طرب الشرقية
زيزوومي جديد
- إنضم
- 23 فبراير 2010
- المشاركات
- 10
- مستوى التفاعل
- 0
- النقاط
- 20
غير متصل
الســلام عليكم
عند بداء تشغيل الكمبيوتر تظهر هذي الرساله !!
ماهو الحل !!
- بادئ الموضوع طرب الشرقية
- تاريخ البدء
- 8,035
- الحالة
الســلام عليكم
عند بداء تشغيل الكمبيوتر تظهر هذي الرساله !!
MAAX
عضوشرف
غير متصل
حمل هذا البرنامج
بعدها اغلق جميع البرامج وخصوصا الانترنت اكسبلورر والماسنجر
شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
بعدها اغلق جميع البرامج وخصوصا الانترنت اكسبلورر والماسنجر
شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم
التعديل الأخير بواسطة المشرف:
تأييد
0
طرب الشرقية
زيزوومي جديد
- إنضم
- 23 فبراير 2010
- المشاركات
- 10
- مستوى التفاعل
- 0
- النقاط
- 20
غير متصل
ماعليش اخوي آآسف على التأخير
هذا التقرير :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 04:39:25, on 2/24/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Windows NT\bluetooth\bluetooth.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows NT\bluetooth\bluetooth.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Documents and Settings\Administrator\سطح المكتب\Zyzoom_HijackThis.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Bluetooth] C:\Program Files\Windows NT\bluetooth\bluetooth.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ACEREF] C:\DOCUME~1\ADMINI~1\APPLIC~1\DASHFL~1\livesurfwait.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [MPlayer2_FixUp] C:\WINDOWS\inf\unregmp2.exe /Fixups (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlpo_01] cmd.exe /c md "%USERPROFILE%\Local Settings\Temp" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlpo_02] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlpo_03] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlpo_04] rundll32 advpack.dll,LaunchINFSection nlite.inf,S (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [MPlayer2_FixUp] C:\WINDOWS\inf\unregmp2.exe /Fixups (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = C:\Program Files\Windows NT\bluetooth\bluetooth.exe
O4 - Global Startup: Reboot.exe
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Nod32 AV (EsetNod32Fix) - Unknown owner - C:\WINDOWS\
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 4594 bytes
هذا التقرير :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 04:39:25, on 2/24/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Windows NT\bluetooth\bluetooth.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows NT\bluetooth\bluetooth.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Documents and Settings\Administrator\سطح المكتب\Zyzoom_HijackThis.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Bluetooth] C:\Program Files\Windows NT\bluetooth\bluetooth.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ACEREF] C:\DOCUME~1\ADMINI~1\APPLIC~1\DASHFL~1\livesurfwait.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [MPlayer2_FixUp] C:\WINDOWS\inf\unregmp2.exe /Fixups (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlpo_01] cmd.exe /c md "%USERPROFILE%\Local Settings\Temp" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlpo_02] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlpo_03] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlpo_04] rundll32 advpack.dll,LaunchINFSection nlite.inf,S (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [MPlayer2_FixUp] C:\WINDOWS\inf\unregmp2.exe /Fixups (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = C:\Program Files\Windows NT\bluetooth\bluetooth.exe
O4 - Global Startup: Reboot.exe
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Nod32 AV (EsetNod32Fix) - Unknown owner - C:\WINDOWS\
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 4594 bytes
تأييد
0
اكيد ظهرت هذه المشكلة بعد تركيب اسطوانة او تركيب فلاش او ذاكرة تفتكر بعد ايه
المشكلة
واعمل هذا كمان
عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب
عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة
المشكلة
واعمل هذا كمان
عطل برامج الحماية عن العمل
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
ثم
حمل الاداة التالية واحفظها على سطح المكتب
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة
تأييد
0
طرب الشرقية
زيزوومي جديد
- إنضم
- 23 فبراير 2010
- المشاركات
- 10
- مستوى التفاعل
- 0
- النقاط
- 20
غير متصل
والله ما اتذكر ..
آآسف على التأخير هذا التقرير :
ComboFix 10-02-23.04 - Administrator 02/24/2010 11:13:18.2.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1256.1.1025.18.1918.1365 [GMT 3:00]
Running from: c:\documents and settings\Administrator\سطح المكتب\ComboFix.exe
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users.WINDOWS\قائمة ابدأ\البرامج\بدء التشغيل\Bluetooth.lnk
c:\windows\system32\tmp.reg
F:\8xcrbho6.exe
F:\mvmdh.exe
F:\ws.exe
.
((((((((((((((((((((((((( Files Created from 2010-01-24 to 2010-02-24 )))))))))))))))))))))))))))))))
.
2010-02-24 03:56 . 2010-02-24 08:13 -------- d-----w- c:\windows\system32\CatRoot2
2010-02-24 03:39 . 2010-02-24 03:40 -------- d-----w- c:\program files\Save Flash
2010-02-24 02:33 . 2010-02-24 02:33 7168 ----a-w- c:\documents and settings\Administrator\Application Data\Thinstall\CyberScrub® Privacy Suite™ 5.1\400000dd00002i\CSPSeraser.exe
2010-02-23 19:29 . 2004-08-04 03:55 25600 ----a-w- c:\documents and settings\LocalService.NT AUTHORITY\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2010-02-23 06:37 . 2006-10-26 16:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2010-02-23 06:37 . 2006-10-26 16:56 32592 ----a-w- c:\windows\system32\msonpmon.dll
2010-02-23 06:36 . 2010-02-23 06:36 -------- d-----w- c:\program files\Microsoft Works
2010-02-23 06:35 . 2010-02-23 06:35 -------- d-----w- c:\program files\MSBuild
2010-02-23 06:32 . 2010-02-23 06:32 -------- d-----r- C:\MSOCache
2010-02-23 05:56 . 2010-02-23 05:56 -------- d-----w- c:\documents and settings\LocalService.NT AUTHORITY\Local Settings\Application Data\ESET
2010-02-23 05:45 . 2010-02-23 05:45 -------- d-----w- c:\program files\Windows Media Connect 2
2010-02-23 05:10 . 2010-02-23 05:10 -------- d-----w- c:\documents and settings\Administrator\Application Data\Media Player Classic
2010-02-23 04:09 . 2010-02-23 04:09 116144 ----a-w- c:\documents and settings\Administrator\Application Data\IDM\idmmzcc2\components\idmmzcc.dll
2010-02-23 04:09 . 2010-02-24 08:12 -------- d-----w- c:\documents and settings\Administrator\Application Data\DMCache
2010-02-23 04:09 . 2010-02-23 04:34 -------- d-----w- c:\documents and settings\Administrator\Application Data\IDM
2010-02-23 03:59 . 2010-02-23 04:08 -------- d-----w- c:\program files\Internet Download Manager
2010-02-23 03:04 . 2010-02-23 03:04 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Runscanner.net
2010-02-23 02:20 . 2010-02-23 02:20 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\ESET
2010-02-23 02:13 . 2010-02-23 02:13 -------- d-----w- c:\program files\Trend Micro
2010-02-23 01:33 . 2010-02-23 01:33 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Microsoft Help
2010-02-23 01:33 . 2010-02-23 06:37 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Microsoft Help
2010-02-23 01:28 . 2008-08-07 12:31 1238456 ----a-w- c:\windows\system32\NMSDVDXU.dll
2010-02-23 01:28 . 2007-08-19 18:14 2297856 ----a-w- c:\windows\system32\AudioCtl32.dll
2010-02-23 01:28 . 1998-12-24 17:23 40960 ----a-w- c:\windows\system32\VBAME.DLL
2010-02-23 01:28 . 2010-02-23 01:29 -------- d-----w- c:\program files\OZOMEDIA9
2010-02-23 01:17 . 2010-02-23 01:18 -------- d-----w- c:\program files\ESET
2010-02-23 01:17 . 2010-02-23 01:17 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\ESET
2010-02-23 01:11 . 2010-02-23 01:11 -------- d-----w- c:\windows\XSxS
2010-02-23 01:11 . 2010-02-23 01:11 -------- d-----w- c:\program files\Xenocode
2010-02-12 00:17 . 2010-02-12 00:17 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Identities
2010-02-05 00:23 . 2010-02-05 00:23 -------- d-----w- c:\windows\system32\CatRoot_bak
2010-02-03 06:49 . 2010-02-24 02:03 -------- d-----w- c:\windows\system32\DllCache
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-24 02:32 . 2010-01-12 22:34 -------- d-----w- c:\documents and settings\Administrator\Application Data\Thinstall
2010-02-24 02:23 . 2009-12-05 09:32 -------- d-----w- c:\documents and settings\amd\Application Data\dashflapjump
2010-02-24 02:02 . 2009-12-10 05:15 -------- d-----w- c:\documents and settings\mokish!!\Application Data\dashflapjump
2010-02-23 14:45 . 2010-01-08 21:10 83976 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-02-23 02:24 . 2010-01-11 20:09 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Program Eq Deaf Anti
2010-02-23 01:29 . 2010-02-23 01:29 -------- d-----w- c:\program files\Real Alternative
2010-02-23 01:29 . 2010-02-23 01:29 -------- d-----w- c:\program files\AviSynth 2.5
2010-02-23 01:25 . 2009-11-03 23:29 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-02-23 01:24 . 2009-11-03 23:29 -------- d-----w- c:\program files\Common Files\Real
2010-02-22 21:20 . 2009-11-03 23:28 -------- d-----w- c:\program files\Google
2010-01-12 15:39 . 2010-01-11 22:05 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Messenger Plus!
2010-01-11 20:10 . 2010-01-11 20:10 442368 ----a-w- c:\documents and settings\Administrator\Application Data\dashflapjump\site aim remote.exe
2010-01-11 20:10 . 2010-01-11 20:09 -------- d-----w- c:\documents and settings\Administrator\Application Data\dashflapjump
2010-01-11 20:10 . 2010-01-11 20:10 372736 ----a-w- c:\documents and settings\Administrator\Application Data\dashflapjump\MfcdDumbDvdGlobal.exe
2010-01-11 20:09 . 2010-01-11 20:09 724992 ----a-w- c:\documents and settings\Administrator\Application Data\dashflapjump\uqjmfykk.exe
2010-01-11 20:09 . 2010-01-11 20:09 -------- d-----w- c:\program files\dashflapjump
2010-01-11 20:09 . 2010-01-11 20:09 520192 ----a-w- c:\documents and settings\Administrator\Application Data\dashflapjump\livesurfwait.exe
2010-01-11 20:08 . 2010-01-11 20:08 -------- d-----w- c:\program files\Circle Dvelopement
2010-01-11 20:08 . 2009-11-03 07:59 -------- d-----w- c:\program files\Messenger Plus! Live
2010-01-10 18:13 . 2010-01-08 20:49 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-01-08 21:33 . 2009-11-03 18:55 -------- d-----w- c:\program files\Realtek
2010-01-08 21:29 . 2001-09-19 18:00 39982 ----a-w- c:\windows\system32\perfc001.dat
2010-01-08 21:29 . 2001-09-19 18:00 251478 ----a-w- c:\windows\system32\perfh001.dat
2010-01-08 21:22 . 2010-01-08 21:22 315392 ----a-w- c:\windows\HideWin.exe
2010-01-08 20:46 . 2010-01-08 20:46 22144 ----a-w- c:\windows\system32\emptyregdb.dat
2009-12-23 13:54 . 2009-12-23 13:54 10240 -c--a-w- c:\documents and settings\mokish!!\Application Data\GRETECH\GomPlayer\GrLauncherTempSetup.exe
2009-12-17 07:17 . 2009-12-17 07:17 716800 -c--a-w- c:\documents and settings\amd\Application Data\dashflapjump\gadnompj.exe
2009-12-10 05:14 . 2009-12-10 05:14 57688 -c--a-w- c:\documents and settings\mokish!!\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-05 08:35 . 2009-11-03 23:26 57688 -c--a-w- c:\documents and settings\amd\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
.
