مشكله عندي فايروس غريب

  • بادئ الموضوع بادئ الموضوع hattoom99
  • تاريخ البدء تاريخ البدء
  • المشاهدات 1,027
H

hattoom99

زيزوومي جديد
إنضم
19 فبراير 2008
المشاركات
36
مستوى التفاعل
0
النقاط
40
غير متصل
السلام عليكم ورحمة الله وبركاته

أنا شغال على برنامج ملتميديا بلدر برنامج لعمل سيدي تلقائي

عندما أنتهي من إنشاء السيدي وأحفظ الملفات وأنسخها على إسطوانه

وقت تشغيل السيدي لا يشتغل السيدي تلقائي

وعندما أفتح جهاز الكمبيوتر

فتح تلقائي للسيدي تأتيني رساله

فتح بإستخدام

zyzoom-2d8b2d3803.bmp


يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

جربت في جهاز ثاني أشتغل 100%

بس بعد ما دخلت اليو إس بي رجعت المشكله مرة آخرى


فما الحل

شاكر لكم مقدماً
 

توقيع : hattoom99
ترتيب حسب التاريخ ترتيب حسب الأصوات
kong قال:
عطل برامج الحمايه

حمل هذه الاداة واحفظها على سطح المكتب
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم
--------------------------------------------
( 2 )
واعمل تقرير للهايجاك
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log

لحظات ويظهر لك تقرير ,, انسخه والصقه بردك القادم​
أنقر للتوسيع...


:)



.
 
تأييد 0
بارك الله فيك اخي الحبيب

بعد اذنك إلى القسم المناسب

وان شاء الله بالتوفيق
 
توقيع : Al jNtEeL
تأييد 0
توقيع : hattoom99
تأييد 0
هلا بالمشرف

سوي إلى تشوفه الأحسن

بارك الله فيك
 
توقيع : hattoom99
تأييد 0
أعتقد أن الفايروس هو

autorun.inf

إذا في أدات تحذفه أعطوني إياها


تراه أنتشر في الجهاز كله
 
توقيع : hattoom99
تأييد 0
اخوي فايروس autorun.inf .... حله


عطل برامج الحمايه

حمل هذه الاداة واحفظها على سطح المكتب
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم
--------------------------------------------




ملاحظة مهمه :: لا تنسى ان تحط إذا كان عندك فلاش ولا إذا كان عندك هاردسك اشبكه قبل بدء العمليه​
 
توقيع : AbOdy
تأييد 0
جزاك الله خير أخوي

هذه الأداة نفس الأداة الولى

عند تشغيلها

تعطيني هذه الرساله

ds.jpg






 
توقيع : hattoom99
تأييد 0
اخوي اعد تسمية الاداة لاي مسمى اخر ثم شغلها
واذا ما اشتغلت اعد استخدام الاداة بالوضع الامن
 
تأييد 0
طيب أجرب وارد

 
توقيع : hattoom99
تأييد 0
fdfff.jpg



أخوي هذا من السيف مود

حتي جبت أداة تحذفها ماحذفتها


 
توقيع : hattoom99
تأييد 0
هل جربت تغير مسمى الاداة ؟؟
 
تأييد 0
إلى يارجل غيرت الإسم

لكن رجعت غير الإسم إلى الإسم الإساسي للأداة وزبطت والحمدلله

وهذا التقرير
PHP: 
ComboFix 08-08-30.03 - hattoom 09/02/2008  3:49:50.3 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.2.1256.1.1025.18.570 [GMT 3:00]
Running from: C:\Documents and Settings\hattoom\سطح المكتب\ComboFix.exe
 * Created a new restore point

[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.

(((((((((((((((((((((((((   Files Created from 2008-08-02 to 2008-09-02  )))))))))))))))))))))))))))))))
.

No new files created in this timespan

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-02 00:58    ---------    d-----w    C:\Documents and Settings\hattoom\Application Data\Orbit
2008-09-02 00:57    ---------    d-----w    C:\Documents and Settings\hattoom\Application Data\DMCache
2008-09-01 21:06    ---------    d-----w    C:\Program Files\PowerArchiver
2008-09-01 00:42    ---------    d-----w    C:\Program Files\USB Disk Security
2008-09-01 00:15    ---------    d-----w    C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-08-31 20:34    ---------    d---a-w    C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-31 11:49    ---------    d-----w    C:\Program Files\Avant Browser
2008-08-31 02:36    ---------    d-----w    C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-08-30 21:48    ---------    d-----w    C:\Program Files\XoftSpySE
2008-08-30 21:15    ---------    d-----w    C:\Program Files\Multimedia Builder498
2008-08-30 21:05    ---------    d-----w    C:\Program Files\Messenger Plus! Live
2008-03-11 11:46    76    ---ha-w    C:\Program Files\Desktop.ini
2005-08-27 12:26    1,548,288    ----a-w    C:\Program Files\المشغل.exe
.

