 2008-04-13 19:09 142592 c:\windows\system32\dllcache\aec.sys
- 2009-02-20 16:50 . 2009-03-08 01:32 128512 c:\windows\system32\dllcache\advpack.dll
+ 2008-05-07 05:08 . 2009-03-08 01:32 128512 c:\windows\system32\dllcache\advpack.dll
+ 2008-04-14 21:29 . 2009-02-09 10:51 681472 c:\windows\system32\dllcache\advapi32.dll
- 2009-05-27 06:28 . 2009-02-09 10:51 681472 c:\windows\system32\dllcache\advapi32.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 123392 c:\windows\system32\dllcache\adsnw.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 263680 c:\windows\system32\dllcache\adsnt.dll
+ 2001-09-19 18:00 . 2001-09-19 18:00 161792 c:\windows\system32\dllcache\adsnds.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 143360 c:\windows\system32\dllcache\adsldpc.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 175616 c:\windows\system32\dllcache\adsldp.dll
+ 2009-06-15 00:34 . 2008-04-15 21:00 290816 c:\windows\system32\dllcache\adsiis51.dll
+ 2009-06-15 00:34 . 2001-08-17 11:07 101888 c:\windows\system32\dllcache\adpu160m.sys
+ 2009-06-15 00:34 . 2001-08-17 09:19 747392 c:\windows\system32\dllcache\adm8830.sys
+ 2009-06-15 00:34 . 2001-08-17 09:19 553984 c:\windows\system32\dllcache\adm8820.sys
+ 2009-06-15 00:34 . 2001-08-17 09:19 584448 c:\windows\system32\dllcache\adm8810.sys
+ 2008-04-14 21:29 . 2008-04-14 21:29 116224 c:\windows\system32\dllcache\acxtrnal.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 193024 c:\windows\system32\dllcache\activeds.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 245248 c:\windows\system32\dllcache\acspecfc.dll
+ 2008-04-14 21:03 . 2008-04-14 21:03 187648 c:\windows\system32\dllcache\acpi.sys
+ 2008-04-14 21:29 . 2008-04-14 21:29 112640 c:\windows\system32\dllcache\aclui.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 141312 c:\windows\system32\dllcache\aclua.dll
+ 2001-09-19 18:00 . 2001-09-19 18:00 129536 c:\windows\system32\dllcache\acledit.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 451072 c:\windows\system32\dllcache\aclayers.dll
+ 2009-06-05 15:08 . 2008-04-14 21:29 183296 c:\windows\system32\dllcache\accwiz.exe
+ 2009-06-15 00:34 . 2001-08-17 09:20 297728 c:\windows\system32\dllcache\ac97sis.sys
+ 2009-06-15 00:34 . 2008-04-13 19:06 231552 c:\windows\system32\dllcache\ac97ali.sys
+ 2009-05-26 19:37 . 2008-04-14 21:29 136192 c:\windows\system32\dllcache\aaclient.dll
+ 2009-06-15 00:34 . 2001-09-18 11:03 462848 c:\windows\system32\dllcache\a3dapi.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 100352 c:\windows\system32\dllcache\6to4svc.dll
+ 2009-06-15 00:34 . 2001-08-17 09:48 148352 c:\windows\system32\dllcache\3dfxvsm.sys
+ 2009-06-15 00:34 . 2001-09-18 11:03 689216 c:\windows\system32\dllcache\3dfxvs.dll
+ 2009-06-15 00:34 . 2001-08-17 10:28 762780 c:\windows\system32\dllcache\3cwmcru.sys
+ 2009-06-08 13:27 . 2009-06-14 04:56 476160 c:\windows\PaltalkScene\uninstall.exe
+ 2008-04-14 21:29 . 2008-04-15 21:00 256512 c:\windows\msagent\agentsvr.exe
+ 2009-05-26 19:54 . 1998-10-29 13:45 306688 c:\windows\IsUninst.exe
- 2009-05-26 19:54 . 2009-05-28 09:59 306688 c:\windows\IsUninst.exe
+ 2009-06-14 18:06 . 2009-06-14 18:06 295606 c:\windows\Installer\{AC76BA86-7AD7-1033-7B44-A81000000003}\SC_Reader.exe
- 2009-06-11 15:04 . 2009-06-12 17:28 364726 c:\windows\Installer\{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}\SkypeIcon.exe
+ 2009-06-15 17:01 . 2009-06-15 17:01 364726 c:\windows\Installer\{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}\SkypeIcon.exe
+ 2009-06-24 07:42 . 2009-06-24 07:42 132096 c:\windows\Installer\{0BA1DE66-9086-402D-9F6B-C71AA6A065BB}\WLXPhotoGalleryIcon.exe
- 2009-06-05 20:27 . 2009-06-05 20:27 132096 c:\windows\Installer\{0BA1DE66-9086-402D-9F6B-C71AA6A065BB}\WLXPhotoGalleryIcon.exe
+ 2006-12-01 12:03 . 2008-09-19 22:43 317952 c:\windows\inf\unregmp2.exe
- 2006-12-01 12:03 . 2009-05-30 10:46 317952 c:\windows\inf\unregmp2.exe
+ 2009-06-11 13:02 . 2009-06-11 13:02 452496 c:\windows\Downloaded Program Files\wlscBase.dll