------- Sigcheck -------
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\SoftwareDistribution\Download\77d40fc9473e388a3d9833a56a4d281f\sp3qfe\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\SoftwareDistribution\Download\77d40fc9473e388a3d9833a56a4d281f\sp3gdr\tcpip.sys
[-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\SoftwareDistribution\Download\77d40fc9473e388a3d9833a56a4d281f\sp2gdr\tcpip.sys
[-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\SoftwareDistribution\Download\77d40fc9473e388a3d9833a56a4d281f\sp2qfe\tcpip.sys
[-] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\system32\drivers\tcpip.sys
[-] 2006-07-05 . 0BB6CE5523BAF1512314BAE179360B3C . 197120 . . [5.1.2600.2743] . . c:\windows\system32\netman.dll
[-] 2009-02-09 . 1D07888E58486533D87582985D047186 . 401408 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\83061d86781db0b4e8791439303ae788\SP3QFE\rpcss.dll
[-] 2009-02-09 . 271830BCE6D77085E72D571F60EAF85A . 401408 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\83061d86781db0b4e8791439303ae788\SP3GDR\rpcss.dll
[-] 2009-02-09 . DDF4FB3D29F07C201FED908E2EFCB223 . 399360 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\83061d86781db0b4e8791439303ae788\SP2GDR\rpcss.dll
[-] 2009-02-09 . 21B3BEC8872F48C5F3697DAFE9E0BAF1 . 401408 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\83061d86781db0b4e8791439303ae788\SP2QFE\rpcss.dll
[-] 2006-07-05 . C8A68BC4C171654188326E2B9E936102 . 398336 . . [5.1.2600.2726] . . c:\windows\system32\rpcss.dll
[-] 2006-07-05 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\system32\spoolsv.exe
[-] 2006-08-25 . 7037C70E7AC84B229E35E74D1D1A361F . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2008-07-07 20:30 . 4ACD9FB301F635D8F97D273B9A76050F . 253952 . . [2001.12.4414.320] . . c:\windows\SoftwareDistribution\Download\451576686cccdc7e010f2e02b0f4f958\sp2gdr\es.dll
[-] 2008-07-07 20:27 . 584A7EDA1F7DC89E22BB046878A5E350 . 253952 . . [2001.12.4414.706] . . c:\windows\SoftwareDistribution\Download\451576686cccdc7e010f2e02b0f4f958\sp3gdr\es.dll
[-] 2008-07-07 20:23 . 055A6DFE5400C9E484A65B9E0E50F20D . 253952 . . [2001.12.4414.706] . . c:\windows\SoftwareDistribution\Download\451576686cccdc7e010f2e02b0f4f958\sp3qfe\es.dll
[-] 2008-07-07 20:17 . E01E47A89B2CCA03189AD913FEB8F227 . 253952 . . [2001.12.4414.320] . . c:\windows\SoftwareDistribution\Download\451576686cccdc7e010f2e02b0f4f958\sp2qfe\es.dll
[-] 2006-07-05 14:12 . F3BAA9552C48E8652E3518E589F885FD . 243200 . . [2001.12.4414.308] . . c:\windows\system32\es.dll
[-] 2009-03-21 . 066648E62711DF29186B3D9089E95486 . 1354240 . . [5.1.2600.3541] . . c:\windows\SoftwareDistribution\Download\ed27f97a6b62c2d37d04aa3546636469\sp2gdr\kernel32.dll
[-] 2009-03-21 . 08000FB156274AEFD51A57299422D023 . 1357824 . . [5.1.2600.5781] . . c:\windows\SoftwareDistribution\Download\ed27f97a6b62c2d37d04aa3546636469\sp3gdr\kernel32.dll
[-] 2009-03-21 . AED671FD84652A2E59B1EDF57DC54048 . 1359872 . . [5.1.2600.5781] . . c:\windows\SoftwareDistribution\Download\ed27f97a6b62c2d37d04aa3546636469\sp3qfe\kernel32.dll
[-] 2009-03-21 . 6408A503EDF4ACBE0F56F252963572C1 . 1357312 . . [5.1.2600.3541] . . c:\windows\SoftwareDistribution\Download\ed27f97a6b62c2d37d04aa3546636469\sp2qfe\kernel32.dll
[-] 2006-07-05 . 09C097450F5C7415E4AC441172ED4F61 . 1353216 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll
[-] 2006-07-05 . 9AAF34C3F2901C3D99F880FFA109EE7A . 1352192 . . [5.1.2600.2945] . . c:\windows\system32\kernel32.dll
[-] 2006-07-05 . 4180813BB96982D3AAFE7FF737533727 . 19968 . . [5.1.2600.2751] . . c:\windows\system32\linkinfo.dll
[-] 2009-12-22 . FDB10B5B32E360C5E0AD0478D70A89A2 . 3092480 . . [6.00.2900.3660] . . c:\windows\SoftwareDistribution\Download\1f60475a2f7b444b9a4b1982711ecf2b\sp2qfe\mshtml.dll
[-] 2009-12-22 . A6875E38EA8B7BA2AEF9C0DBD7C4AB5E . 3092480 . . [6.00.2900.5921] . . c:\windows\SoftwareDistribution\Download\1f60475a2f7b444b9a4b1982711ecf2b\sp3gdr\mshtml.dll
[-] 2009-12-22 . 604ADA64C2BCBB90492F4AE9E1941F8D . 3094528 . . [6.00.2900.5921] . . c:\windows\SoftwareDistribution\Download\1f60475a2f7b444b9a4b1982711ecf2b\sp3qfe\mshtml.dll
[-] 2006-10-23 . 406C3F3857BBA8739589BF2EE488ACF8 . 3076096 . . [6.00.2900.3020] . . c:\windows\$NtUninstallKB925454_1$\mshtml.dll
[-] 2006-10-23 . B25A0B786F3144E4271F90E60E95781E . 3082240 . . [6.00.2900.3020] . . c:\windows\$hf_mig$\KB925454\SP2QFE\mshtml.dll
[-] 2006-10-23 . B25A0B786F3144E4271F90E60E95781E . 3082240 . . [6.00.2900.3020] . . c:\windows\$NtUninstallKB925454$\mshtml.dll
[-] 2006-10-23 . B25A0B786F3144E4271F90E60E95781E . 3082240 . . [6.00.2900.3020] . . c:\windows\system32\mshtml.dll
[-] 2009-08-04 . 1FB8108C573EF413900E50CF07565A5B . 2190720 . . [5.1.2600.5857] . . c:\windows\SoftwareDistribution\Download\10af1efd353045d1482c67500311cac9\SP3GDR\ntoskrnl.exe
[-] 2009-08-04 . B3723EC1F0F5B0F33D86E0BC17ECE065 . 2190848 . . [5.1.2600.5857] . . c:\windows\SoftwareDistribution\Download\10af1efd353045d1482c67500311cac9\SP3QFE\ntoskrnl.exe
[-] 2009-08-04 . 050C61932F4655970CE02812A2FF7A0E . 2187520 . . [5.1.2600.3610] . . c:\windows\SoftwareDistribution\Download\10af1efd353045d1482c67500311cac9\SP2QFE\ntoskrnl.exe
[-] 2009-08-04 . 1C5715495EECB07F38377C0BFBAA13B4 . 2181888 . . [5.1.2600.3610] . . c:\windows\SoftwareDistribution\Download\10af1efd353045d1482c67500311cac9\SP2GDR\ntoskrnl.exe
[-] 2009-02-10 . 6140520CDCCE0CCC733DD19262411952 . 2190720 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\83061d86781db0b4e8791439303ae788\SP3QFE\ntoskrnl.exe
[-] 2009-02-09 . 8B35F1EDF5C5BA099BE4CA639DD84C47 . 2182016 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\83061d86781db0b4e8791439303ae788\SP2GDR\ntoskrnl.exe
[-] 2009-02-09 . 63B601A19C76DE3DFFB48C9153E5FB15 . 2187648 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\83061d86781db0b4e8791439303ae788\SP2QFE\ntoskrnl.exe
[-] 2009-02-09 . BAC3C70CE9AAE5129516FEBFE001C873 . 2190592 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\83061d86781db0b4e8791439303ae788\SP3GDR\ntoskrnl.exe
[-] 2006-07-05 . C7D8DB9C1F072D6E22D9A2B354CCE5B2 . 2181120 . . [5.1.2600.2622] . . c:\windows\system32\ntoskrnl.exe
[-] 2006-07-05 . 5B86344B87D41C77D752C1B2221C808A . 248832 . . [5.1.2600.2716] . . c:\windows\system32\tapisrv.dll
[-] 2006-07-05 . C287C8218DAC8EE3AEF1FB2018064699 . 576512 . . [5.1.2600.2622] . . c:\windows\system32\user32.dll
[-] 2009-12-22 . 1E28AEAE63C174AC253D2286C5FA2C84 . 667136 . . [6.00.2900.3660] . . c:\windows\SoftwareDistribution\Download\1f60475a2f7b444b9a4b1982711ecf2b\sp2qfe\wininet.dll
[-] 2009-12-22 . CC9FD9A083AE739C3B079F7F21887B81 . 665600 . . [6.00.2900.5921] . . c:\windows\SoftwareDistribution\Download\1f60475a2f7b444b9a4b1982711ecf2b\sp3gdr\wininet.dll
[-] 2009-12-22 . 4A0CE578F65610F8011F1096E6BA15EA . 667136 . . [6.00.2900.5921] . . c:\windows\SoftwareDistribution\Download\1f60475a2f7b444b9a4b1982711ecf2b\sp3qfe\wininet.dll
[-] 2006-10-23 . D648502AC4ADC99FC6E79A3123865F95 . 663040 . . [6.00.2900.3020] . . c:\windows\$hf_mig$\KB925454\SP2QFE\wininet.dll
[-] 2006-10-23 . D648502AC4ADC99FC6E79A3123865F95 . 663040 . . [6.00.2900.3020] . . c:\windows\$NtUninstallKB925454$\wininet.dll
[-] 2006-10-23 . D648502AC4ADC99FC6E79A3123865F95 . 663040 . . [6.00.2900.3020] . . c:\windows\system32\wininet.dll
[-] 2006-10-23 . 0FB1D870039B054BEB9BD7D265219747 . 657408 . . [6.00.2900.3020] . . c:\windows\$NtUninstallKB925454_1$\wininet.dll
[-] 2006-07-01 . 5839C7D4FA3AE3ACEB7422829B010900 . 1547776 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll
[-] 2006-07-05 11:07 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\system32\drivers\aec.sys
[-] 2009-08-04 . 45441C974E666462C2419EE2EB400DF7 . 2067712 . . [5.1.2600.5857] . . c:\windows\SoftwareDistribution\Download\10af1efd353045d1482c67500311cac9\SP3QFE\ntkrnlpa.exe
[-] 2009-08-04 . 8A6088459375E73583F6230530EA257F . 2067584 . . [5.1.2600.5857] . . c:\windows\SoftwareDistribution\Download\10af1efd353045d1482c67500311cac9\SP3GDR\ntkrnlpa.exe
[-] 2009-08-04 . 993EF69899274B42EFA19CF339BC8C7D . 2064512 . . [5.1.2600.3610] . . c:\windows\SoftwareDistribution\Download\10af1efd353045d1482c67500311cac9\SP2QFE\ntkrnlpa.exe
[-] 2009-08-04 . 94C4EADF650804DD81863EA05FF5A679 . 2059264 . . [5.1.2600.3610] . . c:\windows\SoftwareDistribution\Download\10af1efd353045d1482c67500311cac9\SP2GDR\ntkrnlpa.exe
[-] 2009-02-10 . A4C3645FF33495D60C9210EF94113DEA . 2067584 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\83061d86781db0b4e8791439303ae788\SP3GDR\ntkrnlpa.exe
[-] 2009-02-09 . F053586033C0F793F80F95F8376CEA05 . 2059264 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\83061d86781db0b4e8791439303ae788\SP2GDR\ntkrnlpa.exe
[-] 2009-02-09 . 76D4AE381DB33DED1A38D541887BD1F0 . 2064512 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\83061d86781db0b4e8791439303ae788\SP2QFE\ntkrnlpa.exe
[-] 2009-02-09 . BF87F187CEBD49FA80AEF07431295048 . 2067712 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\83061d86781db0b4e8791439303ae788\SP3QFE\ntkrnlpa.exe
[-] 2006-07-05 . D4BD251B437E841CE93C4AFA19B9B788 . 2058496 . . [5.1.2600.2622] . . c:\windows\system32\ntkrnlpa.exe
.