(((((((((((((((((((((((((((((   snapshot@Sun 08-31-2008_17.20.05.10   )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-05-02 13:33:32    83,968    ----a-w    C:\WINDOWS\$hf_mig$\KB946648\SP2QFE\msgsc.dll
+ 2008-05-02 14:01:50    83,968    ----a-w    C:\WINDOWS\$hf_mig$\KB946648\SP3GDR\msgsc.dll
+ 2008-05-02 13:42:54    83,968    ----a-w    C:\WINDOWS\$hf_mig$\KB946648\SP3QFE\msgsc.dll
+ 2007-11-30 12:39:01    17,784    ----a-w    C:\WINDOWS\$hf_mig$\KB946648\spmsg.dll
+ 2007-11-30 12:39:01    231,288    ----a-w    C:\WINDOWS\$hf_mig$\KB946648\spuninst.exe
+ 2007-11-30 12:39:01    26,488    ----a-w    C:\WINDOWS\$hf_mig$\KB946648\update\spcustom.dll
+ 2007-11-30 11:18:13    752,504    ----a-w    C:\WINDOWS\$hf_mig$\KB946648\update\update.exe
+ 2007-11-30 12:39:04    380,792    ----a-w    C:\WINDOWS\$hf_mig$\KB946648\update\updspapi.dll
+ 2008-01-23 04:56:21    554,008    ----a-w    C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\dao360.dll
+ 2007-12-10 12:41:11    518,944    ----a-w    C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msexch40.dll
+ 2007-12-10 12:41:11    326,432    ----a-w    C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msexcl40.dll
+ 2007-12-10 12:41:11    1,516,568    ----a-w    C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjet40.dll
+ 2007-12-10 12:41:11    355,112    ----a-w    C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjetol1.dll
+ 2007-11-01 05:14:15    158,496    ----a-w    C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjint40.dll
+ 2007-12-10 12:41:12    60,192    ----a-w    C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjter40.dll
+ 2007-12-10 12:41:12    248,608    ----a-w    C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjtes40.dll
+ 2007-12-10 12:41:12    219,936    ----a-w    C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msltus40.dll
+ 2007-12-10 12:41:12    355,104    ----a-w    C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mspbde40.dll
+ 2007-12-10 12:41:13    432,928    ----a-w    C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrd2x40.dll
+ 2007-12-10 12:41:13    322,336    ----a-w    C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrd3x40.dll
+ 2007-12-10 12:41:13    559,904    ----a-w    C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrepl40.dll
+ 2007-12-10 12:41:13    264,992    ----a-w    C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mstext40.dll
+ 2007-12-10 12:41:13    838,432    ----a-w    C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mswdat10.dll
+ 2007-11-01 05:14:15    621,344    ----a-w    C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mswstr10.dll
+ 2007-12-10 12:41:14    355,104    ----a-w    C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msxbde40.dll
+ 2007-03-06 00:57:34    14,560    ----a-w    C:\WINDOWS\$hf_mig$\KB950749\spmsg.dll
+ 2007-03-06 00:57:39    213,216    ----a-w    C:\WINDOWS\$hf_mig$\KB950749\spuninst.exe
+ 2007-03-06 00:57:32    22,752    ----a-w    C:\WINDOWS\$hf_mig$\KB950749\update\spcustom.dll
+ 2007-03-06 00:57:56    712,928    ----a-w    C:\WINDOWS\$hf_mig$\KB950749\update\update.exe
+ 2007-03-06 00:58:46    369,376    ----a-w    C:\WINDOWS\$hf_mig$\KB950749\update\updspapi.dll
+ 2008-07-07 20:17:16    253,952    ----a-w    C:\WINDOWS\$hf_mig$\KB950974\SP2QFE\es.dll
+ 2008-07-07 20:27:47    253,952    ----a-w    C:\WINDOWS\$hf_mig$\KB950974\SP3GDR\es.dll
+ 2008-07-07 20:23:57    253,952    ----a-w    C:\WINDOWS\$hf_mig$\KB950974\SP3QFE\es.dll
+ 2007-11-30 12:39:01    17,784    ----a-w    C:\WINDOWS\$hf_mig$\KB950974\spmsg.dll
+ 2007-11-30 12:39:01    231,288    ----a-w    C:\WINDOWS\$hf_mig$\KB950974\spuninst.exe
+ 2007-11-30 12:39:01    26,488    ----a-w    C:\WINDOWS\$hf_mig$\KB950974\update\spcustom.dll
+ 2007-11-30 12:38:55    752,504    ----a-w    C:\WINDOWS\$hf_mig$\KB950974\update\update.exe
+ 2007-11-30 12:38:55    380,792    ----a-w    C:\WINDOWS\$hf_mig$\KB950974\update\updspapi.dll
+ 2008-07-14 11:03:00    62,976    ----a-w    C:\WINDOWS\$hf_mig$\KB951072-v2\SP2QFE\tzchange.exe
+ 2008-07-11 12:42:28    62,976    ----a-w    C:\WINDOWS\$hf_mig$\KB951072-v2\SP3GDR\tzchange.exe
+ 2008-07-11 12:51:51    62,976    ----a-w    C:\WINDOWS\$hf_mig$\KB951072-v2\SP3QFE\tzchange.exe
+ 2007-11-30 11:18:09    17,784    ----a-w    C:\WINDOWS\$hf_mig$\KB951072-v2\spmsg.dll
+ 2007-11-30 11:18:09    231,288    ----a-w    C:\WINDOWS\$hf_mig$\KB951072-v2\spuninst.exe
+ 2007-11-30 11:18:09    26,488    ----a-w    C:\WINDOWS\$hf_mig$\KB951072-v2\update\spcustom.dll
+ 2007-11-30 12:39:03    752,504    ----a-w    C:\WINDOWS\$hf_mig$\KB951072-v2\update\update.exe
+ 2007-11-30 12:39:04    380,792    ----a-w    C:\WINDOWS\$hf_mig$\KB951072-v2\update\updspapi.dll
+ 2008-06-14 18:02:52    271,616    ----a-w    C:\WINDOWS\$hf_mig$\KB951376-v2\SP2QFE\bthport.sys
+ 2008-06-14 17:31:55    271,616    ----a-w    C:\WINDOWS\$hf_mig$\KB951376-v2\SP3GDR\bthport.sys
+ 2008-06-14 17:37:45    271,616    ----a-w    C:\WINDOWS\$hf_mig$\KB951376-v2\SP3QFE\bthport.sys
+ 2007-11-30 11:18:09    17,784    ----a-w    C:\WINDOWS\$hf_mig$\KB951376-v2\spmsg.dll
+ 2007-11-30 11:18:09    231,288    ----a-w    C:\WINDOWS\$hf_mig$\KB951376-v2\spuninst.exe
+ 2007-11-30 11:18:09    26,488    ----a-w    C:\WINDOWS\$hf_mig$\KB951376-v2\update\spcustom.dll
+ 2007-11-30 11:18:13    752,504    ----a-w    C:\WINDOWS\$hf_mig$\KB951376-v2\update\update.exe
+ 2007-11-30 11:18:13    380,792    ----a-w    C:\WINDOWS\$hf_mig$\KB951376-v2\update\updspapi.dll
+ 2008-05-07 04:55:20    1,286,144    ----a-w    C:\WINDOWS\$hf_mig$\KB951698\SP2QFE\quartz.dll
+ 2008-05-07 05:10:16    1,286,144    ----a-w    C:\WINDOWS\$hf_mig$\KB951698\SP3GDR\quartz.dll
+ 2008-05-07 05:04:17    1,286,144    ----a-w    C:\WINDOWS\$hf_mig$\KB951698\SP3QFE\quartz.dll
+ 2007-11-30 11:18:09    17,784    ----a-w    C:\WINDOWS\$hf_mig$\KB951698\spmsg.dll
+ 2007-11-30 11:18:09    231,288    ----a-w    C:\WINDOWS\$hf_mig$\KB951698\spuninst.exe
+ 2007-11-30 11:18:09    26,488    ----a-w    C:\WINDOWS\$hf_mig$\KB951698\update\spcustom.dll
+ 2007-11-30 12:39:03    752,504    ----a-w    C:\WINDOWS\$hf_mig$\KB951698\update\update.exe
+ 2007-11-30 12:39:04    380,792    ----a-w    C:\WINDOWS\$hf_mig$\KB951698\update\updspapi.dll
+ 2006-08-16 12:13:40    100,352    ----a-w    C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\6to4svc.dll
+ 2008-06-20 10:44:08    138,368    ----a-w    C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\afd.sys
+ 2008-06-20 17:36:14    147,968    ----a-w    C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\dnsapi.dll
+ 2008-06-20 17:36:14    245,248    ----a-w    C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\mswsock.dll
+ 2008-06-20 10:44:42    360,960    ----a-w    C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
+ 2008-06-20 09:32:39    225,920    ----a-w    C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip6.sys
+ 2008-06-20 11:40:08    138,496    ----a-w    C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\afd.sys
+ 2008-06-20 17:47:47    147,968    ----a-w    C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\dnsapi.dll
+ 2008-06-20 17:47:47    245,248    ----a-w    C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\mswsock.dll
+ 2008-06-20 11:51:12    361,600    ----a-w    C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
+ 2008-06-20 11:08:27    225,856    ----a-w    C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip6.sys
+ 2008-06-20 11:48:03    138,496    ----a-w    C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\afd.sys
+ 2008-06-20 17:43:07    147,968    ----a-w    C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\dnsapi.dll
+ 2008-06-20 17:43:07    245,248    ----a-w    C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll
+ 2008-06-20 11:59:02    361,600    ----a-w    C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
+ 2008-06-20 11:16:44    225,856    ----a-w    C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip6.sys
+ 2007-11-30 12:39:01    17,784    ----a-w    C:\WINDOWS\$hf_mig$\KB951748\spmsg.dll
+ 2007-11-30 12:39:01    231,288    ----a-w    C:\WINDOWS\$hf_mig$\KB951748\spuninst.exe
+ 2007-11-30 12:39:01    26,488    ----a-w    C:\WINDOWS\$hf_mig$\KB951748\update\spcustom.dll
+ 2007-11-30 12:38:55    752,504    ----a-w    C:\WINDOWS\$hf_mig$\KB951748\update\update.exe
+ 2007-11-30 12:38:55    380,792    ----a-w    C:\WINDOWS\$hf_mig$\KB951748\update\updspapi.dll
+ 2008-05-01 15:04:03    331,776    ----a-w    C:\WINDOWS\$hf_mig$\KB952287\SP2QFE\msadce.dll
+ 2008-05-01 14:34:51    331,776    ----a-w    C:\WINDOWS\$hf_mig$\KB952287\SP3GDR\msadce.dll
+ 2008-05-01 14:38:27    331,776    ----a-w    C:\WINDOWS\$hf_mig$\KB952287\SP3QFE\msadce.dll
+ 2007-11-30 11:18:09    17,784    ----a-w    C:\WINDOWS\$hf_mig$\KB952287\spmsg.dll
+ 2007-11-30 11:18:09    231,288    ----a-w    C:\WINDOWS\$hf_mig$\KB952287\spuninst.exe
+ 2007-11-30 11:18:09    26,488    ----a-w    C:\WINDOWS\$hf_mig$\KB952287\update\spcustom.dll
+ 2007-11-30 11:18:13    752,504    ----a-w    C:\WINDOWS\$hf_mig$\KB952287\update\update.exe
+ 2007-11-30 11:18:13    380,792    ----a-w    C:\WINDOWS\$hf_mig$\KB952287\update\updspapi.dll
+ 2008-06-24 16:29:58    74,240    ----a-w    C:\WINDOWS\$hf_mig$\KB952954\SP2QFE\mscms.dll
+ 2008-06-24 16:43:12    74,240    ----a-w    C:\WINDOWS\$hf_mig$\KB952954\SP3GDR\mscms.dll
+ 2008-06-24 16:53:22    74,240    ----a-w    C:\WINDOWS\$hf_mig$\KB952954\SP3QFE\mscms.dll
+ 2007-11-30 12:39:01    17,784    ----a-w    C:\WINDOWS\$hf_mig$\KB952954\spmsg.dll
+ 2007-11-30 12:39:01    231,288    ----a-w    C:\WINDOWS\$hf_mig$\KB952954\spuninst.exe
+ 2007-11-30 12:39:01    26,488    ----a-w    C:\WINDOWS\$hf_mig$\KB952954\update\spcustom.dll
+ 2007-11-30 12:39:03    752,504    ----a-w    C:\WINDOWS\$hf_mig$\KB952954\update\update.exe
+ 2007-11-30 12:39:04    380,792    ----a-w    C:\WINDOWS\$hf_mig$\KB952954\update\updspapi.dll
+ 2008-06-23 16:13:43    1,024,000    ----a-w    C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\browseui.dll
+ 2008-06-23 16:13:43    151,040    ----a-w    C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\cdfview.dll
+ 2008-06-23 16:13:43    1,053,696    ----a-w    C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\danim.dll
+ 2008-06-23 16:13:43    357,888    ----a-w    C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\dxtmsft.dll
+ 2008-06-23 16:13:43    205,312    ----a-w    C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\dxtrans.dll
+ 2008-06-23 16:13:43    55,808    ----a-w    C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\extmgr.dll
+ 2008-06-23 09:53:58    18,432    ----a-w    C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\iedw.exe
+ 2008-06-23 16:13:50    251,392    ----a-w    C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\iepeers.dll
+ 2008-06-23 16:13:50    96,256    ----a-w    C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\inseng.dll
+ 2008-06-23 16:13:50    16,384    ----a-w    C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\jsproxy.dll
+ 2008-06-23 16:13:51    3,088,384    ----a-w    C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\mshtml.dll
+ 2008-06-23 16:13:51    449,024    ----a-w    C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\mshtmled.dll
+ 2008-06-23 16:13:51    146,432    ----a-w    C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\msrating.dll
+ 2008-06-23 16:13:52    532,480    ----a-w    C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\mstime.dll
+ 2008-06-23 16:13:52    39,424    ----a-w    C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\pngfilt.dll
+ 2008-06-23 16:13:52    1,499,136    ----a-w    C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\shdocvw.dll
+ 2008-06-23 16:13:53    474,112    ----a-w    C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\shlwapi.dll