- 2009-06-01 20:55 . 2009-06-01 20:55 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\f9ac52e76b942f38edaea1540cdce7ad\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2009-06-16 14:34 . 2009-06-16 14:34 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\f9ac52e76b942f38edaea1540cdce7ad\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2009-06-16 14:34 . 2009-06-16 14:34 851968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d88240dcc329907b1f7c6be038d67ccd\WindowsLive.Writer.BlogClient.ni.dll
- 2009-06-01 20:55 . 2009-06-01 20:55 851968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d88240dcc329907b1f7c6be038d67ccd\WindowsLive.Writer.BlogClient.ni.dll
- 2009-06-01 20:55 . 2009-06-01 20:55 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\c23a281e806a14bf48225461e9504e3e\WindowsLive.Writer.Mshtml.ni.dll
+ 2009-06-16 14:34 . 2009-06-16 14:34 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\c23a281e806a14bf48225461e9504e3e\WindowsLive.Writer.Mshtml.ni.dll
+ 2009-06-16 14:34 . 2009-06-16 14:34 322048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ba458626154b268633d17b380951dc05\WindowsLive.Writer.SpellChecker.ni.dll
- 2009-06-01 20:55 . 2009-06-01 20:55 322048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ba458626154b268633d17b380951dc05\WindowsLive.Writer.SpellChecker.ni.dll
- 2009-06-01 20:55 . 2009-06-01 20:55 118784 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ab125d3a580223b5c104e30afb48dee8\WindowsLive.Writer.Extensibility.ni.dll
+ 2009-06-16 14:34 . 2009-06-16 14:34 118784 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ab125d3a580223b5c104e30afb48dee8\WindowsLive.Writer.Extensibility.ni.dll
+ 2009-06-16 14:34 . 2009-06-16 14:34 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\aa1c0fb73aba618f70e59d58a734e315\WindowsLive.Writer.Instrumentation.ni.dll
- 2009-06-01 20:55 . 2009-06-01 20:55 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\aa1c0fb73aba618f70e59d58a734e315\WindowsLive.Writer.Instrumentation.ni.dll
- 2009-06-01 20:54 . 2009-06-01 20:54 319488 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\aa0d656d49e99b02f7614f4d96d8f54c\WindowsLive.Writer.Interop.ni.dll
+ 2009-06-16 14:34 . 2009-06-16 14:34 319488 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\aa0d656d49e99b02f7614f4d96d8f54c\WindowsLive.Writer.Interop.ni.dll
- 2009-06-01 20:55 . 2009-06-01 20:55 334848 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\a58837d52e2eef58317a903e9b0de96d\WindowsLive.Writer.Interop.Mshtml.ni.dll
+ 2009-06-16 14:34 . 2009-06-16 14:34 334848 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\a58837d52e2eef58317a903e9b0de96d\WindowsLive.Writer.Interop.Mshtml.ni.dll
- 2009-06-01 20:55 . 2009-06-01 20:55 594944 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\752deb2586f4ce372db2581728b3fd9d\WindowsLive.Writer.HtmlEditor.ni.dll
+ 2009-06-16 14:34 . 2009-06-16 14:34 594944 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\752deb2586f4ce372db2581728b3fd9d\WindowsLive.Writer.HtmlEditor.ni.dll
- 2009-06-01 20:54 . 2009-06-01 20:54 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\6b30f4f0e887c26cac499a5ce4ee45d8\WindowsLive.Writer.BrowserControl.ni.dll
+ 2009-06-16 14:34 . 2009-06-16 14:34 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\6b30f4f0e887c26cac499a5ce4ee45d8\WindowsLive.Writer.BrowserControl.ni.dll
- 2009-06-01 20:55 . 2009-06-01 20:55 313856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\681ad822aa7295018c1b9f96ad372ee0\WindowsLive.Writer.Interop.SHDocVw.ni.dll
+ 2009-06-16 14:34 . 2009-06-16 14:34 313856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\681ad822aa7295018c1b9f96ad372ee0\WindowsLive.Writer.Interop.SHDocVw.ni.dll
- 2009-06-01 20:55 . 2009-06-01 20:55 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\55e6f7f927f7e25d68cba5cba5202ed0\WindowsLive.Writer.FileDestinations.ni.dll
+ 2009-06-16 14:34 . 2009-06-16 14:34 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\55e6f7f927f7e25d68cba5cba5202ed0\WindowsLive.Writer.FileDestinations.ni.dll
+ 2009-06-16 14:34 . 2009-06-16 14:34 843776 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\51ff7ea9cefa9385a9597ef269236b8c\WindowsLive.Writer.Controls.ni.dll