((((((((((((((((((((((((((((( SnapShot@2010-02-23_02.01.12 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-10-26 10:40 . 2006-10-26 10:40 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80KOR.dll
+ 2006-10-26 10:40 . 2006-10-26 10:40 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80JPN.dll
+ 2006-10-26 10:40 . 2006-10-26 10:40 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ITA.dll
+ 2006-10-26 10:40 . 2006-10-26 10:40 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80FRA.dll
+ 2006-10-26 10:40 . 2006-10-26 10:40 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ESP.dll
+ 2006-10-26 10:40 . 2006-10-26 10:40 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ENU.dll
+ 2006-10-26 10:40 . 2006-10-26 10:40 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80DEU.dll
+ 2006-10-26 10:40 . 2006-10-26 10:40 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHT.dll
+ 2006-10-26 10:40 . 2006-10-26 10:40 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHS.dll
+ 2006-10-26 10:40 . 2006-10-26 10:40 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80u.dll
+ 2006-10-26 10:40 . 2006-10-26 10:40 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80.dll
+ 2006-10-26 10:40 . 2006-10-26 10:40 95744 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841\ATL80.dll
+ 2006-04-11 11:26 . 2006-09-28 15:56 55808 c:\windows\system32\WudfSvc.dll
+ 2006-04-11 11:30 . 2006-09-28 17:13 95344 c:\windows\system32\WUDFCoinstaller.dll
+ 2006-11-02 08:51 . 2006-11-02 08:51 35840 c:\windows\system32\wpdshextres.dll
+ 2006-05-09 17:58 . 2006-10-18 17:00 17408 c:\windows\system32\wpdshextautoplay.exe
+ 2010-01-08 20:45 . 2006-10-18 18:47 63488 c:\windows\system32\wpdmtpus.dll
- 2010-01-08 20:45 . 2006-05-09 17:58 35840 c:\windows\system32\wpdconns.dll
+ 2010-01-08 20:45 . 2006-10-18 18:47 35840 c:\windows\system32\wpdconns.dll
+ 2006-01-28 02:33 . 2006-12-01 07:53 99840 c:\windows\system32\wmpshell.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 37376 c:\windows\system32\wmdmps.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 33792 c:\windows\system32\wmdmlog.dll
+ 2010-01-08 20:51 . 2006-09-25 14:58 23856 c:\windows\system32\spupdsvc.exe
+ 2010-02-23 06:36 . 2006-10-26 16:56 67408 c:\windows\system32\spool\drivers\w32x86\msonpui.dll
+ 2010-02-23 06:36 . 2006-10-26 16:56 67408 c:\windows\system32\spool\drivers\w32x86\3\msonpui.dll
+ 2010-02-23 05:46 . 2006-09-25 14:58 14640 c:\windows\system32\spmsg.dll
+ 2006-07-24 07:50 . 2006-07-24 07:50 39728 c:\windows\system32\SCP32.DLL
+ 2006-01-28 02:32 . 2006-10-18 18:47 27136 c:\windows\system32\mspmsnsv.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 11264 c:\windows\system32\LAPRXY.dll
+ 2006-04-11 11:29 . 2006-09-28 16:00 82944 c:\windows\system32\drivers\WudfRd.sys
+ 2006-04-11 11:26 . 2006-09-28 15:55 77568 c:\windows\system32\drivers\WudfPf.sys
+ 2010-01-08 20:45 . 2006-10-18 17:00 38528 c:\windows\system32\drivers\wpdusb.sys
+ 2010-02-23 06:33 . 2010-02-23 06:33 48128 c:\windows\Installer\e2c254.msi
+ 2010-02-23 06:37 . 2010-02-23 06:37 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2010-02-23 06:37 . 2010-02-23 06:37 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2010-02-23 06:37 . 2010-02-23 06:37 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2010-02-23 05:46 . 2006-10-04 14:05 39424 c:\windows\AppPatch\acadproc.dll
- 2006-01-28 02:33 . 2006-05-09 19:26 4096 c:\windows\system32\wmvdmoe2.dll
+ 2006-01-28 02:33 . 2006-10-18 18:47 4096 c:\windows\system32\wmvdmoe2.dll
- 2006-01-28 02:33 . 2006-05-09 19:26 4096 c:\windows\system32\wmvdmod.dll
+ 2006-01-28 02:33 . 2006-10-18 18:47 4096 c:\windows\system32\wmvdmod.dll
- 2010-01-08 20:45 . 2006-05-09 19:26 4096 c:\windows\system32\WMVADVE.DLL
+ 2010-01-08 20:45 . 2006-10-18 18:47 4096 c:\windows\system32\WMVADVE.DLL
- 2010-01-08 20:45 . 2006-05-09 19:26 4096 c:\windows\system32\WMVADVD.dll
+ 2010-01-08 20:45 . 2006-10-18 18:47 4096 c:\windows\system32\WMVADVD.dll
+ 2006-01-28 02:33 . 2006-10-18 18:47 4096 c:\windows\system32\wmsdmoe2.dll
- 2006-01-28 02:33 . 2006-05-09 19:26 4096 c:\windows\system32\wmsdmoe2.dll
- 2006-01-28 02:33 . 2006-05-09 19:26 4096 c:\windows\system32\wmsdmod.dll
+ 2006-01-28 02:33 . 2006-10-18 18:47 4096 c:\windows\system32\wmsdmod.dll
+ 2010-01-08 20:45 . 2006-10-18 18:58 8704 c:\windows\system32\wdfmgr.exe
- 2010-01-08 20:45 . 2006-05-09 19:26 4096 c:\windows\system32\wdfapi.dll
+ 2010-01-08 20:45 . 2006-10-18 18:47 4096 c:\windows\system32\wdfapi.dll
+ 2010-01-08 20:45 . 2006-10-18 18:58 8704 c:\windows\system32\uwdf.exe
+ 2004-08-04 03:55 . 2006-10-18 18:47 4096 c:\windows\system32\MPG4DMOD.dll
- 2004-08-04 03:55 . 2006-05-09 19:26 4096 c:\windows\system32\MPG4DMOD.dll
- 2004-08-04 03:55 . 2006-05-09 19:26 4096 c:\windows\system32\MP4SDMOD.dll
+ 2004-08-04 03:55 . 2006-10-18 18:47 4096 c:\windows\system32\MP4SDMOD.dll
- 2004-08-04 03:55 . 2006-05-09 19:26 4096 c:\windows\system32\MP43DMOD.dll
+ 2004-08-04 03:55 . 2006-10-18 18:47 4096 c:\windows\system32\MP43DMOD.dll
+ 2006-01-28 02:32 . 2006-12-01 07:51 6656 c:\windows\system32\asferror.dll
+ 2006-04-11 11:27 . 2006-09-28 15:56 316416 c:\windows\system32\WUDFx.dll
+ 2006-04-11 11:26 . 2006-09-28 15:56 165376 c:\windows\system32\WudfPlatform.dll
+ 2006-04-11 11:27 . 2006-09-28 15:56 146432 c:\windows\system32\WudfHost.exe
+ 2010-01-08 20:45 . 2006-10-18 18:47 356352 c:\windows\system32\wpdsp.dll
+ 2006-05-09 17:58 . 2006-10-18 18:47 133632 c:\windows\system32\WPDShServiceObj.dll
+ 2010-01-08 20:45 . 2006-10-18 18:47 154624 c:\windows\system32\wpdmtp.dll
+ 2010-01-08 20:45 . 2006-10-18 18:47 629760 c:\windows\system32\wpd_ci.dll
+ 2006-05-09 18:00 . 2006-10-18 18:47 656896 c:\windows\system32\WMVXENCD.dll
+ 2006-05-09 18:00 . 2006-10-18 18:47 767488 c:\windows\system32\WMVSENCD.dll
+ 2006-01-28 02:33 . 2006-10-18 18:47 603648 c:\windows\system32\WMSPDMOD.dll
+ 2010-01-08 20:45 . 2006-10-18 18:47 204288 c:\windows\system32\wmpsrcwp.dll
+ 2006-05-09 19:26 . 2006-10-18 18:47 130048 c:\windows\system32\wmpps.dll
+ 2006-05-09 18:00 . 2006-10-18 18:47 613376 c:\windows\system32\wmpmde.dll
+ 2006-05-09 19:26 . 2006-10-18 18:47 295936 c:\windows\system32\wmpeffects.dll
+ 2006-01-28 02:33 . 2006-10-18 18:47 314880 c:\windows\system32\wmpdxm.dll
+ 2006-01-28 02:33 . 2006-10-18 18:47 242688 c:\windows\system32\wmpasf.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 937984 c:\windows\system32\WMNetMgr.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 157184 c:\windows\system32\wmidx.dll
+ 2006-01-28 02:32 . 2006-12-01 07:53 208896 c:\windows\system32\wmerror.dll
+ 2006-05-09 17:59 . 2006-10-18 18:47 535040 c:\windows\system32\wmdrmsdk.dll
+ 2010-01-08 20:45 . 2006-10-18 18:47 348672 c:\windows\system32\wmdrmnet.dll
+ 2010-01-08 20:45 . 2006-10-18 18:47 429056 c:\windows\system32\wmdrmdev.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 222208 c:\windows\system32\WMASF.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 757248 c:\windows\system32\WMADMOD.dll
+ 2006-10-26 10:45 . 2006-10-26 10:45 293376 c:\windows\system32\WISPTIS.EXE
+ 2010-02-23 06:36 . 2006-10-26 16:56 864080 c:\windows\system32\spool\drivers\w32x86\msonpdrv.dll
+ 2010-02-23 06:36 . 2006-10-26 16:56 864080 c:\windows\system32\spool\drivers\w32x86\3\msonpdrv.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 211456 c:\windows\system32\qasf.dll
+ 2006-05-09 17:58 . 2006-10-18 18:47 199168 c:\windows\system32\PortableDeviceWMDRM.dll
+ 2006-05-09 17:58 . 2006-10-18 18:47 132096 c:\windows\system32\PortableDeviceWiaCompat.dll
+ 2006-05-09 17:58 . 2006-10-18 18:47 166912 c:\windows\system32\PortableDeviceTypes.dll
+ 2006-05-09 17:58 . 2006-10-18 18:47 101888 c:\windows\system32\PortableDeviceClassExtension.dll