+ 2008-07-03 09:42:28    690,176    ----a-w    C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\spru0401.dll
+ 2008-06-23 16:13:53    617,472    ----a-w    C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\urlmon.dll
+ 2008-06-23 16:13:53    665,600    ----a-w    C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\wininet.dll
+ 2008-06-23 15:10:48    3,088,384    ----a-w    C:\WINDOWS\$hf_mig$\KB953838\SP3GDR\mshtml.dll
+ 2008-06-26 08:13:22    1,499,136    ----a-w    C:\WINDOWS\$hf_mig$\KB953838\SP3GDR\shdocvw.dll
+ 2008-06-26 08:13:23    617,472    ----a-w    C:\WINDOWS\$hf_mig$\KB953838\SP3GDR\urlmon.dll
+ 2008-06-23 15:10:48    664,576    ----a-w    C:\WINDOWS\$hf_mig$\KB953838\SP3GDR\wininet.dll
+ 2008-06-25 04:24:54    3,088,896    ----a-w    C:\WINDOWS\$hf_mig$\KB953838\SP3QFE\mshtml.dll
+ 2008-06-26 08:00:21    1,499,136    ----a-w    C:\WINDOWS\$hf_mig$\KB953838\SP3QFE\shdocvw.dll
+ 2008-06-26 08:00:21    617,472    ----a-w    C:\WINDOWS\$hf_mig$\KB953838\SP3QFE\urlmon.dll
+ 2008-06-23 14:54:52    665,088    ----a-w    C:\WINDOWS\$hf_mig$\KB953838\SP3QFE\wininet.dll
+ 2007-11-30 12:39:01    17,784    ----a-w    C:\WINDOWS\$hf_mig$\KB953838\spmsg.dll
+ 2007-11-30 12:39:01    231,288    ----a-w    C:\WINDOWS\$hf_mig$\KB953838\spuninst.exe
+ 2007-11-30 12:39:01    26,488    ----a-w    C:\WINDOWS\$hf_mig$\KB953838\update\spcustom.dll
+ 2007-11-30 12:38:55    752,504    ----a-w    C:\WINDOWS\$hf_mig$\KB953838\update\update.exe
+ 2007-11-30 12:38:55    380,792    ----a-w    C:\WINDOWS\$hf_mig$\KB953838\update\updspapi.dll
+ 2007-11-30 12:39:01    17,784    ----a-w    C:\WINDOWS\$hf_mig$\KB953839\spmsg.dll
+ 2007-11-30 12:39:01    231,288    ----a-w    C:\WINDOWS\$hf_mig$\KB953839\spuninst.exe
+ 2007-11-30 12:39:01    26,488    ----a-w    C:\WINDOWS\$hf_mig$\KB953839\update\spcustom.dll
+ 2007-11-30 12:39:03    752,504    ----a-w    C:\WINDOWS\$hf_mig$\KB953839\update\update.exe
+ 2007-11-30 12:39:04    380,792    ----a-w    C:\WINDOWS\$hf_mig$\KB953839\update\updspapi.dll
+ 2004-08-03 22:09:14    82,944    -c----w    C:\WINDOWS\$NtUninstallKB946648$\msgsc.dll
+ 2007-11-30 12:39:01    231,288    -c----w    C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe
+ 2007-11-30 12:39:04    380,792    -c----w    C:\WINDOWS\$NtUninstallKB946648$\spuninst\updspapi.dll
+ 2004-08-03 21:55:34    561,179    -c----w    C:\WINDOWS\$NtUninstallKB950749$\dao360.dll
+ 2004-08-03 21:55:42    512,029    -c----w    C:\WINDOWS\$NtUninstallKB950749$\msexch40.dll
+ 2004-08-03 21:55:42    319,517    -c----w    C:\WINDOWS\$NtUninstallKB950749$\msexcl40.dll
+ 2004-08-03 21:55:42    1,507,356    -c----w    C:\WINDOWS\$NtUninstallKB950749$\msjet40.dll
+ 2004-07-17 08:34:48    358,976    -c----w    C:\WINDOWS\$NtUninstallKB950749$\msjetol1.dll
+ 2004-07-17 08:34:48    358,976    -c----w    C:\WINDOWS\$NtUninstallKB950749$\msjetoledb40.dll
+ 2004-08-03 21:55:44    151,583    -c----w    C:\WINDOWS\$NtUninstallKB950749$\msjint40.dll
+ 2004-08-03 21:55:44    53,279    -c----w    C:\WINDOWS\$NtUninstallKB950749$\msjter40.dll
+ 2004-08-03 21:55:44    241,693    -c----w    C:\WINDOWS\$NtUninstallKB950749$\msjtes40.dll
+ 2004-08-03 21:55:44    213,023    -c----w    C:\WINDOWS\$NtUninstallKB950749$\msltus40.dll
+ 2004-08-03 21:55:44    348,189    -c----w    C:\WINDOWS\$NtUninstallKB950749$\mspbde40.dll
+ 2004-08-03 21:55:44    421,919    -c----w    C:\WINDOWS\$NtUninstallKB950749$\msrd2x40.dll
+ 2004-08-03 21:55:44    315,423    -c----w    C:\WINDOWS\$NtUninstallKB950749$\msrd3x40.dll
+ 2004-08-03 21:55:46    552,989    -c----w    C:\WINDOWS\$NtUninstallKB950749$\msrepl40.dll
+ 2004-08-03 21:55:46    258,077    -c----w    C:\WINDOWS\$NtUninstallKB950749$\mstext40.dll
+ 2004-08-03 21:55:46    831,519    -c----w    C:\WINDOWS\$NtUninstallKB950749$\mswdat10.dll
+ 2004-08-03 21:55:46    614,429    -c----w    C:\WINDOWS\$NtUninstallKB950749$\mswstr10.dll
+ 2004-08-03 21:55:46    348,189    -c----w    C:\WINDOWS\$NtUninstallKB950749$\msxbde40.dll
+ 2007-03-06 00:57:39    213,216    -c----w    C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe
+ 2007-03-06 00:58:46    369,376    -c----w    C:\WINDOWS\$NtUninstallKB950749$\spuninst\updspapi.dll
+ 2005-07-26 04:39:47    243,200    -c----w    C:\WINDOWS\$NtUninstallKB950974$\es.dll
+ 2007-11-30 12:39:01    231,288    -c----w    C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe
+ 2007-11-30 12:38:55    380,792    -c----w    C:\WINDOWS\$NtUninstallKB950974$\spuninst\updspapi.dll
+ 2007-11-30 11:18:09    231,288    -c----w    C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe
+ 2007-11-30 12:39:04    380,792    -c----w    C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\updspapi.dll
+ 2007-11-13 11:31:11    60,416    -c----w    C:\WINDOWS\$NtUninstallKB951072-v2$\tzchange.exe
+ 2007-11-30 11:18:09    231,288    -c----w    C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe
+ 2007-11-30 11:18:13    380,792    -c----w    C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\updspapi.dll
+ 2007-10-29 22:42:44    1,285,632    -c----w    C:\WINDOWS\$NtUninstallKB951698$\quartz.dll
+ 2007-11-30 11:18:09    231,288    -c----w    C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe
+ 2007-11-30 12:39:04    380,792    -c----w    C:\WINDOWS\$NtUninstallKB951698$\spuninst\updspapi.dll
+ 2004-08-03 20:14:16    138,496    -c----w    C:\WINDOWS\$NtUninstallKB951748$\afd.sys
+ 2008-02-20 05:33:53    148,992    -c----w    C:\WINDOWS\$NtUninstallKB951748$\dnsapi.dll
+ 2004-08-03 21:55:46    245,248    -c----w    C:\WINDOWS\$NtUninstallKB951748$\mswsock.dll
+ 2007-11-30 12:39:01    231,288    -c----w    C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe
+ 2007-11-30 12:38:55    380,792    -c----w    C:\WINDOWS\$NtUninstallKB951748$\spuninst\updspapi.dll
+ 2007-10-30 17:20:55    360,064    -c----w    C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
+ 2006-08-16 09:37:30    225,664    -c----w    C:\WINDOWS\$NtUninstallKB951748$\tcpip6.sys
+ 2004-08-03 21:55:40    331,776    -c----w    C:\WINDOWS\$NtUninstallKB952287$\msadce.dll
+ 2007-11-30 11:18:09    231,288    -c----w    C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe
+ 2007-11-30 11:18:13    380,792    -c----w    C:\WINDOWS\$NtUninstallKB952287$\spuninst\updspapi.dll
+ 2005-06-29 01:48:39    74,240    -c----w    C:\WINDOWS\$NtUninstallKB952954$\mscms.dll
+ 2007-11-30 12:39:01    231,288    -c----w    C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe
+ 2007-11-30 12:39:04    380,792    -c----w    C:\WINDOWS\$NtUninstallKB952954$\spuninst\updspapi.dll
+ 2008-02-16 09:00:40    1,023,488    -c----w    C:\WINDOWS\$NtUninstallKB953838$\browseui.dll
+ 2008-02-16 09:00:40    151,040    -c----w    C:\WINDOWS\$NtUninstallKB953838$\cdfview.dll
+ 2008-02-16 09:00:41    1,053,696    -c----w    C:\WINDOWS\$NtUninstallKB953838$\danim.dll
+ 2008-02-16 09:00:41    357,888    -c----w    C:\WINDOWS\$NtUninstallKB953838$\dxtmsft.dll
+ 2008-02-16 09:00:42    205,312    -c----w    C:\WINDOWS\$NtUninstallKB953838$\dxtrans.dll
+ 2008-02-16 09:00:42    55,808    -c----w    C:\WINDOWS\$NtUninstallKB953838$\extmgr.dll
+ 2008-02-15 09:23:37    18,432    -c----w    C:\WINDOWS\$NtUninstallKB953838$\iedw.exe
+ 2008-02-16 09:00:42    250,880    -c----w    C:\WINDOWS\$NtUninstallKB953838$\iepeers.dll
+ 2008-02-16 09:00:42    96,256    -c----w    C:\WINDOWS\$NtUninstallKB953838$\inseng.dll
+ 2008-02-16 09:00:42    16,384    -c----w    C:\WINDOWS\$NtUninstallKB953838$\jsproxy.dll
+ 2008-02-16 22:30:46    3,080,704    -c----w    C:\WINDOWS\$NtUninstallKB953838$\mshtml.dll
+ 2008-02-16 09:00:45    449,024    -c----w    C:\WINDOWS\$NtUninstallKB953838$\mshtmled.dll
+ 2008-02-16 09:00:45    146,432    -c----w    C:\WINDOWS\$NtUninstallKB953838$\msrating.dll
+ 2008-02-16 09:00:45    532,480    -c----w    C:\WINDOWS\$NtUninstallKB953838$\mstime.dll
+ 2008-02-16 09:00:45    39,424    -c----w    C:\WINDOWS\$NtUninstallKB953838$\pngfilt.dll
+ 2008-02-16 09:00:46    1,494,528    -c----w    C:\WINDOWS\$NtUninstallKB953838$\shdocvw.dll
+ 2008-02-16 09:00:46    474,112    -c----w    C:\WINDOWS\$NtUninstallKB953838$\shlwapi.dll
+ 2007-11-30 12:39:01    231,288    -c----w    C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe
+ 2007-11-30 12:38:55    380,792    -c----w    C:\WINDOWS\$NtUninstallKB953838$\spuninst\updspapi.dll
+ 2008-02-16 09:00:47    614,912    -c----w    C:\WINDOWS\$NtUninstallKB953838$\urlmon.dll
+ 2008-02-16 09:00:47    657,920    -c----w    C:\WINDOWS\$NtUninstallKB953838$\wininet.dll
+ 2008-02-15 23:03:08    690,176    -c----w    C:\WINDOWS\$NtUninstallKB953838$\xpsp3res.dll
+ 2007-11-30 12:39:01    231,288    -c----w    C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe
+ 2007-11-30 12:39:04    380,792    -c----w    C:\WINDOWS\$NtUninstallKB953839$\spuninst\updspapi.dll
- 2008-03-10 11:49:34    248,632    ----a-w    C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
+ 2008-09-01 00:12:09    250,928    ----a-w    C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
+ 2008-06-14 17:59:04    271,616    ------w    C:\WINDOWS\Driver Cache\i386\bthport.sys
+ 2006-10-26 17:55:38    138,024    ----a-r    C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109030000000000000000F01FEC\12.0.4518\IMPMAIL.DLL
+ 2006-10-27 12:04:08    497,504    ----a-r    C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109030000000000000000F01FEC\12.0.4518\MORPH9.DLL
+ 2006-10-27 12:04:10    9,581,360    ----a-r    C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109030000000000000000F01FEC\12.0.4518\MSPUB.EXE
+ 2006-10-26 17:42:36    8,423,224    ----a-r    C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109030000000000000000F01FEC\12.0.4518\OARTCONV.DLL
+ 2006-10-27 12:16:36    46,864    ----a-r    C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109030000000000000000F01FEC\12.0.4518\OUTLRPC.DLL
+ 2006-10-27 12:04:06    465,200    ----a-r    C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109030000000000000000F01FEC\12.0.4518\POWERPNT.EXE
+ 2006-10-27 12:04:06    7,980,848    ----a-r    C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109030000000000000000F01FEC\12.0.4518\PPCORE.DLL
+ 2008-03-10 11:49:34    248,632    ----a-r    C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109030000000000000000F01FEC\12.0.4518\PPTPIA.DLL
+ 2006-10-26 17:09:36    136,008    ----a-r    C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109030000000000000000F01FEC\12.0.4518\PRTF9.DLL
+ 2006-10-27 12:04:06    624,456    ----a-r    C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109030000000000000000F01FEC\12.0.4518\PTXT9.DLL
+ 2006-10-26 17:09:44    590,144    ----a-r    C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109030000000000000000F01FEC\12.0.4518\PUBCONV.DLL
+ 2006-10-27 12:23:04    347,432    ----a-r    C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109030000000000000000F01FEC\12.0.4518\WINWORD.EXE
+ 2006-10-27 12:23:08    17,483,560    ----a-r    C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109030000000000000000F01FEC\12.0.4518\WWLIB.DLL
- 2008-04-06 14:31:13    123,008    ----a-r    C:\WINDOWS\Installer\{2200A348-3C2A-4AAD-B3AA-81A681B94405}\WLXPhotoGalleryIcon.exe
+ 2008-09-01 00:16:20    123,008    ----a-r    C:\WINDOWS\Installer\{2200A348-3C2A-4AAD-B3AA-81A681B94405}\WLXPhotoGalleryIcon.exe