- 2009-06-01 20:54 . 2009-06-01 20:54 843776 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\51ff7ea9cefa9385a9597ef269236b8c\WindowsLive.Writer.Controls.ni.dll
- 2009-06-01 20:55 . 2009-06-01 20:55 428032 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\1e25e6dbae70b2a0dba46e74e773acee\WindowsLive.Writer.Localization.ni.dll
+ 2009-06-16 14:34 . 2009-06-16 14:34 428032 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\1e25e6dbae70b2a0dba46e74e773acee\WindowsLive.Writer.Localization.ni.dll
- 2009-06-01 20:55 . 2009-06-01 20:55 108544 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\05db615058b5e19e632385efbf3e2237\WindowsLive.Writer.Passport.ni.dll
+ 2009-06-16 14:34 . 2009-06-16 14:34 108544 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\05db615058b5e19e632385efbf3e2237\WindowsLive.Writer.Passport.ni.dll
+ 2009-06-16 14:34 . 2009-06-16 14:34 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\00ad735ab245a8f45be00ba9dccc9443\WindowsLive.Writer.HtmlParser.ni.dll
- 2009-06-01 20:55 . 2009-06-01 20:55 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\00ad735ab245a8f45be00ba9dccc9443\WindowsLive.Writer.HtmlParser.ni.dll
- 2009-06-01 20:55 . 2009-06-01 20:55 145920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\9546c5ce7c6920bfb0971ee0080ff777\WindowsLive.Client.ni.dll
+ 2009-06-16 14:34 . 2009-06-16 14:34 145920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\9546c5ce7c6920bfb0971ee0080ff777\WindowsLive.Client.ni.dll
- 2009-06-01 20:55 . 2009-06-01 20:55 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2abd876a3c8a6b088fa6d8d39d901e3c\System.Runtime.Remoting.ni.dll
+ 2009-06-16 14:34 . 2009-06-16 14:34 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2abd876a3c8a6b088fa6d8d39d901e3c\System.Runtime.Remoting.ni.dll
+ 2009-06-24 07:41 . 2009-06-24 07:41 236392 c:\windows\assembly\GAC_MSIL\System.Data.SqlServerCe\9.0.242.0__89845dcd8080cc91\System.Data.SqlServerCe.dll
+ 2008-03-23 02:59 . 2005-08-30 04:39 7077261 c:\windows\win32\WindowsXPCourse.exe
+ 2008-03-23 02:59 . 2006-06-02 01:33 8848095 c:\windows\win32\windows me.exe
+ 2009-04-27 09:41 . 2004-07-20 11:50 2077686 c:\windows\win32\waleed_book2.exe
+ 2008-03-23 02:59 . 2004-06-27 11:07 2100235 c:\windows\win32\users_groups_win_xp.exe
+ 2008-03-23 02:59 . 2004-10-22 06:14 3199129 c:\windows\win32\photoshop.exe
+ 2008-03-23 02:59 . 2004-06-21 06:20 2382707 c:\windows\win32\install_winxp_office_arbic_modem_vga_internet_conjunction.exe
+ 2008-03-23 02:59 . 2003-08-06 09:16 1125544 c:\windows\win32\FrontPage.exe
+ 2008-03-23 02:59 . 2004-06-23 20:48 3590368 c:\windows\win32\basic_excel_lessons.exe
+ 2008-03-23 02:59 . 2005-08-05 20:15 4890861 c:\windows\win32\admin_tools_explain.exe
+ 2008-03-23 02:59 . 2004-09-28 21:10 1067544 c:\windows\win32\access_8_9.exe
+ 2007-07-01 11:12 . 2007-07-01 11:12 3145728 c:\windows\system32\libavcodec.dll
+ 2009-06-14 23:32 . 2009-02-09 04:32 1112288 c:\windows\system32\DRVSTORE\ccdcmb_A1774E014D770CB0E09594945F8CE0BA1E16FE0B\wdfcoinstaller01007.dll
- 2009-02-20 16:50 . 2009-04-30 21:13 1207808 c:\windows\system32\dllcache\urlmon.dll
+ 2008-05-07 05:08 . 2009-04-30 21:13 1207808 c:\windows\system32\dllcache\urlmon.dll
+ 2009-06-15 00:34 . 2008-04-15 21:00 2134528 c:\windows\system32\dllcache\smtpsnap.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 1571328 c:\windows\system32\dllcache\sfcfiles.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 1287168 c:\windows\system32\dllcache\ole32.dll
- 2009-05-27 06:28 . 2009-02-09 11:22 2146816 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-04-14 21:12 . 2009-02-09 11:22 2146816 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2007-10-22 15:00 . 2007-10-22 15:00 1516568 c:\windows\system32\dllcache\msjet40.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 1028096 c:\windows\system32\dllcache\mfc42.dll
+ 2008-04-14 21:29 . 2009-03-21 14:08 1357824 c:\windows\system32\dllcache\kernel32.dll
- 2009-03-21 14:08 . 2009-03-21 14:08 1357824 c:\windows\system32\dllcache\kernel32.dll