+ 2006-05-09 17:58 . 2006-10-18 18:47 284160 c:\windows\system32\PortableDeviceApi.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 321536 c:\windows\system32\mswmdm.dll
+ 2006-07-24 07:50 . 2006-07-24 07:50 125744 c:\windows\system32\MSSTDFMT.DLL
+ 2006-01-28 02:32 . 2006-10-18 18:47 414208 c:\windows\system32\msscp.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 175616 c:\windows\system32\mspmsp.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 179712 c:\windows\system32\msnetobj.dll
+ 2006-05-09 17:45 . 2006-10-02 12:28 312128 c:\windows\system32\msdelta.dll
+ 2006-05-09 18:00 . 2006-10-18 18:47 259072 c:\windows\system32\MPG4DECD.dll
+ 2006-05-09 18:00 . 2006-10-18 18:47 317440 c:\windows\system32\MP4SDECD.dll
+ 2006-05-09 18:00 . 2006-10-18 18:47 259072 c:\windows\system32\MP43DECD.dll
+ 2006-05-09 18:00 . 2006-10-18 18:47 212992 c:\windows\system32\MFPLAT.dll
+ 2006-01-28 02:32 . 2006-10-18 17:03 100864 c:\windows\system32\logagent.exe
+ 2006-10-26 10:45 . 2006-10-26 10:45 207360 c:\windows\system32\INKED.DLL
+ 2010-01-08 23:38 . 2010-02-23 14:44 357752 c:\windows\system32\FNTCACHE.DAT
+ 2006-01-28 02:32 . 2006-10-18 18:47 991744 c:\windows\system32\drmv2clt.dll
+ 2006-05-09 17:59 . 2006-10-18 17:00 249856 c:\windows\system32\drmupgds.exe
+ 2006-05-09 17:58 . 2006-10-18 18:47 671232 c:\windows\system32\drivers\umdf\wpdmtpdr.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 229376 c:\windows\system32\cewmdm.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 542720 c:\windows\system32\blackbox.dll
+ 2010-01-08 20:45 . 2006-10-18 18:47 276992 c:\windows\system32\audiodev.dll
+ 2010-02-23 06:34 . 2010-02-23 06:34 500224 c:\windows\Installer\e2c29a.msi
+ 2010-02-23 06:33 . 2010-02-23 06:33 514560 c:\windows\Installer\e2c292.msi
+ 2010-02-23 06:33 . 2010-02-23 06:33 506880 c:\windows\Installer\e2c28b.msi
+ 2010-02-23 06:33 . 2010-02-23 06:33 516608 c:\windows\Installer\e2c283.msi
+ 2010-02-23 06:33 . 2010-02-23 06:33 500736 c:\windows\Installer\e2c275.msi
+ 2010-02-23 06:33 . 2010-02-23 06:33 217864 c:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
- 2010-02-23 01:34 . 2010-02-23 01:34 217864 c:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
+ 2010-02-23 06:32 . 2010-02-23 06:32 217864 c:\windows\Installer\{90120000-006E-0401-0000-0000000FF1CE}\misc.exe
+ 2010-02-23 06:37 . 2010-02-23 06:37 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2010-02-23 06:37 . 2010-02-23 06:37 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2010-02-23 06:37 . 2010-02-23 06:37 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2010-02-23 06:37 . 2010-02-23 06:37 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2010-02-23 06:37 . 2010-02-23 06:37 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2010-02-23 06:37 . 2010-02-23 06:37 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2010-02-23 06:37 . 2010-02-23 06:37 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2006-01-28 02:32 . 2006-12-01 09:03 316416 c:\windows\inf\unregmp2.exe
+ 2006-10-26 10:40 . 2006-10-26 10:40 1079808 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80u.dll
+ 2006-10-26 10:40 . 2006-10-26 10:40 1093632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80.dll
+ 2006-05-09 23:21 . 2006-10-18 18:47 2603008 c:\windows\system32\WpdShext.dll
+ 2006-05-09 18:01 . 2006-10-18 18:47 1382912 c:\windows\system32\WMVSDECD.dll
+ 2006-05-09 18:00 . 2006-10-18 18:47 1574912 c:\windows\system32\WMVENCOD.dll
+ 2006-05-09 18:01 . 2006-10-18 18:47 1543680 c:\windows\system32\WMVDECOD.dll
+ 2006-01-28 02:33 . 2006-10-18 18:47 2450944 c:\windows\system32\wmvcore.dll
+ 2006-01-28 02:33 . 2006-10-18 18:47 1329152 c:\windows\system32\WMSPDMOE.dll
+ 2006-01-28 02:33 . 2006-12-01 08:51 8237056 c:\windows\system32\wmploc.dll
+ 2010-01-08 20:45 . 2006-10-18 18:47 1661440 c:\windows\system32\wmpencen.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 1117696 c:\windows\system32\WMADMOE.dll
+ 2006-10-26 11:10 . 2006-10-26 11:10 1190688 c:\windows\system32\FM20.DLL
+ 2010-02-23 06:34 . 2010-02-23 06:34 1637888 c:\windows\Installer\e2c2b6.msi
+ 2010-02-23 06:34 . 2010-02-23 06:34 1652224 c:\windows\Installer\e2c2af.msi
+ 2010-02-23 06:34 . 2010-02-23 06:34 1653248 c:\windows\Installer\e2c2a8.msi
+ 2010-02-23 06:34 . 2010-02-23 06:34 1638400 c:\windows\Installer\e2c2a1.msi
+ 2010-02-23 06:33 . 2010-02-23 06:33 2325504 c:\windows\Installer\e2c27c.msi
+ 2010-02-23 06:33 . 2010-02-23 06:33 1647616 c:\windows\Installer\e2c26e.msi
+ 2010-02-23 06:33 . 2010-02-23 06:33 2397184 c:\windows\Installer\e2c266.msi
+ 2010-02-23 06:32 . 2010-02-23 06:32 1640448 c:\windows\Installer\e2c24c.msi
+ 2010-02-23 06:32 . 2010-02-23 06:32 2021888 c:\windows\Installer\e2c245.msi
+ 2010-02-23 06:32 . 2010-02-23 06:32 1745408 c:\windows\Installer\e2c23e.msi
+ 2010-02-23 06:32 . 2010-02-23 06:32 2393600 c:\windows\Installer\e2c237.msi
+ 2010-02-23 06:37 . 2010-02-23 06:37 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2010-02-23 06:37 . 2010-02-23 06:37 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2006-07-05 14:12 . 2006-10-18 18:47 10834432 c:\windows\system32\wmp.dll
+ 2010-02-23 06:37 . 2010-02-23 06:37 18181632 c:\windows\Installer\e2c2e1.msi
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-27 3883856]
"ACEREF"="c:\docume~1\ADMINI~1\APPLIC~1\DASHFL~1\livesurfwait.exe" [2010-01-11 520192]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-31 7634944]
"nwiz"="nwiz.exe" [2006-10-31 1622016]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-31 86016]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-05 16380416]
"SkyTel"="SkyTel.EXE" [2007-06-15 1826816]
"Bluetooth"="c:\program files\Windows NT\bluetooth\bluetooth.exe" [2009-06-14 275577]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2007-12-21 1443072]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nlpo_01"="md" [X]
"MPlayer2_FixUp"="c:\windows\inf\unregmp2.exe" [2006-12-01 316416]
"nlpo_03"="advpack.dll" [2004-08-04 99840]
"nlpo_04"="advpack.dll" [2004-08-04 99840]
c:\documents and settings\All Users.WINDOWS\çںê، ں §ڑ\ںé ©ںê¤\ §ک ں颬نïé\
Bluetooth.lnk - c:\program files\Windows NT\bluetooth\bluetooth.exe [2010-2-2 275577]
Reboot.exe [2006-12-29 409088]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows NT\\Accessories\\en-UK\\System"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [12/21/2007 8:21 ص 33800]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [12/21/2007 8:21 ص 468224]
S2 EsetNod32Fix;Nod32 AV;%WINDIR%\regedit.exe /s %Windir%\Fix.reg --> %WINDIR%\regedit.exe [?]
.
Contents of the 'Scheduled Tasks' folder
2010-02-24 c:\windows\Tasks\AC4640179199F2B7.job
- c:\docume~1\admini~1\applic~1\dashfl~1\site aim remote.exe [2010-01-11 20:10]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.sa/
IE: ت&صدير إلى Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: تحميل الكل بـ إنترنت داونلود مانيجر - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بـ إنترنت داونلود مانيجر - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - c:\program files\Internet Download Manager\IEGetVL.htm
TCP: {BC14C259-FE13-42B9-9ADB-72160350AE22} = 84.235.7.55,84.235.6.55
.
- - - - ORPHANS REMOVED - - - -
AddRemove-HijackThis - c:\documents and settings\Administrator\سطح المكتب\HijackThis.exe
Microsoft Windows XP Professional 5.1.2600.2.1256.1.1025.18.1918.1365 [GMT 3:00]
Running from: c:\documents and settings\Administrator\سطح المكتب\ComboFix.exe
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users.WINDOWS\قائمة ابدأ\البرامج\بدء التشغيل\Bluetooth.lnk
c:\windows\system32\tmp.reg
F:\8xcrbho6.exe
F:\mvmdh.exe
F:\ws.exe
.
((((((((((((((((((((((((( Files Created from 2010-01-24 to 2010-02-24 )))))))))))))))))))))))))))))))
.
