مشكلة تحديث بـ Service Pack 3

azzamswcc · 21 أكتوبر 2008

بعد محاولة تثبيت التحديثات اللي يقوم بها الجهاز الاعتيادية

يأتيني هاذا المسج

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

ثم بعد ذلك

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

ثم

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

ثم بعد ذلك قمت بتزيل الحزمه على سطح المكتب و عمل التحديث يدوي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

فظهر لي المسج التالي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

فاأتمنى منكم مساعدتي في اتمام عملية التحديث

ودمتم بحفظ الرحمن

Demo-dash · 21 أكتوبر 2008

الحل هنا ,, شوف هذا الموضوع وتابع الردود به
يوجد الحل

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

في الردود الأخيره ,, بالتوفيق

azzamswcc · 21 أكتوبر 2008

عزيزي Demo-dash أبتدي من أي رد لو سمحت

أنا قريت الموضوع لاكن :no: ما أدري من اي رد اتبع الخطوات

شاكر لمرورك وأتمنى مساعدتك

Demo-dash · 21 أكتوبر 2008

بسيطه

اعطنا تقرير اولا

عطل جميع برامج الحماية ,,
وحمل هذه الاداة واحفظها على سطح المكتب

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم

ثم طبق الي بالموضوع هذا

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

بعد كذا

ثبت التحديث ,, مارضى يتثبت طبق هذي الخطوه

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

^^
وفي المشاركه في البرنامج ادخل هذا الرقم

W9VCJ-74DXW-JDDBV-PW777-WXD2T

جرب وشوف

azzamswcc · 21 أكتوبر 2008

التقرير أخي الكريم

ComboFix 08-09-28.01 - Siemens 10/21/2008 18:50:40.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.1.1033.18.653 [GMT 3:00]
Running from: D:\رااااايق\أداة رقم 1\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
- REDUCED FUNCTIONALITY MODE -
.
((((((((((((((((((((((((( Files Created from 2008-09-21 to 2008-10-21 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-21 14:47 581,664 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2008-10-21 14:47 21,168 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-10-21 14:47 2,437,152 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-10-21 12:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-10-21 11:13 4,088 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2008-10-21 11:10 --------- d-----w C:\Documents and Settings\Siemens\Application Data\Skype
2008-10-21 03:11 --------- d-----w C:\Documents and Settings\Siemens\Application Data\skypePM
2008-10-19 10:30 --------- d-----w C:\Program Files\Mobily Connect Card
2008-10-18 09:27 --------- d-----w C:\Program Files\Toshiba
2008-10-18 09:22 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-10-18 09:22 --------- d-----w C:\Program Files\Launch Manager
2008-10-18 09:13 --------- d-----w C:\Program Files\Realtek
2008-10-16 20:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-10-11 23:33 --------- d-----w C:\Program Files\CrossLoop
2008-09-25 19:47 --------- d-----w C:\Program Files\Common Files\Adobe
2008-09-22 20:47 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-09-21 12:04 --------- d-----w C:\Documents and Settings\Siemens\Application Data\64 Ping
2008-09-21 11:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\Roam Program Comp About
2008-09-21 10:01 96,976 ----a-w C:\WINDOWS\system32\drivers\klin.dat
2008-09-21 09:46 87,855 ----a-w C:\WINDOWS\system32\drivers\klick.dat
2008-09-21 09:45 --------- d-----w C:\Program Files\Kaspersky Lab
2008-09-16 21:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avira
2008-09-15 12:17 1,846,912 ----a-w C:\WINDOWS\system32\win32k.sys
2008-09-05 22:07 --------- d-----w C:\Documents and Settings\Siemens\Application Data\Creative
2008-09-05 22:04 --------- d-----w C:\Program Files\Creative
2008-09-05 01:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-08-31 20:34 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-08-31 08:58 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
2008-08-31 08:58 --------- d-----w C:\Program Files\Common Files\xing shared
2008-08-31 08:58 --------- d-----w C:\Program Files\Common Files\Real
2008-08-28 10:35 333,056 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-08-26 07:24 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-08-23 12:04 0 ---ha-w C:\WINDOWS\system32\drivers\Msft_Kernel_btprot_01005.Wdf
2008-08-21 04:57 --------- d-----w C:\Program Files\Sun
2008-08-21 04:56 --------- d-----w C:\Program Files\Java
2008-08-14 09:57 2,185,984 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 09:18 2,062,976 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-07-30 06:04 10,240 ----a-w C:\WINDOWS\system32\btiaci.dll
2008-07-30 06:04 1,419,232 ----a-w C:\WINDOWS\system32\wdfcoinstaller01005.dll
2008-07-29 17:21 218,376 ----a-w C:\WINDOWS\system32\klogon.dll
2008-01-31 13:05 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
2008-05-26 11:21 16,384 --sha-w C:\WINDOWS\system32\config\systemprofile\s\index.dat
2008-05-26 11:21 16,384 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
2008-05-26 11:21 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\.IE5\index.dat
.
((((((((((((((((((((((((((((( snapshot@Mon 09-29-2008_23.50.23.07 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-09-15 12:12:56 1,846,400 ----a-w C:\WINDOWS\$hf_mig$\KB954211\SP3GDR\win32k.sys
+ 2008-09-15 12:25:27 1,846,912 ----a-w C:\WINDOWS\$hf_mig$\KB954211\SP3QFE\win32k.sys
+ 2007-11-30 12:39:22 17,272 ----a-w C:\WINDOWS\$hf_mig$\KB954211\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w C:\WINDOWS\$hf_mig$\KB954211\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB954211\update\spcustom.dll
+ 2008-07-09 07:38:29 755,576 ----a-w C:\WINDOWS\$hf_mig$\KB954211\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w C:\WINDOWS\$hf_mig$\KB954211\update\updspapi.dll
+ 2008-08-26 09:08:35 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\advpack.dll
+ 2008-08-26 09:08:36 347,136 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\dxtmsft.dll
+ 2008-08-26 09:08:36 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\dxtrans.dll
+ 2008-08-26 09:08:36 132,608 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\extmgr.dll
+ 2008-08-26 09:08:36 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\icardie.dll
+ 2008-08-25 08:43:21 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\ie4uinit.exe
+ 2008-08-26 09:08:36 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\ieakeng.dll
+ 2008-08-26 09:08:36 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\ieaksie.dll
+ 2008-08-23 05:54:50 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\ieapfltr.dat
+ 2008-08-26 09:08:36 380,928 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\ieapfltr.dll
+ 2008-08-26 09:08:37 388,608 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\iedkcs32.dll
+ 2008-10-03 17:26:50 6,068,224 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\ieframe.dll
+ 2008-08-26 09:08:39 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\iernonce.dll
+ 2008-08-26 09:08:39 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\iertutil.dll
+ 2008-08-25 08:43:21 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\ieudinit.exe
+ 2008-08-23 05:56:16 635,848 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\iexplore.exe