+ 2008-04-14 21:29 . 2008-04-14 21:29 1852928 c:\windows\system32\dllcache\acgenral.dll
+ 2009-06-18 00:27 . 2009-06-18 00:27 1431040 c:\windows\Installer\{B440D659-FECA-4BDD-A12B-5C9F05790FF3}\Icon0E6ED660.exe
- 2009-06-01 20:54 . 2009-06-01 20:54 2002432 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\63c1f01ba87e31518027469b30556590\WindowsLive.Writer.CoreServices.ni.dll
+ 2009-06-16 14:34 . 2009-06-16 14:34 2002432 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\63c1f01ba87e31518027469b30556590\WindowsLive.Writer.CoreServices.ni.dll
- 2009-06-01 20:54 . 2009-06-01 20:54 6392832 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\13ec1ddc801643374544a27a41b5803e\WindowsLive.Writer.PostEditor.ni.dll
+ 2009-06-16 14:34 . 2009-06-16 14:34 6392832 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\13ec1ddc801643374544a27a41b5803e\WindowsLive.Writer.PostEditor.ni.dll
+ 2009-06-16 14:34 . 2009-06-16 14:34 1105920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\0a051f69ee730e16214b2657f6853dc1\WindowsLive.Writer.ApplicationFramework.ni.dll
- 2009-06-01 20:55 . 2009-06-01 20:55 1105920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\0a051f69ee730e16214b2657f6853dc1\WindowsLive.Writer.ApplicationFramework.ni.dll
- 2009-06-01 20:55 . 2009-06-01 20:55 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\283ecfbaa6a6fab76c8b544a4a89d5ce\System.Data.OracleClient.ni.dll
+ 2009-06-16 14:34 . 2009-06-16 14:34 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\283ecfbaa6a6fab76c8b544a4a89d5ce\System.Data.OracleClient.ni.dll
+ 2001-09-19 18:00 . 2001-09-19 18:00 13107200 c:\windows\system32\dllcache\oembios.bin
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-10-16 15:22 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
2009-06-25 16:39 218160 ----a-w- c:\program files\Hotspot Shield\hssie\HssIE.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2009-05-28 15360]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-06-09 2815408]
"Sysinternals Process Explorer"="c:\documents and settings\ziad\سطح المكتب\كـشـف دمــج الورعين\procexp.exe" [2009-02-03 3550592]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2009-05-28 380416]
"BitComet"="c:\program files\BitComet\BitComet.exe" [2009-05-18 2592056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-09-05 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-09-05 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-09-05 137752]
"EasyTuneVPro"="c:\program files\Gigabyte\ET5Pro\ETcall.exe" [2009-05-27 20480]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2009-06-04 204800]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2009-05-28 81920]
"GBTUpd"="c:\program files\GIGABYTE\GBTUpd\PreRun.exe" [2008-04-03 297480]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-05-26 206088]
"ClocX"="c:\program files\ClocX\ClocX.exe" [2004-04-13 103936]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-06-09 198160]
"TiGeR-Firewall"="c:\documents and settings\ziad\سطح المكتب\كـشـف دمــج الورعين\TiGeR-Firewall.EXE" [2002-01-02 90112]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2009-05-28 16859136]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2009-05-28 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoBrowserOptions"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^PalTalk.lnk]
path=c:\documents and settings\All Users\قائمة ابدأ\البرامج\بدء التشغيل\PalTalk.lnk
backup=c:\windows\pss\PalTalk.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^Snagit 9.lnk]
path=c:\documents and settings\All Users\قائمة ابدأ\البرامج\بدء التشغيل\Snagit 9.lnk
backup=c:\windows\pss\Snagit 9.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^WinZip Quick Pick.lnk]
path=c:\documents and settings\All Users\قائمة ابدأ\البرامج\بدء التشغيل\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"c:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"15361:TCP"= 15361:TCP:BitComet 15361 TCP
"15361:UDP"= 15361:UDP:BitComet 15361 UDP
"13613:TCP"= 13613:TCP:BitComet 13613 TCP
"13613:UDP"= 13613:UDP:BitComet 13613 UDP