2010-02-24 03:56 . 2010-02-24 08:13 -------- d-----w- c:\windows\system32\CatRoot2
2010-02-24 03:39 . 2010-02-24 03:40 -------- d-----w- c:\program files\Save Flash
2010-02-24 02:33 . 2010-02-24 02:33 7168 ----a-w- c:\documents and settings\Administrator\Application Data\Thinstall\CyberScrub® Privacy Suite™ 5.1\400000dd00002i\CSPSeraser.exe
2010-02-23 19:29 . 2004-08-04 03:55 25600 ----a-w- c:\documents and settings\LocalService.NT AUTHORITY\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2010-02-23 06:37 . 2006-10-26 16:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2010-02-23 06:37 . 2006-10-26 16:56 32592 ----a-w- c:\windows\system32\msonpmon.dll
2010-02-23 06:36 . 2010-02-23 06:36 -------- d-----w- c:\program files\Microsoft Works
2010-02-23 06:35 . 2010-02-23 06:35 -------- d-----w- c:\program files\MSBuild
2010-02-23 06:32 . 2010-02-23 06:32 -------- d-----r- C:\MSOCache
2010-02-23 05:56 . 2010-02-23 05:56 -------- d-----w- c:\documents and settings\LocalService.NT AUTHORITY\Local Settings\Application Data\ESET
2010-02-23 05:45 . 2010-02-23 05:45 -------- d-----w- c:\program files\Windows Media Connect 2
2010-02-23 05:10 . 2010-02-23 05:10 -------- d-----w- c:\documents and settings\Administrator\Application Data\Media Player Classic
2010-02-23 04:09 . 2010-02-23 04:09 116144 ----a-w- c:\documents and settings\Administrator\Application Data\IDM\idmmzcc2\components\idmmzcc.dll
2010-02-23 04:09 . 2010-02-24 08:12 -------- d-----w- c:\documents and settings\Administrator\Application Data\DMCache
2010-02-23 04:09 . 2010-02-23 04:34 -------- d-----w- c:\documents and settings\Administrator\Application Data\IDM
2010-02-23 03:59 . 2010-02-23 04:08 -------- d-----w- c:\program files\Internet Download Manager
2010-02-23 03:04 . 2010-02-23 03:04 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Runscanner.net
2010-02-23 02:20 . 2010-02-23 02:20 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\ESET
2010-02-23 02:13 . 2010-02-23 02:13 -------- d-----w- c:\program files\Trend Micro
2010-02-23 01:33 . 2010-02-23 01:33 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Microsoft Help
2010-02-23 01:33 . 2010-02-23 06:37 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Microsoft Help
2010-02-23 01:28 . 2008-08-07 12:31 1238456 ----a-w- c:\windows\system32\NMSDVDXU.dll
2010-02-23 01:28 . 2007-08-19 18:14 2297856 ----a-w- c:\windows\system32\AudioCtl32.dll
2010-02-23 01:28 . 1998-12-24 17:23 40960 ----a-w- c:\windows\system32\VBAME.DLL
2010-02-23 01:28 . 2010-02-23 01:29 -------- d-----w- c:\program files\OZOMEDIA9
2010-02-23 01:17 . 2010-02-23 01:18 -------- d-----w- c:\program files\ESET
2010-02-23 01:17 . 2010-02-23 01:17 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\ESET
2010-02-23 01:11 . 2010-02-23 01:11 -------- d-----w- c:\windows\XSxS
2010-02-23 01:11 . 2010-02-23 01:11 -------- d-----w- c:\program files\Xenocode
2010-02-12 00:17 . 2010-02-12 00:17 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Identities
2010-02-05 00:23 . 2010-02-05 00:23 -------- d-----w- c:\windows\system32\CatRoot_bak
2010-02-03 06:49 . 2010-02-24 02:03 -------- d-----w- c:\windows\system32\DllCache
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-24 02:32 . 2010-01-12 22:34 -------- d-----w- c:\documents and settings\Administrator\Application Data\Thinstall
2010-02-24 02:23 . 2009-12-05 09:32 -------- d-----w- c:\documents and settings\amd\Application Data\dashflapjump
2010-02-24 02:02 . 2009-12-10 05:15 -------- d-----w- c:\documents and settings\mokish!!\Application Data\dashflapjump
2010-02-23 14:45 . 2010-01-08 21:10 83976 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-02-23 02:24 . 2010-01-11 20:09 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Program Eq Deaf Anti
2010-02-23 01:29 . 2010-02-23 01:29 -------- d-----w- c:\program files\Real Alternative
2010-02-23 01:29 . 2010-02-23 01:29 -------- d-----w- c:\program files\AviSynth 2.5
2010-02-23 01:25 . 2009-11-03 23:29 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-02-23 01:24 . 2009-11-03 23:29 -------- d-----w- c:\program files\Common Files\Real
2010-02-22 21:20 . 2009-11-03 23:28 -------- d-----w- c:\program files\Google
2010-01-12 15:39 . 2010-01-11 22:05 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Messenger Plus!
2010-01-11 20:10 . 2010-01-11 20:10 442368 ----a-w- c:\documents and settings\Administrator\Application Data\dashflapjump\site aim remote.exe
2010-01-11 20:10 . 2010-01-11 20:09 -------- d-----w- c:\documents and settings\Administrator\Application Data\dashflapjump
2010-01-11 20:10 . 2010-01-11 20:10 372736 ----a-w- c:\documents and settings\Administrator\Application Data\dashflapjump\MfcdDumbDvdGlobal.exe
2010-01-11 20:09 . 2010-01-11 20:09 724992 ----a-w- c:\documents and settings\Administrator\Application Data\dashflapjump\uqjmfykk.exe
2010-01-11 20:09 . 2010-01-11 20:09 -------- d-----w- c:\program files\dashflapjump
2010-01-11 20:09 . 2010-01-11 20:09 520192 ----a-w- c:\documents and settings\Administrator\Application Data\dashflapjump\livesurfwait.exe
2010-01-11 20:08 . 2010-01-11 20:08 -------- d-----w- c:\program files\Circle Dvelopement
2010-01-11 20:08 . 2009-11-03 07:59 -------- d-----w- c:\program files\Messenger Plus! Live
2010-01-10 18:13 . 2010-01-08 20:49 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-01-08 21:33 . 2009-11-03 18:55 -------- d-----w- c:\program files\Realtek
2010-01-08 21:29 . 2001-09-19 18:00 39982 ----a-w- c:\windows\system32\perfc001.dat
2010-01-08 21:29 . 2001-09-19 18:00 251478 ----a-w- c:\windows\system32\perfh001.dat
2010-01-08 21:22 . 2010-01-08 21:22 315392 ----a-w- c:\windows\HideWin.exe
2010-01-08 20:46 . 2010-01-08 20:46 22144 ----a-w- c:\windows\system32\emptyregdb.dat
2009-12-23 13:54 . 2009-12-23 13:54 10240 -c--a-w- c:\documents and settings\mokish!!\Application Data\GRETECH\GomPlayer\GrLauncherTempSetup.exe
2009-12-17 07:17 . 2009-12-17 07:17 716800 -c--a-w- c:\documents and settings\amd\Application Data\dashflapjump\gadnompj.exe
2009-12-10 05:14 . 2009-12-10 05:14 57688 -c--a-w- c:\documents and settings\mokish!!\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-05 08:35 . 2009-11-03 23:26 57688 -c--a-w- c:\documents and settings\amd\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
.
------- Sigcheck -------
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\SoftwareDistribution\Download\77d40fc9473e388a3d9833a56a4d281f\sp3qfe\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\SoftwareDistribution\Download\77d40fc9473e388a3d9833a56a4d281f\sp3gdr\tcpip.sys
[-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\SoftwareDistribution\Download\77d40fc9473e388a3d9833a56a4d281f\sp2gdr\tcpip.sys
[-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\SoftwareDistribution\Download\77d40fc9473e388a3d9833a56a4d281f\sp2qfe\tcpip.sys
[-] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\system32\drivers\tcpip.sys
[-] 2006-07-05 . 0BB6CE5523BAF1512314BAE179360B3C . 197120 . . [5.1.2600.2743] . . c:\windows\system32\netman.dll
[-] 2009-02-09 . 1D07888E58486533D87582985D047186 . 401408 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\83061d86781db0b4e8791439303ae788\SP3QFE\rpcss.dll
[-] 2009-02-09 . 271830BCE6D77085E72D571F60EAF85A . 401408 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\83061d86781db0b4e8791439303ae788\SP3GDR\rpcss.dll
[-] 2009-02-09 . DDF4FB3D29F07C201FED908E2EFCB223 . 399360 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\83061d86781db0b4e8791439303ae788\SP2GDR\rpcss.dll
[-] 2009-02-09 . 21B3BEC8872F48C5F3697DAFE9E0BAF1 . 401408 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\83061d86781db0b4e8791439303ae788\SP2QFE\rpcss.dll