+ 2008-08-26 09:08:40 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\jsproxy.dll
+ 2008-08-26 09:08:40 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\msfeeds.dll
+ 2008-08-26 09:08:40 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\msfeedsbs.dll
+ 2008-08-26 09:08:43 3,594,752 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\mshtml.dll
+ 2008-08-26 09:08:43 477,696 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\mshtmled.dll
+ 2008-08-26 09:08:44 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\msrating.dll
+ 2008-08-26 09:08:44 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\mstime.dll
+ 2008-08-26 09:08:44 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\occache.dll
+ 2008-08-26 09:08:44 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\pngfilt.dll
+ 2008-08-26 09:08:44 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\url.dll
+ 2008-08-26 09:08:45 1,162,752 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\urlmon.dll
+ 2008-08-26 09:08:45 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\webcheck.dll
+ 2008-08-26 09:08:45 827,904 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:22:33 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\spmsg.dll
+ 2007-03-06 01:22:39 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\spuninst.exe
+ 2007-03-06 01:22:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\update\updspapi.dll
+ 2007-11-30 12:39:22 17,272 ----a-w C:\WINDOWS\$hf_mig$\KB956391\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w C:\WINDOWS\$hf_mig$\KB956391\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB956391\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w C:\WINDOWS\$hf_mig$\KB956391\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w C:\WINDOWS\$hf_mig$\KB956391\update\updspapi.dll
+ 2008-08-14 10:04:36 138,496 ----a-w C:\WINDOWS\$hf_mig$\KB956803\SP3GDR\afd.sys
+ 2008-08-14 10:34:26 138,496 ----a-w C:\WINDOWS\$hf_mig$\KB956803\SP3QFE\afd.sys
+ 2007-11-30 11:18:51 17,272 ----a-w C:\WINDOWS\$hf_mig$\KB956803\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w C:\WINDOWS\$hf_mig$\KB956803\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB956803\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w C:\WINDOWS\$hf_mig$\KB956803\update\update.exe
+ 2007-11-30 11:18:51 382,840 ----a-w C:\WINDOWS\$hf_mig$\KB956803\update\updspapi.dll
+ 2008-08-14 10:09:26 2,145,280 ----a-w C:\WINDOWS\$hf_mig$\KB956841\SP3GDR\ntkrnlmp.exe
+ 2008-08-14 09:33:16 2,066,048 ----a-w C:\WINDOWS\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe
+ 2008-08-14 09:33:16 2,023,936 ----a-w C:\WINDOWS\$hf_mig$\KB956841\SP3GDR\ntkrpamp.exe
+ 2008-08-14 10:11:02 2,189,184 ----a-w C:\WINDOWS\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe
+ 2008-08-14 10:39:28 2,145,280 ----a-w C:\WINDOWS\$hf_mig$\KB956841\SP3QFE\ntkrnlmp.exe
+ 2008-08-14 12:39:46 2,066,048 ----a-w C:\WINDOWS\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
+ 2008-08-14 10:09:44 2,023,936 ----a-w C:\WINDOWS\$hf_mig$\KB956841\SP3QFE\ntkrpamp.exe
+ 2008-08-14 13:11:10 2,189,184 ----a-w C:\WINDOWS\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
+ 2007-11-30 11:18:51 17,272 ----a-w C:\WINDOWS\$hf_mig$\KB956841\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w C:\WINDOWS\$hf_mig$\KB956841\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB956841\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w C:\WINDOWS\$hf_mig$\KB956841\update\update.exe
+ 2008-07-09 07:38:37 382,840 ----a-w C:\WINDOWS\$hf_mig$\KB956841\update\updspapi.dll
+ 2008-09-08 10:41:42 333,824 ----a-w C:\WINDOWS\$hf_mig$\KB957095\SP3GDR\srv.sys
+ 2008-09-08 11:37:19 333,824 ----a-w C:\WINDOWS\$hf_mig$\KB957095\SP3QFE\srv.sys
+ 2007-11-30 11:18:51 17,272 ----a-w C:\WINDOWS\$hf_mig$\KB957095\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w C:\WINDOWS\$hf_mig$\KB957095\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB957095\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w C:\WINDOWS\$hf_mig$\KB957095\update\update.exe
+ 2007-11-30 11:18:51 382,840 ----a-w C:\WINDOWS\$hf_mig$\KB957095\update\updspapi.dll
+ 2007-11-30 12:39:22 231,288 -c----w C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w C:\WINDOWS\$NtUninstallKB954211$\spuninst\updspapi.dll
+ 2008-03-19 09:40:27 1,845,888 -c----w C:\WINDOWS\$NtUninstallKB954211$\win32k.sys
+ 2007-11-30 12:39:22 231,288 -c----w C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w C:\WINDOWS\$NtUninstallKB956391$\spuninst\updspapi.dll
+ 2008-06-20 10:44:08 138,368 -c----w C:\WINDOWS\$NtUninstallKB956803$\afd.sys
+ 2007-11-30 11:18:51 231,288 -c----w C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w C:\WINDOWS\$NtUninstallKB956803$\spuninst\updspapi.dll
+ 2007-02-28 09:53:04 2,137,600 -c----w C:\WINDOWS\$NtUninstallKB956841$\ntkrnlmp.exe
+ 2007-02-27 22:15:58 2,059,392 -c----w C:\WINDOWS\$NtUninstallKB956841$\ntkrnlpa.exe
+ 2007-02-28 09:15:59 2,017,280 -c----w C:\WINDOWS\$NtUninstallKB956841$\ntkrpamp.exe
+ 2007-02-28 09:55:14 2,182,144 -c----w C:\WINDOWS\$NtUninstallKB956841$\ntoskrnl.exe
+ 2007-11-30 11:18:51 231,288 -c----w C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe
+ 2008-07-09 07:38:37 382,840 -c----w C:\WINDOWS\$NtUninstallKB956841$\spuninst\updspapi.dll
+ 2007-11-30 11:18:51 231,288 -c----w C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w C:\WINDOWS\$NtUninstallKB957095$\spuninst\updspapi.dll
+ 2006-08-14 12:00:42 332,928 -c----w C:\WINDOWS\$NtUninstallKB957095$\srv.sys
- 2007-02-28 09:53:04 2,137,600 ------w C:\WINDOWS\Driver Cache\i386\ntkrnlmp.exe
+ 2008-08-14 09:55:01 2,142,720 ------w C:\WINDOWS\Driver Cache\i386\ntkrnlmp.exe
- 2007-02-27 22:15:58 2,059,392 ------w C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe
+ 2008-08-14 09:18:44 2,062,976 ------w C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe
- 2007-02-28 09:15:59 2,017,280 ------w C:\WINDOWS\Driver Cache\i386\ntkrpamp.exe
+ 2008-08-14 09:18:46 2,020,864 ------w C:\WINDOWS\Driver Cache\i386\ntkrpamp.exe
- 2007-02-28 09:55:14 2,182,144 ------w C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe
+ 2008-08-14 09:57:20 2,185,984 ------w C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe
+ 2008-06-23 16:57:27 124,928 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\advpack.dll
+ 2008-06-23 16:57:27 347,136 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\dxtmsft.dll
+ 2008-06-23 16:57:27 214,528 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\dxtrans.dll
+ 2008-06-23 16:57:27 133,120 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\extmgr.dll
+ 2008-06-23 16:57:28 63,488 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\icardie.dll
+ 2008-06-23 09:20:25 70,656 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\ie4uinit.exe
+ 2008-06-23 16:57:29 153,088 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\ieakeng.dll
+ 2008-06-23 16:57:29 230,400 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\ieaksie.dll
+ 2008-06-21 05:23:54 161,792 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\ieakui.dll
+ 2008-06-23 16:57:29 383,488 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\ieapfltr.dll