R0 GVTDrv;GVTDrv; [x]
R3 CV2K1;CommView Network Monitor;c:\windows\system32\DRIVERS\cv2k1.sys [2008-11-11 18984]
R3 HssTrayService;Hotspot Shield Tray Service;c:\program files\Hotspot Shield\bin\HssTrayService.EXE [2009-06-01 34352]
R4 ASKService;ASKService;c:\program files\AskBarDis\bar\bin\AskService.exe [2008-10-16 464264]
S0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2009-05-26 33808]
S0 ulsata2;ulsata2; [x]
S1 is-4EF8Edrv;is-4EF8Edrv;c:\windows\system32\DRIVERS\71772103.sys [2008-07-08 148496]
S1 is-K54HCdrv;is-K54HCdrv;c:\windows\system32\DRIVERS\34851966.sys [2008-07-08 148496]
S1 ts_lb;ts_lb;c:\windows\system32\drivers\ts_lb.sys [2008-11-11 24376]
S2 HssSrv;Hotspot Shield Routing Service;c:\program files\Hotspot Shield\HssWPR\hsssrv.exe [2009-06-01 331312]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
S3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\DRIVERS\klfltdev.sys [2008-03-13 26640]
S3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\DRIVERS\klim5.sys [2008-04-30 24592]
S3 SbieDrv;SbieDrv;c:\program files\Sandboxie\SbieDrv.sys [2009-05-28 108032]
S3 TSCOMM;CommStudio Virtual Adapter by TamoSoft;c:\windows\system32\DRIVERS\tscomm.sys [2008-11-12 39976]