[-] 2006-07-05 . C8A68BC4C171654188326E2B9E936102 . 398336 . . [5.1.2600.2726] . . c:\windows\system32\rpcss.dll
[-] 2006-07-05 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\system32\spoolsv.exe
[-] 2006-08-25 . 7037C70E7AC84B229E35E74D1D1A361F . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2008-07-07 20:30 . 4ACD9FB301F635D8F97D273B9A76050F . 253952 . . [2001.12.4414.320] . . c:\windows\SoftwareDistribution\Download\451576686cccdc7e010f2e02b0f4f958\sp2gdr\es.dll
[-] 2008-07-07 20:27 . 584A7EDA1F7DC89E22BB046878A5E350 . 253952 . . [2001.12.4414.706] . . c:\windows\SoftwareDistribution\Download\451576686cccdc7e010f2e02b0f4f958\sp3gdr\es.dll
[-] 2008-07-07 20:23 . 055A6DFE5400C9E484A65B9E0E50F20D . 253952 . . [2001.12.4414.706] . . c:\windows\SoftwareDistribution\Download\451576686cccdc7e010f2e02b0f4f958\sp3qfe\es.dll
[-] 2008-07-07 20:17 . E01E47A89B2CCA03189AD913FEB8F227 . 253952 . . [2001.12.4414.320] . . c:\windows\SoftwareDistribution\Download\451576686cccdc7e010f2e02b0f4f958\sp2qfe\es.dll
[-] 2006-07-05 14:12 . F3BAA9552C48E8652E3518E589F885FD . 243200 . . [2001.12.4414.308] . . c:\windows\system32\es.dll
[-] 2009-03-21 . 066648E62711DF29186B3D9089E95486 . 1354240 . . [5.1.2600.3541] . . c:\windows\SoftwareDistribution\Download\ed27f97a6b62c2d37d04aa3546636469\sp2gdr\kernel32.dll
[-] 2009-03-21 . 08000FB156274AEFD51A57299422D023 . 1357824 . . [5.1.2600.5781] . . c:\windows\SoftwareDistribution\Download\ed27f97a6b62c2d37d04aa3546636469\sp3gdr\kernel32.dll
[-] 2009-03-21 . AED671FD84652A2E59B1EDF57DC54048 . 1359872 . . [5.1.2600.5781] . . c:\windows\SoftwareDistribution\Download\ed27f97a6b62c2d37d04aa3546636469\sp3qfe\kernel32.dll
[-] 2009-03-21 . 6408A503EDF4ACBE0F56F252963572C1 . 1357312 . . [5.1.2600.3541] . . c:\windows\SoftwareDistribution\Download\ed27f97a6b62c2d37d04aa3546636469\sp2qfe\kernel32.dll
[-] 2006-07-05 . 09C097450F5C7415E4AC441172ED4F61 . 1353216 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll
[-] 2006-07-05 . 9AAF34C3F2901C3D99F880FFA109EE7A . 1352192 . . [5.1.2600.2945] . . c:\windows\system32\kernel32.dll
[-] 2006-07-05 . 4180813BB96982D3AAFE7FF737533727 . 19968 . . [5.1.2600.2751] . . c:\windows\system32\linkinfo.dll
[-] 2009-12-22 . FDB10B5B32E360C5E0AD0478D70A89A2 . 3092480 . . [6.00.2900.3660] . . c:\windows\SoftwareDistribution\Download\1f60475a2f7b444b9a4b1982711ecf2b\sp2qfe\mshtml.dll
[-] 2009-12-22 . A6875E38EA8B7BA2AEF9C0DBD7C4AB5E . 3092480 . . [6.00.2900.5921] . . c:\windows\SoftwareDistribution\Download\1f60475a2f7b444b9a4b1982711ecf2b\sp3gdr\mshtml.dll
[-] 2009-12-22 . 604ADA64C2BCBB90492F4AE9E1941F8D . 3094528 . . [6.00.2900.5921] . . c:\windows\SoftwareDistribution\Download\1f60475a2f7b444b9a4b1982711ecf2b\sp3qfe\mshtml.dll
[-] 2006-10-23 . 406C3F3857BBA8739589BF2EE488ACF8 . 3076096 . . [6.00.2900.3020] . . c:\windows\$NtUninstallKB925454_1$\mshtml.dll
[-] 2006-10-23 . B25A0B786F3144E4271F90E60E95781E . 3082240 . . [6.00.2900.3020] . . c:\windows\$hf_mig$\KB925454\SP2QFE\mshtml.dll
[-] 2006-10-23 . B25A0B786F3144E4271F90E60E95781E . 3082240 . . [6.00.2900.3020] . . c:\windows\$NtUninstallKB925454$\mshtml.dll
[-] 2006-10-23 . B25A0B786F3144E4271F90E60E95781E . 3082240 . . [6.00.2900.3020] . . c:\windows\system32\mshtml.dll
[-] 2009-08-04 . 1FB8108C573EF413900E50CF07565A5B . 2190720 . . [5.1.2600.5857] . . c:\windows\SoftwareDistribution\Download\10af1efd353045d1482c67500311cac9\SP3GDR\ntoskrnl.exe
[-] 2009-08-04 . B3723EC1F0F5B0F33D86E0BC17ECE065 . 2190848 . . [5.1.2600.5857] . . c:\windows\SoftwareDistribution\Download\10af1efd353045d1482c67500311cac9\SP3QFE\ntoskrnl.exe
[-] 2009-08-04 . 050C61932F4655970CE02812A2FF7A0E . 2187520 . . [5.1.2600.3610] . . c:\windows\SoftwareDistribution\Download\10af1efd353045d1482c67500311cac9\SP2QFE\ntoskrnl.exe
[-] 2009-08-04 . 1C5715495EECB07F38377C0BFBAA13B4 . 2181888 . . [5.1.2600.3610] . . c:\windows\SoftwareDistribution\Download\10af1efd353045d1482c67500311cac9\SP2GDR\ntoskrnl.exe
[-] 2009-02-10 . 6140520CDCCE0CCC733DD19262411952 . 2190720 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\83061d86781db0b4e8791439303ae788\SP3QFE\ntoskrnl.exe
[-] 2009-02-09 . 8B35F1EDF5C5BA099BE4CA639DD84C47 . 2182016 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\83061d86781db0b4e8791439303ae788\SP2GDR\ntoskrnl.exe
[-] 2009-02-09 . 63B601A19C76DE3DFFB48C9153E5FB15 . 2187648 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\83061d86781db0b4e8791439303ae788\SP2QFE\ntoskrnl.exe
[-] 2009-02-09 . BAC3C70CE9AAE5129516FEBFE001C873 . 2190592 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\83061d86781db0b4e8791439303ae788\SP3GDR\ntoskrnl.exe
[-] 2006-07-05 . C7D8DB9C1F072D6E22D9A2B354CCE5B2 . 2181120 . . [5.1.2600.2622] . . c:\windows\system32\ntoskrnl.exe
[-] 2006-07-05 . 5B86344B87D41C77D752C1B2221C808A . 248832 . . [5.1.2600.2716] . . c:\windows\system32\tapisrv.dll
[-] 2006-07-05 . C287C8218DAC8EE3AEF1FB2018064699 . 576512 . . [5.1.2600.2622] . . c:\windows\system32\user32.dll
[-] 2009-12-22 . 1E28AEAE63C174AC253D2286C5FA2C84 . 667136 . . [6.00.2900.3660] . . c:\windows\SoftwareDistribution\Download\1f60475a2f7b444b9a4b1982711ecf2b\sp2qfe\wininet.dll
[-] 2009-12-22 . CC9FD9A083AE739C3B079F7F21887B81 . 665600 . . [6.00.2900.5921] . . c:\windows\SoftwareDistribution\Download\1f60475a2f7b444b9a4b1982711ecf2b\sp3gdr\wininet.dll
[-] 2009-12-22 . 4A0CE578F65610F8011F1096E6BA15EA . 667136 . . [6.00.2900.5921] . . c:\windows\SoftwareDistribution\Download\1f60475a2f7b444b9a4b1982711ecf2b\sp3qfe\wininet.dll
[-] 2006-10-23 . D648502AC4ADC99FC6E79A3123865F95 . 663040 . . [6.00.2900.3020] . . c:\windows\$hf_mig$\KB925454\SP2QFE\wininet.dll
[-] 2006-10-23 . D648502AC4ADC99FC6E79A3123865F95 . 663040 . . [6.00.2900.3020] . . c:\windows\$NtUninstallKB925454$\wininet.dll
[-] 2006-10-23 . D648502AC4ADC99FC6E79A3123865F95 . 663040 . . [6.00.2900.3020] . . c:\windows\system32\wininet.dll
[-] 2006-10-23 . 0FB1D870039B054BEB9BD7D265219747 . 657408 . . [6.00.2900.3020] . . c:\windows\$NtUninstallKB925454_1$\wininet.dll
[-] 2006-07-01 . 5839C7D4FA3AE3ACEB7422829B010900 . 1547776 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll
[-] 2006-07-05 11:07 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\system32\drivers\aec.sys
[-] 2009-08-04 . 45441C974E666462C2419EE2EB400DF7 . 2067712 . . [5.1.2600.5857] . . c:\windows\SoftwareDistribution\Download\10af1efd353045d1482c67500311cac9\SP3QFE\ntkrnlpa.exe
[-] 2009-08-04 . 8A6088459375E73583F6230530EA257F . 2067584 . . [5.1.2600.5857] . . c:\windows\SoftwareDistribution\Download\10af1efd353045d1482c67500311cac9\SP3GDR\ntkrnlpa.exe
[-] 2009-08-04 . 993EF69899274B42EFA19CF339BC8C7D . 2064512 . . [5.1.2600.3610] . . c:\windows\SoftwareDistribution\Download\10af1efd353045d1482c67500311cac9\SP2QFE\ntkrnlpa.exe
[-] 2009-08-04 . 94C4EADF650804DD81863EA05FF5A679 . 2059264 . . [5.1.2600.3610] . . c:\windows\SoftwareDistribution\Download\10af1efd353045d1482c67500311cac9\SP2GDR\ntkrnlpa.exe
[-] 2009-02-10 . A4C3645FF33495D60C9210EF94113DEA . 2067584 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\83061d86781db0b4e8791439303ae788\SP3GDR\ntkrnlpa.exe
[-] 2009-02-09 . F053586033C0F793F80F95F8376CEA05 . 2059264 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\83061d86781db0b4e8791439303ae788\SP2GDR\ntkrnlpa.exe
[-] 2009-02-09 . 76D4AE381DB33DED1A38D541887BD1F0 . 2064512 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\83061d86781db0b4e8791439303ae788\SP2QFE\ntkrnlpa.exe
[-] 2009-02-09 . BF87F187CEBD49FA80AEF07431295048 . 2067712 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\83061d86781db0b4e8791439303ae788\SP3QFE\ntkrnlpa.exe
[-] 2006-07-05 . D4BD251B437E841CE93C4AFA19B9B788 . 2058496 . . [5.1.2600.2622] . . c:\windows\system32\ntkrnlpa.exe
.