+ 2008-06-23 16:57:29 384,512 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\iedkcs32.dll
+ 2008-06-23 16:57:33 6,066,176 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\ieframe.dll
+ 2008-06-23 16:57:33 44,544 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\iernonce.dll
+ 2008-06-23 16:57:34 267,776 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\iertutil.dll
+ 2008-06-23 09:20:26 13,824 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\ieudinit.exe
+ 2008-06-23 09:20:52 625,664 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\iexplore.exe
+ 2008-06-23 16:57:35 27,648 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\jsproxy.dll
+ 2008-06-23 16:57:36 459,264 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\msfeeds.dll
+ 2008-06-23 16:57:36 52,224 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\msfeedsbs.dll
+ 2008-06-24 07:57:40 3,592,192 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\mshtml.dll
+ 2008-06-23 16:57:39 477,696 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\mshtmled.dll
+ 2008-06-23 16:57:39 193,024 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\msrating.dll
+ 2008-06-23 16:57:40 671,232 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\mstime.dll
+ 2008-06-23 16:57:40 102,912 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\occache.dll
+ 2008-06-23 16:57:40 44,544 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\pngfilt.dll
+ 2007-03-06 01:22:39 213,216 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\updspapi.dll
+ 2008-06-23 16:57:40 105,984 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\url.dll
+ 2008-06-23 16:57:40 1,159,680 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\urlmon.dll
+ 2008-06-23 16:57:41 233,472 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\webcheck.dll
+ 2008-06-23 16:57:41 826,368 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\wininet.dll
- 2008-09-10 08:12:39 1,165,584 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2008-10-16 20:36:40 1,165,584 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
- 2008-09-10 08:12:39 20,240 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-10-16 20:36:40 20,240 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
- 2008-09-10 08:12:39 159,504 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2008-10-16 20:36:40 159,504 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
- 2008-09-10 08:12:39 184,080 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2008-10-16 20:36:40 184,080 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2008-09-10 08:12:39 217,864 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2008-10-16 20:36:40 217,864 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2008-09-10 08:12:39 18,704 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-10-16 20:36:40 18,704 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2008-09-10 08:12:39 35,088 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2008-10-16 20:36:40 35,088 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-09-10 08:12:39 845,584 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2008-10-16 20:36:40 845,584 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2008-09-10 08:12:39 922,384 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2008-10-16 20:36:40 922,384 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2008-09-10 08:12:39 272,648 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2008-10-16 20:36:40 272,648 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2008-09-10 08:12:39 888,080 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2008-10-16 20:36:40 888,080 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2008-09-10 08:12:39 1,172,240 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2008-10-16 20:36:40 1,172,240 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2008-01-30 22:44:23 10,134 ----a-r C:\WINDOWS\Installer\{B8478384-7F89-4CDB-B692-6BA981769429}\ARPPRODUCTICON.exe
+ 2008-10-18 09:21:39 10,134 ----a-r C:\WINDOWS\Installer\{B8478384-7F89-4CDB-B692-6BA981769429}\ARPPRODUCTICON.exe
- 2008-09-09 15:43:24 29,926 ----a-r C:\WINDOWS\Installer\{CACE46A6-D098-40B3-911D-A7334E336714}\MsblIco.Exe
+ 2008-10-20 20:57:42 29,926 ----a-r C:\WINDOWS\Installer\{CACE46A6-D098-40B3-911D-A7334E336714}\MsblIco.Exe
+ 2008-10-18 09:27:19 4,398 ----a-r C:\WINDOWS\Installer\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}\ARPPRODUCTICON.exe
- 2008-06-23 16:57:27 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2008-08-26 07:24:28 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
- 2008-06-23 16:57:27 124,928 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2008-08-26 07:24:28 124,928 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll
- 2008-06-20 10:44:08 138,368 -c--a-w C:\WINDOWS\system32\dllcache\afd.sys
+ 2008-08-14 09:48:52 138,368 -c--a-w C:\WINDOWS\system32\dllcache\afd.sys
- 2008-06-23 16:57:27 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-08-26 07:24:28 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2008-06-23 16:57:27 214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-08-26 07:24:28 214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2008-06-23 16:57:27 133,120 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-08-26 07:24:28 133,120 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2008-06-23 16:57:28 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
+ 2008-08-26 07:24:28 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
- 2008-06-23 09:20:25 70,656 -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2008-08-25 08:37:59 70,656 -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2008-06-23 16:57:29 153,088 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2008-08-26 07:24:28 153,088 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2008-06-23 16:57:29 230,400 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2008-08-26 07:24:28 230,400 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2008-06-21 05:23:54 161,792 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2008-08-23 05:54:51 161,792 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
- 2008-06-23 16:57:29 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
+ 2008-08-26 07:24:28 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
- 2008-06-23 16:57:29 384,512 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2008-08-26 07:24:29 384,512 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2008-06-23 16:57:33 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
+ 2008-10-03 17:41:15 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
- 2008-06-23 16:57:33 44,544 -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2008-08-26 07:24:29 44,544 -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2008-06-23 16:57:34 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
+ 2008-08-26 07:24:29 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
- 2008-06-23 09:20:26 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
+ 2008-08-25 08:38:00 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