--- Other Services/Drivers In Memory ---

*NewlyCreated* - MARKFUN_NT
*Deregistered* - MarkFun_NT
*Deregistered* - PROCEXP113

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-06-27 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 16:20]

2009-06-27 c:\windows\Tasks\User_Feed_Synchronization-{114F0AEC-68F2-4E6B-89A1-BC756DC6FC77}.job
- c:\windows\system32\msfeedssync.exe [2008-05-07 01:31]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = local
uInternet Settings,ProxyServer = 127.0.0.1:9666
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: تحميل الكل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى FLV بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetVL.htm
FF - ProfilePath - c:\documents and settings\ziad\Application Data\Mozilla\Firefox\Profiles\qcsaup30.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Live Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.sa/
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: network.proxy.ftp - localhost
FF - prefs.js: network.proxy.ftp_port - 3128
FF - prefs.js: network.proxy.gopher - localhost
FF - prefs.js: network.proxy.gopher_port - 3128
FF - prefs.js: network.proxy.http - localhost
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.socks - localhost
FF - prefs.js: network.proxy.socks_port - 3128
FF - prefs.js: network.proxy.ssl - localhost
FF - prefs.js: network.proxy.ssl_port - 3128
FF - prefs.js: network.proxy.type - 4
FF - component: c:\documents and settings\ziad\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
FF - component: c:\documents and settings\ziad\Application Data\Mozilla\Firefox\Profiles\qcsaup30.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
FF - component: c:\documents and settings\ziad\Application Data\Mozilla\Firefox\Profiles\qcsaup30.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\FFAlert.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-06-27 20:55
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2009-06-27 20:57
ComboFix-quarantined-files.txt 2009-06-27 17:57

Pre-Run: 10,059,984,896 bytes free
Post-Run: 10,098,388,992 bytes free

937 --- E O F --- 2009-06-09 21:51





لم تنحل المشكلة
 
تأييد 0
اعمل تقرير هايجاك جديد
 
تأييد 0
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:32:10 ص, on 29/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\ClocX\ClocX.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\GIGABYTE\GBTUpd\RunUpd.exe
C:\Documents and Settings\ziad\سطح المكتب\كـشـف دمــج الورعين\TiGeR-Firewall.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\Gigabyte\ET5Pro\GUI.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Hotspot Shield\bin\openvpntray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\مجلد جديد\6512\الــهــايـجــك.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:9666
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\hssie\HssIE.dll
O3 - Toolbar: ZoneAlarm Spy Blocker Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [EasyTuneVPro] C:\Program Files\Gigabyte\ET5Pro\ETcall.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [GBTUpd] C:\Program Files\GIGABYTE\GBTUpd\PreRun.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [ClocX] C:\Program Files\ClocX\ClocX.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [TiGeR-Firewall] C:\Documents and Settings\ziad\سطح المكتب\كـشـف دمــج الورعين\TiGeR-Firewall.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Sysinternals Process Explorer] C:\Documents and Settings\ziad\سطح المكتب\كـشـف دمــج الورعين\procexp.exe
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKUS\S-1-5-21-606747145-2111687655-1417001333-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-606747145-2111687655-1417001333-1003\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot (User '?')
O4 - HKUS\S-1-5-21-606747145-2111687655-1417001333-1003\..\Run: [Sysinternals Process Explorer] C:\Documents and Settings\ziad\سطح المكتب\كـشـف دمــج الورعين\procexp.exe (User '?')
O4 - HKUS\S-1-5-21-606747145-2111687655-1417001333-1003\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe" (User '?')
O4 - HKUS\S-1-5-21-606747145-2111687655-1417001333-1003\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: "إضافة إلى حاجب الدعايات" - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: تدوين هذا في المدونة - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &تدوين هذا في Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 10363 bytes
 
تأييد 0
حمل هذا البرنامج

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


ثبته على الجهاز ،، ثم شغله واعمل كما الشرح التالي لفحص الجهاز وعمل تقرير

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


وبعد انتهاء الفحص اعمل التالي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


انسخ ما بداخل التقرير والصقه بمشاركتك القادمة
 
تأييد 0
Malwarebytes' Anti-Malware 1.38
Database version: 2297
Windows 5.1.2600 Service Pack 3

29/06/2009 04:46:58 م
mbam-log-2009-06-29 (16-46-58).txt

Scan type: Full Scan (C:\|)
Objects scanned: 139475
Time elapsed: 14 minute(s), 29 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 31