((((((((((((((((((((((((((((( SnapShot@2010-02-23_02.01.12 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-10-26 10:40 . 2006-10-26 10:40 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80KOR.dll
+ 2006-10-26 10:40 . 2006-10-26 10:40 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80JPN.dll
+ 2006-10-26 10:40 . 2006-10-26 10:40 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ITA.dll
+ 2006-10-26 10:40 . 2006-10-26 10:40 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80FRA.dll
+ 2006-10-26 10:40 . 2006-10-26 10:40 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ESP.dll
+ 2006-10-26 10:40 . 2006-10-26 10:40 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ENU.dll
+ 2006-10-26 10:40 . 2006-10-26 10:40 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80DEU.dll
+ 2006-10-26 10:40 . 2006-10-26 10:40 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHT.dll
+ 2006-10-26 10:40 . 2006-10-26 10:40 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHS.dll
+ 2006-10-26 10:40 . 2006-10-26 10:40 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80u.dll
+ 2006-10-26 10:40 . 2006-10-26 10:40 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80.dll
+ 2006-10-26 10:40 . 2006-10-26 10:40 95744 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841\ATL80.dll
+ 2006-04-11 11:26 . 2006-09-28 15:56 55808 c:\windows\system32\WudfSvc.dll
+ 2006-04-11 11:30 . 2006-09-28 17:13 95344 c:\windows\system32\WUDFCoinstaller.dll
+ 2006-11-02 08:51 . 2006-11-02 08:51 35840 c:\windows\system32\wpdshextres.dll
+ 2006-05-09 17:58 . 2006-10-18 17:00 17408 c:\windows\system32\wpdshextautoplay.exe
+ 2010-01-08 20:45 . 2006-10-18 18:47 63488 c:\windows\system32\wpdmtpus.dll
- 2010-01-08 20:45 . 2006-05-09 17:58 35840 c:\windows\system32\wpdconns.dll
+ 2010-01-08 20:45 . 2006-10-18 18:47 35840 c:\windows\system32\wpdconns.dll
+ 2006-01-28 02:33 . 2006-12-01 07:53 99840 c:\windows\system32\wmpshell.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 37376 c:\windows\system32\wmdmps.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 33792 c:\windows\system32\wmdmlog.dll
+ 2010-01-08 20:51 . 2006-09-25 14:58 23856 c:\windows\system32\spupdsvc.exe
+ 2010-02-23 06:36 . 2006-10-26 16:56 67408 c:\windows\system32\spool\drivers\w32x86\msonpui.dll
+ 2010-02-23 06:36 . 2006-10-26 16:56 67408 c:\windows\system32\spool\drivers\w32x86\3\msonpui.dll
+ 2010-02-23 05:46 . 2006-09-25 14:58 14640 c:\windows\system32\spmsg.dll
+ 2006-07-24 07:50 . 2006-07-24 07:50 39728 c:\windows\system32\SCP32.DLL
+ 2006-01-28 02:32 . 2006-10-18 18:47 27136 c:\windows\system32\mspmsnsv.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 11264 c:\windows\system32\LAPRXY.dll
+ 2006-04-11 11:29 . 2006-09-28 16:00 82944 c:\windows\system32\drivers\WudfRd.sys
+ 2006-04-11 11:26 . 2006-09-28 15:55 77568 c:\windows\system32\drivers\WudfPf.sys
+ 2010-01-08 20:45 . 2006-10-18 17:00 38528 c:\windows\system32\drivers\wpdusb.sys
+ 2010-02-23 06:33 . 2010-02-23 06:33 48128 c:\windows\Installer\e2c254.msi
+ 2010-02-23 06:37 . 2010-02-23 06:37 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2010-02-23 06:37 . 2010-02-23 06:37 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2010-02-23 06:37 . 2010-02-23 06:37 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2010-02-23 05:46 . 2006-10-04 14:05 39424 c:\windows\AppPatch\acadproc.dll
- 2006-01-28 02:33 . 2006-05-09 19:26 4096 c:\windows\system32\wmvdmoe2.dll
+ 2006-01-28 02:33 . 2006-10-18 18:47 4096 c:\windows\system32\wmvdmoe2.dll
- 2006-01-28 02:33 . 2006-05-09 19:26 4096 c:\windows\system32\wmvdmod.dll
+ 2006-01-28 02:33 . 2006-10-18 18:47 4096 c:\windows\system32\wmvdmod.dll
- 2010-01-08 20:45 . 2006-05-09 19:26 4096 c:\windows\system32\WMVADVE.DLL
+ 2010-01-08 20:45 . 2006-10-18 18:47 4096 c:\windows\system32\WMVADVE.DLL
- 2010-01-08 20:45 . 2006-05-09 19:26 4096 c:\windows\system32\WMVADVD.dll
+ 2010-01-08 20:45 . 2006-10-18 18:47 4096 c:\windows\system32\WMVADVD.dll
+ 2006-01-28 02:33 . 2006-10-18 18:47 4096 c:\windows\system32\wmsdmoe2.dll
- 2006-01-28 02:33 . 2006-05-09 19:26 4096 c:\windows\system32\wmsdmoe2.dll
- 2006-01-28 02:33 . 2006-05-09 19:26 4096 c:\windows\system32\wmsdmod.dll
+ 2006-01-28 02:33 . 2006-10-18 18:47 4096 c:\windows\system32\wmsdmod.dll
+ 2010-01-08 20:45 . 2006-10-18 18:58 8704 c:\windows\system32\wdfmgr.exe
- 2010-01-08 20:45 . 2006-05-09 19:26 4096 c:\windows\system32\wdfapi.dll
+ 2010-01-08 20:45 . 2006-10-18 18:47 4096 c:\windows\system32\wdfapi.dll
+ 2010-01-08 20:45 . 2006-10-18 18:58 8704 c:\windows\system32\uwdf.exe
+ 2004-08-04 03:55 . 2006-10-18 18:47 4096 c:\windows\system32\MPG4DMOD.dll
- 2004-08-04 03:55 . 2006-05-09 19:26 4096 c:\windows\system32\MPG4DMOD.dll
- 2004-08-04 03:55 . 2006-05-09 19:26 4096 c:\windows\system32\MP4SDMOD.dll
+ 2004-08-04 03:55 . 2006-10-18 18:47 4096 c:\windows\system32\MP4SDMOD.dll
- 2004-08-04 03:55 . 2006-05-09 19:26 4096 c:\windows\system32\MP43DMOD.dll
+ 2004-08-04 03:55 . 2006-10-18 18:47 4096 c:\windows\system32\MP43DMOD.dll
+ 2006-01-28 02:32 . 2006-12-01 07:51 6656 c:\windows\system32\asferror.dll
+ 2006-04-11 11:27 . 2006-09-28 15:56 316416 c:\windows\system32\WUDFx.dll
+ 2006-04-11 11:26 . 2006-09-28 15:56 165376 c:\windows\system32\WudfPlatform.dll
+ 2006-04-11 11:27 . 2006-09-28 15:56 146432 c:\windows\system32\WudfHost.exe
+ 2010-01-08 20:45 . 2006-10-18 18:47 356352 c:\windows\system32\wpdsp.dll
+ 2006-05-09 17:58 . 2006-10-18 18:47 133632 c:\windows\system32\WPDShServiceObj.dll
+ 2010-01-08 20:45 . 2006-10-18 18:47 154624 c:\windows\system32\wpdmtp.dll
+ 2010-01-08 20:45 . 2006-10-18 18:47 629760 c:\windows\system32\wpd_ci.dll
+ 2006-05-09 18:00 . 2006-10-18 18:47 656896 c:\windows\system32\WMVXENCD.dll
+ 2006-05-09 18:00 . 2006-10-18 18:47 767488 c:\windows\system32\WMVSENCD.dll
+ 2006-01-28 02:33 . 2006-10-18 18:47 603648 c:\windows\system32\WMSPDMOD.dll
+ 2010-01-08 20:45 . 2006-10-18 18:47 204288 c:\windows\system32\wmpsrcwp.dll
+ 2006-05-09 19:26 . 2006-10-18 18:47 130048 c:\windows\system32\wmpps.dll
+ 2006-05-09 18:00 . 2006-10-18 18:47 613376 c:\windows\system32\wmpmde.dll
+ 2006-05-09 19:26 . 2006-10-18 18:47 295936 c:\windows\system32\wmpeffects.dll
+ 2006-01-28 02:33 . 2006-10-18 18:47 314880 c:\windows\system32\wmpdxm.dll
+ 2006-01-28 02:33 . 2006-10-18 18:47 242688 c:\windows\system32\wmpasf.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 937984 c:\windows\system32\WMNetMgr.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 157184 c:\windows\system32\wmidx.dll
+ 2006-01-28 02:32 . 2006-12-01 07:53 208896 c:\windows\system32\wmerror.dll
+ 2006-05-09 17:59 . 2006-10-18 18:47 535040 c:\windows\system32\wmdrmsdk.dll
+ 2010-01-08 20:45 . 2006-10-18 18:47 348672 c:\windows\system32\wmdrmnet.dll
+ 2010-01-08 20:45 . 2006-10-18 18:47 429056 c:\windows\system32\wmdrmdev.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 222208 c:\windows\system32\WMASF.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 757248 c:\windows\system32\WMADMOD.dll
+ 2006-10-26 10:45 . 2006-10-26 10:45 293376 c:\windows\system32\WISPTIS.EXE
+ 2010-02-23 06:36 . 2006-10-26 16:56 864080 c:\windows\system32\spool\drivers\w32x86\msonpdrv.dll
+ 2010-02-23 06:36 . 2006-10-26 16:56 864080 c:\windows\system32\spool\drivers\w32x86\3\msonpdrv.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 211456 c:\windows\system32\qasf.dll
+ 2006-05-09 17:58 . 2006-10-18 18:47 199168 c:\windows\system32\PortableDeviceWMDRM.dll
+ 2006-05-09 17:58 . 2006-10-18 18:47 132096 c:\windows\system32\PortableDeviceWiaCompat.dll
+ 2006-05-09 17:58 . 2006-10-18 18:47 166912 c:\windows\system32\PortableDeviceTypes.dll
+ 2006-05-09 17:58 . 2006-10-18 18:47 101888 c:\windows\system32\PortableDeviceClassExtension.dll
+ 2006-05-09 17:58 . 2006-10-18 18:47 284160 c:\windows\system32\PortableDeviceApi.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 321536 c:\windows\system32\mswmdm.dll
+ 2006-07-24 07:50 . 2006-07-24 07:50 125744 c:\windows\system32\MSSTDFMT.DLL
+ 2006-01-28 02:32 . 2006-10-18 18:47 414208 c:\windows\system32\msscp.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 175616 c:\windows\system32\mspmsp.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 179712 c:\windows\system32\msnetobj.dll
+ 2006-05-09 17:45 . 2006-10-02 12:28 312128 c:\windows\system32\msdelta.dll
+ 2006-05-09 18:00 . 2006-10-18 18:47 259072 c:\windows\system32\MPG4DECD.dll
+ 2006-05-09 18:00 . 2006-10-18 18:47 317440 c:\windows\system32\MP4SDECD.dll
+ 2006-05-09 18:00 . 2006-10-18 18:47 259072 c:\windows\system32\MP43DECD.dll
+ 2006-05-09 18:00 . 2006-10-18 18:47 212992 c:\windows\system32\MFPLAT.dll
+ 2006-01-28 02:32 . 2006-10-18 17:03 100864 c:\windows\system32\logagent.exe
+ 2006-10-26 10:45 . 2006-10-26 10:45 207360 c:\windows\system32\INKED.DLL
+ 2010-01-08 23:38 . 2010-02-23 14:44 357752 c:\windows\system32\FNTCACHE.DAT
+ 2006-01-28 02:32 . 2006-10-18 18:47 991744 c:\windows\system32\drmv2clt.dll
+ 2006-05-09 17:59 . 2006-10-18 17:00 249856 c:\windows\system32\drmupgds.exe
+ 2006-05-09 17:58 . 2006-10-18 18:47 671232 c:\windows\system32\drivers\umdf\wpdmtpdr.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 229376 c:\windows\system32\cewmdm.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 542720 c:\windows\system32\blackbox.dll
+ 2010-01-08 20:45 . 2006-10-18 18:47 276992 c:\windows\system32\audiodev.dll
+ 2010-02-23 06:34 . 2010-02-23 06:34 500224 c:\windows\Installer\e2c29a.msi
+ 2010-02-23 06:33 . 2010-02-23 06:33 514560 c:\windows\Installer\e2c292.msi
+ 2010-02-23 06:33 . 2010-02-23 06:33 506880 c:\windows\Installer\e2c28b.msi
+ 2010-02-23 06:33 . 2010-02-23 06:33 516608 c:\windows\Installer\e2c283.msi
+ 2010-02-23 06:33 . 2010-02-23 06:33 500736 c:\windows\Installer\e2c275.msi
+ 2010-02-23 06:33 . 2010-02-23 06:33 217864 c:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
- 2010-02-23 01:34 . 2010-02-23 01:34 217864 c:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
+ 2010-02-23 06:32 . 2010-02-23 06:32 217864 c:\windows\Installer\{90120000-006E-0401-0000-0000000FF1CE}\misc.exe
+ 2010-02-23 06:37 . 2010-02-23 06:37 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2010-02-23 06:37 . 2010-02-23 06:37 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2010-02-23 06:37 . 2010-02-23 06:37 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2010-02-23 06:37 . 2010-02-23 06:37 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2010-02-23 06:37 . 2010-02-23 06:37 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2010-02-23 06:37 . 2010-02-23 06:37 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2010-02-23 06:37 . 2010-02-23 06:37 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2006-01-28 02:32 . 2006-12-01 09:03 316416 c:\windows\inf\unregmp2.exe
+ 2006-10-26 10:40 . 2006-10-26 10:40 1079808 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80u.dll
+ 2006-10-26 10:40 . 2006-10-26 10:40 1093632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80.dll
+ 2006-05-09 23:21 . 2006-10-18 18:47 2603008 c:\windows\system32\WpdShext.dll
+ 2006-05-09 18:01 . 2006-10-18 18:47 1382912 c:\windows\system32\WMVSDECD.dll
+ 2006-05-09 18:00 . 2006-10-18 18:47 1574912 c:\windows\system32\WMVENCOD.dll
+ 2006-05-09 18:01 . 2006-10-18 18:47 1543680 c:\windows\system32\WMVDECOD.dll
+ 2006-01-28 02:33 . 2006-10-18 18:47 2450944 c:\windows\system32\wmvcore.dll
+ 2006-01-28 02:33 . 2006-10-18 18:47 1329152 c:\windows\system32\WMSPDMOE.dll
+ 2006-01-28 02:33 . 2006-12-01 08:51 8237056 c:\windows\system32\wmploc.dll
+ 2010-01-08 20:45 . 2006-10-18 18:47 1661440 c:\windows\system32\wmpencen.dll
+ 2006-01-28 02:32 . 2006-10-18 18:47 1117696 c:\windows\system32\WMADMOE.dll
+ 2006-10-26 11:10 . 2006-10-26 11:10 1190688 c:\windows\system32\FM20.DLL
+ 2010-02-23 06:34 . 2010-02-23 06:34 1637888 c:\windows\Installer\e2c2b6.msi
+ 2010-02-23 06:34 . 2010-02-23 06:34 1652224 c:\windows\Installer\e2c2af.msi
+ 2010-02-23 06:34 . 2010-02-23 06:34 1653248 c:\windows\Installer\e2c2a8.msi
+ 2010-02-23 06:34 . 2010-02-23 06:34 1638400 c:\windows\Installer\e2c2a1.msi
+ 2010-02-23 06:33 . 2010-02-23 06:33 2325504 c:\windows\Installer\e2c27c.msi
+ 2010-02-23 06:33 . 2010-02-23 06:33 1647616 c:\windows\Installer\e2c26e.msi
+ 2010-02-23 06:33 . 2010-02-23 06:33 2397184 c:\windows\Installer\e2c266.msi
+ 2010-02-23 06:32 . 2010-02-23 06:32 1640448 c:\windows\Installer\e2c24c.msi
+ 2010-02-23 06:32 . 2010-02-23 06:32 2021888 c:\windows\Installer\e2c245.msi
+ 2010-02-23 06:32 . 2010-02-23 06:32 1745408 c:\windows\Installer\e2c23e.msi
+ 2010-02-23 06:32 . 2010-02-23 06:32 2393600 c:\windows\Installer\e2c237.msi
+ 2010-02-23 06:37 . 2010-02-23 06:37 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2010-02-23 06:37 . 2010-02-23 06:37 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2006-07-05 14:12 . 2006-10-18 18:47 10834432 c:\windows\system32\wmp.dll
+ 2010-02-23 06:37 . 2010-02-23 06:37 18181632 c:\windows\Installer\e2c2e1.msi
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-27 3883856]
"ACEREF"="c:\docume~1\ADMINI~1\APPLIC~1\DASHFL~1\livesurfwait.exe" [2010-01-11 520192]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-31 7634944]
"nwiz"="nwiz.exe" [2006-10-31 1622016]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-31 86016]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-05 16380416]
"SkyTel"="SkyTel.EXE" [2007-06-15 1826816]
"Bluetooth"="c:\program files\Windows NT\bluetooth\bluetooth.exe" [2009-06-14 275577]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2007-12-21 1443072]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nlpo_01"="md" [X]
"MPlayer2_FixUp"="c:\windows\inf\unregmp2.exe" [2006-12-01 316416]
"nlpo_03"="advpack.dll" [2004-08-04 99840]
"nlpo_04"="advpack.dll" [2004-08-04 99840]
c:\documents and settings\All Users.WINDOWS\çںê، ں §ڑ\ںé ©ںê¤\ §ک ں颬نïé\
Bluetooth.lnk - c:\program files\Windows NT\bluetooth\bluetooth.exe [2010-2-2 275577]
Reboot.exe [2006-12-29 409088]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows NT\\Accessories\\en-UK\\System"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [12/21/2007 8:21 ص 33800]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [12/21/2007 8:21 ص 468224]
S2 EsetNod32Fix;Nod32 AV;%WINDIR%\regedit.exe /s %Windir%\Fix.reg --> %WINDIR%\regedit.exe [?]
.
Contents of the 'Scheduled Tasks' folder
2010-02-24 c:\windows\Tasks\AC4640179199F2B7.job
- c:\docume~1\admini~1\applic~1\dashfl~1\site aim remote.exe [2010-01-11 20:10]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.sa/
IE: ت&صدير إلى Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: تحميل الكل بـ إنترنت داونلود مانيجر - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بـ إنترنت داونلود مانيجر - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - c:\program files\Internet Download Manager\IEGetVL.htm
TCP: {BC14C259-FE13-42B9-9ADB-72160350AE22} = 84.235.7.55,84.235.6.55
.
- - - - ORPHANS REMOVED - - - -
AddRemove-HijackThis - c:\documents and settings\Administrator\سطح المكتب\HijackThis.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
Rootkit scan 2010-02-24 11:17
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EsetNod32Fix]
"ImagePath"=hex:25,00,57,00,49,00,4e,00,44,00,49,00,52,00,25,00,5c,00,72,00,65,\
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EsetNod32Fix]
"ImagePath"=hex:25,00,57,00,49,00,4e,00,44,00,49,00,52,00,25,00,5c,00,72,00,65,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(4012)
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\RTHDCPL.EXE
c:\program files\Internet Explorer\iexplore.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\imapi.exe
.
**************************************************************************
.
Completion time: 2010-02-24 11:19:59 - machine was rebooted
ComboFix-quarantined-files.txt 2010-02-24 08:19
ComboFix2.txt 2010-02-23 02:02
Pre-Run: 2,540,949,504 bytes free
Post-Run: 2,525,007,872 bytes free
- - End Of File - - AFAB8BE04A938D5C13E6DF2576769D41
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
Rootkit scan 2010-02-24 11:17
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EsetNod32Fix]
"ImagePath"=hex:25,00,57,00,49,00,4e,00,44,00,49,00,52,00,25,00,5c,00,72,00,65,\
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EsetNod32Fix]
"ImagePath"=hex:25,00,57,00,49,00,4e,00,44,00,49,00,52,00,25,00,5c,00,72,00,65,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(4012)
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\RTHDCPL.EXE
c:\program files\Internet Explorer\iexplore.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\imapi.exe
.
**************************************************************************
.
Completion time: 2010-02-24 11:19:59 - machine was rebooted
ComboFix-quarantined-files.txt 2010-02-24 08:19
ComboFix2.txt 2010-02-23 02:02
Pre-Run: 2,540,949,504 bytes free
Post-Run: 2,525,007,872 bytes free
- - End Of File - - AFAB8BE04A938D5C13E6DF2576769D41
تأييد
0
حمل هذا البرنامج
ثبته على الجهاز ،، ثم شغله واعمل كما الشرح التالي لفحص الجهاز وعمل تقرير
ثم انتظر حتى اكتمال الفحص وظهور هذه الرسالة
انسخ ما بداخل التقرير والصقه بمشاركتك القادمة
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
ثبته على الجهاز ،، ثم شغله واعمل كما الشرح التالي لفحص الجهاز وعمل تقرير
ثم انتظر حتى اكتمال الفحص وظهور هذه الرسالة
انسخ ما بداخل التقرير والصقه بمشاركتك القادمة
تأييد
0
طرب الشرقية
زيزوومي جديد
- إنضم
- 23 فبراير 2010
- المشاركات
- 10
- مستوى التفاعل
- 0
- النقاط
- 20
غير متصل
هلا اخوي نزلت البرنامج وعلق معي !! وجربت شغلت البرنامج بس بدون تثبيت يعني محمول ونفس الحكاية علق معي !! وهذي الصوره :
تأييد
0
Mr.AzOz
زيزوومي ماسى
غير متصل
آحذف هذهـ آلقيمـ من آلهآيجآگ
O4 - HKCU\..\Run: [ACEREF] C:\DOCUME~1\ADMINI~1\APPLIC~1\DASHFL~1\livesurfwai t.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [nlpo_02] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM')
ثم نظف جهازك بهذه الاداة
وخبرنآ آخر النتآئج
O4 - HKCU\..\Run: [ACEREF] C:\DOCUME~1\ADMINI~1\APPLIC~1\DASHFL~1\livesurfwai t.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [nlpo_02] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM')
ثم نظف جهازك بهذه الاداة
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
وخبرنآ آخر النتآئج
توقيع : Mr.AzOz
تأييد
0
Mr.AzOz
زيزوومي ماسى
غير متصل
حمل الاداة التالية واتبع الشرح لعمل تقرير ورفعه
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
اعمل كما الصورة لبدء الفحص
ثم اعمل التالي لحفظ ملف التقرير
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
-----------------------------------------------------------------
توقيع : Mr.AzOz
تأييد
0
طرب الشرقية
زيزوومي جديد
- إنضم
- 23 فبراير 2010
- المشاركات
- 10
- مستوى التفاعل
- 0
- النقاط
- 20
غير متصل
اخوي سويت الي قلت لي عليه وعاد تشغيل الجهاز وبعدها جاتني الرساله ( محرك الاقراص غير جاهز ) ورساله ثانيه اضن تبع برنامج الحمايه فيه يس و نو انا اخترت نو وحطيت في رسالة ( محرك الاقراص غير جاهز ) الغاء الامر , وبعدها ماجتني الرساله .
وهذا
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
تأييد
0
Mr.AzOz
زيزوومي ماسى
غير متصل
حمل الملف التالي
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
وطبق عليه هذا الشرح
وبالماوس دبل كلك على الملف ... بعدها راح يفتح لك واجهة الاداة
اعمل كما بالشرح ...
اعمل كما بالشرح ...
ثم
حمل الملف التالي
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
شغلها بدبل كلك لمستخدمين الاكسبي
ومستخدمين الفيستا و 7 حسب الصورة
سيتم اعادة تشغيل الجهاز اجباريا ،، احفظ اي اعمال تقوم بها
اضغط start وانتظر حتى انتهاء التنظيف
واضغط موافق للموافقة على اعادة تشغيل الجهاز
التعديل الأخير بواسطة المشرف:
توقيع : Mr.AzOz
تأييد
0
طرب الشرقية
زيزوومي جديد
- إنضم
- 23 فبراير 2010
- المشاركات
- 10
- مستوى التفاعل
- 0
- النقاط
- 20
غير متصل
اشكركم اخواني MAAX و ألوحش و Mr.AzOz
جزاكم الله خير بصراحه عاجز عن الشكر
الله يوفقكم دنيا واخره .. آآآمين
الحمدلله انحلت المشكلة بفضل الله ثم مجهودكم .
جزاكم الله خير بصراحه عاجز عن الشكر
الله يوفقكم دنيا واخره .. آآآمين
الحمدلله انحلت المشكلة بفضل الله ثم مجهودكم .
تأييد
0
- الحالة