- 2008-06-23 09:20:52 625,664 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2008-08-23 05:56:15 635,848 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe
- 2008-06-23 16:57:35 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-08-26 07:24:30 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2008-06-23 16:57:36 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2008-08-26 07:24:30 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
- 2008-06-23 16:57:36 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
+ 2008-08-26 07:24:30 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
- 2008-06-24 07:57:40 3,592,192 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-08-27 10:54:32 3,593,216 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2008-06-23 16:57:39 477,696 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-08-26 07:24:30 477,696 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2008-06-23 16:57:39 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-08-26 07:24:30 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
- 2008-06-23 16:57:40 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-08-26 07:24:30 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
- 2007-02-28 09:53:04 2,137,600 -c----w C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
+ 2008-08-14 09:55:01 2,142,720 -c----w C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
- 2007-02-27 22:15:58 2,059,392 -c----w C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
+ 2008-08-14 09:18:44 2,062,976 -c----w C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
- 2007-02-28 09:15:59 2,017,280 -c----w C:\WINDOWS\system32\dllcache\ntkrpamp.exe
+ 2008-08-14 09:18:46 2,020,864 -c----w C:\WINDOWS\system32\dllcache\ntkrpamp.exe
- 2007-02-28 09:55:14 2,182,144 -c----w C:\WINDOWS\system32\dllcache\ntoskrnl.exe
+ 2008-08-14 09:57:20 2,185,984 -c----w C:\WINDOWS\system32\dllcache\ntoskrnl.exe
- 2008-06-23 16:57:40 102,912 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll
+ 2008-08-26 07:24:30 102,912 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll
- 2008-06-23 16:57:40 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-08-26 07:24:30 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2006-08-14 12:00:42 332,928 -c--a-w C:\WINDOWS\system32\dllcache\srv.sys
+ 2008-08-28 10:35:33 333,056 -c--a-w C:\WINDOWS\system32\dllcache\srv.sys
- 2008-06-23 16:57:40 105,984 -c--a-w C:\WINDOWS\system32\dllcache\url.dll
+ 2008-08-26 07:24:30 105,984 -c--a-w C:\WINDOWS\system32\dllcache\url.dll
- 2008-06-23 16:57:40 1,159,680 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-08-26 07:24:31 1,159,680 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2008-06-23 16:57:41 233,472 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2008-08-26 07:24:31 233,472 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll
- 2008-03-19 09:40:27 1,845,888 -c--a-w C:\WINDOWS\system32\dllcache\win32k.sys
+ 2008-09-15 12:17:07 1,846,912 -c--a-w C:\WINDOWS\system32\dllcache\win32k.sys
- 2008-06-23 16:57:41 826,368 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-08-26 07:24:31 826,368 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
- 2008-06-20 10:44:08 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
+ 2008-08-14 09:48:52 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
- 2008-06-23 16:57:27 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-08-26 07:24:28 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2008-06-23 16:57:27 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2008-08-26 07:24:28 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2008-06-23 16:57:27 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2008-08-26 07:24:28 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll
- 2008-09-20 21:36:41 362,528 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-10-17 09:48:20 362,528 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2008-06-23 16:57:28 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
+ 2008-08-26 07:24:28 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
- 2008-06-23 09:20:25 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
+ 2008-08-25 08:37:59 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
- 2008-06-23 16:57:29 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
+ 2008-08-26 07:24:28 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
- 2008-06-23 16:57:29 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
+ 2008-08-26 07:24:28 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
- 2008-06-21 05:23:54 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
+ 2008-08-23 05:54:51 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
- 2008-06-23 16:57:29 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
+ 2008-08-26 07:24:28 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2008-06-23 16:57:29 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
+ 2008-08-26 07:24:29 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
- 2008-06-23 16:57:33 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
+ 2008-10-03 17:41:15 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2008-06-23 16:57:33 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
+ 2008-08-26 07:24:29 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
- 2008-06-23 16:57:34 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
+ 2008-08-26 07:24:29 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2008-06-23 09:20:26 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2008-08-25 08:38:00 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
- 2008-06-23 16:57:35 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2008-08-26 07:24:30 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2005-07-15 17:28:00 282,624 ----a-w C:\WINDOWS\system32\LCWizard.dll
- 2008-08-26 20:28:12 16,208,504 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-10-07 19:19:40 16,721,856 ----a-w C:\WINDOWS\system32\MRT.exe
- 2008-06-23 16:57:36 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2008-08-26 07:24:30 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
- 2008-06-23 16:57:36 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2008-08-26 07:24:30 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
- 2008-06-24 07:57:40 3,592,192 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-08-27 10:54:32 3,593,216 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2008-06-23 16:57:39 477,696 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2008-08-26 07:24:30 477,696 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2008-06-23 16:57:39 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2008-08-26 07:24:30 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
- 2008-06-23 16:57:40 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2008-08-26 07:24:30 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
- 2008-06-23 16:57:40 102,912 ----a-w C:\WINDOWS\system32\occache.dll
+ 2008-08-26 07:24:30 102,912 ----a-w C:\WINDOWS\system32\occache.dll
- 2008-06-23 16:57:40 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-08-26 07:24:30 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2006-05-04 13:26:36 2,808,832 ----a-w C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\ALCWZRD.EXE
+ 2004-08-03 20:08:00 60,288 ----a-w C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\i386\drmk.sys
+ 2005-12-28 18:29:30 141,056 ----a-w C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\i386\ks.sys
+ 2004-08-03 21:56:44 4,096 ----a-w C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\i386\ksuser.dll
+ 2006-01-31 19:31:46 145,920 ----a-w C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\i386\portcls.sys
+ 2005-11-04 18:55:10 48,768 ----a-w C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\i386\stream.sys
+ 2004-08-03 21:56:58 23,552 ----a-w C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\i386\wdmaud.drv
+ 2006-06-28 11:00:40 2,158,592 ----a-w C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\MicCal.exe
+ 2006-07-21 13:18:00 270,336 ----a-w C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\RTCOMDLL.dll
+ 2006-08-01 16:10:18 16,049,664 ----a-w C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\RTHDCPL.EXE
+ 2006-08-01 16:07:02 4,356,608 ----a-w C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\RtkHDAud.sys
+ 2006-07-22 04:40:08 143,360 ----a-w C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\RTLCPAPI.dll
+ 2006-05-04 13:35:14 9,709,568 ----a-w C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\RTLCPL.EXE
+ 2006-03-09 14:45:20 364,544 ----a-w C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\RtlUpd.exe
+ 2006-05-16 15:04:26 2,879,488 ----a-w C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\SkyTel.exe
+ 2006-07-21 13:14:36 86,016 ----a-w C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\SOUNDMAN.EXE
+ 2004-07-20 14:03:00 167,936 ----a-w C:\WINDOWS\system32\TBTMon.dll
+ 2005-04-26 07:18:00 45,056 ----a-w C:\WINDOWS\system32\tbtmon98Language.dll
+ 2004-01-15 11:43:00 114,688 ----a-w C:\WINDOWS\system32\TBTMonUI.dll
+ 2003-11-13 11:43:00 61,440 ----a-w C:\WINDOWS\system32\TosAcpiAPI.dll
+ 2006-04-07 14:35:00 53,248 ----a-w C:\WINDOWS\system32\TosAvAPI.dll
+ 2006-04-07 14:38:00 90,112 ----a-w C:\WINDOWS\system32\TosAvctAPI.dll
+ 2006-04-07 14:37:00 131,072 ----a-w C:\WINDOWS\system32\TosAvdtAPI.dll
+ 2005-11-22 07:03:00 98,304 ----a-w C:\WINDOWS\system32\TosBdAPI.dll
+ 2005-09-02 11:44:00 110,592 ----a-w C:\WINDOWS\system32\TosBtAcc.dll
+ 2006-01-30 20:29:00 73,728 ----a-w C:\WINDOWS\system32\TosBtAerialAPI.dll
+ 2006-04-07 13:35:00 151,552 ----a-w C:\WINDOWS\system32\TosBtAPI.dll
+ 2006-02-27 14:01:00 106,496 ----a-w C:\WINDOWS\system32\TosBtCapApi.dll
+ 2004-07-29 10:47:00 69,632 ----a-w C:\WINDOWS\system32\TosBtECCAPI.dll
+ 2006-02-17 16:58:00 1,875,968 ----a-w C:\WINDOWS\system32\TosBtExt.dll
+ 2004-07-20 14:04:00 94,208 ----a-w C:\WINDOWS\system32\TosBtHcrpAPI.dll
+ 2005-09-07 11:18:00 49,152 ----a-w C:\WINDOWS\system32\TosBtHSPAPI.dll
+ 2006-04-07 13:36:00 106,496 ----a-w C:\WINDOWS\system32\TosBtSDDB.dll
+ 2005-09-02 13:19:00 548,864 ----a-w C:\WINDOWS\system32\tosBtShell.dll
+ 2005-07-22 18:30:00 65,536 ----a-w C:\WINDOWS\system32\TosCommAPI.dll
+ 2002-11-29 07:43:00 53,248 ----a-w C:\WINDOWS\system32\TosGnsAPI.dll
+ 2005-11-08 17:07:00 65,536 ----a-w C:\WINDOWS\system32\TosHidAPI.dll
+ 2001-09-26 12:15:00 65,536 ----a-w C:\WINDOWS\system32\TosLaneAPI.dll
+ 2003-07-22 13:28:00 61,440 ----a-w C:\WINDOWS\system32\TosSndAPI.dll
+ 2006-03-01 07:04:00 110,592 ----a-w C:\WINDOWS\system32\TosSndPlug.dll
- 2008-06-23 16:57:40 105,984 ----a-w C:\WINDOWS\system32\url.dll
+ 2008-08-26 07:24:30 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2008-06-23 16:57:40 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-08-26 07:24:31 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2008-06-23 16:57:41 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2008-08-26 07:24:31 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 04:56 AM 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [04/21/2006 03:16 PM 761946]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [06/10/2008 04:27 AM 144784]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [08/24/2007 07:00 AM 33648]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [08/31/2008 11:58 AM 185896]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [07/29/2008 08:20 PM 206088]
"LaunchAp"="C:\Program Files\Launch Manager\LaunchAp.exe" [07/25/2005 01:36 PM 32768]
"HotkeyApp"="C:\Program Files\Launch Manager\HotkeyApp.exe" [09/04/2006 03:44 PM 65536]
"Wbutton"="C:\Program Files\Launch Manager\Wbutton.exe" [09/13/2006 06:23 PM 86016]
"RTHDCPL"="RTHDCPL.EXE" [08/01/2006 07:10 PM 16049664 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [05/16/2006 06:04 PM 2879488 C:\WINDOWS\SkyTel.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnsc"="C:\WINDOWS\system32\msnsc.exe" [01/15/2006 06:49 AM 62054]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [08/04/2004 04:56 AM 15360]
C:\Documents and Settings\Siemens\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-07 101440]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2006-04-07 1773568]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Antiwpa]
07/22/2006 11:49 PM 5376 C:\WINDOWS\system32\antiwpa.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.3iv2"= 3ivxVfWCodec.dll
"VIDC.VP31"= vp31vfw.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 08/04/2004 04:56 AM 15360 C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
--a------ 05/16/2006 06:04 PM 2879488 C:\WINDOWS\SkyTel.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"PcSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe /onboot
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
"Creative WebCam Tray"="C:\Program Files\Creative\Shared Files\CamTray.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"WatcherHelper"="C:\Program Files\Sierra Wireless Inc\3G Watcher\WaHelper.exe"
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe -H
"MsgCenterExe"="C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe" -osboot
"Picasa Media Detector"=C:\Program Files\Picasa2\PicasaMediaDetector.exe
"NSLauncher"=C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
"SMSERIAL"=sm56hlpr.exe
"BluetoothAuthenticationAgent"=rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
"LaunchAp"="C:\Program Files\Launch Manager\LaunchAp.exe"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe
"Acrobat Assistant 7.0"="C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe
"HotkeyApp"="C:\Program Files\Launch Manager\HotkeyApp.exe"
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
"RTHDCPL"=RTHDCPL.EXE
"Alcmtr"=ALCMTR.EXE
"Wbutton"="C:\Program Files\Launch Manager\Wbutton.exe"
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
"<NO NAME>"=
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"<NO NAME>"=
"C:\\Program Files\\Sierra Wireless Inc\\3G Watcher\\SwiApiMux.exe"=
"C:\\Program Files\\Mobily Connect Card\\Mobily Connect Card.exe"=
"C:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"C:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\ooVoo\\ooVoo.exe"=
"C:\\Program Files\\CrossLoop\\CrossLoopConnect.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"443:TCP"= 443:TCP

oVoo TCP المنفذ 443
"443:UDP"= 443:UDP

oVoo UDP المنفذ 443
"37674:TCP"= 37674:TCP

oVoo TCP المنفذ 37674
"37674:UDP"= 37674:UDP

oVoo UDP المنفذ 37674
"37675:UDP"= 37675:UDP

oVoo UDP المنفذ 37675
R0 klbg;Kaspersky Lab Boot Guard Driver;C:\WINDOWS\system32\drivers\klbg.sys [01/29/2008 06:29 PM 32784]
R1 Hotkey;Hotkey;C:\WINDOWS\system32\drivers\Hotkey.sys [04/28/2003 11:27 AM 9867]
R2 LF30FS;LF30FS;C:\Program Files\Everstrike Software\Lock Folder XP 3.5\LF30XP.sys [11/19/2004 05:07 PM 101488]
R2 NCWatch;Network Connection Watcher;C:\Program Files\Fujitsu Siemens Computers\NCWatch\NCWatch.exe [04/07/2006 01:02 PM 204800]
R3 EKBfltr;ENE Keyboard Controller;C:\WINDOWS\system32\DRIVERS\EKBfltr.sys [01/14/2005 05:22 PM 5504]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;C:\WINDOWS\system32\DRIVERS\klfltdev.sys [03/13/2008 07:02 PM 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [04/30/2008 06:06 PM 24592]
R3 swivsp;AC8xx Virtual Serial Port;C:\WINDOWS\system32\DRIVERS\swivspnt.sys [03/20/2006 09:07 AM 20736]
S1 Wbutton;Wbutton;C:\WINDOWS\system32\drivers\Wbutton.sys [ ]
S3 br3gmdm;BandLuxe 3.5G HSDPA Adapter - USB;C:\WINDOWS\system32\DRIVERS\br3gmdm.sys [ ]
S3 BTIAUSB;Generic Bluetooth Device;C:\WINDOWS\system32\DRIVERS\btiausb.sys [07/30/2008 09:04 AM 23808]
S3 BTPROT;Generic Bluetooth Filter;C:\WINDOWS\system32\DRIVERS\btprot.sys [08/02/2008 10:22 AM 453120]
S3 SWNC8U00;Sierra Wireless MUX NDIS Driver (UMTS00);C:\WINDOWS\system32\DRIVERS\SWNC8U00.sys [04/18/2006 12:10 PM 81408]
S3 SWUMX00;Sierra Wireless USB MUX Driver (UMTS00);C:\WINDOWS\system32\DRIVERS\swumx00.sys [04/18/2006 12:10 PM 61312]
S3 V0330VID;WebCam Vista;C:\WINDOWS\system32\DRIVERS\V0330Vid.sys [09/12/2006 08:00 PM 173632]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0cc6791c-dd3b-11dc-a4c0-00a0d5ffff85}]
\Shell\AutoRun\command - WD_Windows_Tools\Setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1c295a4a-6a40-11dd-a695-00a0d5ffff85}]
\Shell\AutoRun\command - F:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{33e06311-1c14-11dd-a5a8-00a0d5ffff85}]
\Shell\AutoRun\command - F:\zPharaoh.exe
\Shell\explore\command - F:\zPharaoh.exe
\Shell\open\command - F:\zPharaoh.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4f7ecfac-1369-11dd-a585-00a0d5ffff85}]
\Shell\AutoRun\command - F:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4f7ecfb0-1369-11dd-a585-00a0d5ffff85}]
\Shell\AutoRun\command - F:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{732831c6-14fb-11dd-a589-0018de95d7ba}]
\Shell\AutoRun\command - F:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{82f33114-cf5d-11dc-a475-00a0d5ffff85}]
\Shell\AutoRun\command - F:\zPharaoh.exe
\Shell\explore\command - F:\zPharaoh.exe
\Shell\open\command - F:\zPharaoh.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{86d979d6-df1c-11dc-a4c7-00a0d5ffff85}]
\Shell\AutoRun\command - F:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{86d97aaf-df1c-11dc-a4c7-00a0d5ffff85}]
\Shell\AutoRun\command - F:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9d0dc12e-9d6b-11dd-a763-00a0d5ffff85}]
\Shell\AutoRun\command - F:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9d0dc131-9d6b-11dd-a763-00a0d5ffff85}]
\Shell\AutoRun\command - F:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9d0dc134-9d6b-11dd-a763-bcd5213b0dda}]
\Shell\AutoRun\command - F:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9e36602a-422a-11dd-a644-00a0d5ffff85}]
\Shell\AutoRun\command - F:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9e36602d-422a-11dd-a644-00a0d5ffff85}]
\Shell\AutoRun\command - F:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a429c6f8-4b0c-11dd-a658-0018de95d7ba}]
\Shell\AutoRun\command - F:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a429c6f9-4b0c-11dd-a658-0018de95d7ba}]
\Shell\AutoRun\command - F:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b8045040-6a19-11dd-a694-00a0d5ffff85}]
\Shell\AutoRun\command - F:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b8045043-6a19-11dd-a694-00a0d5ffff85}]
\Shell\AutoRun\command - F:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c31b61ca-4f7b-11dd-a666-0018de95d7ba}]
\Shell\AutoRun\command - F:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c31b61cb-4f7b-11dd-a666-0018de95d7ba}]
\Shell\AutoRun\command - F:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c65414de-1481-11dd-a588-00a0d5ffff85}]
\Shell\AutoRun\command - F:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c65414df-1481-11dd-a588-00a0d5ffff85}]
\Shell\AutoRun\command - F:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c70cc9f2-6fcb-11dd-a6ac-00a0d5ffff85}]
\Shell\AutoRun\command - F:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c70cc9f3-6fcb-11dd-a6ac-00a0d5ffff85}]
\Shell\AutoRun\command - F:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{de10521e-1615-11dd-a58e-0018de95d7ba}]
\Shell\AutoRun\command - F:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{de10521f-1615-11dd-a58e-0018de95d7ba}]
\Shell\AutoRun\command - F:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e6a1cf20-442e-11dd-a64a-0018de95d7ba}]
\Shell\AutoRun\command - F:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e8cf118d-6cf4-11dd-a6a0-00a0d5fffe85}]
\Shell\AutoRun\command - F:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f4073216-054b-11dd-a54d-00a0d5ffff85}]
\Shell\AutoRun\command - F:\AUTORUN_BANDLUXE.EXE
.
s of the 'Scheduled Tasks' folder
.
- - - - ORPHANS REMOVED - - - -
HKLM-Run-CtrlVol - C:\Program Files\Launch Manager\CtrlVol.exe

.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Siemens\Application Data\Mozilla\Firefox\Profiles\rpgywrg9.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - about:blank
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2008-10-21 18:51:39
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
CtrlVol = C:\Program Files\Launch Manager\CtrlVol.exe??%??\??????|x??|????q??|?j?wQj?w????????(??? ???????????????d??????|????????p?????@?????????0y?w???????????????sx??s@??????????????|h??st??????????s?????????????????C?sc"?sx??s??????B~??@?N'?s?nV??

??nV????????
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 10/21/2008 18:54:38
ComboFix-quarantined-files.txt 2008-10-21 15:54:23
Pre-Run: 19,714,064,384 bytes free
Post-Run: 19,725,950,976 bytes free
598 --- E O F --- 2008-10-21 09:46:40

Demo-dash · 21 أكتوبر 2008

وتقرير

اعمل تقرير للهايجاك

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات .. ويظهر لك تقرير اعمل تحديد الكل ==> انسخه والصقه بردك القادم

عشان نشيك على جهازك

azzamswcc · 21 أكتوبر 2008

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

صوره لعمليه ازاله برامج الحمايه الوهمية

azzamswcc · 21 أكتوبر 2008

تقرير الهايجاك

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:56:14 م, on 21/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Fujitsu Siemens Computers\NCWatch\NCWatch.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mobily Connect Card\Mobily Connect Card.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\DOCUME~1\Siemens\LOCALS~1\Temp\FSCapture.exe
D:\رااااايق\أداة رقم2\Zyzoom_HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [msnsc] C:\WINDOWS\system32\msnsc.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_01] cmd.exe /c md "%USERPROFILE%\Local Settings\Temp" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlpo_01] cmd.exe /c md "%USERPROFILE%\Local Settings\Temp" (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [msnsc] C:\WINDOWS\system32\msnsc.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnsc] C:\WINDOWS\system32\msnsc.exe (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O17 - HKLM\System\CCS\Services\Tcpip\..\{D35305CE-D56C-4A6F-B0D0-0090A659E31B}: NameServer = 10.6.9.12 10.6.9.11
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Network Connection Watcher (NCWatch) - Fujitsu Siemens Computers - C:\Program Files\Fujitsu Siemens Computers\NCWatch\NCWatch.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
--
End of file - 10661 bytes

Demo-dash · 21 أكتوبر 2008

صوره لعمليه ازاله برامج الحمايه الوهمية

تمام ,, هذي التروجونات الان في الحجر الصحي
عندما اكتشفت هذي التروجونات ,, هل مسحتها بالخيار Delete او delete all ??
^^
اذا كان كذا ,, فهذا ممتاز ,, تستطيع الان ان تثبيت التحديث
واذا كنت لم تستطع ان تثبت التحديث بسبب ان الوندوز غير اصليه

طبق هذي المشاركه :king:

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Demo-dash · 21 أكتوبر 2008

ومن تقرير الهاي جاك احذف التالي

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKUS\S-1-5-19\..\Run: [msnsc] C:\WINDOWS\system32\msnsc.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_01] cmd.exe /c md "%USERPROFILE%\Local Settings\Temp" (User 'LOCAL SERVICE

O4 - HKUS\S-1-5-20\..\RunOnce: [nlpo_01] cmd.exe /c md "%USERPROFILE%\Local Settings\Temp" (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [msnsc] C:\WINDOWS\system32\msnsc.exe (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [msnsc] C:\WINDOWS\system32\msnsc.exe (User 'Default user')

طريقة الحذف

اداة SmitfraudFix قم باستخدامها

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

ثم نزل هذه الاداة واتبع الشرح التالي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

التوافق : ويندوز اكسبيفقط

شرح الاستخدام ,,,,,,
عند تشغيل ملف الاداة تظهر لك هذه الشاشه ,, انتظر ( وتابع مع الصور )

وعند ظهور هذه الشاشه ,, اضغط على Close ليتم اعادة تشغيل جهازك (( لتكملة عملية التنظيف ))

azzamswcc · 21 أكتوبر 2008

تقرير فحص SmitfraudFix

SmitFraudFix v2.365
Scan done at 20:41:39.00, Tue 10/21/2008
Run from C:\Documents and Settings\Siemens\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Killing process

»»»»»»»»»»»»»»»»»»»»»»»» hosts
127.0.0.1 localhost
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix
S!Ri's WS2Fix: LSP not Found.

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix
AntiXPVSTFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» RK

»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: WAN (PPP/SLIP) Interface
DNS Server Search Order: 10.6.9.12
DNS Server Search Order: 10.6.9.11
HKLM\SYSTEM\CCS\Services\Tcpip\..\{D35305CE-D56C-4A6F-B0D0-0090A659E31B}: NameServer=10.6.9.12 10.6.9.11
HKLM\SYSTEM\CS1\Services\Tcpip\..\{D35305CE-D56C-4A6F-B0D0-0090A659E31B}: NameServer=10.6.9.12 10.6.9.11

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» End

وجاري عمل تنضيف بواسطة الاداة الاخيره

Demo-dash · 21 أكتوبر 2008

اوك ,,,,,,,,,,,,

azzamswcc · 21 أكتوبر 2008

لازالت عزيزي نفس المشكله

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

علما اني بعد ان غيرت السريال حق الاكس بي صار يعطيني المسج التالي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

السّاجد لله · 21 أكتوبر 2008

حبيبي الغالي نسخة الوندوز لديك غير اصلية ادخل وطبق ما في هذا الموضوع

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

السّاجد لله · 21 أكتوبر 2008

بس بعد متحمل الموضوع وتريد تطبقه افصل النت واغلق جهاز الحماية

azzamswcc · 21 أكتوبر 2008

أخي hesham77

بعد مادخلت ع الرابط

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

فأتمنى مساعدتك ياغالي

السّاجد لله · 21 أكتوبر 2008

اوكي راح اجيبلكياه لحد بابك بس دقيقة

azzamswcc · 21 أكتوبر 2008

ربي يحفظك

السّاجد لله · 21 أكتوبر 2008

تفضل حبيبي

لتحميل البرنامج او الاداة اضغط هنا

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

احبتي بعد تنزيل البرنامج فك الضغط عنه واعمل بالخطوات التالية الموضحة بالصور

1. إفتح Winodws xp Keygen ومن المربع Prouct Famly نختار windows xp pro vlk بعدها نضغط على الزر generate نترك هذه النافذه مفتوحة
كما في الصورة التالية

2. إفتح "keyFinder" الذي يعرض مفتاح نسختك من الوندوز . ونختار من option الاختيار chang windows key الان نقوم بنسخ السريال من النافذه السابقة في الخطوة الاولى ونقوم بلصقه في الحقول الفارغة ثم نضغط chang ثم اغلق النوافذ كما في الصور التالية

3. افتح proram wga الآن،واختار yes .
كما في الصورة

4. افتح الاداة MGADiag ثم اضغط continue ثم اوكي

كما في الصورة

لاحظ النسخة اصبحت اصلية مئة بالمئة ان شاء الله

azzamswcc · 22 أكتوبر 2008

أخي hesham77

لم أستطع تحميل الملف والسبب أنه يعدني الا الصفحه الرئيسيه كالتالي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

وبعد الضغط ع التحميل

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

ثم بعد ذلك يعيدني الا الصفحه الرئيسيه من جديد

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

أتمنى منك مساعدتي في ايجاد الملف ع موقع تحميل ثاني أن أمكن

حفظك الرحمن

زيزوومي نشيط

داعم للمنتدى،(خبراء زيزووم )

توقيع : Demo-dashDemo-dash is verified member.

زيزوومي نشيط

داعم للمنتدى،(خبراء زيزووم )

توقيع : Demo-dashDemo-dash is verified member.

زيزوومي نشيط

داعم للمنتدى،(خبراء زيزووم )

توقيع : Demo-dashDemo-dash is verified member.

زيزوومي نشيط

زيزوومي نشيط

داعم للمنتدى،(خبراء زيزووم )

توقيع : Demo-dashDemo-dash is verified member.

داعم للمنتدى،(خبراء زيزووم )

توقيع : Demo-dashDemo-dash is verified member.

زيزوومي نشيط

داعم للمنتدى،(خبراء زيزووم )

توقيع : Demo-dashDemo-dash is verified member.

زيزوومي نشيط

زيزوومى فضى

توقيع : السّاجد لله

زيزوومى فضى

توقيع : السّاجد لله

زيزوومي نشيط

زيزوومى فضى

توقيع : السّاجد لله

زيزوومي نشيط

زيزوومى فضى

توقيع : السّاجد لله

زيزوومي نشيط

توقيع : Demo-dash

توقيع : Demo-dash

توقيع : Demo-dash

توقيع : Demo-dash

توقيع : Demo-dash

توقيع : Demo-dash