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\BIFROST1.2 (Backdoor.Bifrose) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\TiGeR-Firewall (Trojan.Alman) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\documents and settings\ziad\doctorweb\quarantine\Setup.exe (Rogue.NoAdware) -> Quarantined and deleted successfully.
c:\documents and settings\ziad\my documents\downloads\Programs\multi_skype_eng.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\documents and settings\ziad\سطح المكتب\bifrost-mojahed\BiFrOsT-MoJaHeD.exe (Backdoor.Bifrose) -> Quarantined and deleted successfully.
c:\documents and settings\ziad\سطح المكتب\bifrost-mojahed\7 servers-a1a1a\1.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\documents and settings\ziad\سطح المكتب\bifrost-mojahed\7 servers-a1a1a\2.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\documents and settings\ziad\سطح المكتب\bifrost-mojahed\7 servers-a1a1a\3.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\documents and settings\ziad\سطح المكتب\bifrost-mojahed\7 servers-a1a1a\4.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\documents and settings\ziad\سطح المكتب\bifrost-mojahed\7 servers-a1a1a\5.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\documents and settings\ziad\سطح المكتب\bifrost-mojahed\7 servers-a1a1a\6.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\documents and settings\ziad\سطح المكتب\bifrost-mojahed\7 servers-a1a1a\7.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\RECYCLER\s-1-5-21-606747145-2111687655-1417001333-1003\Dc43.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\RECYCLER\s-1-5-21-606747145-2111687655-1417001333-1003\Dc44.exe (Backdoor.Bifrose) -> Quarantined and deleted successfully.
c:\RECYCLER\s-1-5-21-606747145-2111687655-1417001333-1003\Dc53.exe (Backdoor.Bifrose) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0eea2aa0-f376-470f-b8ee-c2216d365d19}\RP160\A0054195.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0eea2aa0-f376-470f-b8ee-c2216d365d19}\RP160\A0054444.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0eea2aa0-f376-470f-b8ee-c2216d365d19}\RP160\A0054276.exe (PuP.JokeColorTaskbar) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0eea2aa0-f376-470f-b8ee-c2216d365d19}\RP160\A0054356.exe (Rogue.Installer) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0eea2aa0-f376-470f-b8ee-c2216d365d19}\RP188\A0064168.exe (Backdoor.Bifrose) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0eea2aa0-f376-470f-b8ee-c2216d365d19}\RP189\A0064200.exe (Backdoor.Bifrose) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0eea2aa0-f376-470f-b8ee-c2216d365d19}\RP189\A0064192.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0eea2aa0-f376-470f-b8ee-c2216d365d19}\RP189\A0064193.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0eea2aa0-f376-470f-b8ee-c2216d365d19}\RP189\A0064194.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0eea2aa0-f376-470f-b8ee-c2216d365d19}\RP189\A0064195.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0eea2aa0-f376-470f-b8ee-c2216d365d19}\RP189\A0064196.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0eea2aa0-f376-470f-b8ee-c2216d365d19}\RP189\A0064197.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0eea2aa0-f376-470f-b8ee-c2216d365d19}\RP189\A0064198.exe (Backdoor.Bifrose) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0eea2aa0-f376-470f-b8ee-c2216d365d19}\RP189\A0064231.exe (Backdoor.Bifrose) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0eea2aa0-f376-470f-b8ee-c2216d365d19}\RP190\A0064255.exe (Backdoor.Bifrose) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\md5.dll (Rogue.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\WIND0WS.exe (Trojan.Banker) -> Quarantined and deleted successfully.
C:\Documents and Settings\ziad\سطح المكتب\كـشـف دمــج الورعين\TiGeR-Firewall.EXE (Trojan.Alman) -> Delete on reboot.
 
تأييد 0
اخوي بعد ماسويت الفحص الكاسبر صار كنه مجنون كل شوي يقول فايروس .. بعدين جاني تم فقد ملفات السستم ادخل سيدي الوندوز


بعدين سويت استعادة النظام
 
تأييد 0
اخي عندك اصابة قوية
هل تملك اسطوانة لوندوز اكسبي ؟
 
تأييد 0
ايه عندي اسطوانة وندوز
 
تأييد 0
اذن اعد الفحص بالاداة
واذا طلب ملفات الوندوز ضع سيدي الوندوز ليقوم النظام بسحبها
وارفق التقرير مرة اخرى
 
تأييد 0
بس اخوي الوندوز اللي عندي مو زي الجهاز اخوي والله ماني عارف كيف اشكرك وان شاء الله احصل نسخة الوندز <<هي عند واحد اجيبها واسوي زي ماقلتلي

الله يعطيك العافية
الله يوفقك في دراستك
 
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى