you have a security problem Fermé

Question

Bonjour,
Depuis hier, j'ai chopé une fenètre qui apparait toute les 30s en bas à droite dans ma barre de tache avec le message"You have a security problem". 
Si je clique dessus , j'ai internet explorer qui s'ouvre et qui essaie de se connecter sur le site "virus-scanonline.com/1/ ...." . A partir de ce moment, j'ai une fenètre qui revient régulièrement pour me proposer un anti virus Je clique alors sur "interdire" mais 20 secondes plus tard ça revient !!!! 
J'ai analysé tout le PC avec Avira antivir personal, puis tuneup, puis Spyboat et meme Malwarebites anti malware mais rien n'y fait et j'ai toujours le problème. 
Connaissez vous ce problème. Pouvez vous m'aider SVP car je suis pas hyper pro en info. 

Merci d'avance.
 je joins un rapport hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:27:42, on 15/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\userinit.exe
C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\OLITEC\Moniteur WiFi OLITEC\Moniteur WiFi OLITEC.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\DAP\DAPIEBar.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar	oolbar.dll
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Moniteur WiFi OLITEC.exe.lnk = C:\Program Files\OLITEC\Moniteur WiFi OLITEC\Moniteur WiFi OLITEC.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin
pjpi160_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin
pjpi160_05.dll
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia	v\EXPLBAR.DLL
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar	oolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar	oolbar.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32
wprovau.dll
O14 - IERESET.INF: START_PAGE_URL=https://www.targa.gmbh/eng/targa/
O15 - ProtocolDefaults: '@ivt' protocol is in My Computer Zone, should be Intranet Zone (HKLM)
O15 - ProtocolDefaults: 'file' protocol is in My Computer Zone, should be Internet Zone (HKLM)
O15 - ProtocolDefaults: 'ftp' protocol is in My Computer Zone, should be Internet Zone (HKLM)
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone (HKLM)
O15 - ProtocolDefaults: 'https' protocol is in My Computer Zone, should be Internet Zone (HKLM)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://www.visiogood.com/jalss/cfweb_activex.camfrogweb.com-advanced-2.0.2.20_instmodule.exe
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1097164261734
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {FD40EC41-D860-4579-8BA4-52671A45C71C} (AxHtChat Class) - http://images.goa.com/it/Woo2/fr/chat/nPaxChat.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0FB66FA5-FD83-4CF4-80BE-819BDECCE349}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{1A393EB5-AB19-49AD-A943-320763BB5882}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{24E3BD39-E20A-4ECC-8906-58F8AF57772C}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{3973425E-968A-45E1-BCE3-B58D3C9AE664}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{3CDC5F2C-C0AD-47B6-9D1A-BBD81E182F64}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{48D9C6B6-E187-4D79-B392-E4E6F038D357}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{5503B571-761C-4FE9-A98A-CE54371106CD}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{5A4F6099-F168-43C4-AA6C-0418DF81C338}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{A4D085EA-8648-4E7A-98C7-C93CB97B92C5}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{B581A6B6-2DFA-4FA9-AF78-59CA8A3FCB77}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{BC9B43AB-3030-411A-9F09-D15CFB559FB0}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{BF6B82C8-3F27-40CD-813F-1DB4683F271D}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{C3116177-F0DA-4D80-8B46-0E8C5514D839}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{CB0E73FD-0A39-4DAC-BABF-10D1DAD2BB70}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{E97A0840-2C2C-4E59-8514-7BF4D192DCB0}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CS1\Services\Tcpip\..\{0FB66FA5-FD83-4CF4-80BE-819BDECCE349}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CS2\Services\Tcpip\..\{0FB66FA5-FD83-4CF4-80BE-819BDECCE349}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CS3\Services\Tcpip\..\{0FB66FA5-FD83-4CF4-80BE-819BDECCE349}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CS4\Services\Tcpip\..\{0FB66FA5-FD83-4CF4-80BE-819BDECCE349}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CS5\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CS5\Services\Tcpip\..\{0FB66FA5-FD83-4CF4-80BE-819BDECCE349}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CS6\Services\Tcpip\..\{0FB66FA5-FD83-4CF4-80BE-819BDECCE349}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CS8\Services\Tcpip\..\{0FB66FA5-FD83-4CF4-80BE-819BDECCE349}: NameServer = 208.67.220.220,208.67.222.222 
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgfws8.exe (file missing)
O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PsExec (PSEXESVC) - Unknown owner - C:\WINDOWS\PSEXESVC.EXE (file missing)
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing)

jlpjlp · Answer

slt,


smit fraud fix (colle le rapport)

1/ telecharger :

http://siri.urz.free.fr/Fix/SmitfraudFix.php

2/ double clique sur smitfraudfix. puis sélectionne 1 et appuyer sur entrée afin de créer le rapport des infection présentes. 

________________

Télécharge ici :

http://images.malwareremoval.com/random/RSIT.exe

random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.

Clique Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

NB : Les rapports sont sauvegardés dans le dossier C:\rsit

jlpjlp · Answer

le premier rapport de RSIT est incomplet :(

bobnancy54 · Answer

ok je te le reposte ci-dessous

Logfile of random's system information tool 1.05 (written by random/random)
Run by bob2 at 2009-03-15 12:55:52
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 3 GB (19%) free of 18 GB
Total RAM: 511 MB (28% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:56:07, on 15/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\bob2\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\bob2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\DAP\DAPIEBar.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar	oolbar.dll
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Moniteur WiFi OLITEC.exe.lnk = C:\Program Files\OLITEC\Moniteur WiFi OLITEC\Moniteur WiFi OLITEC.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin
pjpi160_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin
pjpi160_05.dll
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia	v\EXPLBAR.DLL
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar	oolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar	oolbar.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32
wprovau.dll
O14 - IERESET.INF: START_PAGE_URL=https://www.targa.gmbh/eng/targa/
O15 - ProtocolDefaults: '@ivt' protocol is in My Computer Zone, should be Intranet Zone (HKLM)
O15 - ProtocolDefaults: 'file' protocol is in My Computer Zone, should be Internet Zone (HKLM)
O15 - ProtocolDefaults: 'ftp' protocol is in My Computer Zone, should be Internet Zone (HKLM)
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone (HKLM)
O15 - ProtocolDefaults: 'https' protocol is in My Computer Zone, should be Internet Zone (HKLM)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://www.visiogood.com/jalss/cfweb_activex.camfrogweb.com-advanced-2.0.2.20_instmodule.exe
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1097164261734
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {FD40EC41-D860-4579-8BA4-52671A45C71C} (AxHtChat Class) - http://images.goa.com/it/Woo2/fr/chat/nPaxChat.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0FB66FA5-FD83-4CF4-80BE-819BDECCE349}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{1A393EB5-AB19-49AD-A943-320763BB5882}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{24E3BD39-E20A-4ECC-8906-58F8AF57772C}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{3973425E-968A-45E1-BCE3-B58D3C9AE664}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{3CDC5F2C-C0AD-47B6-9D1A-BBD81E182F64}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{48D9C6B6-E187-4D79-B392-E4E6F038D357}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{5503B571-761C-4FE9-A98A-CE54371106CD}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{5A4F6099-F168-43C4-AA6C-0418DF81C338}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{A4D085EA-8648-4E7A-98C7-C93CB97B92C5}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{B581A6B6-2DFA-4FA9-AF78-59CA8A3FCB77}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{BC9B43AB-3030-411A-9F09-D15CFB559FB0}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{BF6B82C8-3F27-40CD-813F-1DB4683F271D}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{C3116177-F0DA-4D80-8B46-0E8C5514D839}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{CB0E73FD-0A39-4DAC-BABF-10D1DAD2BB70}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{E97A0840-2C2C-4E59-8514-7BF4D192DCB0}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CS1\Services\Tcpip\..\{0FB66FA5-FD83-4CF4-80BE-819BDECCE349}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CS2\Services\Tcpip\..\{0FB66FA5-FD83-4CF4-80BE-819BDECCE349}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CS3\Services\Tcpip\..\{0FB66FA5-FD83-4CF4-80BE-819BDECCE349}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CS4\Services\Tcpip\..\{0FB66FA5-FD83-4CF4-80BE-819BDECCE349}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CS5\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CS5\Services\Tcpip\..\{0FB66FA5-FD83-4CF4-80BE-819BDECCE349}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CS6\Services\Tcpip\..\{0FB66FA5-FD83-4CF4-80BE-819BDECCE349}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CS8\Services\Tcpip\..\{0FB66FA5-FD83-4CF4-80BE-819BDECCE349}: NameServer = 208.67.220.220,208.67.222.222 
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgfws8.exe (file missing)
O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PsExec (PSEXESVC) - Unknown owner - C:\WINDOWS\PSEXESVC.EXE (file missing)
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing)

bobnancy54 · Answer

tu as le temps de l étudier je m absente jusqu'à demain soir
merci

jlpjlp · Answer

télécharge combofix (par sUBs) ici : 

http://download.bleepingcomputer.com/sUBs/ComboFix.exe 

et enregistre le sur le bureau. 


déconnecte toi d'internet et ferme toutes tes applications. 

désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware) 


double-clique sur combofix.exe et suis les instructions 

à la fin, il va produire un rapport C:\ComboFix.txt 

réactive ton parefeu, ton antivirus, la garde de ton antispyware 

copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse. 

Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi. 

Tu as un tutoriel complet ici : 

https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

bobnancy54 · Answer

voila le rapport combifix j ai un autre souci mon anti virus Avira Antivir me signale toutes les minutes une infection cheval de troie TR/Dldr.Agent.bkvp sous le fichier C/windows système32 userinit.exe lorsque je vais chercher ce fichier et que je tente de le supprimer c est imposssible, de mème lorsque antivir me le signale et que je lui demande de le supprimer ou de le mettre en quarantaine il n y parvient pas si tu a une solution je suis preneur merci d avance ComboFix 09-03-15.01 - bob2 2009-03-17 0:36:34.9 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.511.167 [GMT 1:00] Lancé depuis: c:\documents and settings\bob2\Mes documents elechargement\ComboFix.exe AV: AVG *On-access scanning disabled* (Outdated) AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) AV: BullGuard 5.0 antivirus *On-access scanning enabled* (Updated) AV: ZoneAlarm Security Suite Antivirus *On-access scanning disabled* (Outdated) FW: BullGuard 5.0 firewall *enabled* . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\404Fix.exe c:\windows\system32\Agent.OMZ.Fix.exe c:\windows\system32\dumphive.exe c:\windows\system32\IEDFix.C.exe c:\windows\system32\IEDFix.exe c:\windows\system32\init32.exe c:\windows\system32\o4Patch.exe c:\windows\system32\Process.exe c:\windows\system32\SrchSTS.exe c:\windows\system32 mp.reg c:\windows\system32\VACFix.exe c:\windows\system32\VCCLSID.exe c:\windows\system32\WS2Fix.exe . ((((((((((((((((((((((((((((( Fichiers créés du 2009-02-16 au 2009-03-16 )))))))))))))))))))))))))))))))))))) . 2009-03-15 11:28 . 2009-03-15 11:29 d----c--- C: sit 2009-03-15 09:35 . 2009-03-15 09:35 d----c--- c:\program files\Enigma Software Group 2009-03-15 01:32 . 2009-03-15 01:32 d----c--- c:\program files\Trend Micro 2009-03-14 20:13 . 2009-03-14 20:13 d----c--- c:\documents and settings\NetworkService\Bureau 2009-03-14 16:03 . 2009-03-14 16:03 0 --a--c--- c:\windows\bssboot.dat 2009-03-14 15:53 . 2004-08-05 13:00 1,042,515 --a--c--- c:\windows\system32\dllcache\cmnresm.dll 2009-03-14 15:18 . 2009-03-14 15:18 d----c--- c:\documents and settings\LocalService\Bureau 2009-03-14 14:16 . 2009-03-14 14:16 603,904 --a--c--- c:\windows\system32\TUProgSt.exe 2009-03-14 14:16 . 2008-11-12 16:44 27,904 --a--c--- c:\windows\system32\uxtuneup.dll 2009-03-14 14:14 . 2009-03-14 14:23 d----c--- c:\program files\TuneUp Utilities 2009 2009-03-14 14:13 . 2009-03-14 14:13 d--hsc--- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357} 2009-03-14 08:23 . 2009-03-14 08:23 70,144 --a--c--- c:\windows\system32\RgWA1bKm.exe 2009-02-21 04:31 . 2009-02-21 04:31 d----c--- c:\documents and settings\qqq\Application Data\ATI MMC . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-03-15 12:30 --------- dc----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-03-15 12:14 --------- dc----w c:\documents and settings\All Users\Application Data\ATI MMC 2009-03-15 00:51 --------- dc----w c:\program files\Google 2009-03-14 13:16 362,240 -c--a-w c:\windows\system32\TuneUpDefragService.exe 2009-03-14 07:45 --------- dc----w c:\program files\Malwarebytes' Anti-Malware 2009-03-14 07:23 33,280 -c--a-w c:\windows\system32\userinit.exe 2009-02-11 09:19 38,496 -c--a-w c:\windows\system32\drivers\mbamswissarmy.sys 2009-02-11 09:19 15,504 -c--a-w c:\windows\system32\drivers\mbam.sys 2009-02-09 14:05 1,846,912 -c--a-w c:\windows\system32\win32k.sys 2008-06-28 12:45 278,528 -c--a-w c:\program files\Fichiers communs\FDEUnInstaller.exe 2007-08-02 23:47 4,010 -c--a-w c:\documents and settings\bob2\Application Data\wklnhst.dat 2007-07-18 11:45 61,038 -c--a-w c:\program files\mozilla firefox\components\jar50.dll 2007-07-18 11:45 49,256 -c--a-w c:\program files\mozilla firefox\components\jsd3250.dll 2007-07-18 11:45 166,000 -c--a-w c:\program files\mozilla firefox\components\xpinstal.dll 2008-04-13 17:33 65,024 -csha-w c:\windows\system32\asycfilt.dll 2008-04-13 17:33 617,472 -csha-w c:\windows\system32\comctl32.dll 2008-04-13 17:33 1,028,096 -csha-w c:\windows\system32\mfc42.dll 2004-08-05 12:00 57,344 --sha-w c:\windows\system32\mfc42loc.dll 1995-09-20 15:16 35,088 -csha-w c:\windows\system32\msjint32.dll 1995-09-20 15:13 977,680 -csha-w c:\windows\system32\msjt3032.dll 1995-09-20 15:16 23,824 -csha-w c:\windows\system32\msjter32.dll 2008-04-13 17:33 413,696 -csha-w c:\windows\system32\msvcp60.dll 2008-04-13 17:33 343,040 -csha-w c:\windows\system32\msvcrt.dll 2004-08-05 12:00 253,952 -csha-w c:\windows\system32\msvcrt20.dll 2008-04-13 17:33 551,936 -csha-w c:\windows\system32\oleaut32.dll 2008-04-13 17:33 84,992 -csha-w c:\windows\system32\olepro32.dll 2008-04-13 17:33 30,749 -csha-w c:\windows\system32\vbajet32.dll 1995-09-24 10:02 243,472 -csha-w c:\windows\system32\vbar2232.dll 2008-06-09 07:31 16,384 -csha-w c:\windows\system32\config\systemprofile\Cookies\index.dat 2008-06-09 07:31 32,768 -csha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008060920080610\index.dat . ------- Sigcheck ------- 2004-08-05 13:00 25088 d6d65ea32b190401b57edb6706f29669 c:\windows\$NtServicePackUninstall$\userinit.exe 2008-04-13 18:34 26624 e74ddb12188c2ff57a78624dbf7332fc c:\windows\ServicePackFiles\i386\userinit.exe md5deep: c:\windows\system32\userinit.exe: Permission denied . ((((((((((((((((((((((((((((( snapshot_2008-06-14_ 0.11.14,23 ))))))))))))))))))))))))))))))))))))))))) . + 2008-05-02 13:44:40 83,968 -c--a-w c:\windows\$hf_mig$\KB946648\SP3QFE\msgsc.dll + 2007-11-30 12:39:29 18,296 -c--a-w c:\windows\$hf_mig$\KB946648\spmsg.dll + 2007-11-30 12:39:29 234,872 -c--a-w c:\windows\$hf_mig$\KB946648\spuninst.exe + 2007-11-30 12:39:29 26,488 -c--a-w c:\windows\$hf_mig$\KB946648\update\spcustom.dll + 2007-11-30 11:19:06 767,352 -c--a-w c:\windows\$hf_mig$\KB946648\update\update.exe + 2007-11-30 12:39:31 406,392 -c--a-w c:\windows\$hf_mig$\KB946648\update\updspapi.dll + 2008-07-07 20:24:11 253,952 -c--a-w c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll + 2007-11-30 12:39:29 18,296 -c--a-w c:\windows\$hf_mig$\KB950974\spmsg.dll + 2007-11-30 12:39:29 234,872 -c--a-w c:\windows\$hf_mig$\KB950974\spuninst.exe + 2007-11-30 12:39:29 26,488 -c--a-w c:\windows\$hf_mig$\KB950974\update\spcustom.dll + 2007-11-30 12:39:26 767,352 -c--a-w c:\windows\$hf_mig$\KB950974\update\update.exe + 2007-11-30 12:39:29 406,392 -c--a-w c:\windows\$hf_mig$\KB950974\update\updspapi.dll + 2008-04-11 22:23:04 691,712 -c--a-w c:\windows\$hf_mig$\KB951066\SP3QFE\inetcomm.dll + 2007-11-30 12:39:29 18,296 -c--a-w c:\windows\$hf_mig$\KB951066\spmsg.dll + 2007-11-30 12:39:29 234,872 -c--a-w c:\windows\$hf_mig$\KB951066\spuninst.exe + 2007-11-30 12:39:29 26,488 -c--a-w c:\windows\$hf_mig$\KB951066\update\spcustom.dll + 2007-12-03 15:25:43 767,352 -c--a-w c:\windows\$hf_mig$\KB951066\update\update.exe + 2007-11-30 12:39:31 406,392 -c--a-w c:\windows\$hf_mig$\KB951066\update\updspapi.dll + 2008-07-11 12:51:51 62,976 -c--a-w c:\windows\$hf_mig$\KB951072-v2\SP3QFE zchange.exe + 2007-11-30 11:19:06 18,296 -c--a-w c:\windows\$hf_mig$\KB951072-v2\spmsg.dll + 2007-11-30 11:19:06 234,872 -c--a-w c:\windows\$hf_mig$\KB951072-v2\spuninst.exe + 2007-11-30 11:19:06 26,488 -c--a-w c:\windows\$hf_mig$\KB951072-v2\update\spcustom.dll + 2007-11-30 12:39:29 767,352 -c--a-w c:\windows\$hf_mig$\KB951072-v2\update\update.exe + 2007-11-30 12:39:31 406,392 -c--a-w c:\windows\$hf_mig$\KB951072-v2\update\updspapi.dll + 2008-06-14 17:40:19 272,768 -c--a-w c:\windows\$hf_mig$\KB951376-v2\SP3QFE\bthport.sys + 2007-11-30 11:19:06 18,296 -c--a-w c:\windows\$hf_mig$\KB951376-v2\spmsg.dll + 2007-11-30 11:19:06 234,872 -c--a-w c:\windows\$hf_mig$\KB951376-v2\spuninst.exe + 2007-11-30 11:19:06 26,488 -c--a-w c:\windows\$hf_mig$\KB951376-v2\update\spcustom.dll + 2007-11-30 11:19:06 767,352 -c--a-w c:\windows\$hf_mig$\KB951376-v2\update\update.exe + 2007-11-30 11:19:10 406,392 -c--a-w c:\windows\$hf_mig$\KB951376-v2\update\updspapi.dll + 2008-06-20 11:48:03 138,496 -c--a-w c:\windows\$hf_mig$\KB951748\SP3QFE\afd.sys + 2008-06-20 17:44:02 147,968 -c--a-w c:\windows\$hf_mig$\KB951748\SP3QFE\dnsapi.dll + 2008-06-20 17:44:02 247,808 -c--a-w c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll + 2008-06-20 11:59:02 361,600 -c--a-w c:\windows\$hf_mig$\KB951748\SP3QFE cpip.sys + 2008-06-20 11:16:44 225,856 -c--a-w c:\windows\$hf_mig$\KB951748\SP3QFE cpip6.sys + 2007-11-30 12:39:29 18,296 -c--a-w c:\windows\$hf_mig$\KB951748\spmsg.dll + 2007-11-30 12:39:29 234,872 -c--a-w c:\windows\$hf_mig$\KB951748\spuninst.exe + 2007-11-30 12:39:29 26,488 -c--a-w c:\windows\$hf_mig$\KB951748\update\spcustom.dll + 2007-11-30 12:39:26 767,352 -c--a-w c:\windows\$hf_mig$\KB951748\update\update.exe + 2007-11-30 12:39:29 406,392 -c--a-w c:\windows\$hf_mig$\KB951748\update\updspapi.dll + 2008-05-07 09:07:23 135,168 -c--a-w c:\windows\$hf_mig$\KB951978\SP3QFE\cscript.exe + 2008-05-09 10:51:45 512,000 -c--a-w c:\windows\$hf_mig$\KB951978\SP3QFE\jscript.dll + 2008-05-09 10:51:45 180,224 -c--a-w c:\windows\$hf_mig$\KB951978\SP3QFE\scrobj.dll + 2008-05-09 10:51:45 172,032 -c--a-w c:\windows\$hf_mig$\KB951978\SP3QFE\scrrun.dll + 2008-05-09 10:51:45 430,080 -c--a-w c:\windows\$hf_mig$\KB951978\SP3QFE\vbscript.dll + 2008-05-08 11:24:44 155,648 -c--a-w c:\windows\$hf_mig$\KB951978\SP3QFE\wscript.exe + 2008-05-09 10:51:45 90,112 -c--a-w c:\windows\$hf_mig$\KB951978\SP3QFE\wshext.dll + 2007-11-30 12:39:29 18,296 -c--a-w c:\windows\$hf_mig$\KB951978\spmsg.dll + 2007-11-30 12:39:29 234,872 -c--a-w c:\windows\$hf_mig$\KB951978\spuninst.exe + 2007-11-30 12:39:29 26,488 -c--a-w c:\windows\$hf_mig$\KB951978\update\spcustom.dll + 2007-11-30 12:39:26 767,352 -c--a-w c:\windows\$hf_mig$\KB951978\update\update.exe + 2007-11-30 12:39:29 406,392 -c--a-w c:\windows\$hf_mig$\KB951978\update\updspapi.dll + 2008-05-01 14:39:23 331,776 -c--a-w c:\windows\$hf_mig$\KB952287\SP3QFE\msadce.dll + 2007-11-30 11:19:06 18,296 -c--a-w c:\windows\$hf_mig$\KB952287\spmsg.dll + 2007-11-30 11:19:06 234,872 -c--a-w c:\windows\$hf_mig$\KB952287\spuninst.exe + 2007-11-30 11:19:06 26,488 -c--a-w c:\windows\$hf_mig$\KB952287\update\spcustom.dll + 2007-11-30 11:19:06 767,352 -c--a-w c:\windows\$hf_mig$\KB952287\update\update.exe + 2007-11-30 11:19:10 406,392 -c--a-w c:\windows\$hf_mig$\KB952287\update\updspapi.dll + 2008-06-24 16:53:52 74,240 -c--a-w c:\windows\$hf_mig$\KB952954\SP3QFE\mscms.dll + 2007-11-30 11:19:06 18,296 -c--a-w c:\windows\$hf_mig$\KB952954\spmsg.dll + 2007-11-30 11:19:06 234,872 -c--a-w c:\windows\$hf_mig$\KB952954\spuninst.exe + 2007-11-30 11:19:06 26,488 -c--a-w c:\windows\$hf_mig$\KB952954\update\spcustom.dll + 2007-11-30 12:39:29 767,352 -c--a-w c:\windows\$hf_mig$\KB952954\update\update.exe + 2007-11-30 12:39:31 406,392 -c--a-w c:\windows\$hf_mig$\KB952954\update\updspapi.dll + 2008-06-23 15:40:01 124,928 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\advpack.dll + 2008-06-23 15:40:01 347,136 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\dxtmsft.dll + 2008-06-23 15:40:01 214,528 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\dxtrans.dll + 2008-06-23 15:40:01 132,608 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\extmgr.dll + 2008-06-23 15:40:01 63,488 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\icardie.dll + 2008-06-23 08:23:18 70,656 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ie4uinit.exe + 2008-06-23 15:40:01 153,088 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieakeng.dll + 2008-06-23 15:40:01 230,400 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieaksie.dll + 2008-06-21 05:23:53 161,792 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieakui.dll + 2007-04-17 09:32:38 2,455,488 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieapfltr.dat + 2008-06-23 15:40:02 383,488 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieapfltr.dll + 2008-06-23 15:40:02 388,608 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iedkcs32.dll + 2008-06-23 15:40:04 6,068,736 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieframe.dll + 2008-06-23 15:40:04 44,544 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iernonce.dll + 2008-06-23 15:40:04 267,776 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iertutil.dll + 2008-06-23 08:23:18 13,824 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieudinit.exe + 2008-06-23 08:23:52 625,664 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iexplore.exe + 2008-06-23 15:40:05 27,648 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\jsproxy.dll + 2008-06-23 15:40:05 459,264 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msfeeds.dll + 2008-06-23 15:40:05 52,224 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msfeedsbs.dll + 2008-06-23 15:40:07 3,594,240 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtml.dll + 2008-06-23 15:40:07 477,696 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtmled.dll + 2008-06-23 15:40:07 193,024 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msrating.dll + 2008-06-23 15:40:07 671,232 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mstime.dll + 2008-06-23 15:40:07 102,912 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\occache.dll + 2008-06-23 15:40:07 44,544 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\pngfilt.dll + 2008-06-23 15:40:07 105,984 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\url.dll + 2008-06-23 15:40:08 1,162,752 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\urlmon.dll + 2008-06-23 15:40:08 233,472 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\webcheck.dll + 2008-06-23 15:40:08 827,904 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll + 2007-03-06 01:34:33 15,072 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\spmsg.dll + 2007-03-06 01:34:38 216,800 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\spuninst.exe + 2007-03-06 01:34:31 22,752 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\update\spcustom.dll + 2007-03-06 01:34:56 727,776 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\update\update.exe + 2007-03-06 01:35:48 394,976 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\update\updspapi.dll + 2007-11-30 11:19:06 18,296 -c--a-w c:\windows\$hf_mig$\KB953839\spmsg.dll + 2007-11-30 11:19:06 234,872 -c--a-w c:\windows\$hf_mig$\KB953839\spuninst.exe + 2007-11-30 11:19:06 26,488 -c--a-w c:\windows\$hf_mig$\KB953839\update\spcustom.dll + 2007-11-30 11:19:06 767,352 -c--a-w c:\windows\$hf_mig$\KB953839\update\update.exe + 2007-11-30 11:19:10 406,392 -c--a-w c:\windows\$hf_mig$\KB953839\update\updspapi.dll + 2008-09-15 15:20:39 1,847,040 -c--a-w c:\windows\$hf_mig$\KB954211\SP3QFE\win32k.sys + 2007-11-30 12:39:29 18,296 -c--a-w c:\windows\$hf_mig$\KB954211\spmsg.dll + 2007-11-30 12:39:29 234,872 -c--a-w c:\windows\$hf_mig$\KB954211\spuninst.exe + 2007-11-30 12:39:29 26,488 -c--a-w c:\windows\$hf_mig$\KB954211\update\spcustom.dll + 2008-07-09 07:40:26 767,352 -c--a-w c:\windows\$hf_mig$\KB954211\update\update.exe + 2007-11-30 12:39:31 406,392 -c--a-w c:\windows\$hf_mig$\KB954211\update\updspapi.dll + 2008-09-10 01:12:14 1,379,840 -c--a-w c:\windows\$hf_mig$\KB954459\SP3QFE\msxml6.dll + 2007-11-30 11:19:06 18,296 -c--a-w c:\windows\$hf_mig$\KB954459\spmsg.dll + 2007-11-30 11:19:06 234,872 -c--a-w c:\windows\$hf_mig$\KB954459\spuninst.exe + 2007-11-30 11:19:06 26,488 -c--a-w c:\windows\$hf_mig$\KB954459\update\spcustom.dll + 2007-11-30 12:39:29 767,352 -c--a-w c:\windows\$hf_mig$\KB954459\update\update.exe + 2007-11-30 12:39:31 406,392 -c--a-w c:\windows\$hf_mig$\KB954459\update\updspapi.dll + 2008-10-03 09:50:27 247,326 -c--a-w c:\windows\$hf_mig$\KB954600\SP3QFE\strmdll.dll + 2007-11-30 11:19:06 18,296 -c--a-w c:\windows\$hf_mig$\KB954600\spmsg.dll + 2007-11-30 11:19:06 234,872 -c--a-w c:\windows\$hf_mig$\KB954600\spuninst.exe + 2007-11-30 11:19:06 26,488 -c--a-w c:\windows\$hf_mig$\KB954600\update\spcustom.dll + 2007-11-30 11:19:06 767,352 -c--a-w c:\windows\$hf_mig$\KB954600\update\update.exe + 2007-11-30 11:19:10 406,392 -c--a-w c:\windows\$hf_mig$\KB954600\update\updspapi.dll + 2008-09-04 17:12:47 1,106,944 -c--a-w c:\windows\$hf_mig$\KB955069\SP3QFE\msxml3.dll + 2007-11-30 11:19:06 18,296 -c--a-w c:\windows\$hf_mig$\KB955069\spmsg.dll + 2007-11-30 11:19:06 234,872 -c--a-w c:\windows\$hf_mig$\KB955069\spuninst.exe + 2007-11-30 11:19:06 26,488 -c--a-w c:\windows\$hf_mig$\KB955069\update\spcustom.dll + 2007-11-30 12:39:29 767,352 -c--a-w c:\windows\$hf_mig$\KB955069\update\update.exe + 2008-07-09 12:10:36 406,392 -c--a-w c:\windows\$hf_mig$\KB955069\update\updspapi.dll + 2008-10-23 10:17:49 62,976 -c--a-w c:\windows\$hf_mig$\KB955839\SP3QFE zchange.exe + 2007-11-30 11:19:06 18,296 -c--a-w c:\windows\$hf_mig$\KB955839\spmsg.dll + 2007-11-30 11:19:06 234,872 -c--a-w c:\windows\$hf_mig$\KB955839\spuninst.exe + 2007-11-30 11:19:06 26,488 -c--a-w c:\windows\$hf_mig$\KB955839\update\spcustom.dll + 2007-11-30 12:39:29 767,352 -c--a-w c:\windows\$hf_mig$\KB955839\update\update.exe + 2007-11-30 12:39:31 406,392 -c--a-w c:\windows\$hf_mig$\KB955839\update\updspapi.dll + 2007-11-30 12:39:29 18,296 -c--a-w c:\windows\$hf_mig$\KB956391\spmsg.dll + 2007-11-30 12:39:29 234,872 -c--a-w c:\windows\$hf_mig$\KB956391\spuninst.exe + 2007-11-30 12:39:29 26,488 -c--a-w c:\windows\$hf_mig$\KB956391\update\spcustom.dll + 2007-11-30 12:39:29 767,352 -c--a-w c:\windows\$hf_mig$\KB956391\update\update.exe + 2007-11-30 12:39:31 406,392 -c--a-w c:\windows\$hf_mig$\KB956391\update\updspapi.dll + 2008-10-23 12:44:51 286,720 -c--a-w c:\windows\$hf_mig$\KB956802\SP3QFE\gdi32.dll + 2008-07-08 13:03:54 18,296 -c--a-w c:\windows\$hf_mig$\KB956802\spmsg.dll + 2008-07-08 13:03:55 234,872 -c--a-w c:\windows\$hf_mig$\KB956802\spuninst.exe + 2008-07-08 13:03:54 26,488 -c--a-w c:\windows\$hf_mig$\KB956802\update\spcustom.dll + 2008-07-09 07:40:26 767,352 -c--a-w c:\windows\$hf_mig$\KB956802\update\update.exe + 2008-07-09 07:40:35 406,392 -c--a-w c:\windows\$hf_mig$\KB956802\update\updspapi.dll + 2008-08-14 10:34:26 138,496 -c--a-w c:\windows\$hf_mig$\KB956803\SP3QFE\afd.sys + 2007-11-30 11:19:06 18,296 -c--a-w c:\windows\$hf_mig$\KB956803\spmsg.dll + 2007-11-30 11:19:06 234,872 -c--a-w c:\windows\$hf_mig$\KB956803\spuninst.exe + 2007-11-30 11:19:06 26,488 -c--a-w c:\windows\$hf_mig$\KB956803\update\spcustom.dll + 2007-11-30 11:19:06 767,352 -c--a-w c:\windows\$hf_mig$\KB956803\update\update.exe + 2007-11-30 11:19:10 406,392 -c--a-w c:\windows\$hf_mig$\KB956803\update\updspapi.dll + 2008-08-14 13:55:54 2,147,328 -c--a-w c:\windows\$hf_mig$\KB956841\SP3QFE tkrnlmp.exe + 2008-08-14 17:26:00 2,068,096 -c--a-w c:\windows\$hf_mig$\KB956841\SP3QFE tkrnlpa.exe + 2008-08-14 13:55:47 2,025,984 -c--a-w c:\windows\$hf_mig$\KB956841\SP3QFE tkrpamp.exe + 2008-08-14 17:26:02 2,191,232 -c--a-w c:\windows\$hf_mig$\KB956841\SP3QFE toskrnl.exe + 2007-11-30 11:19:06 18,296 -c--a-w c:\windows\$hf_mig$\KB956841\spmsg.dll + 2007-11-30 11:19:06 234,872 -c--a-w c:\windows\$hf_mig$\KB956841\spuninst.exe + 2007-11-30 11:19:06 26,488 -c--a-w c:\windows\$hf_mig$\KB956841\update\spcustom.dll + 2007-11-30 12:39:29 767,352 -c--a-w c:\windows\$hf_mig$\KB956841\update\update.exe + 2008-07-09 07:40:35 406,392 -c--a-w c:\windows\$hf_mig$\KB956841\update\updspapi.dll + 2008-09-08 11:37:19 333,824 -c--a-w c:\windows\$hf_mig$\KB957095\SP3QFE\srv.sys + 2007-11-30 11:19:06 18,296 -c--a-w c:\windows\$hf_mig$\KB957095\spmsg.dll + 2007-11-30 11:19:06 234,872 -c--a-w c:\windows\$hf_mig$\KB957095\spuninst.exe + 2007-11-30 11:19:06 26,488 -c--a-w c:\windows\$hf_mig$\KB957095\update\spcustom.dll + 2007-11-30 11:19:06 767,352 -c--a-w c:\windows\$hf_mig$\KB957095\update\update.exe + 2007-11-30 11:19:10 406,392 -c--a-w c:\windows\$hf_mig$\KB957095\update\updspapi.dll + 2008-10-24 11:41:11 455,936 -c--a-w c:\windows\$hf_mig$\KB957097\SP3QFE\mrxsmb.sys + 2008-07-08 13:03:54 18,296 -c--a-w c:\windows\$hf_mig$\KB957097\spmsg.dll + 2008-07-08 13:03:55 234,872 -c--a-w c:\windows\$hf_mig$\KB957097\spuninst.exe + 2008-07-08 13:03:54 26,488 -c--a-w c:\windows\$hf_mig$\KB957097\update\spcustom.dll + 2008-07-08 13:03:57 767,352 -c--a-w c:\windows\$hf_mig$\KB957097\update\update.exe + 2008-07-08 13:04:05 406,392 -c--a-w c:\windows\$hf_mig$\KB957097\update\updspapi.dll + 2008-10-15 16:31:32 339,456 -c--a-w c:\windows\$hf_mig$\KB958644\SP3QFE etapi32.dll + 2007-11-30 11:19:06 18,296 -c--a-w c:\windows\$hf_mig$\KB958644\spmsg.dll + 2007-11-30 11:19:06 234,872 -c--a-w c:\windows\$hf_mig$\KB958644\spuninst.exe + 2007-11-30 11:19:06 26,488 -c--a-w c:\windows\$hf_mig$\KB958644\update\spcustom.dll + 2007-11-30 11:19:06 767,352 -c--a-w c:\windows\$hf_mig$\KB958644\update\update.exe + 2007-11-30 11:19:10 406,392 -c--a-w c:\windows\$hf_mig$\KB958644\update\updspapi.dll + 2008-12-11 12:33:59 333,952 -c--a-w c:\windows\$hf_mig$\KB958687\SP3QFE\srv.sys + 2007-11-30 11:19:06 18,296 -c--a-w c:\windows\$hf_mig$\KB958687\spmsg.dll + 2007-11-30 11:19:06 234,872 -c--a-w c:\windows\$hf_mig$\KB958687\spuninst.exe + 2007-11-30 11:19:06 26,488 -c--a-w c:\windows\$hf_mig$\KB958687\update\spcustom.dll + 2007-11-30 11:19:06 767,352 -c--a-w c:\windows\$hf_mig$\KB958687\update\update.exe + 2007-11-30 11:19:10 406,392 -c--a-w c:\windows\$hf_mig$\KB958687\update\updspapi.dll + 2008-12-14 13:26:47 5,699,584 -c--a-w c:\windows\$hf_mig$\KB960714-IE8\SP3QFE\mshtml.dll + 2008-07-09 07:40:22 18,296 -c--a-w c:\windows\$hf_mig$\KB960714-IE8\spmsg.dll + 2008-07-09 07:40:24 234,872 -c--a-w c:\windows\$hf_mig$\KB960714-IE8\spuninst.exe + 2008-07-09 07:40:22 26,488 -c--a-w c:\windows\$hf_mig$\KB960714-IE8\update\spcustom.dll + 2008-11-15 17:18:14 767,352 -c--a-w c:\windows\$hf_mig$\KB960714-IE8\update\update.exe + 2008-07-09 07:40:35 406,392 -c--a-w c:\windows\$hf_mig$\KB960714-IE8\update\updspapi.dll + 2008-06-17 19:04:03 8,518,144 -c--a-w c:\windows\$hf_mig$\KB967715\SP3QFE\shell32.dll + 2008-07-09 07:40:22 18,296 -c--a-w c:\windows\$hf_mig$\KB967715\spmsg.dll + 2008-07-09 07:40:24 234,872 -c--a-w c:\windows\$hf_mig$\KB967715\spuninst.exe + 2008-07-09 07:40:22 26,488 -c--a-w c:\windows\$hf_mig$\KB967715\update\spcustom.dll + 2008-07-09 07:40:26 767,352 -c--a-w c:\windows\$hf_mig$\KB967715\update\update.exe + 2008-07-09 07:40:35 406,392 -c--a-w c:\windows\$hf_mig$\KB967715\update\updspapi.dll - 2005-01-16 15:15:07 1,100,392 -c--a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Excel\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll + 2008-07-01 15:59:32 1,103,248 -c--a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Excel\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll - 2005-01-16 15:15:08 141,928 -c--a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Graph\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll + 2008-07-01 15:59:32 144,784 -c--a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Graph\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll - 2005-01-16 15:15:08 461,416 -c--a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Owc11\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Owc11.dll + 2008-07-01 15:59:23 464,272 -c--a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Owc11\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Owc11.dll - 2005-01-16 15:15:08 223,856 -c--a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll + 2008-07-01 15:59:41 226,712 -c--a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll - 2005-01-16 15:15:08 20,080 -c--a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.SmartTag\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.SmartTag.dll + 2008-07-01 15:59:28 22,928 -c--a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.SmartTag\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.SmartTag.dll - 2005-01-16 15:15:08 662,120 -c--a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Word\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll + 2008-07-01 15:59:48 664,968 -c--a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Word\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll - 2005-01-16 15:15:08 371,296 -c--a-w c:\windows\assembly\GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.Forms.dll + 2008-07-01 15:59:27 374,152 -c--a-w c:\windows\assembly\GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.Forms.dll - 2005-01-16 15:15:08 64,088 -c--a-w c:\windows\assembly\GAC\Microsoft.Vbe.Interop\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll + 2008-07-01 15:58:55 66,936 -c--a-w c:\windows\assembly\GAC\Microsoft.Vbe.Interop\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll - 2005-01-16 15:15:08 223,800 -c--a-w c:\windows\assembly\GAC\office\11.0.0.0__71e9bce111e9429c\OFFICE.DLL + 2008-07-01 15:58:46 226,656 -c--a-w c:\windows\assembly\GAC\office\11.0.0.0__71e9bce111e9429c\OFFICE.DLL + 2002-07-25 16:13:18 24,576 -c--a-w c:\windows\Downloaded Program Files\dwusplay.dll + 2002-07-25 16:13:12 196,608 -c--a-w c:\windows\Downloaded Program Files\dwusplay.exe + 2005-08-11 14:30:30 417,792 -c--a-w c:\windows\Downloaded Program Files\isusweb.dll - 2008-04-14 15:59:30 272,768 -c----w c:\windows\Driver Cache\i386\bthport.sys + 2008-06-14 17:33:37 272,768 -c----w c:\windows\Driver Cache\i386\bthport.sys + 2008-10-24 11:21:09 455,296 -c----w c:\windows\Driver Cache\i386\mrxsmb.sys + 2008-08-14 13:23:44 2,147,328 -c----w c:\windows\Driver Cache\i386 tkrnlmp.exe + 2008-08-14 13:23:49 2,068,096 -c----w c:\windows\Driver Cache\i386 tkrnlpa.exe + 2008-08-14 13:23:44 2,025,984 -c----w c:\windows\Driver Cache\i386 tkrpamp.exe + 2008-08-14 13:23:49 2,191,232 -c----w c:\windows\Driver Cache\i386 toskrnl.exe - 2005-10-20 18:02:28 163,328 -c--a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE + 2005-10-20 19:02:28 163,328 -c--a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE + 2008-04-23 04:16:39 124,928 -c----w c:\windows\ie7updates\KB953838-IE7\advpack.dll + 2008-04-23 04:16:39 347,136 -c----w c:\windows\ie7updates\KB953838-IE7\dxtmsft.dll + 2008-04-23 04:16:39 214,528 -c----w c:\windows\ie7updates\KB953838-IE7\dxtrans.dll + 2008-04-23 04:16:39 133,120 -c----w c:\windows\ie7updates\KB953838-IE7\extmgr.dll + 2008-04-23 04:16:39 63,488 -c----w c:\windows\ie7updates\KB953838-IE7\icardie.dll + 2008-04-22 07:41:08 70,656 -c----w c:\windows\ie7updates\KB953838-IE7\ie4uinit.exe + 2008-04-23 04:16:39 153,088 -c----w c:\windows\ie7updates\KB953838-IE7\ieakeng.dll + 2008-04-23 04:16:39 230,400 -c----w c:\windows\ie7updates\KB953838-IE7\ieaksie.dll + 2008-04-20 05:07:51 161,792 -c----w c:\windows\ie7updates\KB953838-IE7\ieakui.dll + 2008-04-23 04:16:39 383,488 -c----w c:\windows\ie7updates\KB953838-IE7\ieapfltr.dll + 2008-04-23 04:16:39 384,512 -c----w c:\windows\ie7updates\KB953838-IE7\iedkcs32.dll + 2008-04-23 04:16:39 6,066,176 -c----w c:\windows\ie7updates\KB953838-IE7\ieframe.dll + 2008-04-23 04:16:39 44,544 -c----w c:\windows\ie7updates\KB953838-IE7\iernonce.dll + 2008-04-23 04:16:39 267,776 -c----w c:\windows\ie7updates\KB953838-IE7\iertutil.dll + 2008-04-22 07:39:58 13,824 -c----w c:\windows\ie7updates\KB953838-IE7\ieudinit.exe + 2008-04-22 07:41:30 625,664 -c----w c:\windows\ie7updates\KB953838-IE7\iexplore.exe + 2008-04-23 04:16:40 27,648 -c----w c:\windows\ie7updates\KB953838-IE7\jsproxy.dll + 2008-04-23 04:16:40 459,264 -c----w c:\windows\ie7updates\KB953838-IE7\msfeeds.dll + 2008-04-23 04:16:40 52,224 -c----w c:\windows\ie7updates\KB953838-IE7\msfeedsbs.dll + 2008-04-23 20:16:42 3,591,680 -c----w c:\windows\ie7updates\KB953838-IE7\mshtml.dll + 2008-04-23 04:16:40 478,208 -c----w c:\windows\ie7updates\KB953838-IE7\mshtmled.dll + 2008-04-23 04:16:40 193,024 -c----w c:\windows\ie7updates\KB953838-IE7\msrating.dll + 2008-04-23 04:16:40 671,232 -c----w c:\windows\ie7updates\KB953838-IE7\mstime.dll + 2008-04-23 04:16:40 102,912 -c----w c:\windows\ie7updates\KB953838-IE7\occache.dll + 2008-04-23 04:16:40 44,544 -c----w c:\windows\ie7updates\KB953838-IE7\pngfilt.dll + 2007-03-06 01:34:38 216,800 -c----w c:\windows\ie7updates\KB953838-IE7\spuninst\spuninst.exe + 2007-03-06 01:35:48 394,976 -c----w c:\windows\ie7updates\KB953838-IE7\spuninst\updspapi.dll + 2008-04-23 04:16:40 105,984 -c----w c:\windows\ie7updates\KB953838-IE7\url.dll + 2008-04-23 04:16:40 1,159,680 -c----w c:\windows\ie7updates\KB953838-IE7\urlmon.dll + 2008-04-23 04:16:40 233,472 -c----w c:\windows\ie7updates\KB953838-IE7\webcheck.dll + 2008-04-23 04:16:40 826,368 -c----w c:\windows\ie7updates\KB953838-IE7\wininet.dll + 2006-11-07 02:26:44 71,680 -c----w c:\windows\ie8\admparse.dll + 2008-06-23 16:28:17 124,928 -c----w c:\windows\ie8\advpack.dll + 2008-04-13 17:33:22 35,328 -c----w c:\windows\ie8\corpol.dll + 2008-06-23 16:28:17 347,136 -c----w c:\windows\ie8\dxtmsft.dll + 2008-06-23 16:28:17 214,528 -c----w c:\windows\ie8\dxtrans.dll + 2006-10-17 10:44:36 60,416 -c----w c:\windows\ie8\hmmapi.dll + 2008-06-23 16:28:17 63,488 -c----w c:\windows\ie8\icardie.dll + 2008-06-23 09:21:30 70,656 -c----w c:\windows\ie8\ie4uinit.exe + 2008-06-23 16:28:18 153,088 -c----w c:\windows\ie8\ieakeng.dll + 2008-06-23 16:28:18 230,400 -c----w c:\windows\ie8\ieaksie.dll + 2008-06-21 05:23:54 161,792 -c----w c:\windows\ie8\ieakui.dll + 2007-04-17 09:32:38 2,455,488 -c----w c:\windows\ie8\ieapfltr.dat + 2008-06-23 16:28:18 383,488 -c----w c:\windows\ie8\ieapfltr.dll + 2008-06-23 16:28:18 384,512 -c----w c:\windows\ie8\iedkcs32.dll + 2008-04-13 17:33:28 81,920 -c----w c:\windows\ie8\ieencode.dll + 2008-06-23 16:28:19 6,066,176 -c----w c:\windows\ie8\ieframe.dll + 2006-11-07 20:03:36 191,488 -c----w c:\windows\ie8\iepeers.dll + 2006-11-07 20:03:36 287,744 -c----w c:\windows\ie8\ieproxy.dll + 2008-06-23 16:28:19 44,544 -c----w c:\windows\ie8\iernonce.dll + 2008-06-23 16:28:20 267,776 -c----w c:\windows\ie8\iertutil.dll + 2006-11-07 02:26:42 55,296 -c----w c:\windows\ie8\iesetup.dll + 2006-11-07 20:03:36 180,736 -c----w c:\windows\ie8\ieui.dll + 2008-06-23 09:21:49 625,664 -c----w c:\windows\ie8\iexplore.exe + 2006-10-17 10:57:58 36,352 -c----w c:\windows\ie8\imgutil.dll + 2006-11-07 02:26:24 92,672 -c----w c:\windows\ie8\inseng.dll + 2008-05-09 10:55:00 512,000 -c----w c:\windows\ie8\jscript.dll + 2008-06-23 16:28:20 27,648 -c----w c:\windows\ie8\jsproxy.dll + 2006-10-17 11:05:10 40,960 -c----w c:\windows\ie8\licmgr10.dll + 2008-06-23 16:28:20 459,264 -c----w c:\windows\ie8\msfeeds.dll + 2008-06-23 16:28:20 52,224 -c----w c:\windows\ie8\msfeedsbs.dll + 2006-10-17 10:58:32 12,288 -c----w c:\windows\ie8\msfeedssync.exe + 2006-10-17 10:56:10 45,568 -c----w c:\windows\ie8\mshta.exe + 2008-06-24 08:28:24 3,592,192 -c----w c:\windows\ie8\mshtml.dll + 2008-06-23 16:28:22 477,696 -c----w c:\windows\ie8\mshtmled.dll + 2006-10-17 10:28:56 48,128 -c----w c:\windows\ie8\mshtmler.dll + 2006-11-07 20:03:36 156,160 -c----w c:\windows\ie8\msls31.dll + 2008-06-23 16:28:22 193,024 -c----w c:\windows\ie8\msrating.dll + 2008-06-23 16:28:22 671,232 -c----w c:\windows\ie8\mstime.dll + 2008-06-23 16:28:22 102,912 -c----w c:\windows\ie8\occache.dll + 2008-06-23 16:28:22 44,544 -c----w c:\windows\ie8\pngfilt.dll + 2006-09-06 15:43:28 216,800 -c----w c:\windows\ie8\spuninst.exe + 2008-09-08 22:26:14 49,736 -c----w c:\windows\ie8\spuninst\iecustom.dll + 2008-06-12 09:28:06 235,040 -c----w c:\windows\ie8\spuninst\spuninst.exe + 2008-06-12 09:28:08 406,048 -c----w c:\windows\ie8\spuninst\updspapi.dll + 2008-06-23 16:28:22 105,984 -c----w c:\windows\ie8\url.dll + 2008-06-23 16:28:23 1,159,680 -c----w c:\windows\ie8\urlmon.dll + 2008-05-09 10:55:00 430,080 -c----w c:\windows\ie8\vbscript.dll + 2007-07-12 23:30:52 765,952 -c----w c:\windows\ie8\vgx.dll + 2008-06-23 16:28:23 233,472 -c----w c:\windows\ie8\webcheck.dll + 2006-10-17 11:05:58 206,336 -c----w c:\windows\ie8\winfxdocobj.exe + 2008-06-23 16:28:23 826,368 -c----w c:\windows\ie8\wininet.dll + 2008-08-22 01:09:32 5,699,584 -c----w c:\windows\ie8updates\KB960714-IE8\mshtml.dll + 2008-07-09 07:40:24 234,872 -c----w c:\windows\ie8updates\KB960714-IE8\spuninst\spuninst.exe + 2008-07-09 07:40:35 406,392 -c----w c:\windows\ie8updates\KB960714-IE8\spuninst\updspapi.dll + 2008-12-14 14:00:58 5,699,584 -c----w c:\windows\ie8updates\KB961260-IE8\mshtml.dll + 2008-07-09 07:40:24 234,872 -c----w c:\windows\ie8updates\KB961260-IE8\spuninst\spuninst.exe + 2008-07-08 13:04:05 406,392 -c----w c:\windows\ie8updates\KB961260-IE8\spuninst\updspapi.dll + 2003-07-15 05:57:34 38,968 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\AUTHZAX.DLL + 2003-07-15 05:53:06 94,768 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\AW.DLL + 2003-07-14 21:53:22 46,144 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\BLNMGRPS.DLL + 2003-07-15 05:56:54 14,904 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\DSITF.DLL + 2003-07-15 05:57:14 98,360 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\DSSM.EXE + 2005-01-16 15:15:07 1,100,392 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\EXCELPIA.DLL + 2002-10-07 16:49:36 192,573 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\FORM.DLL + 2005-01-16 15:15:08 371,296 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\FORMSPIA.DLL + 2003-07-15 05:40:12 179,768 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\FPERSON.DLL + 2005-01-16 15:15:08 141,928 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\GRAPHPIA.DLL + 2003-06-19 00:31:10 252,928 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MDIINK.DLL + 2003-07-15 05:57:14 124,480 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSB1CORE.DLL + 2003-07-15 06:12:22 47,872 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSB1XTOR.DLL + 2003-07-15 05:56:14 40,504 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSE7.EXE + 2003-07-15 05:51:44 87,104 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSENCODE.DLL + 2003-07-15 05:52:52 17,464 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSMH.DLL + 2003-07-14 21:57:16 120,888 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOAUTH.DLL + 2003-07-15 05:52:52 27,704 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSODCW.DLL + 2003-07-15 05:44:06 25,144 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOEURO.DLL + 2003-07-15 05:52:56 55,360 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOHTMED.EXE + 2003-07-15 05:56:16 54,328 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOMSE.DLL + 2003-07-11 09:15:48 1,292,872 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSONSEXT.DLL + 2003-07-15 10:18:52 376,888 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSORUN.DLL + 2003-07-14 21:52:54 28,224 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOSTYLE.DLL + 2003-07-15 05:52:52 35,896 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOSV.DLL + 2003-07-15 05:46:16 42,040 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOXEV.DLL + 2003-07-15 05:45:12 55,360 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOXMLED.EXE + 2003-07-15 05:45:12 39,488 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOXMLMF.DLL + 2003-06-19 00:31:54 788,480 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSPFILT.DLL + 2003-06-19 00:31:50 16,384 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSPGIMME.DLL + 2003-06-19 23:05:52 128,104 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSPSCAN.EXE + 2003-06-19 23:05:50 364,648 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSPVIEW.EXE + 2003-07-15 06:02:42 637,496 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSQRY32.EXE + 2003-07-15 05:52:58 41,528 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSSH.DLL + 2005-01-16 15:15:08 20,080 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSTAGPIA.DLL + 2003-07-15 06:00:54 145,984 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSWEBCAP.DLL + 2003-07-15 05:57:10 56,888 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\NAME.DLL + 2003-07-15 05:56:52 13,888 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\NPOFFICE.DLL + 2003-06-19 00:31:58 6,144 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\OCRPS.DLL + 2005-01-16 15:15:08 223,800 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\OFFICE.DLL + 2003-07-15 10:14:26 242,240 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\OISGRAPH.DLL + 2003-07-15 06:05:24 1,054,264 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\OMFC.DLL + 2005-01-16 15:15:08 461,416 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\OWC11PIA.DLL + 2003-07-15 10:18:44 93,752 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\PP7X32.DLL + 2005-01-16 15:15:08 223,856 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\PPTPIA.DLL + 2002-10-07 17:11:00 167,997 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\PSOM.DLL + 2003-05-09 04:54:00 77,824 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\REFEDIT.DLL + 2003-07-15 05:57:08 40,512 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\REFIEBAR.DLL + 2002-10-07 16:49:42 81,984 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\REVERSE.DLL + 2003-07-15 05:57:18 349,248 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\SELFCERT.EXE + 2003-07-14 21:57:08 58,944 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\SEQCHK10.DLL + 2003-07-15 05:53:14 11,848 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\SMARTTAGINSTALL.EXE + 2002-10-07 16:53:04 106,561 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\THOCRAPI.DLL + 2002-10-07 16:50:44 241,729 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\TWCUTCHR.DLL + 2002-10-07 16:51:04 180,289 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\TWCUTLIN.DLL + 2002-10-07 16:51:14 147,520 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\TWLAY32.DLL + 2002-10-07 16:51:20 102,467 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\TWORIENT.DLL + 2002-10-07 16:50:04 118,847 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\TWRECE.DLL + 2002-10-07 16:49:56 81,983 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\TWRECS.DLL + 2002-10-07 16:51:44 221,252 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\TWSTRUCT.DLL + 2003-07-15 05:57:40 59,960 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\UNBIND.EXE + 2005-01-16 15:15:08 64,088 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\VBIDEPIA.DLL + 2005-01-16 15:15:08 662,120 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\WORDPIA.DLL + 2002-10-07 17:03:34 1,794,113 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\XIMAGE3B.DLL + 2003-04-30 18:52:32 1,581,120 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\XPAGE3C.DLL + 2003-01-17 21:03:34 59,466 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\XSCAN32.DAT + 2001-06-05 15:13:22 289,926 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.8173\ENGDIC.DAT + 2001-06-05 15:13:22 34,168 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.8173\ENGIDX.DAT + 2007-04-19 11:09:30 167,256 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.8173\IETAG.DLL + 2001-06-05 15:13:24 18,844 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.8173\JFONT.DAT + 2001-06-05 15:13:26 65,536 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.8173\LOOKUP.DAT + 2005-02-03 15:59:22 346,840 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.8173\METCONV.DLL + 2005-05-03 22:06:28 465,640 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.8173\MSDMENG.DLL + 2005-05-03 22:06:32 1,411,816 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.8173\MSDMINE.DLL + 2005-05-03 22:06:26 199,408 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.8173\MSMDUN80.DLL + 2001-10-23 07:13:42 53,260 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.8173\OCRHC.DAT + 2001-06-05 15:13:26 40,972 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.8173\OCRVC.DAT + 2007-05-31 11:35:22 6,420,320 -c--a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.8173\POWERPNT.EXE + 2008-11-13 05:50:02 32,768 -c--a-r c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe - 2008-06-11 07:32:34 593,920 -c--a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\accicons.exe + 2009-03-11 06:41:01 593,920 -c--a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\accicons.exe - 2008-06-11 07:32:35 12,288 -c--a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\cagicon.exe + 2009-03-11 06:41:01 12,288 -c--a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\cagicon.exe - 2008-06-11 07:32:35 86,016 -c--a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\inficon.exe + 2009-03-11 06:41:01 86,016 -c--a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\inficon.exe - 2008-06-11 07:32:34 135,168 -c--a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\misc.exe + 2009-03-11 06:41:01 135,168 -c--a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\misc.exe - 2008-06-11 07:32:35 11,264 -c--a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\mspicons.exe + 2009-03-11 06:41:01 11,264 -c--a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\mspicons.exe - 2008-06-11 07:32:35 27,136 -c--a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\oisicon.exe + 2009-03-11 06:41:02 27,136 -c--a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\oisicon.exe - 2008-06-11 07:32:35 4,096 -c--a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe + 2009-03-11 06:41:02 4,096 -c--a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe - 2008-06-11 07:32:35 794,624 -c--a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\outicon.exe + 2009-03-11 06:41:02 794,624 -c--a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\outicon.exe - 2008-06-11 07:32:34 249,856 -c--a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pptico.exe + 2009-03-11 06:41:01 249,856 -c--a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pptico.exe - 2008-06-11 07:32:34 61,440 -c--a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pubs.exe + 2009-03-11 06:41:01 61,440 -c--a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pubs.exe - 2008-06-11 07:32:35 23,040 -c--a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\unbndico.exe + 2009-03-11 06:41:02 23,040 -c--a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\unbndico.exe - 2008-06-11 07:32:34 286,720 -c--a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe + 2009-03-11 06:41:01 286,720 -c--a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe - 2008-06-11 07:32:34 409,600 -c--a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe + 2009-03-11 06:41:01 409,600 -c--a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe - 2008-04-18 01:02:42 167,936 -c--a-r c:\windows\Installer\{901C040C-6000-11D3-8CFE-0050048383C9}\accicons.exe + 2008-09-12 00:46:38 167,936 -c--a-r c:\windows\Installer\{901C040C-6000-11D3-8CFE-0050048383C9}\accicons.exe - 2008-04-18 01:02:42 34,304 -c--a-r c:\windows\Installer\{901C040C-6000-11D3-8CFE-0050048383C9}\misc.exe + 2008-09-12 00:46:38 34,304 -c--a-r c:\windows\Installer\{901C040C-6000-11D3-8CFE-0050048383C9}\misc.exe - 2004-04-13 22:44:04 253,952 -c--a-w c:\windows\occache\iestm32.dll + 2004-05-10 20:49:20 253,952 -c--a-w c:\windows\occache\iestm32.dll - 2000-08-31 06:00:00 161,792 -c--a-w c:\windows\swreg.exe + 2000-08-31 07:00:00 161,792 -c--a-w c:\windows\swreg.exe - 2006-11-07 02:26:44 71,680 -c--a-w c:\windows\system32\admparse.dll + 2008-08-22 01:06:30 72,704 -c--a-w c:\windows\system32\admparse.dll - 2008-04-23 04:16:39 124,928 -c--a-w c:\windows\system32\advpack.dll + 2008-08-22 01:06:16 128,512 -c--a-w c:\windows\system32\advpack.dll - 2007-07-30 17:19:20 92,504 -c--a-w c:\windows\system32\cdm.dll + 2008-10-16 13:09:44 92,696 -c--a-w c:\windows\system32\cdm.dll - 2008-04-13 17:33:22 35,328 -c--a-w c:\windows\system32\corpol.dll + 2008-08-22 01:07:08 18,944 -c--a-w c:\windows\system32\corpol.dll - 2008-04-13 17:34:00 139,264 -c--a-w c:\windows\system32\cscript.exe + 2008-05-07 09:07:23 135,168 -c--a-w c:\windows\system32\cscript.exe - 2006-11-07 02:26:44 71,680 -c--a-w c:\windows\system32\dllcache\admparse.dll + 2008-08-22 01:06:30 72,704 -c--a-w c:\windows\system32\dllcache\admparse.dll - 2008-04-23 04:16:39 124,928 -c--a-w c:\windows\system32\dllcache\advpack.dll + 2008-08-22 01:06:16 128,512 -c--a-w c:\windows\system32\dllcache\advpack.dll + 2008-08-14 10:04:36 138,496 -c----w c:\windows\system32\dllcache\afd.sys + 2008-06-12 09:28:06 1,022,976 -c----w c:\windows\system32\dllcache\browseui.dll - 2008-04-14 15:59:30 272,768 -c----w c:\windows\system32\dllcache\bthport.sys + 2008-06-14 17:33:37 272,768 -c----w c:\windows\system32\dllcache\bthport.sys - 2007-07-30 17:19:20 92,504 -c--a-w c:\windows\system32\dllcache\cdm.dll + 2008-10-16 13:09:44 92,696 -c--a-w c:\windows\system32\dllcache\cdm.dll + 2008-08-22 01:07:08 18,944 -c----w c:\windows\system32\dllcache\corpol.dll + 2008-05-07 09:07:23 135,168 -c----w c:\windows\system32\dllcache\cscript.exe + 2008-06-20 17:47:22 147,968 -c----w c:\windows\system32\dllcache\dnsapi.dll - 2008-04-23 04:16:39 347,136 -c--a-w c:\windows\system32\dllcache\dxtmsft.dll + 2008-08-22 01:05:16 346,624 -c--a-w c:\windows\system32\dllcache\dxtmsft.dll - 2008-04-23 04:16:39 214,528 -c--a-w c:\windows\system32\dllcache\dxtrans.dll + 2008-08-22 01:05:10 217,088 -c--a-w c:\windows\system32\dllcache\dxtrans.dll + 2008-07-07 20:28:20 253,952 -c----w c:\windows\system32\dllcache\es.dll - 2008-04-23 04:16:39 133,120 -c--a-w c:\windows\system32\dllcache\extmgr.dll + 2008-06-23 16:28:17 133,120 -c--a-w c:\windows\system32\dllcache\extmgr.dll + 2008-10-23 12:36:51 286,720 -c----w c:\windows\system32\dllcache\gdi32.dll - 2006-10-17 10:44:36 60,416 -c--a-w c:\windows\system32\dllcache\hmmapi.dll + 2008-08-22 01:00:28 68,608 -c--a-w c:\windows\system32\dllcache\hmmapi.dll - 2008-04-23 04:16:39 63,488 -c----w c:\windows\system32\dllcache\icardie.dll + 2008-08-22 01:05:20 61,952 -c--a-w c:\windows\system32\dllcache\icardie.dll - 2008-04-22 07:41:08 70,656 -c--a-w c:\windows\system32\dllcache\ie4uinit.exe + 2008-08-22 01:06:24 162,304 -c--a-w c:\windows\system32\dllcache\ie4uinit.exe - 2008-04-23 04:16:39 153,088 -c--a-w c:\windows\system32\dllcache\ieakeng.dll + 2008-08-22 01:06:36 124,928 -c--a-w c:\windows\system32\dllcache\ieakeng.dll - 2008-04-23 04:16:39 230,400 -c--a-w c:\windows\system32\dllcache\ieaksie.dll + 2008-08-22 01:06:40 228,864 -c--a-w c:\windows\system32\dllcache\ieaksie.dll - 2008-04-20 05:07:51 161,792 -c--a-w c:\windows\system32\dllcache\ieakui.dll + 2008-08-22 01:06:24 163,840 -c--a-w c:\windows\system32\dllcache\ieakui.dll - 2007-04-17 09:32:38 2,455,488 -c----w c:\windows\system32\dllcache\ieapfltr.dat + 2008-07-29 20:58:08 3,670,112 -c--a-w c:\windows\system32\dllcache\ieapfltr.dat - 2008-04-23 04:16:39 383,488 -c----w c:\windows\system32\dllcache\ieapfltr.dll + 2008-08-22 00:42:22 443,392 -c--a-w c:\windows\system32\dllcache\ieapfltr.dll - 2008-04-23 04:16:39 384,512 -c--a-w c:\windows\system32\dllcache\iedkcs32.dll + 2008-08-22 01:06:44 385,024 -c--a-w c:\windows\system32\dllcache\iedkcs32.dll - 2008-04-23 04:16:39 6,066,176 -c----w c:\windows\system32\dllcache\ieframe.dll + 2008-08-22 01:10:34 11,985,408 -c--a-w c:\windows\system32\dllcache\ieframe.dll - 2006-11-07 20:03:36 191,488 -c--a-w c:\windows\system32\dllcache\iepeers.dll + 2008-08-22 01:05:24 186,880 -c--a-w c:\windows\system32\dllcache\iepeers.dll - 2008-04-23 04:16:39 44,544 -c--a-w c:\windows\system32\dllcache\iernonce.dll + 2008-08-22 01:06:20 55,808 -c--a-w c:\windows\system32\dllcache\iernonce.dll - 2008-04-23 04:16:39 267,776 -c----w c:\windows\system32\dllcache\iertutil.dll + 2008-08-22 01:06:02 1,778,688 -c--a-w c:\windows\system32\dllcache\iertutil.dll - 2006-11-07 02:26:42 55,296 -c--a-w c:\windows\system32\dllcache\iesetup.dll + 2008-08-22 01:06:24 71,680 -c--a-w c:\windows\system32\dllcache\iesetup.dll - 2008-04-22 07:39:58 13,824 -c----w c:\windows\system32\dllcache\ieudinit.exe + 2008-06-23 09:20:26 13,824 -c----w c:\windows\system32\dllcache\ieudinit.exe - 2008-04-22 07:41:30 625,664 -c--a-w c:\windows\system32\dllcache\iexplore.exe + 2008-09-08 22:23:38 637,984 -c--a-w c:\windows\system32\dllcache\iexplore.exe - 2006-10-17 10:57:58 36,352 -c--a-w c:\windows\system32\dllcache\imgutil.dll + 2008-08-22 01:05:14 35,840 -c--a-w c:\windows\system32\dllcache\imgutil.dll + 2008-04-11 19:05:22 691,712 -c----w c:\windows\system32\dllcache\inetcomm.dll - 2006-11-07 02:26:24 92,672 -c--a-w c:\windows\system32\dllcache\inseng.dll + 2008-08-22 01:06:16 94,720 -c--a-w c:\windows\system32\dllcache\inseng.dll + 2008-08-22 01:06:30 552,960 -c--a-w c:\windows\system32\dllcache\jscript.dll - 2008-04-23 04:16:40 27,648 -c--a-w c:\windows\system32\dllcache\jsproxy.dll + 2008-08-22 01:06:58 28,672 -c--a-w c:\windows\system32\dllcache\jsproxy.dll - 2006-10-17 11:05:10 40,960 -c--a-w c:\windows\system32\dllcache\licmgr10.dll + 2008-08-22 01:08:00 43,008 -c--a-w c:\windows\system32\dllcache\licmgr10.dll - 2006-10-18 19:03:58 100,864 -c--a-w c:\windows\system32\dllcache\logagent.exe + 2008-06-18 00:09:22 100,864 -c--a-w c:\windows\system32\dllcache\logagent.exe + 2008-10-24 11:21:09 455,296 -c----w c:\windows\system32\dllcache\mrxsmb.sys + 2008-05-01 14:36:26 331,776 -c----w c:\windows\system32\dllcache\msadce.dll + 2008-06-24 16:44:02 74,240 -c----w c:\windows\system32\dllcache\mscms.dll - 2008-04-23 04:16:40 459,264 -c----w c:\windows\system32\dllcache\msfeeds.dll + 2008-08-22 01:05:48 580,608 -c--a-w c:\windows\system32\dllcache\msfeeds.dll - 2008-04-23 04:16:40 52,224 -c----w c:\windows\system32\dllcache\msfeedsbs.dll + 2008-08-22 01:05:22 53,760 -c--a-w c:\windows\system32\dllcache\msfeedsbs.dll - 2006-10-17 10:56:10 45,568 -c--a-w c:\windows\system32\dllcache\mshta.exe + 2008-08-22 01:04:54 45,568 -c--a-w c:\windows\system32\dllcache\mshta.exe - 2008-04-23 20:16:42 3,591,680 -c--a-w c:\windows\system32\dllcache\mshtml.dll + 2009-01-07 13:37:37 5,699,584 -c--a-w c:\windows\system32\dllcache\mshtml.dll - 2008-04-23 04:16:40 478,208 -c--a-w c:\windows\system32\dllcache\mshtmled.dll + 2008-08-22 01:05:08 70,656 -c--a-w c:\windows\system32\dllcache\mshtmled.dll - 2006-10-17 10:28:56 48,128 -c--a-w c:\windows\system32\dllcache\mshtmler.dll + 2008-08-22 01:05:00 48,128 -c--a-w c:\windows\system32\dllcache\mshtmler.dll - 2006-11-07 20:03:36 156,160 -c--a-w c:\windows\system32\dllcache\msls31.dll + 2008-08-22 00:57:56 156,160 -c--a-w c:\windows\system32\dllcache\msls31.dll - 2008-04-23 04:16:40 193,024 -c--a-w c:\windows\system32\dllcache\msrating.dll + 2008-08-22 01:07:50 193,536 -c--a-w c:\windows\system32\dllcache\msrating.dll - 2008-04-23 04:16:40 671,232 -c--a-w c:\windows\system32\dllcache\mstime.dll + 2008-08-22 01:05:34 630,272 -c--a-w c:\windows\system32\dllcache\mstime.dll + 2008-06-20 17:47:22 247,808 -c----w c:\windows\system32\dllcache\mswsock.dll + 2008-09-04 17:16:10 1,106,944 -c----w c:\windows\system32\dllcache\msxml3.dll - 2008-04-13 17:33:36 1,306,624 -c----w c:\windows\system32\dllcache\msxml6.dll + 2008-09-10 01:15:15 1,307,648 -c----w c:\windows\system32\dllcache\msxml6.dll + 2008-10-15 16:35:43 337,408 -c----w c:\windows\system32\dllcache etapi32.dll + 2008-08-14 13:23:44 2,147,328 -c----w c:\windows\system32\dllcache tkrnlmp.exe + 2008-08-14 13:23:49 2,068,096 -c----w c:\windows\system32\dllcache tkrnlpa.exe + 2008-08-14 13:23:44 2,025,984 -c----w c:\windows\system32\dllcache tkrpamp.exe + 2008-08-14 13:23:49 2,191,232 -c----w c:\windows\system32\dllcache toskrnl.exe - 2008-04-23 04:16:40 102,912 -c--a-w c:\windows\system32\dllcache\occache.dll + 2008-08-22 01:07:50 116,224 -c--a-w c:\windows\system32\dllcache\occache.dll - 2008-04-23 04:16:40 44,544 -c--a-w c:\windows\system32\dllcache\pngfilt.dll + 2008-08-22 01:05:14 45,056 -c--a-w c:\windows\system32\dllcache\pngfilt.dll + 2008-12-05 06:57:24 144,896 -c----w c:\windows\system32\dllcache\schannel.dll + 2008-05-09 10:55:00 180,224 -c----w c:\windows\system32\dllcache\scrobj.dll + 2008-05-09 10:55:00 172,032 -c----w c:\windows\system32\dllcache\scrrun.dll + 2008-04-13 09:40:14 15,744 -c--a-w c:\windows\system32\dllcache\serenum.sys + 2008-06-12 09:28:06 1,497,088 -c----w c:\windows\system32\dllcache\shdocvw.dll + 2008-06-17 19:02:15 8,517,632 -c----w c:\windows\system32\dllcache\shell32.dll + 2008-06-12 09:28:06 474,624 -c----w c:\windows\system32\dllcache\shlwapi.dll + 2008-06-12 09:27:56 134,144 -c----w c:\windows\system32\dllcache\sqmapi.dll + 2008-12-11 10:57:09 333,952 -c----w c:\windows\system32\dllcache\srv.sys - 2008-04-13 17:33:48 246,814 -c--a-w c:\windows\system32\dllcache\strmdll.dll + 2008-10-03 10:03:53 247,326 -c--a-w c:\windows\system32\dllcache\strmdll.dll + 2008-06-20 11:51:12 361,600 -c----w c:\windows\system32\dllcache cpip.sys + 2008-06-20 11:08:27 225,856 -c----w c:\windows\system32\dllcache cpip6.sys - 2008-04-23 04:16:40 105,984 -c--a-w c:\windows\system32\dllcache\url.dll + 2008-08-22 01:07:58 105,984 -c--a-w c:\windows\system32\dllcache\url.dll - 2008-04-23 04:16:40 1,159,680 -c--a-w c:\windows\system32\dllcache\urlmon.dll + 2008-08-22 01:08:22 1,206,784 -c--a-w c:\windows\system32\dllcache\urlmon.dll + 2008-08-22 01:06:36 434,176 -c--a-w c:\windows\system32\dllcache\vbscript.dll - 2007-07-12 23:30:52 765,952 -c--a-w c:\windows\system32\dllcache\vgx.dll + 2008-08-22 01:07:20 755,200 -c--a-w c:\windows\system32\dllcache\VGX.dll - 2008-04-23 04:16:40 233,472 -c--a-w c:\windows\system32\dllcache\webcheck.dll + 2008-08-22 01:08:08 236,544 -c--a-w c:\windows\system32\dllcache\webcheck.dll + 2009-02-09 14:05:54 1,846,912 -c----w c:\windows\system32\dllcache\win32k.sys - 2008-04-23 04:16:40 826,368 -c--a-w c:\windows\system32\dllcache\wininet.dll + 2008-08-22 01:08:06 878,592 -c--a-w c:\windows\system32\dllcache\wininet.dll - 2006-10-18 20:47:20 937,984 -c--a-w c:\windows\system32\dllcache\WMNetMgr.dll + 2008-06-18 04:03:08 938,496 -c--a-w c:\windows\system32\dllcache\WMNetmgr.dll - 2007-06-11 21:51:12 10,834,944 -c--a-w c:\windows\system32\dllcache\wmp.dll + 2008-11-11 17:34:42 10,838,016 -c--a-w c:\windows\system32\dllcache\wmp.dll - 2006-10-18 20:47:22 2,450,944 -c--a-w c:\windows\system32\dllcache\wmvcore.dll + 2008-06-18 04:03:14 2,458,112 -c--a-w c:\windows\system32\dllcache\WMVCore.dll + 2008-05-08 11:24:44 155,648 -c----w c:\windows\system32\dllcache\wscript.exe + 2008-05-09 10:55:00 90,112 -c----w c:\windows\system32\dllcache\wshext.dll - 2007-07-30 17:19:36 549,720 -c--a-w c:\windows\system32\dllcache\wuapi.dll + 2008-10-16 13:12:20 561,688 -c--a-w c:\windows\system32\dllcache\wuapi.dll - 2007-07-30 17:19:16 53,080 -c--a-w c:\windows\system32\dllcache\wuauclt.exe + 2008-10-16 13:09:44 51,224 -c--a-w c:\windows\system32\dllcache\wuauclt.exe - 2007-07-30 17:19:42 1,712,984 -c--a-w c:\windows\system32\dllcache\wuaueng.dll + 2008-10-16 13:13:40 1,809,944 -c--a-w c:\windows\system32\dllcache\wuaueng.dll - 2007-07-30 17:19:32 325,976 -c--a-w c:\windows\system32\dllcache\wucltui.dll + 2008-10-16 13:12:22 323,608 -c--a-w c:\windows\system32\dllcache\wucltui.dll - 2007-07-30 17:18:40 33,624 -c--a-w c:\windows\system32\dllcache\wups.dll + 2008-10-16 13:08:58 34,328 -c--a-w c:\windows\system32\dllcache\wups.dll - 2007-07-30 17:19:28 203,096 -c--a-w c:\windows\system32\dllcache\wuweb.dll + 2008-10-16 13:13:40 202,776 -c--a-w c:\windows\system32\dllcache\wuweb.dll - 2008-04-13 17:33:24 147,968 -c--a-w c:\windows\system32\dnsapi.dll + 2008-06-20 17:47:22 147,968 -c--a-w c:\windows\system32\dnsapi.dll - 2008-04-13 10:19:24 138,112 -c--a-w c:\windows\system32\drivers\afd.sys + 2008-08-14 10:04:36 138,496 -c--a-w c:\windows\system32\drivers\afd.sys + 2008-05-09 11:15:47 45,376 -c--a-w c:\windows\system32\drivers\avgntdd.sys + 2008-01-21 16:11:28 22,336 -c--a-w c:\windows\system32\drivers\avgntmgr.sys + 2008-12-10 23:18:57 75,072 -c--a-w c:\windows\system32\drivers\avipbb.sys - 2008-04-14 15:59:30 272,768 -c--a-w c:\windows\system32\drivers\bthport.sys + 2008-06-14 17:33:37 272,768 -c--a-w c:\windows\system32\drivers\bthport.sys + 2007-05-11 14:36:43 299,904 -c--a-r c:\windows\system32\drivers\MRVW225.sys - 2008-04-13 10:17:02 456,576 -c--a-w c:\windows\system32\drivers\mrxsmb.sys + 2008-10-24 11:21:09 455,296 -c--a-w c:\windows\system32\drivers\mrxsmb.sys + 2003-04-24 11:03:54 74,828 -c--a-w c:\windows\system32\drivers\RESC_DWB.SYS - 2008-04-13 10:15:12 334,848 -c--a-w c:\windows\system32\drivers\srv.sys + 2008-12-11 10:57:09 333,952 -c--a-w c:\windows\system32\drivers\srv.sys + 2007-11-08 17:03:26 21,248 -c--a-w c:\windows\system32\drivers\ssmdrv.sys - 2008-04-13 10:20:18 361,344 -c--a-w c:\windows\system32\drivers cpip.sys + 2008-06-20 11:51:12 361,600 -c--a-w c:\windows\system32\drivers cpip.sys - 2008-04-13 10:00:04 225,664 -c--a-w c:\windows\system32\drivers cpip6.sys + 2008-06-20 11:08:27 225,856 -c--a-w c:\windows\system32\drivers cpip6.sys - 2008-04-23 04:16:39 347,136 -c--a-w c:\windows\system32\dxtmsft.dll + 2008-08-22 01:05:16 346,624 -c--a-w c:\windows\system32\dxtmsft.dll - 2008-04-23 04:16:39 214,528 -c--a-w c:\windows\system32\dxtrans.dll + 2008-08-22 01:05:10 217,088 -c--a-w c:\windows\system32\dxtrans.dll - 2008-04-13 17:33:26 246,272 -c--a-w c:\windows\syste

jlpjlp · Answer

le rapport combofix est incomplet

puis répare windows:

https://www.pcastuces.com/pratique/windows/xp/default.htm


puis colle moi un rapport antivir pour voir

a plus

jlpjlp · Answer

vire le fichier ETRUST non legal

D:\SOFTWARE\ETRUST ANTIVIRUS\ENGLISH\BIN\EAV_S.WIN\CPACKAGE.EXE 

____________

vire ce qui est en quarantiane dans antivir

____________
Désactive ta restauration systeme puis redemarre ton ordi puis réactive là comme ceci:
https://www.informatruc.com

_______________

encore des soucis???

jlpjlp · Answer

ok parfait

le manuel antivir:

https://www.malekal.com/avira-free-security-antivirus-gratuit/




pour virer ce qui a été utilisé:

Télécharge ToolsCleaner sur ton bureau. 
-->  http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
# Clique sur Recherche et laisse le scan agir ... 
# Clique sur Suppression pour finaliser. 
# Tu peux, si tu le souhaites, te servir des Options facultatives. 
# Clique sur Quitter pour obtenir le rapport. 
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\). 

ps : pas besoin de m´envoyer le rapport si tout a été supprimé

You have a security problem

9 réponses

Discussions similaires

Newsletters