- 2008-08-30 21:15:30    593,920    ----a-r    C:\WINDOWS\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2008-09-01 00:11:07    593,920    ----a-r    C:\WINDOWS\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2008-08-30 21:15:30    12,288    ----a-r    C:\WINDOWS\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2008-09-01 00:11:07    12,288    ----a-r    C:\WINDOWS\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-08-30 21:15:30    86,016    ----a-r    C:\WINDOWS\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2008-09-01 00:11:07    86,016    ----a-r    C:\WINDOWS\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2008-08-30 21:15:29    135,168    ----a-r    C:\WINDOWS\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-09-01 00:11:07    135,168    ----a-r    C:\WINDOWS\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-08-30 21:15:30    11,264    ----a-r    C:\WINDOWS\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-09-01 00:11:07    11,264    ----a-r    C:\WINDOWS\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-08-30 21:15:30    27,136    ----a-r    C:\WINDOWS\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-09-01 00:11:07    27,136    ----a-r    C:\WINDOWS\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-08-30 21:15:30    4,096    ----a-r    C:\WINDOWS\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-09-01 00:11:07    4,096    ----a-r    C:\WINDOWS\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-08-30 21:15:30    794,624    ----a-r    C:\WINDOWS\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-09-01 00:11:08    794,624    ----a-r    C:\WINDOWS\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-08-30 21:15:29    249,856    ----a-r    C:\WINDOWS\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-09-01 00:11:07    249,856    ----a-r    C:\WINDOWS\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-08-30 21:15:29    61,440    ----a-r    C:\WINDOWS\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2008-09-01 00:11:07    61,440    ----a-r    C:\WINDOWS\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2008-08-30 21:15:30    23,040    ----a-r    C:\WINDOWS\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-09-01 00:11:08    23,040    ----a-r    C:\WINDOWS\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-08-30 21:15:29    286,720    ----a-r    C:\WINDOWS\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-09-01 00:11:06    286,720    ----a-r    C:\WINDOWS\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-08-30 21:15:29    409,600    ----a-r    C:\WINDOWS\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-09-01 00:11:06    409,600    ----a-r    C:\WINDOWS\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2008-08-31 00:07:06    1,165,584    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2008-09-01 00:15:39    1,165,584    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
- 2008-08-31 00:07:06    20,240    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-09-01 00:15:40    20,240    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
- 2008-08-31 00:07:06    159,504    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2008-09-01 00:15:39    159,504    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
- 2008-08-31 00:07:06    184,080    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2008-09-01 00:15:39    184,080    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2008-08-31 00:07:06    217,864    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2008-09-01 00:15:40    217,864    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2008-08-31 00:07:06    18,704    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-09-01 00:15:40    18,704    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2008-08-31 00:07:07    35,088    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2008-09-01 00:15:40    35,088    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-08-31 00:07:06    845,584    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2008-09-01 00:15:40    845,584    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2008-08-31 00:07:06    922,384    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2008-09-01 00:15:40    922,384    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2008-08-31 00:07:06    272,648    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2008-09-01 00:15:40    272,648    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2008-08-31 00:07:06    888,080    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2008-09-01 00:15:40    888,080    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2008-08-31 00:07:06    1,172,240    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2008-09-01 00:15:39    1,172,240    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2008-08-31 00:06:33    20,240    ----a-r    C:\WINDOWS\Installer\{91120000-0017-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-09-01 00:15:10    20,240    ----a-r    C:\WINDOWS\Installer\{91120000-0017-0000-0000-0000000FF1CE}\cagicon.exe
- 2008-08-31 00:06:33    217,864    ----a-r    C:\WINDOWS\Installer\{91120000-0017-0000-0000-0000000FF1CE}\misc.exe
+ 2008-09-01 00:15:10    217,864    ----a-r    C:\WINDOWS\Installer\{91120000-0017-0000-0000-0000000FF1CE}\misc.exe
- 2008-08-31 00:06:33    18,704    ----a-r    C:\WINDOWS\Installer\{91120000-0017-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-09-01 00:15:10    18,704    ----a-r    C:\WINDOWS\Installer\{91120000-0017-0000-0000-0000000FF1CE}\mspicons.exe
- 2008-08-31 00:06:33    35,088    ----a-r    C:\WINDOWS\Installer\{91120000-0017-0000-0000-0000000FF1CE}\oisicon.exe
+ 2008-09-01 00:15:10    35,088    ----a-r    C:\WINDOWS\Installer\{91120000-0017-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-02-16 09:00:40    1,023,488    ----a-w    C:\WINDOWS\system32\browseui.dll
+ 2008-06-23 15:40:00    1,023,488    ----a-w    C:\WINDOWS\system32\browseui.dll
- 2008-02-16 09:00:40    151,040    ----a-w    C:\WINDOWS\system32\cdfview.dll
+ 2008-06-23 15:40:00    151,040    ----a-w    C:\WINDOWS\system32\cdfview.dll
- 2008-02-16 09:00:41    1,053,696    ----a-w    C:\WINDOWS\system32\danim.dll
+ 2008-06-23 15:40:00    1,053,696    ----a-w    C:\WINDOWS\system32\danim.dll
- 2004-08-03 20:14:16    138,496    -c--a-w    C:\WINDOWS\system32\dllcache\afd.sys
+ 2008-06-20 10:44:38    138,368    -c--a-w    C:\WINDOWS\system32\dllcache\afd.sys
- 2008-02-16 09:00:40    1,023,488    -c--a-w    C:\WINDOWS\system32\dllcache\browseui.dll
+ 2008-06-23 15:40:00    1,023,488    -c--a-w    C:\WINDOWS\system32\dllcache\browseui.dll
+ 2008-06-14 17:59:04    271,616    -c----w    C:\WINDOWS\system32\dllcache\bthport.sys
- 2008-02-16 09:00:40    151,040    -c--a-w    C:\WINDOWS\system32\dllcache\cdfview.dll
+ 2008-06-23 15:40:00    151,040    -c--a-w    C:\WINDOWS\system32\dllcache\cdfview.dll
- 2008-02-16 09:00:41    1,053,696    -c--a-w    C:\WINDOWS\system32\dllcache\danim.dll
+ 2008-06-23 15:40:00    1,053,696    -c--a-w    C:\WINDOWS\system32\dllcache\danim.dll
- 2004-08-03 21:55:34    561,179    -c--a-w    C:\WINDOWS\system32\dllcache\dao360.dll
+ 2008-03-25 04:50:25    554,008    -c--a-w    C:\WINDOWS\system32\dllcache\dao360.dll
- 2008-02-20 05:33:53    148,992    -c--a-w    C:\WINDOWS\system32\dllcache\dnsapi.dll
+ 2008-06-20 17:39:47    148,992    -c--a-w    C:\WINDOWS\system32\dllcache\dnsapi.dll
- 2008-02-16 09:00:41    357,888    -c--a-w    C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-06-23 15:40:01    357,888    -c--a-w    C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2008-02-16 09:00:42    205,312    -c--a-w    C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-06-23 15:40:01    205,312    -c--a-w    C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2005-07-26 04:39:47    243,200    -c--a-w    C:\WINDOWS\system32\dllcache\es.dll
+ 2008-07-07 20:30:47    253,952    -c--a-w    C:\WINDOWS\system32\dllcache\es.dll
- 2008-02-16 09:00:42    55,808    -c--a-w    C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-06-23 15:40:01    55,808    -c--a-w    C:\WINDOWS\system32\dllcache\extmgr.dll
- 2008-02-15 09:23:37    18,432    -c--a-w    C:\WINDOWS\system32\dllcache\iedw.exe
+ 2008-06-23 09:49:29    18,432    -c--a-w    C:\WINDOWS\system32\dllcache\iedw.exe
- 2008-02-16 09:00:42    250,880    -c--a-w    C:\WINDOWS\system32\dllcache\iepeers.dll
+ 2008-06-23 15:40:01    250,880    -c--a-w    C:\WINDOWS\system32\dllcache\iepeers.dll
- 2008-02-16 09:00:42    96,256    -c--a-w    C:\WINDOWS\system32\dllcache\inseng.dll
+ 2008-06-23 15:40:01    96,256    -c--a-w    C:\WINDOWS\system32\dllcache\inseng.dll
- 2008-02-16 09:00:42    16,384    -c--a-w    C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-06-23 15:40:01    16,384    -c--a-w    C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2004-08-03 21:55:40    331,776    -c--a-w    C:\WINDOWS\system32\dllcache\msadce.dll
+ 2008-05-01 14:30:35    331,776    -c--a-w    C:\WINDOWS\system32\dllcache\msadce.dll
- 2005-06-29 01:48:39    74,240    -c--a-w    C:\WINDOWS\system32\dllcache\mscms.dll
+ 2008-06-24 16:22:22    74,240    -c--a-w    C:\WINDOWS\system32\dllcache\mscms.dll
- 2004-08-03 21:55:42    512,029    -c--a-w    C:\WINDOWS\system32\dllcache\msexch40.dll
+ 2008-03-25 04:50:28    518,944    -c--a-w    C:\WINDOWS\system32\dllcache\msexch40.dll
- 2004-08-03 21:55:42    319,517    -c--a-w    C:\WINDOWS\system32\dllcache\msexcl40.dll
+ 2008-03-25 04:50:30    326,432    -c--a-w    C:\WINDOWS\system32\dllcache\msexcl40.dll
- 2008-02-16 22:30:46    3,080,704    -c--a-w    C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-06-23 15:40:06    3,080,704    -c--a-w    C:\WINDOWS\system32\dllcache\mshtml.dll
- 2008-02-16 09:00:45    449,024    -c--a-w    C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-06-23 15:40:06    449,024    -c--a-w    C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2004-08-03 21:55:42    1,507,356    -c--a-w    C:\WINDOWS\system32\dllcache\msjet40.dll
+ 2008-03-25 04:50:34    1,516,568    -c--a-w    C:\WINDOWS\system32\dllcache\msjet40.dll
- 2004-07-17 08:34:48    358,976    -c--a-w    C:\WINDOWS\system32\dllcache\msjetol1.dll
+ 2008-03-25 04:50:40    355,112    -c--a-w    C:\WINDOWS\system32\dllcache\msjetol1.dll
- 2004-08-03 21:55:44    151,583    -c--a-w    C:\WINDOWS\system32\dllcache\msjint40.dll
+ 2008-03-25 04:49:29    158,496    -c--a-w    C:\WINDOWS\system32\dllcache\msjint40.dll
- 2004-08-03 21:55:44    53,279    -c--a-w    C:\WINDOWS\system32\dllcache\msjter40.dll
+ 2008-03-25 04:50:42    60,192    -c--a-w    C:\WINDOWS\system32\dllcache\msjter40.dll
- 2004-08-03 21:55:44    241,693    -c--a-w    C:\WINDOWS\system32\dllcache\msjtes40.dll
+ 2008-03-25 04:50:42    248,608    -c--a-w    C:\WINDOWS\system32\dllcache\msjtes40.dll
- 2004-08-03 21:55:44    213,023    -c--a-w    C:\WINDOWS\system32\dllcache\msltus40.dll
+ 2008-03-25 04:50:44    219,936    -c--a-w    C:\WINDOWS\system32\dllcache\msltus40.dll
- 2004-08-03 21:55:44    348,189    -c--a-w    C:\WINDOWS\system32\dllcache\mspbde40.dll
+ 2008-03-25 04:50:45    355,104    -c--a-w    C:\WINDOWS\system32\dllcache\mspbde40.dll
- 2008-02-16 09:00:45    146,432    -c--a-w    C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-06-23 15:40:06    146,432    -c--a-w    C:\WINDOWS\system32\dllcache\msrating.dll
- 2004-08-03 21:55:44    421,919    -c--a-w    C:\WINDOWS\system32\dllcache\msrd2x40.dll
+ 2008-03-25 04:50:47    432,928    -c--a-w    C:\WINDOWS\system32\dllcache\msrd2x40.dll
- 2004-08-03 21:55:44    315,423    -c--a-w    C:\WINDOWS\system32\dllcache\msrd3x40.dll
+ 2008-03-25 04:50:49    322,336    -c--a-w    C:\WINDOWS\system32\dllcache\msrd3x40.dll
- 2004-08-03 21:55:46    552,989    -c--a-w    C:\WINDOWS\system32\dllcache\msrepl40.dll
+ 2008-03-25 04:50:52    559,904    -c--a-w    C:\WINDOWS\system32\dllcache\msrepl40.dll
- 2004-08-03 21:55:46    258,077    -c--a-w    C:\WINDOWS\system32\dllcache\mstext40.dll
+ 2008-03-25 04:50:55    264,992    -c--a-w    C:\WINDOWS\system32\dllcache\mstext40.dll
- 2008-02-16 09:00:45    532,480    -c--a-w    C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-06-23 15:40:07    532,480    -c--a-w    C:\WINDOWS\system32\dllcache\mstime.dll
- 2004-08-03 21:55:46    831,519    -c--a-w    C:\WINDOWS\system32\dllcache\mswdat10.dll
+ 2008-03-25 04:50:57    838,432    -c--a-w    C:\WINDOWS\system32\dllcache\mswdat10.dll
- 2004-08-03 21:55:46    245,248    -c--a-w    C:\WINDOWS\system32\dllcache\mswsock.dll
+ 2008-06-20 17:39:48    245,248    -c--a-w    C:\WINDOWS\system32\dllcache\mswsock.dll
- 2004-08-03 21:55:46    614,429    -c--a-w    C:\WINDOWS\system32\dllcache\mswstr10.dll
+ 2008-03-25 04:49:30    621,344    -c--a-w    C:\WINDOWS\system32\dllcache\mswstr10.dll
- 2004-08-03 21:55:46    348,189    -c--a-w    C:\WINDOWS\system32\dllcache\msxbde40.dll
+ 2008-03-25 04:50:58    355,104    -c--a-w    C:\WINDOWS\system32\dllcache\msxbde40.dll
- 2008-02-16 09:00:45    39,424    -c--a-w    C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-06-23 15:40:07    39,424    -c--a-w    C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2007-10-29 22:42:44    1,285,632    -c--a-w    C:\WINDOWS\system32\dllcache\quartz.dll
+ 2008-05-07 05:14:35    1,285,632    -c--a-w    C:\WINDOWS\system32\dllcache\quartz.dll
- 2008-02-16 09:00:46    1,494,528    -c--a-w    C:\WINDOWS\system32\dllcache\shdocvw.dll
+ 2008-06-23 15:40:09    1,494,528    -c--a-w    C:\WINDOWS\system32\dllcache\shdocvw.dll
- 2008-02-16 09:00:46    474,112    -c--a-w    C:\WINDOWS\system32\dllcache\shlwapi.dll
+ 2008-06-23 15:40:09    474,112    -c--a-w    C:\WINDOWS\system32\dllcache\shlwapi.dll
- 2007-10-30 17:20:55    360,064    -c--a-w    C:\WINDOWS\system32\dllcache\tcpip.sys
+ 2008-06-20 10:45:13    360,320    -c--a-w    C:\WINDOWS\system32\dllcache\tcpip.sys
- 2006-08-16 09:37:30    225,664    -c--a-w    C:\WINDOWS\system32\dllcache\tcpip6.sys
+ 2008-06-20 09:52:06    225,920    -c--a-w    C:\WINDOWS\system32\dllcache\tcpip6.sys
- 2008-02-16 09:00:47    614,912    -c--a-w    C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-06-23 15:40:10    614,912    -c--a-w    C:\WINDOWS\system32\dllcache\urlmon.dll
- 2008-02-16 09:00:47    657,920    -c--a-w    C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-06-23 15:40:10    657,920    -c--a-w    C:\WINDOWS\system32\dllcache\wininet.dll
- 2008-02-20 05:33:53    148,992    ----a-w    C:\WINDOWS\system32\dnsapi.dll
+ 2008-06-20 17:39:47    148,992    ----a-w    C:\WINDOWS\system32\dnsapi.dll
- 2004-08-03 20:14:16    138,496    ----a-w    C:\WINDOWS\system32\drivers\afd.sys
+ 2008-06-20 10:44:38    138,368    ----a-w    C:\WINDOWS\system32\drivers\afd.sys
+ 2008-06-14 17:59:04    271,616    ------w    C:\WINDOWS\system32\drivers\bthport.sys
- 2007-10-30 17:20:55    360,064    ----a-w    C:\WINDOWS\system32\drivers\tcpip.sys
+ 2008-06-20 10:45:13    360,320    ----a-w    C:\WINDOWS\system32\drivers\tcpip.sys
- 2006-08-16 09:37:30    225,664    ----a-w    C:\WINDOWS\system32\drivers\tcpip6.sys
+ 2008-06-20 09:52:06    225,920    ----a-w    C:\WINDOWS\system32\drivers\tcpip6.sys
- 2008-02-16 09:00:41    357,888    ----a-w    C:\WINDOWS\system32\dxtmsft.dll
+ 2008-06-23 15:40:01    357,888    ----a-w    C:\WINDOWS\system32\dxtmsft.dll
- 2008-02-16 09:00:42    205,312    ----a-w    C:\WINDOWS\system32\dxtrans.dll
+ 2008-06-23 15:40:01    205,312    ----a-w    C:\WINDOWS\system32\dxtrans.dll
- 2005-07-26 04:39:47    243,200    ----a-w    C:\WINDOWS\system32\es.dll
+ 2008-07-07 20:30:47    253,952    ----a-w    C:\WINDOWS\system32\es.dll
- 2008-02-16 09:00:42    55,808    ----a-w    C:\WINDOWS\system32\extmgr.dll
+ 2008-06-23 15:40:01    55,808    ----a-w    C:\WINDOWS\system32\extmgr.dll
- 2008-02-16 09:00:42    250,880    ----a-w    C:\WINDOWS\system32\iepeers.dll
+ 2008-06-23 15:40:01    250,880    ----a-w    C:\WINDOWS\system32\iepeers.dll
- 2008-02-16 09:00:42    96,256    ----a-w    C:\WINDOWS\system32\inseng.dll
+ 2008-06-23 15:40:01    96,256    ----a-w    C:\WINDOWS\system32\inseng.dll
- 2008-02-16 09:00:42    16,384    ----a-w    C:\WINDOWS\system32\jsproxy.dll
+ 2008-06-23 15:40:01    16,384    ----a-w    C:\WINDOWS\system32\jsproxy.dll
- 2005-06-29 01:48:39    74,240    ----a-w    C:\WINDOWS\system32\mscms.dll
+ 2008-06-24 16:22:22    74,240    ----a-w    C:\WINDOWS\system32\mscms.dll
- 2004-08-03 21:55:42    512,029    ----a-w    C:\WINDOWS\system32\msexch40.dll
+ 2008-03-25 04:50:28    518,944    ----a-w    C:\WINDOWS\system32\msexch40.dll
- 2004-08-03 21:55:42    319,517    ----a-w    C:\WINDOWS\system32\msexcl40.dll
+ 2008-03-25 04:50:30    326,432    ----a-w    C:\WINDOWS\system32\msexcl40.dll
- 2008-02-16 22:30:46    3,080,704    ----a-w    C:\WINDOWS\system32\mshtml.dll
+ 2008-06-23 15:40:06    3,080,704    ----a-w    C:\WINDOWS\system32\mshtml.dll
- 2008-02-16 09:00:45    449,024    ----a-w    C:\WINDOWS\system32\mshtmled.dll
+ 2008-06-23 15:40:06    449,024    ----a-w    C:\WINDOWS\system32\mshtmled.dll
- 2004-08-03 21:55:42    1,507,356    ----a-w    C:\WINDOWS\system32\msjet40.dll
+ 2008-03-25 04:50:34    1,516,568    ----a-w    C:\WINDOWS\system32\msjet40.dll
- 2004-07-17 08:34:48    358,976    ----a-w    C:\WINDOWS\system32\msjetoledb40.dll
+ 2008-03-25 04:50:40    355,112    ----a-w    C:\WINDOWS\system32\msjetoledb40.dll
- 2004-08-03 21:55:44    151,583    ----a-w    C:\WINDOWS\system32\msjint40.dll
+ 2008-03-25 04:49:29    158,496    ----a-w    C:\WINDOWS\system32\msjint40.dll
- 2004-08-03 21:55:44    53,279    ----a-w    C:\WINDOWS\system32\msjter40.dll
+ 2008-03-25 04:50:42    60,192    ----a-w    C:\WINDOWS\system32\msjter40.dll
- 2004-08-03 21:55:44    241,693    ----a-w    C:\WINDOWS\system32\msjtes40.dll
+ 2008-03-25 04:50:42    248,608    ----a-w    C:\WINDOWS\system32\msjtes40.dll
- 2004-08-03 21:55:44    213,023    ----a-w    C:\WINDOWS\system32\msltus40.dll
+ 2008-03-25 04:50:44    219,936    ----a-w    C:\WINDOWS\system32\msltus40.dll
- 2004-08-03 21:55:44    348,189    ----a-w    C:\WINDOWS\system32\mspbde40.dll
+ 2008-03-25 04:50:45    355,104    ----a-w    C:\WINDOWS\system32\mspbde40.dll
- 2008-02-16 09:00:45    146,432    ----a-w    C:\WINDOWS\system32\msrating.dll
+ 2008-06-23 15:40:06    146,432    ----a-w    C:\WINDOWS\system32\msrating.dll
- 2004-08-03 21:55:44    421,919    ----a-w    C:\WINDOWS\system32\msrd2x40.dll
+ 2008-03-25 04:50:47    432,928    ----a-w    C:\WINDOWS\system32\msrd2x40.dll
- 2004-08-03 21:55:44    315,423    ----a-w    C:\WINDOWS\system32\msrd3x40.dll
+ 2008-03-25 04:50:49    322,336    ----a-w    C:\WINDOWS\system32\msrd3x40.dll
- 2004-08-03 21:55:46    552,989    ----a-w    C:\WINDOWS\system32\msrepl40.dll
+ 2008-03-25 04:50:52    559,904    ----a-w    C:\WINDOWS\system32\msrepl40.dll
- 2004-08-03 21:55:46    258,077    ----a-w    C:\WINDOWS\system32\mstext40.dll
+ 2008-03-25 04:50:55    264,992    ----a-w    C:\WINDOWS\system32\mstext40.dll
- 2008-02-16 09:00:45    532,480    ----a-w    C:\WINDOWS\system32\mstime.dll
+ 2008-06-23 15:40:07    532,480    ----a-w    C:\WINDOWS\system32\mstime.dll
- 2004-08-03 21:55:46    831,519    ----a-w    C:\WINDOWS\system32\mswdat10.dll
+ 2008-03-25 04:50:57    838,432    ----a-w    C:\WINDOWS\system32\mswdat10.dll
- 2004-08-03 21:55:46    245,248    ----a-w    C:\WINDOWS\system32\mswsock.dll
+ 2008-06-20 17:39:48    245,248    ----a-w    C:\WINDOWS\system32\mswsock.dll
- 2004-08-03 21:55:46    614,429    ----a-w    C:\WINDOWS\system32\mswstr10.dll
+ 2008-03-25 04:49:30    621,344    ----a-w    C:\WINDOWS\system32\mswstr10.dll
- 2004-08-03 21:55:46    348,189    ----a-w    C:\WINDOWS\system32\msxbde40.dll
+ 2008-03-25 04:50:58    355,104    ----a-w    C:\WINDOWS\system32\msxbde40.dll
- 2008-02-16 09:00:45    39,424    ----a-w    C:\WINDOWS\system32\pngfilt.dll
+ 2008-06-23 15:40:07    39,424    ----a-w    C:\WINDOWS\system32\pngfilt.dll
- 2007-10-29 22:42:44    1,285,632    ----a-w    C:\WINDOWS\system32\quartz.dll
+ 2008-05-07 05:14:35    1,285,632    ----a-w    C:\WINDOWS\system32\quartz.dll
- 2008-02-16 09:00:46    1,494,528    ----a-w    C:\WINDOWS\system32\shdocvw.dll
+ 2008-06-23 15:40:09    1,494,528    ----a-w    C:\WINDOWS\system32\shdocvw.dll
- 2008-02-16 09:00:46    474,112    ----a-w    C:\WINDOWS\system32\shlwapi.dll
+ 2008-06-23 15:40:09    474,112    ----a-w    C:\WINDOWS\system32\shlwapi.dll
- 2007-11-30 12:39:01    17,784    ------w    C:\WINDOWS\system32\spmsg.dll
+ 2007-11-30 11:18:09    17,784    ------w    C:\WINDOWS\system32\spmsg.dll
- 2007-11-13 11:31:11    60,416    ------w    C:\WINDOWS\system32\tzchange.exe
+ 2008-07-14 11:09:18    62,976    ------w    C:\WINDOWS\system32\tzchange.exe
- 2008-02-16 09:00:47    614,912    ----a-w    C:\WINDOWS\system32\urlmon.dll
+ 2008-06-23 15:40:10    614,912    ----a-w    C:\WINDOWS\system32\urlmon.dll
- 2008-02-16 09:00:47    657,920    ----a-w    C:\WINDOWS\system32\wininet.dll
+ 2008-06-23 15:40:10    657,920    ----a-w    C:\WINDOWS\system32\wininet.dll
- 2008-02-15 23:03:08    690,176    ----a-w    C:\WINDOWS\system32\xpsp3res.dll
+ 2008-07-03 09:42:28    690,176    ----a-w    C:\WINDOWS\system32\xpsp3res.dll
.
-- Snapshot reset to current date --
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 12:56 AM 15360]
"IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe" [03/10/2008 11:05 AM 876800]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" [03/01/2006 07:43 PM 90112]
"STYLEXP"="C:\Program Files\TGTSoft\StyleXP\StyleXP.exe" [05/10/2005 11:02 PM 1310720]
"PowerArchiver Tray"="C:\Program Files\PowerArchiver\PASTARTER.EXE" [01/24/2008 08:36 PM 141352]
"PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" [03/28/2008 11:20 AM 1079296]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" [03/26/2008 06:41 PM 1232896]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run_CF]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 12:56 AM 15360]
"IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe" [03/10/2008 11:05 AM 876800]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" [03/01/2006 07:43 PM 90112]
"STYLEXP"="C:\Program Files\TGTSoft\StyleXP\StyleXP.exe" [05/10/2005 11:02 PM 1310720]
"PowerArchiver Tray"="C:\Program Files\PowerArchiver\PASTARTER.EXE" [01/24/2008 08:36 PM 141352]
"PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" [03/28/2008 11:20 AM 1079296]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" [03/26/2008 06:41 PM 1232896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [10/27/2006 12:47 AM 31016]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [04/22/2005 10:54 AM 5898240]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [03/10/2008 11:35 AM 114688]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 10:16 PM 39792]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [04/12/2008 07:14 AM 185896]
"USB Antivirus"="C:\Program Files\USB Disk Security\USBGuard.exe" [09/01/2008 03:42 AM 798720]
"اختصار صفحة خصائص High Definition Audio"="HDAudPropShortcut.exe" [03/17/2004 04:10 PM 61952 C:\WINDOWS\system32\Hdaudpropshortcut.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run_CF]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [10/27/2006 12:47 AM 31016]
"APVXDWIN"="C:\Program Files\Panda Security\Panda Antivirus 2008\APVXDWIN.EXE" [10/04/2007 03:14 PM 455984]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [04/22/2005 10:54 AM 5898240]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [03/10/2008 11:35 AM 114688]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 10:16 PM 39792]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [04/12/2008 07:14 AM 185896]
"ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" [02/01/2008 11:55 AM 1103240]
"اختصار صفحة خصائص High Definition Audio"="HDAudPropShortcut.exe" [03/17/2004 04:10 PM 61952 C:\WINDOWS\system32\Hdaudpropshortcut.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [08/04/2004 12:56 AM 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [03/26/2008 06:41 PM 1232896]

C:\DOCUME~1\ALLUSE~1\A007~1\7D39~1\D51D~1\
Orbit.lnk - C:\Program Files\Orbitdownloader\orbitdm.exe [2008-03-10 13:26:20 1678536]
SnagIt 8.lnk - C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe [2007-05-01 11:11:48 6395464]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoStartMenuPinnedList"= 0 (0x0)
"NoStartMenuMFUprogramsList"= 0 (0x0)
"NoUserNameInStartMenu"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
"NoCommonGroups"= 0 (0x0)
"NoPrinterTabs"= 0 (0x0)
"NoDeletePrinter"= 0 (0x0)
"NoAddPrinter"= 0 (0x0)
"NoPrinters"= 0 (0x0)
"NoFavoritesMenu"= 0 (0x0)
"NoRecentDocsNetHood"= 0 (0x0)
"NoChange"= 0 (0x0)
"NoChangeKeyboardNavigationIndicators"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="C:\\Program Files\\TGTSoft\\StyleXP\\Logon\\CurrentLogon.EXE"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Antiwpa]
08/12/2005 05:25 AM 5376 C:\WINDOWS\system32\antiwpa.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
02/15/2007 08:02 PM 50736 C:\WINDOWS\system32\avldr.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= C:\PROGRA~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"msacm.MPEGacm"= C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\MPEGacm.acm
"msacm.ulmp3acm"= C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\ulmp3acm.acm

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
"nwiz"=nwiz.exe /install
"SW20"=C:\WINDOWS\system32\sw20.exe
"SW24"=C:\WINDOWS\system32\sw24.exe
"NvMediaCenter"=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"UVS11 Preload"=C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Avant Browser\\avant.exe"=
"C:\\Program Files\\Orbitdownloader\\orbitdm.exe"=
"C:\\Program Files\\Orbitdownloader\\orbitnet.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R0 ulsata2;ulsata2;C:\WINDOWS\system32\drivers\ulsata2.sys [01/13/2008 05:44 PM]
R1 ShldDrv;Panda File Shield Driver;C:\WINDOWS\system32\DRIVERS\ShlDrv51.sys [03/11/2008 03:26 PM]
R2 PavProc;Panda Process Protection Driver;C:\WINDOWS\system32\DRIVERS\PavProc.sys [03/11/2008 03:25 PM]
S3 tapvpn;TAP VPN Adapter;C:\WINDOWS\system32\DRIVERS\tapvpn.sys [12/16/2006 11:37 PM]
.
s of the 'Scheduled Tasks' folder

2008-09-02 C:\WINDOWS\Tasks\RegCure Program Check.job
- C:\Program Files\RegCure\RegCure.exe [08/02/2007 07:20 PM]

2008-04-10 C:\WINDOWS\Tasks\RegCure.job
- C:\Program Files\RegCure\RegCure.exe [08/02/2007 07:20 PM]

2008-09-02 C:\WINDOWS\Tasks\XoftSpySE 2.job
- C:\Program Files\XoftSpySE\XoftSpy.exe [03/11/2008 03:13 PM]

2008-09-02 C:\WINDOWS\Tasks\XoftSpySE.job
- C:\Program Files\XoftSpySE\XoftSpy.exe [03/11/2008 03:13 PM]
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)


.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\hattoom\Application Data\Mozilla\Firefox\Profiles\xu7ce3hf.default\
FF -: plugin - C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-02 03:57:23
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ... 

C:\WINDOWS\explorer.exe [1864] 0x8626C2A8

scanning hidden autostart entries ...

scanning hidden files ... 

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Panda Security\Panda Antivirus 2008\PAVSRV51.EXE
C:\Program Files\Panda Security\Panda Antivirus 2008\AVENGINE.EXE
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\WINDOWS\system32\Crypserv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Panda Security\Panda Antivirus 2008\PsCtrlS.exe
C:\Program Files\Common Files\Panda Software\PavShld\PavPrSrv.exe
C:\Program Files\Panda Security\Panda Antivirus 2008\PsImSvc.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\TechSmith\SnagIt 8\TscHelp.exe
C:\Program Files\TechSmith\SnagIt 8\SnagPriv.exe
.
**************************************************************************
.
Completion time: 09/02/2008  4:02:25 - machine was rebooted [hattoom]
ComboFix-quarantined-files.txt  2008-09-02 01:02:19
ComboFix2.txt  2008-08-31 14:23:19

Pre-Run: 4,131,180,544 bytes free
Post-Run: 4,305,723,392 bytes free

651    --- E O F ---    2008-09-01 00:17:12

لكنه موجود الخبيث
 
توقيع : hattoom99
تأييد 0
حمل اداة الكاسبر من الرابط التالي


يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي



بعد التحميل ،، دبل كلك وسيتم استخراج ملف الاداة الى مجلد بسطح المكتب لحظات وتبدأ الاداة بالعمل


تابع الشرح لفحص الجهاز وتنظيفه وارفاق التقرير


zyzoom-3d6517b067.png



zyzoom-7717063ed7.png



zyzoom-cda271da05.png



zyzoom-26888dbf15.png



zyzoom-3f4576c288.png



ثم قم بضغط التقرير ورفعه هنا>>>>
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي



يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
 
تأييد 0
جاري الشغل


 
توقيع : hattoom99
تأييد 0
هو يأخذ وقت


له 6 ساعات وهو في 3%

؟؟؟؟؟
 
توقيع : hattoom99
تأييد 0
على حسب عدد الملفات بجهازك
كم وصل الان ؟
 
تأييد 0
هذا التقرير

حجمه 5 ميجا وشويه

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي




لكن ما حذف الشغل


شكراً أخي ماكس على تواصلك




 
توقيع : hattoom99
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى