Virus Msn puis Proxy de messagerie SymantecRésolu/Fermé

Question

Bonjour,
j'ai un souci depuis quelques jours après avoir cliqué (c'était pas malin!) sur un lien qui m'est apparu sur une fenetre msn (tu es nue? suivi d'un lien)!
Depuis, dans les 2min après que je sois connecté à Internet je suis envahi de fenetres ayant pour titre "Proxy de messagerie Symantec" ce qui rend impossible la navigation!!!! Ces fenetres m'indiquent que les messages (ex 1/1) n'a pas pu etre envoyé à une adresse que je ne connait pas (.us en général)!
Je ne sais pas si le lien msn et mon problème de fenetres sont liés mais j'ai besoin d'aide car je ne peux plus du tout utiliser Internet!!

J'attends votre aide!!

Merci d'anvance!!!!

Regis59 · Answer

Bienvenue sur le forum d’entraide de CommentCaMarche.net 

Nous connaissons votre situation et nous vous conseillons de ne surtout pas vous inquiéter.
De plus, au vu du nombre croissant de désinfections effectuées sur le forum, nous vous demandons un peu de patience et surtout de ne pas créer plusieurs postes pour le même problème. A savoir qu’une désinfection prend forcément du temps.
Merci de votre compréhension.

Télécharge HijackThis ici: 
http://telechargement.zebulon.fr/138-hijackthis-1991.html 

Dézippe le dans un dossier prévu à cet effet. 
Par exemple C:\hijackthis < Enregistre-le bien dans c : ! 
Démo : (Merci a Balltrap34 pour cette réalisation)   
http://pageperso.aol.fr/balltrap34/Hijenr.gif 
	
Lance le puis: 
Clique sur "do a system scan and save logfile" (cf démo) 
Faire un copier coller du log entier sur le forum

Démo : (Merci a Balltrap34 pour cette réalisation)   
http://pageperso.aol.fr/balltrap34/demohijack.htm
	
Bon courage

A+

jserret · Answer

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:02:33, on 30/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\HP\TVPlay\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32
vsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\HP\TVPlay\Kernel\TV\TVPCapSvc.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\HP\TVPlay\TVPService.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\USBToolbox\Res.EXE
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HP Wireless Adapter\HPWLAN.exe
C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\HP\TVPlay\Kernel\TV\TVPSched.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Hewlett-Packard\HP Pavilion Webcam\HPWebcam.exe
C:\Program Files\NoBrand\Wireless Network Manager\Monitor.exe
C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\MathType\MathType.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciBrowser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2scan.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Documents and Settings\Julien SERRET\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = HTTP=proxy.club-internet.fr:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [TVPService] "C:\Program Files\HP\TVPlay\TVPService.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [adiras] adiras.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [USB Storage Toolbox] C:\Program Files\USBToolbox\Res.EXE
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HPWireless] "C:\Program Files\HP Wireless Adapter\HPWLAN.exe"
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [Club-Internet_McciTrayApp] C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Pavilion Webcam Tray Icon.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe
O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Wireless Network Manager.lnk = C:\Program Files\NoBrand\Wireless Network Manager\Monitor.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} - 
O17 - HKLM\System\CCS\Services\Tcpip\..\{8D47976D-B468-4DAC-A191-F1D0DD2D7D79}: NameServer = 85.255.116.125,85.255.112.75
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.125 85.255.112.75
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.125 85.255.112.75
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.125 85.255.112.75
O20 - AppInit_DLLs: C:\WINDOWS\system32\mmmsacsac.dll
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: CyberLink Media Library Service(HP TVPlay) - Cyberlink - C:\Program Files\HP\TVPlay\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: CyberLink Background Capture Service (CBCS HP TVPlay) (TVPCapSvc) - Unknown owner - C:\Program Files\HP\TVPlay\Kernel\TV\TVPCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS HP TVPlay) (TVPSched) - Unknown owner - C:\Program Files\HP\TVPlay\Kernel\TV\TVPSched.exe

Regis59 · Answer

Salut

Télécharge le FixWareout sur le bureau:
http://download.bleepingcomputer.com/lonny/Fixwareout.exe 

Lance le fix: clique sur Next, puis Install, puis assure toi que "Run fixit" est activé puis clique sur Finish. 
Le fix va commencer, suis les messages à l'écran. Il te sera demandé de redémarrer ton ordinateur, fais le. Ton système mettra un peu plus de temps au démarrage, c'est normal.

Quand ton système aura redémarré, suis les invites des messages. Ensuite lance HijackThis. Clique sur Scan et coche les lignes suivantes:

O17 - HKLM\System\CCS\Services\Tcpip\..\{8D47976D-B468-4DAC-A191-F1D0DD2D7D79}: NameServer = 85.255.116.125,85.255.112.75
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.125 85.255.112.75
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.125 85.255.112.75
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.125 85.255.112.75 
O20 - AppInit_DLLs: C:\WINDOWS\system32\mmmsacsac.dll 

Clique sur Fix Checked. Ferme HijackThis et clique sur OK pour continuer la procédure.

A la fin du fix, tu auras peut-être encore besoin de redémarrer le PC.

Au final, poste le contenu de C:\fixwareout\report.txt avec un nouveau rapport HijackThis.

A+

jserret · Answer

voici le rapport de fix

Username "Julien SERRET" - 30/01/2008 21:47:07 [Fixwareout edited 9/01/2007]

~~~~~ Prerun check

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
"nameserver"="85.255.116.125 85.255.112.75" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services	cpip\parameters\interfaces\{8D47976D-B468-4DAC-A191-F1D0DD2D7D79} 
"nameserver"="85.255.116.125,85.255.112.75" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services	cpip\parameters\interfaces\{2366F714-B5A9-4C11-992B-E80655C3E089}
"DhcpNameServer"="85.255.116.125,85.255.112.75" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services	cpip\parameters\interfaces\{8D47976D-B468-4DAC-A191-F1D0DD2D7D79}
"DhcpNameServer"="85.255.116.125,85.255.112.75" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services	cpip\parameters\interfaces\{8DBDCDED-9A60-4A7B-ADC9-0C734CA7633F}
"DhcpNameServer"="85.255.116.125,85.255.112.75" <Value cleared.

Cache de résolution DNS vidé.


System was rebooted successfully. 
 
~~~~~ Postrun check 
HKLM\SOFTWARE\~\Winlogon\ "System"="" 
....
....
~~~~~ Misc files. 
....
~~~~~ Checking for older varients.
....

~~~~~ Current runs (hklm hkcu "run" Keys Only)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe"
"SunJavaUpdateSched"="\"C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe\""
"NvCplDaemon"="RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup"
"NvMediaCenter"="RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit"
"nwiz"="nwiz.exe /installquiet /nodetect"
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe"
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"QPService"="\"C:\Program Files\HP\QuickPlay\QPService.exe\""
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
"QlbCtrl"=hex(2):25,50,72,6f,67,72,61,6d,46,69,6c,65,73,25,5c,48,65,77,6c,65,\
74,74,2d,50,61,63,6b,61,72,64,5c,48,50,20,51,75,69,63,6b,20,4c,61,75,6e,63,\
68,20,42,75,74,74,6f,6e,73,5c,51,6c,62,43,74,72,6c,2e,65,78,65,20,2f,53,74,\
61,72,74,00
"Cpqset"="C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe"
"RecGuard"="C:\Windows\SMINST\RecGuard.exe"
"TVPService"="\"C:\Program Files\HP\TVPlay\TVPService.exe\""
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe"
"ccApp"="\"C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe\""
"vptray"="C:\PROGRA~1\SYMANT~1\VPTray.exe"
"USB Storage Toolbox"="C:\Program Files\USBToolbox\Res.EXE"
"BJCFD"="C:\Program Files\BroadJump\Client Foundation\CFD.exe"
"StandardInstall"=""
"QuickTime Task"="\"C:\Program Files\QuickTime\qttask.exe\" -atboottime"
"HPWireless"="\"C:\Program Files\HP Wireless Adapter\HPWLAN.exe\""
"Motive SmartBridge"="C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe"
"Club-Internet_McciTrayApp"="C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe"
"!AVG Anti-Spyware"="\"C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe\" /minimized"
"a-squared"="\"C:\Program Files\a-squared Anti-Malware\a2guard.exe\""

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe"
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"
....
Hosts file was reset, If you use a custom hosts file please replace it...
~~~~~ End report ~~~~~

jserret · Answer

et le nouveau rapport Hijack où je nous trouve pas les lignes demandées!!! entre temps j'ai fais une analyse avec un anti_malware qui m'a trouvé des fichiers à éliminer, est-ce pour ça que je n'ai pas ces lignes!!! merci pour tes infos

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:55:02, on 30/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\HP\TVPlay\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32
vsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\HP\TVPlay\Kernel\TV\TVPCapSvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\HP\TVPlay\Kernel\TV\TVPSched.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32
otepad.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\HP\TVPlay\TVPService.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\USBToolbox\Res.EXE
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HP Wireless Adapter\HPWLAN.exe
C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Hewlett-Packard\HP Pavilion Webcam\HPWebcam.exe
C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe
C:\Program Files\NoBrand\Wireless Network Manager\Monitor.exe
C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciBrowser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Julien SERRET\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = HTTP=proxy.club-internet.fr:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [TVPService] "C:\Program Files\HP\TVPlay\TVPService.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [USB Storage Toolbox] C:\Program Files\USBToolbox\Res.EXE
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HPWireless] "C:\Program Files\HP Wireless Adapter\HPWLAN.exe"
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [Club-Internet_McciTrayApp] C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Pavilion Webcam Tray Icon.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe
O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Wireless Network Manager.lnk = C:\Program Files\NoBrand\Wireless Network Manager\Monitor.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\mmmsacsac.dll
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: CyberLink Media Library Service(HP TVPlay) - Cyberlink - C:\Program Files\HP\TVPlay\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: CyberLink Background Capture Service (CBCS HP TVPlay) (TVPCapSvc) - Unknown owner - C:\Program Files\HP\TVPlay\Kernel\TV\TVPCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS HP TVPlay) (TVPSched) - Unknown owner - C:\Program Files\HP\TVPlay\Kernel\TV\TVPSched.exe

Regis59 · Answer

Salut

Non c'est parce qu'elles ont été supprimé.

Vas sur le site https://virusscan.jotti.org/ 
- Clic en haut à droite sur "Parcourir", navigue dans les dossiers et sélectionne ce fichier : 
 C:\WINDOWS\system32\mmmsacsac.dll 
- Clic sur submit toujours en haut à droite 
- Le scan va se lancer, ça va prendre un petit instant 
- En bas, tu as le résultat du scan, copie/colle le résultat complet du scan ici. 
Aide : https://www.malekal.com/scan-antivirus-ligne-nod32/#mozTocId662799

jserret · Answer

Scanner results  
Scan taken on 31 Jan 2008 05:58:19 (GMT)  
A-Squared  Found nothing 
AntiVir  Found TR/Crypt.FKM.Gen  
ArcaVir  Found nothing 
Avast  Found nothing 
AVG Antivirus  Found nothing 
BitDefender  Found nothing 
ClamAV  Found nothing 
CPsecure  Found nothing 
Dr.Web  Found DLOADER.Trojan (probable variant)  
F-Prot Antivirus  Found nothing 
F-Secure Anti-Virus  Found Trojan.Win32.Small.aao  
Fortinet  Found W32/Small.AAO!tr  
Ikarus  Found Trojan.Win32.Delf.nf  
Kaspersky Anti-Virus  Found Trojan.Win32.Small.aao  
NOD32  Found nothing 
Norman Virus Control  Found nothing 
Panda Antivirus  Found nothing 
Rising Antivirus  Found nothing 
Sophos Antivirus  Found Mal/Generic-A  
VirusBuster  Found nothing 
VBA32  Found Trojan.Win32.Small.aao

Regis59 · Answer

Salut,

Ok.

¤Relance HijackThis, coche les cases devant ces lignes et ensuite clique sur fix checked :

O20 - AppInit_DLLs: C:\WINDOWS\system32\mmmsacsac.dll 

Ferme HijackThis.

télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt.exe (de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.

C:\WINDOWS\system32\mmmsacsac.dll 

clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.

jserret · Answer

Salut!
je n'ai plus le ligne la ligne à cocher sur le rapport Hijack!!
J'ai executer OTmoveit et lancer la suppression comme tu me l'as demandé, voici le rapport!!

DllUnregisterServer procedure not found in C:\WINDOWS\system32\mmmsacsac.dll
C:\WINDOWS\system32\mmmsacsac.dll NOT unregistered.
C:\WINDOWS\system32\mmmsacsac.dll moved successfully.
 
Created on 02/01/2008 18:45:51

Regis59 · Answer

Impec.

Remet un nouveau HijackThis.

A+

jserret · Answer

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:03:00, on 01/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\HP\TVPlay\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32
vsvc32.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\HP\TVPlay\TVPService.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\USBToolbox\Res.EXE
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HP Wireless Adapter\HPWLAN.exe
C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\HP\TVPlay\Kernel\TV\TVPCapSvc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Hewlett-Packard\HP Pavilion Webcam\HPWebcam.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\NoBrand\Wireless Network Manager\Monitor.exe
C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
C:\Program Files\HP\TVPlay\Kernel\TV\TVPSched.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciBrowser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Julien SERRET\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = HTTP=proxy.club-internet.fr:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [TVPService] "C:\Program Files\HP\TVPlay\TVPService.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [USB Storage Toolbox] C:\Program Files\USBToolbox\Res.EXE
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HPWireless] "C:\Program Files\HP Wireless Adapter\HPWLAN.exe"
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [Club-Internet_McciTrayApp] C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Pavilion Webcam Tray Icon.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe
O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Wireless Network Manager.lnk = C:\Program Files\NoBrand\Wireless Network Manager\Monitor.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: CyberLink Media Library Service(HP TVPlay) - Cyberlink - C:\Program Files\HP\TVPlay\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Symantec AntiVirus Definition Watcher DefWatchLightScribeService (DefWatchLightScribeService) - Unknown owner - C:\WINDOWS\system32\amcompatb.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: CyberLink Background Capture Service (CBCS HP TVPlay) (TVPCapSvc) - Unknown owner - C:\Program Files\HP\TVPlay\Kernel\TV\TVPCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS HP TVPlay) (TVPSched) - Unknown owner - C:\Program Files\HP\TVPlay\Kernel\TV\TVPSched.exe

Regis59 · Answer

Salut

Ou en sont tes soucis?

A+

jserret · Answer

Salut!
mes soucis en sont au même point, je suis toujours envahi de fenetre de proxy de messagerie Symantec quand je me connecte à Internet, pour rendre la navigation possible j'ai du désactiver l'option Auto-protect de la messagerie de Symantec!!
je viens de la réactiver pour faire le test et voir si c'était résolu mais c'est toujours pareil!!
Penses-tu que mon cas est grave???

merci pour ton aide!!!!

A+

Regis59 · Answer

OKI

Télécharge Combofix sUBs : http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et sauvegarde le sur ton bureau et pas ailleurs!

Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.

jserret · Answer

voici le rapport de ComboFix ComboFix 08-02.03.1 - Julien SERRET 2008-02-04 19:05:19.1 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.502 [GMT 1:00] Endroit: C:\Documents and Settings\Julien SERRET\Temporary Internet Files\Content.IE5\1HGBC581\ComboFix[1].exe * Création d'un nouveau point de restauration [color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color] . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\Julien SERRET\Mes documents\Ma musique\Java - Best of\Desktop_.ini C:\Documents and Settings\Julien SERRET\Mes documents\Ma musique\Nathaniel Merrywheather\Desktop_.ini C:\Documents and Settings\Julien SERRET\Mes documents\Ma musique\Nouvelle vague - Bande a part\Desktop_.ini C:\Documents and Settings\Julien SERRET\Mes documents\Ma musique\Renaud - Bobino Live\Desktop_.ini C:\Documents and Settings\Julien SERRET\Mes documents\Ma musique\The Roots - Come alive\Desktop_.ini C:\Documents and Settings\Julien SERRET\Mes documents\Ma musique\The Roots - Do You Want More\Desktop_.ini C:\Documents and Settings\Julien SERRET\Mes documents\Ma musique\Wax Tailor - Tales of the forgotten melodies\Desktop_.ini C:\WINDOWS\Fonts\acrsec.fon C:\WINDOWS\Fonts\acrsecB.fon C:\WINDOWS\Fonts\acrsecI.fon C:\WINDOWS\system32\6_exception.nls D:\Autorun.inf . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\poof ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-01-04 to 2008-02-04 )))))))))))))))))))))))))))))))))))) . 2008-02-01 18:45 . 2008-02-01 18:45 d-------- C:\_OTMoveIt 2008-01-31 18:53 . 2008-01-31 18:53 d-------- C:\WINDOWS\system32\Kaspersky Lab 2008-01-31 06:57 . 2008-01-31 06:57 20,480 --ahs---- C:\WINDOWS\system32\adadix16n.dll 2008-01-30 21:46 . 2008-01-31 20:25 d-------- C:\fixwareout 2008-01-30 18:44 . 2008-01-30 20:23 d-------- C:\Program Files\a-squared Anti-Malware 2008-01-27 13:43 . 2008-01-27 13:43 d-------- C:\Documents and Settings\Julien SERRET\Application Data\Grisoft 2008-01-27 13:43 . 2008-01-27 13:43 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft 2008-01-27 13:43 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2008-01-27 13:30 . 2008-01-27 13:30 d-------- C:\Program Files\Trend Micro 2008-01-27 12:01 . 2008-01-27 12:01 d-------- C:\VundoFix Backups 2008-01-26 18:01 . 2008-01-26 18:01 d-------- C:\Program Files\NoBrand 2008-01-26 17:25 . 2005-06-01 05:04 408,064 -ra------ C:\WINDOWS\system32\drivers\O4501U.sys 2008-01-26 15:49 . 54,764 C:\WINDOWS\system32\drivers\fak32.sys 2008-01-26 15:49 . 2008-01-26 15:49 38,400 -r-hs---- C:\WINDOWS\system32\amcompatb.exe 2008-01-26 15:49 . 2008-02-04 17:45 143 --a-s---- C:\WINDOWS\system32\3956332696.dat 2008-01-26 15:49 . 2008-01-26 15:49 2 --a------ C:\541217827 2008-01-26 15:47 . 2007-06-13 14:22 1,075,713 --a------ C:\WINDOWS\dpqhqae.exe 2008-01-05 21:07 . 2008-01-05 21:07 227 --a------ C:\WINDOWS\HP_CounterReport_Update_HPSU.ini 2008-01-05 21:07 . 2008-01-05 21:07 214 --a------ C:\WINDOWS\HP_48BitScanUpdatePatch.ini 2008-01-05 20:45 . 2008-01-05 20:45 221 --a------ C:\WINDOWS\HP_RedboxHprblog_HPSU.ini . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-02-04 18:11 --------- d-----w C:\Program Files\Symantec AntiVirus 2008-01-26 17:02 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-01-26 16:59 --------- d-----w C:\Program Files\Windows Media Connect 2 2008-01-06 19:16 --------- d-----w C:\Documents and Settings\Julien SERRET\Application Data\AdobeUM 2008-01-05 19:45 139,264 ----a-w C:\WINDOWS\system32\hpzjrd01.dll 2008-01-01 10:09 --------- d-----w C:\Program Files\eMule 2007-12-27 17:28 --------- d-----w C:\Program Files\Club-Internet 2007-12-27 17:24 --------- d-----w C:\Program Files\Motive 2007-12-23 16:17 --------- d-----w C:\Program Files\HP Wireless Adapter 2007-12-23 16:14 --------- d-----w C:\Program Files\Generic 2007-12-23 16:02 --------- d-----w C:\Program Files\Wireless LAN 2007-12-18 20:11 --------- d-----w C:\Program Files\QuickTime 2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll 2007-11-07 09:28 728,576 ------w C:\WINDOWS\system32\dllcache\lsasrv.dll 2007-11-06 11:53 318,828 ----a-w C:\WINDOWS\Math'x seconde Uninstaller.exe 2007-10-26 10:01 51,016 ----a-w C:\Documents and Settings\Julien SERRET\Application Data\GDIPFONTCACHEV1.DAT 2006-10-13 18:25 0 ----a-w C:\Documents and Settings\Julien SERRET\Application Data\wklnhst.dat 2005-09-24 06:49 12,288 ----a-w C:\WINDOWS\Fonts\RandFont.dll 2006-11-26 12:21 22 --sha-w C:\WINDOWS\SMINST\HPCD.sys . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 22:00 15360] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-11-20 08:15 68856] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 08:59 204288] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2007-12-22 13:12 458752] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-04-26 20:48 7561216] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-04-26 20:48 86016] "nwiz"="nwiz.exe" [2006-04-26 20:48 1519616 C:\WINDOWS\system32 wiz.exe] "High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-04-17 21:29 61952 C:\WINDOWS\system32\CHDAudPropShortcut.exe] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-04-01 06:01 761946] "QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" [2006-04-11 20:54 102400] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 22:12 49152] "QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-03-07 13:38 131072] "Cpqset"="C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe" [2006-05-02 09:36 40960] "RecGuard"="C:\Windows\SMINST\RecGuard.exe" [2005-10-11 09:23 1187840] "TVPService"="C:\Program Files\HP\TVPlay\TVPService.exe" [2006-04-03 12:34 135168] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648] "ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2004-03-31 14:38 66656] "vptray"="C:\PROGRA~1\SYMANT~1\VPTray.exe" [2004-03-31 14:46 124128] "USB Storage Toolbox"="C:\Program Files\USBToolbox\Res.EXE" [2004-08-12 04:42 122880] "BJCFD"="C:\Program Files\BroadJump\Client Foundation\CFD.exe" [2003-01-27 16:16 376912] "StandardInstall"="" [] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-12-18 21:11 282624] "HPWireless"="C:\Program Files\HP Wireless Adapter\HPWLAN.exe" [2006-10-04 22:51 618496] "Motive SmartBridge"="C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe" [2005-08-24 07:51 438359] "Club-Internet_McciTrayApp"="C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe" [2005-11-15 17:46 543232] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312] "a-squared"="C:\Program Files\a-squared Anti-Malware\a2guard.exe" [2008-01-07 17:56 1816208] "KernelFaultCheck"="C:\WINDOWS\system32\dumprep 0 -k" [ ] "combofix"="C:\ComboFix[1]\kmd.exe" [2004-08-05 22:00 400896] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 22:00 15360] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableRegistryTools"= 0 (0x0) R2 CyberLink Media Library Service(HP TVPlay);CyberLink Media Library Service(HP TVPlay);"C:\Program Files\HP\TVPlay\Kernel\CLML_NTService\CLMLServer.exe" [2006-04-03 12:34] R2 TVPCapSvc;CyberLink Background Capture Service (CBCS HP TVPlay);"C:\Program Files\HP\TVPlay\Kernel\TV\TVPCapSvc.exe" [2006-04-03 12:35] R2 TVPSched;CyberLink Task Scheduler (CTS HP TVPlay);"C:\Program Files\HP\TVPlay\Kernel\TV\TVPSched.exe" [2006-04-03 12:35] R3 nvsmu;nvsmu;C:\WINDOWS\system32\DRIVERS vsmu.sys [2006-03-06 00:49] R3 WN4501HLFZZ(Technology Corporation);802.11g Wireless USB Adapter(Technology Corporation);C:\WINDOWS\system32\DRIVERS\O4501U.sys [2005-06-01 05:04] S2 DefWatchLightScribeService;Symantec AntiVirus Definition Watcher DefWatchLightScribeService;C:\WINDOWS\system32\amcompatb.exe srv [] S3 MODBDA2;DiBcom MOD3000 TV receiver;C:\WINDOWS\system32\Drivers\modbda2.sys [2006-05-13 08:52] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1c24eeae-9a4b-11db-9a50-0016367e2849}] \Shell\Auto\command - AdobeR.exe e \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2dd212d3-d7a8-11db-9ac1-0016367e2849}] \Shell\Auto\command - setup.exe \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL setup.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2dd212d4-d7a8-11db-9ac1-0016367e2849}] \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6c201bbe-83ac-11db-9a1c-0016367e2849}] \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ac382526-68f7-11dc-9b27-0016367e2849}] \Shell\AutoRun\command - F:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c192ca89-83a2-11db-9a19-0016367e2849}] \Shell\AutoRun\command - F:\PortableApps\PortableAppsMenu\PortableAppsMenu.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ccfe651a-5ea1-11db-99c9-0016367e2849}] \Shell\Auto\command - AdobeR.exe e \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dc255e26-65aa-11db-99d9-4d6564696130}] \Shell\AutoRun\command - F:\ReadMe.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{df158542-8e14-11db-9a29-0016367e2849}] \Shell\Auto\command - setup.exe \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL setup.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ee25035b-f67b-11db-9add-0016367e2849}] \Shell\Auto\command - F:\AdobeR.exe e \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f57c543e-5b9a-11db-99bf-0016367e2849}] \Shell\Auto\command - AdobeR.exe e \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' "2008-02-03 19:00:00 C:\WINDOWS\Tasks\HPpromotions journeysoftware.job" - C:\Program Files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-02-04 19:12:03 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cach‚s ... Balayage cach‚ autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run QlbCtrl = %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start? Cpqset = C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe????????????,?@? ????L??????R?@?????,?@ KernelFaultCheck = %systemroot%\system32\dumprep 0 -k? Balayage des fichiers cach‚s ... Scan termin‚ avec succŠs Les fichiers cach‚s: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\Program Files\a-squared Anti-Malware\a2service.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\system32 vsvc32.exe C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\Program Files\Windows Media Player\WMPNetwk.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Hewlett-Packard\HP Pavilion Webcam\HPWebcam.exe C:\Program Files\Adobe\Acrobat 7.0\Reader eader_sl.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\NoBrand\Wireless Network Manager\Monitor.exe C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe . ************************************************************************** . Temps d'accomplissement: 2008-02-04 19:14:30 - machine was rebooted ComboFix-quarantined-files.txt 2008-02-04 18:14:25 . 2008-01-26 16:11:59 --- E O F ---

Regis59 · Answer

ok

Avec OtMoveIt, supprime ceci

C:\WINDOWS\dpqhqae.exe 

A+

jserret · Answer

voila

C:\WINDOWS\dpqhqae.exe moved successfully.
 
Created on 02/04/2008 20:28:15

jserret · Answer

je viens de faire le test mais mon problème persiste!!!!

Regis59 · Answer

OK

Fais un scan en ligne Kaspersky avec Internet Explorer :
- Clique sur Démarrer Online-Scanner

- Clique maintenant sur J'accepte.
- Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.
- Patiente pendant l'installation des Mises à jour.
- Choisis par la suite l'analyse du Poste de travail.
- Sauvegarde puis colle le rapport généré en fin d'analyse.

AIDE : Configurer le contrôle des ActiveX

NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.

jserret · Answer

KASPERSKY ON-LINE SCANNER REPORT  
Tuesday, February 05, 2008 10:05:09 PM
Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 5/02/2008
Enregistrements dans la base antivirus Kaspersky : 509900
 
 
Paramètres d'analyse 
Analyser avec la base antivirus suivante standard 
Analyser les archives vrai 
Analyser les bases de messagerie vrai 
 
Cible de l'analyse Poste de travail 
C:\
D:\
E:\  
 
Statistiques de l'analyse 
Total d'objets analysés 84224 
Nombre de virus trouvés 13 
Nombre d'objets infectés 31 / 0 
Nombre d'objets suspects 0 
Durée de l'analyse 01:34:21 

Nom de l'objet infecté Nom du virus Dernière action 
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\05D40000.VBN  Infecté : Worm.Win32.RJump.a  ignoré  
 
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07700000.VBN  Infecté : Worm.Win32.RJump.a  ignoré  
 
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\081C0000.VBN/MagicApplet.class  Infecté : Trojan-Downloader.Java.OpenConnection.ao  ignoré  
 
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\081C0000.VBN/Installer.class  Infecté : Trojan-Downloader.Java.OpenConnection.ao  ignoré  
 
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\081C0000.VBN  ZIP: infecté - 2  ignoré  
 
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\081C0000.VBN  CryptZ: infecté - 2  ignoré  
 
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\081C0001.VBN/MagicApplet.class  Infecté : Trojan-Downloader.Java.OpenConnection.ao  ignoré  
 
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\081C0001.VBN/Installer.class  Infecté : Trojan-Downloader.Java.OpenConnection.ao  ignoré  
 
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\081C0001.VBN  ZIP: infecté - 2  ignoré  
 
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\081C0001.VBN  CryptZ: infecté - 2  ignoré  
 
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08C40000.VBN  Infecté : Worm.Win32.RJump.a  ignoré  
 
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08EC0000.VBN  Infecté : Worm.Win32.RJump.a  ignoré  
 
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\09300000.VBN  Infecté : Trojan-Downloader.Win32.Agent.hzi  ignoré  
 
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CFC0000.VBN  Infecté : Trojan.Win32.Inject.mf  ignoré  
 
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0D080000.VBN  Infecté : Trojan-PSW.Win32.Sinowal.gf  ignoré  
 
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0D080001.VBN  Infecté : Trojan-PSW.Win32.Sinowal.gf  ignoré  
 
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0D080002.VBN  Infecté : Trojan-PSW.Win32.Sinowal.gf  ignoré  
 
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0D080003.VBN  Infecté : Trojan-PSW.Win32.Sinowal.gf  ignoré  
 
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0D080006.VBN  Infecté : Trojan-Downloader.Win32.Diehard.dr  ignoré  
 
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0D080007.VBN  Infecté : Trojan-Downloader.Win32.Agent.dpe  ignoré  
 
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0D080008.VBN  Infecté : Trojan-Dropper.Win32.Agent.dnu  ignoré  
 
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0FD00000.VBN  Infecté : Trojan.Win32.Inject.mf  ignoré  
 
C:\Documents and Settings\Julien SERRET\Bureau\MSNFix\27012008_10431110.zip/backup/blhhjtpx.exe  Infecté : Trojan-Clicker.Win32.Costrat.de  ignoré  
 
C:\Documents and Settings\Julien SERRET\Bureau\MSNFix\27012008_10431110.zip/backup/kxhacvkl.exe  Infecté : Trojan-Downloader.Win32.Agent.hyy  ignoré  
 
C:\Documents and Settings\Julien SERRET\Bureau\MSNFix\27012008_10431110.zip  ZIP: infecté - 2  ignoré  
 
C:\Documents and Settings\Julien SERRET\Cookies\index.dat  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\Julien SERRET\Historique\History.IE5\index.dat  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\Julien SERRET\Historique\History.IE5\MSHist012008020520080206\index.dat  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\Julien SERRET\Local Settings\Application Data\ApplicationHistory\hpqimzone.exe.3204510e.ini.inuse  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\Julien SERRET\Local Settings\Application Data\HP\Digital Imaging\db\administrativeInfo.dbf  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\Julien SERRET\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.cdx  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\Julien SERRET\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.dbf  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\Julien SERRET\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.cdx  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\Julien SERRET\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.dbf  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\Julien SERRET\Local Settings\Application Data\HP\Digital Imaging\db\CB_Server_Errors.txt  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\Julien SERRET\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.cdx  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\Julien SERRET\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.dbf  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\Julien SERRET\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.cdx  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\Julien SERRET\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.dbf  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\Julien SERRET\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.fpt  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\Julien SERRET\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.cdx  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\Julien SERRET\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.dbf  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\Julien SERRET\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.cdx  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\Julien SERRET\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.dbf  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\Julien SERRET\Local Settings\Application Data\HP\Digital Imaging\db\managedFolderTable.dbf  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\Julien SERRET\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.cdx  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\Julien SERRET\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.dbf  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\Julien SERRET\Local Settings\Application Data\HP\Digital Imaging\db\propertiesTable.cdx  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\Julien SERRET\Local Settings\Application Data\HP\Digital Imaging\db\propertiesTable.dbf  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\Julien SERRET\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.cdx  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\Julien SERRET\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.dbf  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\Julien SERRET\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.cdx  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\Julien SERRET\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.dbf  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\Julien SERRET\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\Julien SERRET\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\Julien SERRET\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\Julien SERRET\Local Settings\Temp\hpodvd09.log  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\Julien SERRET\Local Settings\Temp\~DF2C3D.tmp  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\Julien SERRET\NTUSER.DAT  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\Julien SERRET
tuser.dat.LOG  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\Julien SERRET\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\Julien SERRET\Temporary Internet Files\Content.IE5\HHMLHFLW\131655_squirting_while_fingering_myself[1].flv  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\Julien SERRET\Temporary Internet Files\Content.IE5\index.dat  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\LocalService\Cookies\index.dat  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\LocalService\NTUSER.DAT  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\LocalService
tuser.dat.LOG  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\NetworkService\Cookies\index.dat  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\NetworkService\NTUSER.DAT  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\NetworkService
tuser.dat.LOG  L'objet est verrouillé  ignoré  
 
C:\Program Files\Club-Internet\Le Compagnon Club\log\mpbtn.log  L'objet est verrouillé  ignoré  
 
C:\Program Files\Club-Internet\Le Compagnon Club\SmartBridge\AlertFilter.log  L'objet est verrouillé  ignoré  
 
C:\Program Files\Club-Internet\Le Compagnon Club\SmartBridge\log\httpclient.log  L'objet est verrouillé  ignoré  
 
C:\Program Files\Club-Internet\Le Compagnon Club\SmartBridge\SmartBridge.log  L'objet est verrouillé  ignoré  
 
C:\Program Files\HP\TVPlay\Kernel\CLML_NTService\CLML_MAIN\CLML.db  L'objet est verrouillé  ignoré  
 
C:\System Volume Information\MountPointManagerRemoteDatabase  L'objet est verrouillé  ignoré  
 
C:\System Volume Information\_restore{7B611537-58DE-4087-B3A2-96B0BFF92CB3}\RP198\A0022345.exe  Infecté : Trojan.Win32.Patched.bl  ignoré  
 
C:\System Volume Information\_restore{7B611537-58DE-4087-B3A2-96B0BFF92CB3}\RP203\A0028667.exe  Infecté : Trojan-Clicker.Win32.Costrat.de  ignoré  
 
C:\System Volume Information\_restore{7B611537-58DE-4087-B3A2-96B0BFF92CB3}\RP203\A0028679.exe  Infecté : Trojan-Clicker.Win32.Costrat.de  ignoré  
 
C:\System Volume Information\_restore{7B611537-58DE-4087-B3A2-96B0BFF92CB3}\RP208\A0033840.exe  Infecté : Packed.Win32.CPEX-based.ao  ignoré  
 
C:\System Volume Information\_restore{7B611537-58DE-4087-B3A2-96B0BFF92CB3}\RP212\change.log  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\Debug\PASSWD.LOG  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\SchedLgU.Txt  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\Sti_Trace.log  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\3956332696.dat  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\amcompatb.exe  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\CatRoot2\edb.log  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\CatRoot2	mp.edb  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\config\AppEvent.Evt  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\config\default  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\config\default.LOG  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\config\Internet.evt  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\config\SAM  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\config\SAM.LOG  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\config\SecEvent.Evt  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\config\SECURITY  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\config\SECURITY.LOG  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\config\software  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\config\software.LOG  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\config\SysEvent.Evt  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\config\system  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\config\system.LOG  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\drivers\sptd.sys  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\h323log.txt  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\Temp\CLML_AGENT_LOG1.txt  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\Temp\sqlite_OdYQpu6xceSVSYE  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\wiaservc.log  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\WindowsUpdate.log  L'objet est verrouillé  ignoré  
 
C:\_OTMoveIt\MovedFiles\WINDOWS\dpqhqae.exe  Infecté : Trojan.Win32.Patched.bl  ignoré  
 
C:\_OTMoveIt\MovedFiles\WINDOWS\system32\mmmsacsac.dll  Infecté : Trojan.Win32.Small.aao  ignoré  
 
Analyse terminée.

Regis59 · Answer

ok

ou en sont tes soucis?

A+

jserret · Answer

Salut,
tjs au mm point!!!
les virus trouvés par Kapersky ont été effacés??
A+

Regis59 · Answer

Les infections détectés sont neutralisés.

Peux tu me dire les soucis qu il te reste?

A+

jserret · Answer

Salut!
mes soucis sont les même qu'au début à savoir une invasion de fenetres dont le titre est "Proxy de messagerie Symantec"!
pour exemple voici le contenu d'une de ces fenetres:
votre message destiné à mivelle@twentyfirst.com dont le sujet est Your valentine's day will be SPECIAL this year n'a pas pu etre envoyé car la connexion avec votre serveur de messagerie a été interrompue. Ouvrez votre client de messagerie et renvoyez l'e_mail à partir du dossier e-mail envoyés.

j'ai environ 5 fenetres de ce type qui s'ouvrent par seconde si je reste connecté. Parallement à celles-ce il y a également des fenetres de Symantec où il y écrit par exemple:
Analyse du message 1 de 2
0% terminé.

Pour que je puisse utiliser ma connexion internet j'ai donc désactivé l'option "Messagerie Internet - Auto protect" de Symantec car sinon c'est impraticable.
Lorsque tu me demandes où en sont mes soucis je réactive cette option et laisse arriver les fenetres!!

je sais pas si ça a un interet mais au démarrage de mon PC en bas à droite une bulle windows apparait sur la protection de mon ordinateur et quand je clic dessus j'arrive sur le centre de sécurité windows où à coté de Protection Antivirus il y a : Vérifier le statut!

Voilà où en sont mes problèmes!!

A+

Regis59 · Answer

Ok.
Tu as bien acheter cet antivirus? Il est toujours sous licence?

A+

afideg · Answer

Salut régis59

Regarde ça : 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1c24ee ae-9a4b-11db-9a50-0016367e2849}] 
\Shell\Auto\command - AdobeR.exe e 
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2dd212 d3-d7a8-11db-9ac1-0016367e2849}] 
\Shell\Auto\command - setup.exe 
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL setup.exe 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2dd212 d4-d7a8-11db-9ac1-0016367e2849}] 
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6c201b be-83ac-11db-9a1c-0016367e2849}] 
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ccfe65 1a-5ea1-11db-99c9-0016367e2849}] 
\Shell\Auto\command - AdobeR.exe e 
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dc255e 26-65aa-11db-99d9-4d6564696130}] 
\Shell\AutoRun\command - F:\ReadMe.exe 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{df1585 42-8e14-11db-9a29-0016367e2849}] 
\Shell\Auto\command - setup.exe 
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL setup.exe 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ee2503 5b-f67b-11db-9add-0016367e2849}] 
\Shell\Auto\command - F:\AdobeR.exe e 
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f57c54 3e-5b9a-11db-99bf-0016367e2849}] 
\Shell\Auto\command - AdobeR.exe e 
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e


Disques amovibles ??
Merci de me conseiller éventuellement
Al.

jserret · Answer

salut Regis59
oui mon antivirus est toujours sous licence!!!

Regis59 · Answer

Salut Albert,

Ce qui est curieux en fait...

L'infection des disques amovibles, le fichier se situe ici:
O4 - HKLM\..\Run: [RavAV] C:\WINDOWS\AdobeR.exe

En outre, ça aurait du être une clé RUN. Jimmy a rencontré sur un autre poste, dans la même clé de registre, quelque chose d'inconnu. C'est peut être nouveau, je ne sais pas.

¤Affiche tous les fichiers et dossiers : 
Clique sur démarrer/panneau de configuration/outil/option des dossiers/affichage 

Coche « afficher les fichiers et dossiers cachés » 

Décoche la case "Masquer les fichiers protégés du système d'exploitation (recommandé)" 

Décoche « masquer les extensions dont le type est connu » 
Puis fais «Ok» pour valider les changements. 

Et appliquer !

Vas sur le site https://virusscan.jotti.org/ 
- Clic en haut à droite sur "Parcourir", navigue dans les dossiers et sélectionne ce fichier : F:\ReadMe.exe 
- Clic sur submit toujours en haut à droite 
- Le scan va se lancer, ça va prendre un petit instant 
- En bas, tu as le résultat du scan, copie/colle le résultat complet du scan ici. 
Aide : https://www.malekal.com/scan-antivirus-ligne-nod32/#mozTocId662799

Pareil avec:
F:\AdobeR.exe 

A+

afideg · Answer

Salut Régis59

Nous verrons la suite.
Si suite il y a.
Pour l'instant, il y a fuite !

Bonne semaine.
Al.

Regis59 · Answer

LOL pour l'instant, c'est l'inconnu :-)

Bonne semaine Albert!

jserret · Answer

Salut Regis59,
penses tu que je dois continuer à utiliser mon PC avec l'option "auto-protect de messagerie" de l'antivirus désactivée? je ne cours pas de risque?

A+

Regis59 · Answer

Salut

Tu ne cours pas de risques si tu n'ouvre et télécharge pas d'emails et de pièces jointes inconnues :)
Tout manière, on ne doit ouvrir que les mails d'expéditeurs connus, sinon, c'est directement supprimé ;)

A+

jserret · Answer

Salut,
j'ai recu des mails de la part de mon opérateur (Club-internet) se plaignant de mon problème, voici ce mail:

Cher(e) abonné(e),

Suite a differentes plaintes qui nous ont ete adressees, nous avons identifie la presence d'un serveur Open proxy sur votre machine.

Un proxy est une passerelle logicielle qui isole un réseau local en adressant en son nom les requêtes lancées par les postes du réseau global. 

Quand un proxy est en mode "Open", cela signifie que tout internaute connecte peut utiliser votre machine comme passerelle afin de lancer des attaques vers d'autres machines du reseau global.

Ce logiciel opere sur votre machine a votre insu, il est tres difficile de le detecter. En effet, aucun anti-virus ne peut l'identifier ni l'eliminer.

Nous vous demandons de prendre toutes les mesures necessaires afin d'eliminer cet Open Proxy de votre machine.
Pour toute aide, nous vous invitons a contacter le support de votre systeme d'exploitation, afin qu'il vous conseille sur la meilleure maniere de resoudre le probleme.

Ce probleme resulte très souvent d'une infection virale sur votre ordinateur, nous vous recommandons de tester l'integrite de votre ordinateur par le biais d'un antivirus en ligne, tel que celui disponible sur http://securite.club-internet.fr

Cordialement,
_______________________________________________________________
Service Abuse Club-Internet
Groupe Neuf Cegetel
11 rue de Cambrai 75927 Paris Cedex 19
https://actus.sfr.fr

Regis59 · Answer

Ok, tu as fais ce qui est indiqué au dessu?

a+

jserret · Answer

oui mais leur antivirus n'a rien trouvé sur mon pc!!!

Regis59 · Answer

Non, ceci:

¤Affiche tous les fichiers et dossiers :
Clique sur démarrer/panneau de configuration/outil/option des dossiers/affichage

Coche « afficher les fichiers et dossiers cachés »

Décoche la case "Masquer les fichiers protégés du système d'exploitation (recommandé)"

Décoche « masquer les extensions dont le type est connu »
Puis fais «Ok» pour valider les changements.

Et appliquer !

Vas sur le site https://virusscan.jotti.org/
- Clic en haut à droite sur "Parcourir", navigue dans les dossiers et sélectionne ce fichier : F:\ReadMe.exe
- Clic sur submit toujours en haut à droite
- Le scan va se lancer, ça va prendre un petit instant
- En bas, tu as le résultat du scan, copie/colle le résultat complet du scan ici.
Aide : https://www.malekal.com/scan-antivirus-ligne-nod32/#mozTocId662799

Pareil avec:
F:\AdobeR.exe

A+

Regis59 · Answer

Et tu feras cela:

Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe 
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
•	Redémarre ton ordinateur
•	Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
•	A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
•	Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
•	Choisis ton compte.
Déroule la liste des instructions ci-dessous :
•	Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
•	Appuie sur Y pour commencer le processus de nettoyage.
•	Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
•	Appuie sur une touche pour redémarrer le PC.
•	Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
•	Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
•	Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
•	Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
•	Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis !

jserret · Answer

salut!!
j'ai un problème dans ton premier poste le fichier à sélectionner pour l'analyse n'est pas visible...

jserret · Answer

voici le rapport de SDFix:


SDFix: Version 1.142

Run by Julien SERRET on 15/02/2008 at 19:24

Microsoft Windows XP [version 5.1.2600]

Running From: C:\SDFix

Safe Mode:
Checking Services: 

Name:
fak32

Path:
\??\C:\WINDOWS\system32\drivers\fak32.sys 

fak32 - Deleted



Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...


Normal Mode:
Checking Files: 

Trojan Files Found:

C:\541217~1 - Deleted
C:\WINDOWS\system32\drivers\fak32.sys  - Deleted





Removing Temp Files...

ADS Check:
 


                                 Final Check:

catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-15 19:34:01
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:e63c43ca
"s2"=dword:752611b3
"h0"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:aa,41,59,63,84,75,8c,ba,eb,09,1e,7f,b0,29,24,4b,3c,8a,10,e9,04,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:aa,41,59,63,84,75,8c,ba,eb,09,1e,7f,b0,29,24,4b,3c,8a,10,e9,04,..

scanning hidden registry entries ...

scanning hidden files ...


scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 1


Remaining Services:
------------------



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

Remaining Files:
---------------

File Backups: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes:

Thu 30 Jan 2003       143,360 A..H. --- "C:\WINDOWS\autoclk.exe"
Fri 27 May 2005        10,752 A..H. --- "C:\WINDOWS\hh.exe"
Fri 13 Nov 1998       308,224 A..H. --- "C:\WINDOWS\IsUn040c.exe"
Thu  5 Aug 2004        70,656 A..H. --- "C:\WINDOWS\NOTEPAD.EXE"
Thu  5 Aug 2004       153,088 A..H. --- "C:\WINDOWSegedit.exe"
Thu  5 Aug 2004        15,872 A..H. --- "C:\WINDOWS\TASKMAN.EXE"
Thu  5 Aug 2004        94,864 A..H. --- "C:\WINDOWS	wain.dll"
Thu  5 Aug 2004        50,688 A..H. --- "C:\WINDOWS	wain_32.dll"
Thu  5 Aug 2004        49,680 A..H. --- "C:\WINDOWS	wunk_16.exe"
Thu  5 Aug 2004        25,600 A..H. --- "C:\WINDOWS	wunk_32.exe"
Tue 19 Jul 2005     2,973,696 ...H. --- "C:\WINDOWS\UNNeroVision.exe"
Mon 27 Jun 2005     2,957,312 ...H. --- "C:\WINDOWS\UNNMP.exe"
Thu  5 Aug 2004        18,944 A..H. --- "C:\WINDOWS\vmmreg32.dll"
Thu  5 Aug 2004       256,768 A..H. --- "C:\WINDOWS\winhelp.exe"
Thu  5 Aug 2004       288,256 A..H. --- "C:\WINDOWS\winhlp32.exe"
Thu  5 Aug 2004           707 A..H. --- "C:\WINDOWS\_default.pif"
Thu  5 Aug 2004     2,804,224 A..H. --- "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msi.dll"
Thu  5 Aug 2004        77,312 A..H. --- "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msiexec.exe"
Thu  5 Aug 2004       331,264 A..H. --- "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msihnd.dll"
Thu  5 Aug 2004       884,736 A..H. --- "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msimsg.dll"
Thu  5 Aug 2004        44,032 A..H. --- "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msisip.dll"
Thu  5 Aug 2004       174,080 ...H. --- "C:\WINDOWS\$NtUninstallKB911280$asmans.dll"
Thu  5 Aug 2004       229,888 ...H. --- "C:\WINDOWS\$NtUninstallKB902400$\catsrv.dll"
Thu  5 Aug 2004       628,224 ...H. --- "C:\WINDOWS\$NtUninstallKB902400$\catsrvut.dll"
Thu  5 Aug 2004       110,080 ...H. --- "C:\WINDOWS\$NtUninstallKB902400$\clbcatex.dll"
Thu  5 Aug 2004       501,248 ...H. --- "C:\WINDOWS\$NtUninstallKB902400$\clbcatq.dll"
Thu  5 Aug 2004        62,464 ...H. --- "C:\WINDOWS\$NtUninstallKB902400$\colbact.dll"
Thu  5 Aug 2004       195,584 ...H. --- "C:\WINDOWS\$NtUninstallKB902400$\comadmin.dll"
Thu  5 Aug 2004        82,432 ...H. --- "C:\WINDOWS\$NtUninstallKB902400$\comrepl.dll"
Thu  5 Aug 2004     1,251,840 ...H. --- "C:\WINDOWS\$NtUninstallKB902400$\comsvcs.dll"
Thu  5 Aug 2004       540,160 ...H. --- "C:\WINDOWS\$NtUninstallKB902400$\comuid.dll"
Thu  5 Aug 2004       243,200 ...H. --- "C:\WINDOWS\$NtUninstallKB902400$\es.dll"
Fri 29 Apr 2005     1,284,608 ...H. --- "C:\WINDOWS\$NtUninstallKB902400$\ole32.dll"
Fri 29 Apr 2005        75,264 ...H. --- "C:\WINDOWS\$NtUninstallKB902400$\olecli32.dll"
Fri 29 Apr 2005        37,888 ...H. --- "C:\WINDOWS\$NtUninstallKB902400$\olecnv32.dll"
Fri 29 Apr 2005       395,776 ...H. --- "C:\WINDOWS\$NtUninstallKB902400$pcss.dll"
Thu  5 Aug 2004       101,376 ...H. --- "C:\WINDOWS\$NtUninstallKB902400$	xflog.dll"
Thu  5 Aug 2004       425,472 ...H. --- "C:\WINDOWS\$NtUninstallKB913580$\msdtcprx.dll"
Thu  5 Aug 2004       949,248 ...H. --- "C:\WINDOWS\$NtUninstallKB913580$\msdtctm.dll"
Thu  5 Aug 2004       161,280 ...H. --- "C:\WINDOWS\$NtUninstallKB913580$\msdtcuiu.dll"
Thu  5 Aug 2004        66,560 ...H. --- "C:\WINDOWS\$NtUninstallKB913580$\mtxclu.dll"
Thu  5 Aug 2004        90,112 ...H. --- "C:\WINDOWS\$NtUninstallKB913580$\mtxoci.dll"
Thu  5 Aug 2004        11,776 ...H. --- "C:\WINDOWS\$NtUninstallKB913580$\xolehlp.dll"
Tue 11 May 2004        28,672 ...H. --- "C:\WINDOWS\$NtUninstallKB914440$\custsat.dll"
Thu  5 Aug 2004       143,360 ...H. --- "C:\WINDOWS\$NtUninstallKB911562$\msadco.dll"
Fri 14 Jan 2005     1,284,608 A..H. --- "C:\WINDOWS\$NtUninstallKB894391$\ole32.dll"
Fri 14 Jan 2005        75,264 A..H. --- "C:\WINDOWS\$NtUninstallKB894391$\olecli32.dll"
Fri 14 Jan 2005        37,888 A..H. --- "C:\WINDOWS\$NtUninstallKB894391$\olecnv32.dll"
Fri 14 Jan 2005       395,776 A..H. --- "C:\WINDOWS\$NtUninstallKB894391$pcss.dll"
Thu 12 Oct 2006        42,496 ...H. --- "C:\WINDOWS\$NtUninstallKB920213$\agentdp2.dll"
Thu 12 Oct 2006        57,344 ...H. --- "C:\WINDOWS\$NtUninstallKB920213$\agentdpv.dll"
Thu 12 Oct 2006       256,512 ...H. --- "C:\WINDOWS\$NtUninstallKB920213$\agentsvr.exe"
Mon 16 Oct 2006       121,856 ...H. --- "C:\WINDOWS\$NtUninstallKB920213$\xpsp3res.dll"
Thu  5 Aug 2004     8,440,320 ...H. --- "C:\WINDOWS\$NtUninstallKB908531$\shell32.dll"
Wed 17 Nov 2004        68,608 ...H. --- "C:\WINDOWS\$NtUninstallKB920670$\hlink.dll"
Thu  5 Aug 2004     1,048,576 ...H. --- "C:\WINDOWS\$NtUninstallKB917422$\kernel32.dll"
Thu  5 Aug 2004       364,544 A..H. --- "C:\WINDOWS\$NtUninstallKB911564$
pdsplay.dll"
Thu  5 Aug 2004        77,850 A..H. --- "C:\WINDOWS\$NtUninstallKB888113$\hlink.dll"
Thu  5 Aug 2004       336,256 A..H. --- "C:\WINDOWS\$NtUninstallKB896422$\srv.sys"
Fri 17 Mar 2006       679,424 ...H. --- "C:\WINDOWS\$NtUninstallKB920214$\inetcomm.dll"
Tue  3 Aug 2004       171,776 ...H. --- "C:\WINDOWS\$NtUninstallKB920872$\kmixer.sys"
Tue  3 Aug 2004         6,400 ...H. --- "C:\WINDOWS\$NtUninstallKB920872$\splitter.sys"
Tue  3 Aug 2004        82,944 ...H. --- "C:\WINDOWS\$NtUninstallKB920872$\wdmaud.sys"
Thu  5 Aug 2004        16,896 ...H. --- "C:\WINDOWS\$NtUninstallKB922582$\fltlib.dll"
Thu  5 Aug 2004       139,400 ...H. --- "C:\WINDOWS\$NtUninstallKB899591$dpwd.sys"
Thu 29 Sep 2005     2,138,112 A..H. --- "C:\WINDOWS\$NtUninstallKB909095$
tkrnlmp.exe"
Thu 29 Sep 2005     2,017,792 A..H. --- "C:\WINDOWS\$NtUninstallKB909095$
tkrnlpa.exe"
Thu 29 Sep 2005     2,017,792 A..H. --- "C:\WINDOWS\$NtUninstallKB909095$
tkrpamp.exe"
Thu 29 Sep 2005     2,138,112 A..H. --- "C:\WINDOWS\$NtUninstallKB909095$
toskrnl.exe"
Thu  5 Aug 2004       253,952 A..H. --- "C:\WINDOWS\$NtUninstallKB901214$\icm32.dll"
Thu  5 Aug 2004        73,728 A..H. --- "C:\WINDOWS\$NtUninstallKB901214$\mscms.dll"
Thu  5 Aug 2004       198,144 ...H. --- "C:\WINDOWS\$NtUninstallKB905414$
etman.dll"
Thu  5 Aug 2004       450,560 ...H. --- "C:\WINDOWS\$NtUninstallKB917344$\jscript.dll"
Thu  5 Aug 2004        96,768 ...H. --- "C:\WINDOWS\$NtUninstallKB888302$\srvsvc.dll"
Thu  5 Aug 2004       241,664 A..H. --- "C:\WINDOWS\$NtUninstallKB888402$\srrstr.dll"
Thu  5 Aug 2004       171,008 A..H. --- "C:\WINDOWS\$NtUninstallKB888402$\srsvc.dll"
Thu  5 Aug 2004        49,152 ...H. --- "C:\WINDOWS\$NtUninstallKB904942$\wdigest.dll"
Thu  5 Aug 2004       148,480 ...H. --- "C:\WINDOWS\$NtUninstallKB920683$\dnsapi.dll"
Thu  5 Aug 2004         8,192 ...H. --- "C:\WINDOWS\$NtUninstallKB920683$asadhlp.dll"
Wed  4 Aug 2004     1,667,584 A..H. --- "C:\WINDOWS\$NtUninstallKB887472$\msmsgs.exe"
Wed  4 Aug 2004        58,496 A..H. --- "C:\WINDOWS\$NtUninstallKB915326$edbook.sys"
Thu  5 Aug 2004       200,064 ...H. --- "C:\WINDOWS\$NtUninstallKB919007$mcast.sys"
Thu  5 Aug 2004     4,874,240 A..H. --- "C:\WINDOWS\$NtUninstallKB911565$\wmp.dll"
Fri 13 Jan 2006       359,808 ...H. --- "C:\WINDOWS\$NtUninstallKB917953$	cpip.sys"
Thu  5 Aug 2004       332,288 ...H. --- "C:\WINDOWS\$NtUninstallKB921883$
etapi32.dll"
Thu  5 Aug 2004        57,856 A..H. --- "C:\WINDOWS\$NtUninstallKB896423$\spoolsv.exe"
Wed  2 Mar 2005     1,836,416 ...H. --- "C:\WINDOWS\$NtUninstallKB896424$\win32k.sys"
Thu  5 Aug 2004       537,088 ...H. --- "C:\WINDOWS\$NtUninstallKB918118$\msftedit.dll"
Thu  5 Aug 2004       431,616 ...H. --- "C:\WINDOWS\$NtUninstallKB918118$iched20.dll"
Thu  5 Aug 2004       359,040 A..H. --- "C:\WINDOWS\$NtUninstallKB893066$	cpip.sys"
Thu  5 Aug 2004     2,067,968 ...H. --- "C:\WINDOWS\$NtUninstallKB901017$\cdosys.dll"
Thu 26 May 2005       359,808 A..H. --- "C:\WINDOWS\$NtUninstallKB913446$	cpip.sys"
Thu  5 Aug 2004        58,880 ...H. --- "C:\WINDOWS\$NtUninstallKB890046$\agentdpv.dll"
Thu  5 Aug 2004        18,944 ...H. --- "C:\WINDOWS\$NtUninstallKB900725$\linkinfo.dll"
Wed  2 Mar 2005       291,840 ...H. --- "C:\WINDOWS\$NtUninstallKB900725$\winsrv.dll"
Thu  5 Aug 2004       182,912 A..H. --- "C:\WINDOWS\$NtUninstallKB912436$
dis.sys"
Thu  5 Aug 2004        69,120 ...H. --- "C:\WINDOWS\$NtUninstallKB920685$\ciodm.dll"
Thu  5 Aug 2004     1,440,768 ...H. --- "C:\WINDOWS\$NtUninstallKB920685$\query.dll"
Tue  3 Aug 2004       142,464 ...H. --- "C:\WINDOWS\$NtUninstallKB900485$\aec.sys"
Thu  5 Aug 2004       263,040 ...H. --- "C:\WINDOWS\$NtUninstallKB916595$\http.sys"
Thu  5 Aug 2004        61,056 A..H. --- "C:\WINDOWS\$NtUninstallKB885464$\ohci1394.sys"
Thu  5 Aug 2004       678,400 ...H. --- "C:\WINDOWS\$NtUninstallKB911567$\inetcomm.dll"
Thu  5 Aug 2004     1,311,232 ...H. --- "C:\WINDOWS\$NtUninstallKB911567$\msoe.dll"
Thu  5 Aug 2004       504,832 ...H. --- "C:\WINDOWS\$NtUninstallKB911567$\wab32.dll"
Thu  5 Aug 2004        84,992 ...H. --- "C:\WINDOWS\$NtUninstallKB911567$\wabimp.dll"
Thu  5 Aug 2004        39,552 A..H. --- "C:\WINDOWS\$NtUninstallKB884575$\processr.sys"
Thu  5 Aug 2004     1,097,728 ...H. --- "C:\WINDOWS\$NtUninstallKB910437$\esent.dll"
Fri 17 Mar 2006     8,508,416 ...H. --- "C:\WINDOWS\$NtUninstallKB921398$\shell32.dll"
Thu  5 Aug 2004       134,400 A..H. --- "C:\WINDOWS\$NtUninstallKB896256$\hal.dll"
Thu  5 Aug 2004     2,017,280 A..H. --- "C:\WINDOWS\$NtUninstallKB896256$
tkrnlpa.exe"
Thu  5 Aug 2004     2,150,400 A..H. --- "C:\WINDOWS\$NtUninstallKB896256$
toskrnl.exe"
Thu  5 Aug 2004     1,293,824 A..H. --- "C:\WINDOWS\$NtUninstallKB904706$\quartz.dll"
Thu  5 Aug 2004       111,616 ...H. --- "C:\WINDOWS\$NtUninstallKB914388$\dhcpcsvc.dll"
Thu  5 Aug 2004        95,744 ...H. --- "C:\WINDOWS\$NtUninstallKB914388$\iphlpapi.dll"
Wed 19 Jan 2005       451,584 ...H. --- "C:\WINDOWS\$NtUninstallKB914389$\mrxsmb.sys"
Thu  5 Aug 2004       176,512 ...H. --- "C:\WINDOWS\$NtUninstallKB914389$dbss.sys"
Thu  5 Aug 2004        67,584 A..H. --- "C:\WINDOWS\$NtUninstallKB911927$\webclnt.dll"
Thu  5 Aug 2004       119,808 ...H. --- "C:\WINDOWS\$NtUninstallKB905749$\umpnpmgr.dll"
Thu  5 Aug 2004     1,017,344 A..H. --- "C:\WINDOWS\$NtUninstallKB896727$\browseui.dll"
Thu  5 Aug 2004       151,552 A..H. --- "C:\WINDOWS\$NtUninstallKB896727$\cdfview.dll"
Thu  5 Aug 2004        18,432 A..H. --- "C:\WINDOWS\$NtUninstallKB896727$\iedw.exe"
Thu  5 Aug 2004       249,344 A..H. --- "C:\WINDOWS\$NtUninstallKB896727$\iepeers.dll"
Thu  5 Aug 2004        96,768 A..H. --- "C:\WINDOWS\$NtUninstallKB896727$\inseng.dll"
Thu  5 Aug 2004     3,003,392 A..H. --- "C:\WINDOWS\$NtUninstallKB896727$\mshtml.dll"
Thu  5 Aug 2004       448,512 A..H. --- "C:\WINDOWS\$NtUninstallKB896727$\mshtmled.dll"
Thu  5 Aug 2004       146,432 A..H. --- "C:\WINDOWS\$NtUninstallKB896727$\msrating.dll"
Thu  5 Aug 2004        39,424 A..H. --- "C:\WINDOWS\$NtUninstallKB896727$\pngfilt.dll"
Thu  5 Aug 2004     1,483,776 A..H. --- "C:\WINDOWS\$NtUninstallKB896727$\shdocvw.dll"
Thu  5 Aug 2004       474,112 A..H. --- "C:\WINDOWS\$NtUninstallKB896727$\shlwapi.dll"
Thu  5 Aug 2004       603,136 A..H. --- "C:\WINDOWS\$NtUninstallKB896727$\urlmon.dll"
Thu  5 Aug 2004       660,480 A..H. --- "C:\WINDOWS\$NtUninstallKB896727$\wininet.dll"
Thu  5 Aug 2004        77,824 ...H. --- "C:\WINDOWS\$NtUninstallKB896428$	elnet.exe"
Thu  5 Aug 2004       563,200 A..H. --- "C:\WINDOWS\$NtUninstallKB888239$\msobmain.dll"
Fri 16 Nov 2001     1,081,344 ...H. --- "C:\WINDOWS\$NtUninstallKB898458$\orun32.exe"
Thu  5 Aug 2004        79,360 A..H. --- "C:\WINDOWS\$NtUninstallKB908519$\fontsub.dll"
Thu  5 Aug 2004       210,432 A..H. --- "C:\WINDOWS\$NtUninstallKB908519$	2embed.dll"
Thu  5 Aug 2004       144,896 ...H. --- "C:\WINDOWS\$NtUninstallKB918439$\jgdw400.dll"
Thu  5 Aug 2004        42,496 ...H. --- "C:\WINDOWS\$NtUninstallKB918439$\jgpl400.dll"
Thu  5 Aug 2004       728,576 ...H. --- "C:\WINDOWS\$NtUninstallKB885835$\lsasrv.dll"
Thu  5 Aug 2004        10,752 A..H. --- "C:\WINDOWS\$NtUninstallKB896358$\hh.exe"
Thu  5 Aug 2004        38,912 A..H. --- "C:\WINDOWS\$NtUninstallKB896358$\hhsetup.dll"
Thu  5 Aug 2004       143,872 A..H. --- "C:\WINDOWS\$NtUninstallKB896358$\itircl.dll"
Thu  5 Aug 2004       134,144 A..H. --- "C:\WINDOWS\$NtUninstallKB896358$\itss.dll"
Thu  5 Aug 2004       391,168 A..H. --- "C:\WINDOWS\$NtUninstallKB910728$	hemeui.dll"
Thu  5 Aug 2004       352,256 ...H. --- "C:\WINDOWS\$NtUninstallKB873339$\hypertrm.dll"
Thu  5 Aug 2004       246,272 ...H. --- "C:\WINDOWS\$NtUninstallKB893756$	apisrv.dll"
Thu  5 Aug 2004       294,400 ...H. --- "C:\WINDOWS\$NtUninstallKB899587$\kerberos.dll"
Tue 10 Aug 2004     5,550,080 ...H. --- "C:\WINDOWS\$NtUninstallKB917734_WMP10$\wmp.dll"
Mon  9 Jan 2006     1,023,488 ...H. --- "C:\WINDOWS\$NtUninstallKB918899$\browseui.dll"
Mon  9 Jan 2006       152,064 ...H. --- "C:\WINDOWS\$NtUninstallKB918899$\cdfview.dll"
Mon  9 Jan 2006     1,056,768 ...H. --- "C:\WINDOWS\$NtUninstallKB918899$\danim.dll"
Thu  5 Aug 2004       357,888 ...H. --- "C:\WINDOWS\$NtUninstallKB918899$\dxtmsft.dll"
Mon  9 Jan 2006       205,312 ...H. --- "C:\WINDOWS\$NtUninstallKB918899$\dxtrans.dll"
Mon  9 Jan 2006        55,808 ...H. --- "C:\WINDOWS\$NtUninstallKB918899$\extmgr.dll"
Sat  7 Jan 2006        18,432 ...H. --- "C:\WINDOWS\$NtUninstallKB918899$\iedw.exe"
Mon  9 Jan 2006       251,392 ...H. --- "C:\WINDOWS\$NtUninstallKB918899$\iepeers.dll"
Mon  9 Jan 2006        96,768 ...H. --- "C:\WINDOWS\$NtUninstallKB918899$\inseng.dll"
Thu  5 Aug 2004        15,872 ...H. --- "C:\WINDOWS\$NtUninstallKB918899$\jsproxy.dll"
Tue 31 Jan 2006     3,033,088 ...H. --- "C:\WINDOWS\$NtUninstallKB918899$\mshtml.dll"
Mon  9 Jan 2006       448,512 ...H. --- "C:\WINDOWS\$NtUninstallKB918899$\mshtmled.dll"
Mon  9 Jan 2006       146,432 ...H. --- "C:\WINDOWS\$NtUninstallKB918899$\msrating.dll"
Mon  9 Jan 2006       530,944 ...H. --- "C:\WINDOWS\$NtUninstallKB918899$\mstime.dll"
Mon  9 Jan 2006        39,424 ...H. --- "C:\WINDOWS\$NtUninstallKB918899$\pngfilt.dll"
Mon  9 Jan 2006     1,492,992 ...H. --- "C:\WINDOWS\$NtUninstallKB918899$\shdocvw.dll"
Mon  9 Jan 2006       474,624 ...H. --- "C:\WINDOWS\$NtUninstallKB918899$\shlwapi.dll"
Mon  9 Jan 2006       614,400 ...H. --- "C:\WINDOWS\$NtUninstallKB918899$\urlmon.dll"
Mon  9 Jan 2006       662,528 ...H. --- "C:\WINDOWS\$NtUninstallKB918899$\wininet.dll"
Tue  7 Feb 2006        17,920 ...H. --- "C:\WINDOWS\$NtUninstallKB918899$\xpsp3res.dll"
Tue 16 Mar 2004       136,960 A..H. --- "C:\WINDOWS\$NtUninstallKB892559$\portcls.sys"
Thu  5 Aug 2004       278,016 A..H. --- "C:\WINDOWS\$NtUninstallKB912919$\gdi32.dll"
Thu  5 Aug 2004        56,832 ...H. --- "C:\WINDOWS\$NtUninstallKB890859$\authz.dll"
Thu  5 Aug 2004       578,048 ...H. --- "C:\WINDOWS\$NtUninstallKB890859$\user32.dll"
Thu  5 Aug 2004     1,836,032 ...H. --- "C:\WINDOWS\$NtUninstallKB890859$\win32k.sys"
Thu  5 Aug 2004       291,328 ...H. --- "C:\WINDOWS\$NtUninstallKB890859$\winsrv.dll"
Thu  5 Aug 2004        41,984 ...H. --- "C:\WINDOWS\$NtUninstallKB920213_0$\agentdp2.dll"
Fri 22 Apr 2005        57,344 ...H. --- "C:\WINDOWS\$NtUninstallKB920213_0$\agentdpv.dll"
Thu  5 Aug 2004       256,512 ...H. --- "C:\WINDOWS\$NtUninstallKB920213_0$\agentsvr.exe"
Fri 23 Jun 2006        26,624 ...H. --- "C:\WINDOWS\$NtUninstallKB920213_0$\xpsp3res.dll"
Thu  5 Aug 2004     1,281,024 A..H. --- "C:\WINDOWS\$NtUninstallKB873333$\ole32.dll"
Thu  5 Aug 2004        69,120 A..H. --- "C:\WINDOWS\$NtUninstallKB873333$\olecli32.dll"
Thu  5 Aug 2004        34,304 A..H. --- "C:\WINDOWS\$NtUninstallKB873333$\olecnv32.dll"
Thu  5 Aug 2004       395,776 A..H. --- "C:\WINDOWS\$NtUninstallKB873333$pcss.dll"
Thu  5 Aug 2004       451,456 A..H. --- "C:\WINDOWS\$NtUninstallKB885250$\mrxsmb.sys"
Thu  5 Aug 2004       134,912 A..H. --- "C:\WINDOWS\$NtUninstallKB886185$\ipnat.sys"
Sun 26 Nov 2006            22 A.SH. --- "C:\WINDOWS\SMINST\HPCD.sys"
Thu 31 Jan 2008        20,480 A.SH. --- "C:\WINDOWS\system32\adadix16n.dll"
Sat 26 Jan 2008        38,400 ..SHR --- "C:\WINDOWS\system32\amcompatb.exe"
Wed 18 Apr 2007         4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Wed  1 Dec 2004         8,192 A..H. --- "C:\WINDOWS\$hf_mig$\KB873333\spmsg.dll"
Wed  1 Dec 2004       172,032 A..H. --- "C:\WINDOWS\$hf_mig$\KB873333\spuninst.exe"
Thu 14 Oct 2004         8,192 A..H. --- "C:\WINDOWS\$hf_mig$\KB873339\spmsg.dll"
Thu 14 Oct 2004       172,032 A..H. --- "C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe"
Wed  1 Dec 2004         8,192 A..H. --- "C:\WINDOWS\$hf_mig$\KB885250\spmsg.dll"
Wed  1 Dec 2004       172,032 A..H. --- "C:\WINDOWS\$hf_mig$\KB885250\spuninst.exe"
Thu 14 Oct 2004         8,192 A..H. --- "C:\WINDOWS\$hf_mig$\KB885835\spmsg.dll"
Thu 14 Oct 2004       172,032 A..H. --- "C:\WINDOWS\$hf_mig$\KB885835\spuninst.exe"
Thu 14 Oct 2004         8,192 A..H. --- "C:\WINDOWS\$hf_mig$\KB885836\spmsg.dll"
Thu 14 Oct 2004       172,032 A..H. --- "C:\WINDOWS\$hf_mig$\KB885836\spuninst.exe"
Fri 15 Oct 2004         8,192 A..H. --- "C:\WINDOWS\$hf_mig$\KB886185\spmsg.dll"
Fri 15 Oct 2004       172,032 A..H. --- "C:\WINDOWS\$hf_mig$\KB886185\spuninst.exe"
Fri 15 Oct 2004         8,192 A..H. --- "C:\WINDOWS\$hf_mig$\KB887472\spmsg.dll"
Fri 15 Oct 2004       172,032 A..H. --- "C:\WINDOWS\$hf_mig$\KB887472\spuninst.exe"
Fri 15 Oct 2004         8,192 A..H. --- "C:\WINDOWS\$hf_mig$\KB888113\spmsg.dll"
Fri 15 Oct 2004       172,032 A..H. --- "C:\WINDOWS\$hf_mig$\KB888113\spuninst.exe"
Tue 30 Nov 2004         8,192 A..H. --- "C:\WINDOWS\$hf_mig$\KB888302\spmsg.dll"
Tue 30 Nov 2004       172,032 A..H. --- "C:\WINDOWS\$hf_mig$\KB888302\spuninst.exe"
Thu 24 Feb 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB890046\spmsg.dll"
Thu 24 Feb 2005       213,216 A..H. --- "C:\WINDOWS\$hf_mig$\KB890046\spuninst.exe"
Thu 24 Feb 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB890859\spmsg.dll"
Thu 24 Feb 2005       213,216 A..H. --- "C:\WINDOWS\$hf_mig$\KB890859\spuninst.exe"
Fri 15 Oct 2004         8,192 A..H. --- "C:\WINDOWS\$hf_mig$\KB891781\spmsg.dll"
Fri 15 Oct 2004       172,032 A..H. --- "C:\WINDOWS\$hf_mig$\KB891781\spuninst.exe"
Fri 25 Feb 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB893066\spmsg.dll"
Fri 25 Feb 2005       213,216 A..H. --- "C:\WINDOWS\$hf_mig$\KB893066\spuninst.exe"
Thu 24 Feb 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB893756\spmsg.dll"
Thu 24 Feb 2005       213,216 A..H. --- "C:\WINDOWS\$hf_mig$\KB893756\spuninst.exe"
Fri 25 Feb 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB894391\spmsg.dll"
Fri 25 Feb 2005       213,216 A..H. --- "C:\WINDOWS\$hf_mig$\KB894391\spuninst.exe"
Fri 25 Feb 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB896358\spmsg.dll"
Fri 25 Feb 2005       213,216 A..H. --- "C:\WINDOWS\$hf_mig$\KB896358\spuninst.exe"
Fri 25 Feb 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB896422\spmsg.dll"
Fri 25 Feb 2005       213,216 A..H. --- "C:\WINDOWS\$hf_mig$\KB896422\spuninst.exe"
Fri 25 Feb 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB896423\spmsg.dll"
Fri 25 Feb 2005       213,216 A..H. --- "C:\WINDOWS\$hf_mig$\KB896423\spuninst.exe"
Thu 24 Feb 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB896424\spmsg.dll"
Thu 24 Feb 2005       213,216 A..H. --- "C:\WINDOWS\$hf_mig$\KB896424\spuninst.exe"
Thu 24 Feb 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB896428\spmsg.dll"
Thu 24 Feb 2005       213,216 A..H. --- "C:\WINDOWS\$hf_mig$\KB896428\spuninst.exe"
Fri 25 Feb 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB896727\spmsg.dll"
Fri 25 Feb 2005       213,216 A..H. --- "C:\WINDOWS\$hf_mig$\KB896727\spuninst.exe"
Fri 25 Feb 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB898461\spmsg.dll"
Fri 25 Feb 2005       213,216 A..H. --- "C:\WINDOWS\$hf_mig$\KB898461\spuninst.exe"
Fri 25 Feb 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB898461\spupdsvc.exe"
Thu 24 Feb 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB899587\spmsg.dll"
Thu 24 Feb 2005       213,216 A..H. --- "C:\WINDOWS\$hf_mig$\KB899587\spuninst.exe"
Thu 24 Feb 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB899591\spmsg.dll"
Thu 24 Feb 2005       213,216 A..H. --- "C:\WINDOWS\$hf_mig$\KB899591\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB900485\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB900485\spuninst.exe"
Thu 24 Feb 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB900725\spmsg.dll"
Thu 24 Feb 2005       213,216 A..H. --- "C:\WINDOWS\$hf_mig$\KB900725\spuninst.exe"
Thu 24 Feb 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB901017\spmsg.dll"
Thu 24 Feb 2005       213,216 A..H. --- "C:\WINDOWS\$hf_mig$\KB901017\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB901190\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB901190\spuninst.exe"
Fri 25 Feb 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB901214\spmsg.dll"
Fri 25 Feb 2005       213,216 A..H. --- "C:\WINDOWS\$hf_mig$\KB901214\spuninst.exe"
Thu 24 Feb 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB902400\spmsg.dll"
Thu 24 Feb 2005       213,216 A..H. --- "C:\WINDOWS\$hf_mig$\KB902400\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB904706\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB904706\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB904942\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB904942\spuninst.exe"
Fri 25 Feb 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB905414\spmsg.dll"
Fri 25 Feb 2005       213,216 A..H. --- "C:\WINDOWS\$hf_mig$\KB905414\spuninst.exe"
Thu 24 Feb 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB905749\spmsg.dll"
Thu 24 Feb 2005       213,216 A..H. --- "C:\WINDOWS\$hf_mig$\KB905749\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB908519\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB908519\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB908531\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB908531\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB910437\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB910437\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB911280\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB911280\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB911562\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB911562\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB911567\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB911567\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB911927\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB911927\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB912919\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB912919\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB912945\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB912945\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB913446\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB913446\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB913580\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB913580\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB914388\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB914388\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB914389\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB914389\spuninst.exe"
Thu 13 Oct 2005        14,048 A..H. --- "C:\WINDOWS\$hf_mig$\KB915865\spmsg.dll"
Thu 13 Oct 2005       213,216 A..H. --- "C:\WINDOWS\$hf_mig$\KB915865\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB916595\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB916595\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB917344\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB917344\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB917422\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB917422\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB917953\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB917953\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB918118\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB918118\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB918439\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB918439\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB918899\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB918899\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB919007\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB919007\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB920213\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB920213\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB920214\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB920214\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB920670\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB920670\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB920683\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB920683\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB920685\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB920685\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB920872\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB920872\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB921398\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB921398\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB921883\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB921883\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB922582\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB922582\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB922616\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB922616\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB922819\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB922819\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB923414\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB923414\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB923694\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB923694\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB923980\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB923980\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB924191\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB924191\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB924270\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB924270\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB924496\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB924496\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB925486\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB925486\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB926255\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB926255\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB926436\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB926436\spuninst.exe"
Thu 19 Jan 2006        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB927779\spmsg.dll"
Thu 19 Jan 2006       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB927779\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB927802\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB927802\spuninst.exe"
Thu 19 Jan 2006        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB928255\spmsg.dll"
Thu 19 Jan 2006       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB928255\spuninst.exe"
Thu 13 Oct 2005        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB928843\spmsg.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB928843\spuninst.exe"
Thu 19 Jan 2006        15,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB931836\spmsg.dll"
Thu 19 Jan 2006       216,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB931836\spuninst.exe"
Tue  3 May 2005       213,216 A..H. --- "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Tue  3 May 2005       395,488 A..H. --- "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\updspapi.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$NtUninstallKB901190$\spuninst\updspapi.dll"
Thu 13 Oct 2005       216,800 ...H. --- "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Thu 13 Oct 2005       394,976 ...H. --- "C:\WINDOWS\$NtUninstallKB911280$\spuninst\updspapi.dll"
Thu 24 Feb 2005       213,216 ...H. --- "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Thu 24 Feb 2005       395,488 ...H. --- "C:\WINDOWS\$NtUninstallKB902400$\spuninst\updspapi.dll"
Thu 13 Oct 2005       216,800 ...H. --- "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Thu 13 Oct 2005       394,976 ...H. --- "C:\WINDOWS\$NtUninstallKB913580$\spuninst\updspapi.dll"
Thu 13 Oct 2005       216,800 ...H. --- "C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
Thu 13 Oct 2005       394,976 ...H. --- "C:\WINDOWS\$NtUninstallKB914440$\spuninst\updspapi.dll"
Thu 13 Oct 2005       216,800 ...H. --- "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Thu 13 Oct 2005       394,976 ...H. --- "C:\WINDOWS\$NtUninstallKB911562$\spuninst\updspapi.dll"
Fri 25 Feb 2005       213,216 A..H. --- "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Fri 25 Feb 2005       395,488 A..H. --- "C:\WINDOWS\$NtUninstallKB894391$\spuninst\updspapi.dll"
Thu 13 Oct 2005       216,800 ...H. --- "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Thu 13 Oct 2005       394,976 ...H. --- "C:\WINDOWS\$NtUninstallKB920213$\spuninst\updspapi.dll"
Thu 13 Oct 2005       216,800 ...H. --- "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Thu 13 Oct 2005       394,976 ...H. --- "C:\WINDOWS\$NtUninstallKB908531$\spuninst\updspapi.dll"
Thu 13 Oct 2005       216,800 ...H. --- "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Thu 13 Oct 2005       394,976 ...H. --- "C:\WINDOWS\$NtUninstallKB920670$\spuninst\updspapi.dll"
Thu 13 Oct 2005       216,800 ...H. --- "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
Thu 13 Oct 2005       394,976 ...H. --- "C:\WINDOWS\$NtUninstallKB917422$\spuninst\updspapi.dll"
Fri 25 Feb 2005       213,216 A..H. --- "C:\WINDOWS\$NtUninstallKB903235$\spuninst\spuninst.exe"
Fri 25 Feb 2005       395,488 A..H. --- "C:\WINDOWS\$NtUninstallKB903235$\spuninst\updspapi.dll"
Tue 28 Jun 2005       216,800 A..H. --- "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
Tue 28 Jun 2005       371,424 A..H. --- "C:\WINDOWS\$NtUninstallKB911564$\spuninst\updspapi.dll"
Fri 15 Oct 2004       172,032 A..H. --- "C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe"
Fri 25 Feb 2005       213,216 A..H. --- "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
Fri 25 Feb 2005       395,488 A..H. --- "C:\WINDOWS\$NtUninstallKB896422$\spuninst\updspapi.dll"
Thu 13 Oct 2005       216,800 ...H. --- "C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe"
Thu 13 Oct 2005       394,976 ...H. --- "C:\WINDOWS\$NtUninstallKB920214$\spuninst\updspapi.dll"
Thu 13 Oct 2005       216,800 ...H. --- "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Thu 13 Oct 2005       394,976 ...H. --- "C:\WINDOWS\$NtUninstallKB920872$\spuninst\updspapi.dll"
Thu 24 Feb 2005       213,216 ...H. --- "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Thu 24 Feb 2005       395,488 ...H. --- "C:\WINDOWS\$NtUninstallKB899591$\spuninst\updspapi.dll"
Fri 25 Feb 2005       213,216 A..H. --- "C:\WINDOWS\$NtUninstallKB909095$\spuninst\spuninst.exe"
Fri 25 Feb 2005       395,488 A..H. --- "C:\WINDOWS\$NtUninstallKB909095$\spuninst\updspapi.dll"
Fri 25 Feb 2005       213,216 A..H. --- "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Fri 25 Feb 2005       395,488 A..H. --- "C:\WINDOWS\$NtUninstallKB901214$\spuninst\updspapi.dll"
Fri 25 Feb 2005       213,216 ...H. --- "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Fri 25 Feb 2005       395,488 ...H. --- "C:\WINDOWS\$NtUninstallKB905414$\spuninst\updspapi.dll"
Thu 13 Oct 2005       216,800 ...H. --- "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
Thu 13 Oct 2005       394,976 ...H. --- "C:\WINDOWS\$NtUninstallKB917344$\spuninst\updspapi.dll"
Tue 30 Nov 2004       172,032 ...H. --- "C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe"
Thu 14 Oct 2004       172,032 A..H. --- "C:\WINDOWS\$NtUninstallKB888402$\spuninst\spuninst.exe"
Fri 25 Feb 2005       213,216 ...H. --- "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Fri 25 Feb 2005       395,488 ...H. --- "C:\WINDOWS\$NtUninstallKB898461$\spuninst\updspapi.dll"
Thu 13 Oct 2005       216,800 ...H. --- "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
Thu 13 Oct 2005       394,976 ...H. --- "C:\WINDOWS\$NtUninstallKB904942$\spuninst\updspapi.dll"
Thu 13 Oct 2005       216,800 ...H. --- "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Thu 13 Oct 2005       394,976 ...H. --- "C:\WINDOWS\$NtUninstallKB920683$\spuninst\updspapi.dll"
Fri 15 Oct 2004       172,032 A..H. --- "C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe"
Fri 15 Oct 2004       172,032 A..H. --- "C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$NtUninstallKB915326$\spuninst\spuninst.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$NtUninstallKB915326$\spuninst\updspapi.dll"
Thu 13 Oct 2005       216,800 ...H. --- "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Thu 13 Oct 2005       394,976 ...H. --- "C:\WINDOWS\$NtUninstallKB919007$\spuninst\updspapi.dll"
Tue 28 Jun 2005       216,800 A..H. --- "C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Tue 28 Jun 2005       371,424 A..H. --- "C:\WINDOWS\$NtUninstallKB911565$\spuninst\updspapi.dll"
Thu 13 Oct 2005       216,800 ...H. --- "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
Thu 13 Oct 2005       394,976 ...H. --- "C:\WINDOWS\$NtUninstallKB917953$\spuninst\updspapi.dll"
Thu 13 Oct 2005       216,800 ...H. --- "C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
Thu 13 Oct 2005       394,976 ...H. --- "C:\WINDOWS\$NtUninstallKB921883$\spuninst\updspapi.dll"
Fri 25 Feb 2005       213,216 A..H. --- "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Fri 25 Feb 2005       395,488 A..H. --- "C:\WINDOWS\$NtUninstallKB896423$\spuninst\updspapi.dll"
Thu 24 Feb 2005       213,216 ...H. --- "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
Thu 24 Feb 2005       395,488 ...H. --- "C:\WINDOWS\$NtUninstallKB896424$\spuninst\updspapi.dll"
Thu 13 Oct 2005       216,800 ...H. --- "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Thu 13 Oct 2005       394,976 ...H. --- "C:\WINDOWS\$NtUninstallKB918118$\spuninst\updspapi.dll"
Fri 25 Feb 2005       213,216 A..H. --- "C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe"
Fri 25 Feb 2005       395,488 A..H. --- "C:\WINDOWS\$NtUninstallKB893066$\spuninst\updspapi.dll"
Thu 14 Oct 2004       172,032 A..H. --- "C:\WINDOWS\$NtUninstallKB889673$\spuninst\spuninst.exe"
Thu 24 Feb 2005       213,216 ...H. --- "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Thu 24 Feb 2005       395,488 ...H. --- "C:\WINDOWS\$NtUninstallKB901017$\spuninst\updspapi.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$NtUninstallKB913446$\spuninst\updspapi.dll"
Thu 24 Feb 2005       213,216 ...H. --- "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Thu 24 Feb 2005       395,488 ...H. --- "C:\WINDOWS\$NtUninstallKB890046$\spuninst\updspapi.dll"
Thu 24 Feb 2005       213,216 ...H. --- "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Thu 24 Feb 2005       395,488 ...H. --- "C:\WINDOWS\$NtUninstallKB900725$\spuninst\updspapi.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$NtUninstallKB912436$\spuninst\spuninst.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$NtUninstallKB912436$\spuninst\updspapi.dll"
Thu 13 Oct 2005       216,800 ...H. --- "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Thu 13 Oct 2005       394,976 ...H. --- "C:\WINDOWS\$NtUninstallKB920685$\spuninst\updspapi.dll"
Thu 13 Oct 2005       216,800 ...H. --- "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Thu 13 Oct 2005       394,976 ...H. --- "C:\WINDOWS\$NtUninstallKB900485$\spuninst\updspapi.dll"
Thu 13 Oct 2005       216,800 ...H. --- "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Thu 13 Oct 2005       394,976 ...H. --- "C:\WINDOWS\$NtUninstallKB916595$\spuninst\updspapi.dll"
Sun 19 Sep 2004       172,032 A..H. --- "C:\WINDOWS\$NtUninstallKB885464$\spuninst\spuninst.exe"
Thu 13 Oct 2005       216,800 ...H. --- "C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
Thu 13 Oct 2005       394,976 ...H. --- "C:\WINDOWS\$NtUninstallKB911567$\spuninst\updspapi.dll"
Thu 13 Oct 2005       213,216 ...H. --- "C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
Thu 13 Oct 2005       371,424 ...H. --- "C:\WINDOWS\$NtUninstallKB915865$\spuninst\updspapi.dll"
Sat  7 Aug 2004       172,032 A..H. --- "C:\WINDOWS\$NtUninstallKB884575$\spuninst\spuninst.exe"
Thu 13 Oct 2005       216,800 ...H. --- "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Thu 13 Oct 2005       394,976 ...H. --- "C:\WINDOWS\$NtUninstallKB910437$\spuninst\updspapi.dll"
Thu 13 Oct 2005       216,800 ...H. --- "C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
Thu 13 Oct 2005       394,976 ...H. --- "C:\WINDOWS\$NtUninstallKB921398$\spuninst\updspapi.dll"
Wed 13 Jul 2005       213,216 A..H. --- "C:\WINDOWS\$NtUninstallKB896256$\spuninst\spuninst.exe"
Thu 24 Feb 2005       395,488 A..H. --- "C:\WINDOWS\$NtUninstallKB896256$\spuninst\updspapi.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$NtUninstallKB904706$\spuninst\updspapi.dll"
Thu 13 Oct 2005       216,800 ...H. --- "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Thu 13 Oct 2005       394,976 ...H. --- "C:\WINDOWS\$NtUninstallKB914388$\spuninst\updspapi.dll"
Thu 13 Oct 2005       216,800 ...H. --- "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Thu 13 Oct 2005       394,976 ...H. --- "C:\WINDOWS\$NtUninstallKB914389$\spuninst\updspapi.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$NtUninstallKB911927$\spuninst\updspapi.dll"
Thu 24 Feb 2005       213,216 ...H. --- "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Thu 24 Feb 2005       395,488 ...H. --- "C:\WINDOWS\$NtUninstallKB905749$\spuninst\updspapi.dll"
Fri 25 Feb 2005       213,216 A..H. --- "C:\WINDOWS\$NtUninstallKB896727$\spuninst\spuninst.exe"
Fri 25 Feb 2005       395,488 A..H. --- "C:\WINDOWS\$NtUninstallKB896727$\spuninst\updspapi.dll"
Thu 24 Feb 2005       213,216 ...H. --- "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Thu 24 Feb 2005       395,488 ...H. --- "C:\WINDOWS\$NtUninstallKB896428$\spuninst\updspapi.dll"
Thu 14 Oct 2004       172,032 A..H. --- "C:\WINDOWS\$NtUninstallKB888239$\spuninst\spuninst.exe"
Thu 24 Feb 2005       213,216 ...H. --- "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Thu 24 Feb 2005       395,488 ...H. --- "C:\WINDOWS\$NtUninstallKB898458$\spuninst\updspapi.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$NtUninstallKB908519$\spuninst\updspapi.dll"
Thu 13 Oct 2005       216,800 ...H. --- "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Thu 13 Oct 2005       394,976 ...H. --- "C:\WINDOWS\$NtUninstallKB918439$\spuninst\updspapi.dll"
Thu 14 Oct 2004       172,032 ...H. --- "C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe"
Thu 14 Oct 2004       172,032 ...H. --- "C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe"
Sun 19 Sep 2004       172,032 A..H. --- "C:\WINDOWS\$NtUninstallKB885855$\spuninst\spuninst.exe"
Fri 25 Feb 2005       213,216 A..H. --- "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Fri 25 Feb 2005       395,488 A..H. --- "C:\WINDOWS\$NtUninstallKB896358$\spuninst\updspapi.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$NtUninstallKB910728$\spuninst\spuninst.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$NtUninstallKB910728$\spuninst\updspapi.dll"
Thu 14 Oct 2004       172,032 ...H. --- "C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe"
Thu 24 Feb 2005       213,216 ...H. --- "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Thu 24 Feb 2005       395,488 ...H. --- "C:\WINDOWS\$NtUninstallKB893756$\spuninst\updspapi.dll"
Thu 24 Feb 2005       213,216 ...H. --- "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Thu 24 Feb 2005       395,488 ...H. --- "C:\WINDOWS\$NtUninstallKB899587$\spuninst\updspapi.dll"
Tue 28 Jun 2005       216,800 ...H. --- "C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Tue 28 Jun 2005       371,424 ...H. --- "C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\updspapi.dll"
Thu 13 Oct 2005       216,800 ...H. --- "C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe"
Thu 13 Oct 2005       394,976 ...H. --- "C:\WINDOWS\$NtUninstallKB918899$\spuninst\updspapi.dll"
Fri 25 Feb 2005       213,216 A..H. --- "C:\WINDOWS\$NtUninstallKB892559$\spuninst\spuninst.exe"
Fri 25 Feb 2005       395,488 A..H. --- "C:\WINDOWS\$NtUninstallKB892559$\spuninst\updspapi.dll"
Thu 13 Oct 2005       216,800 A..H. --- "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$NtUninstallKB912919$\spuninst\updspapi.dll"
Thu 24 Feb 2005       213,216 ...H. --- "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
Thu 24 Feb 2005       395,488 ...H. --- "C:\WINDOWS\$NtUninstallKB890859$\spuninst\updspapi.dll"
Thu 13 Oct 2005       216,800 ...H. --- "C:\WINDOWS\$NtUninstallKB920213_0$\spuninst\spuninst.exe"
Thu 13 Oct 2005       394,976 ...H. --- "C:\WINDOWS\$NtUninstallKB920213_0$\spuninst\updspapi.dll"
Thu 18 Nov 2004       213,216 A..H. --- "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
Thu 18 Nov 2004       395,488 A..H. --- "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\updspapi.dll"
Wed 24 May 2006       213,216 ...H. --- "C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Wed 24 May 2006       371,424 ...H. --- "C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\updspapi.dll"
Thu 25 May 2006       213,216 ...H. --- "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Thu 25 May 2006       371,424 ...H. --- "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\updspapi.dll"
Wed  1 Dec 2004       172,032 A..H. --- "C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe"
Wed  1 Dec 2004       172,032 A..H. --- "C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe"
Mon 20 Sep 2004       172,032 A..H. --- "C:\WINDOWS\$NtUninstallKB885884$\spuninst\spuninst.exe"
Fri 15 Oct 2004       172,032 A..H. --- "C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe"
Thu 25 Oct 2007             0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp"
Fri 14 Jan 2005     1,284,608 A..H. --- "C:\WINDOWS\$hf_mig$\KB873333\SP2QFE\ole32.dll"
Fri 14 Jan 2005        75,264 A..H. --- "C:\WINDOWS\$hf_mig$\KB873333\SP2QFE\olecli32.dll"
Fri 14 Jan 2005        37,376 A..H. --- "C:\WINDOWS\$hf_mig$\KB873333\SP2QFE\olecnv32.dll"
Fri 14 Jan 2005       395,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB873333\SP2QFEpcss.dll"
Wed  1 Dec 2004        21,504 A..H. --- "C:\WINDOWS\$hf_mig$\KB873333\update\spcustom.dll"
Wed  1 Dec 2004       666,624 A..H. --- "C:\WINDOWS\$hf_mig$\KB873333\update\update.exe"
Wed 17 Nov 2004       354,304 A..H. --- "C:\WINDOWS\$hf_mig$\KB873339\SP2QFE\hypertrm.dll"
Thu 14 Oct 2004        21,504 A..H. --- "C:\WINDOWS\$hf_mig$\KB873339\update\spcustom.dll"
Thu 14 Oct 2004       666,624 A..H. --- "C:\WINDOWS\$hf_mig$\KB873339\update\update.exe"
Wed 19 Jan 2005       451,584 A..H. --- "C:\WINDOWS\$hf_mig$\KB885250\SP2QFE\mrxsmb.sys"
Wed  1 Dec 2004        21,504 A..H. --- "C:\WINDOWS\$hf_mig$\KB885250\update\spcustom.dll"
Wed  1 Dec 2004       666,624 A..H. --- "C:\WINDOWS\$hf_mig$\KB885250\update\update.exe"
Thu 28 Oct 2004       728,576 A..H. --- "C:\WINDOWS\$hf_mig$\KB885835\SP2QFE\lsasrv.dll"
Thu 28 Oct 2004       448,128 A..H. --- "C:\WINDOWS\$hf_mig$\KB885835\SP2QFE\mrxsmb.sys"
Thu 28 Oct 2004       174,592 A..H. --- "C:\WINDOWS\$hf_mig$\KB885835\SP2QFEdbss.sys"
Thu 14 Oct 2004        21,504 A..H. --- "C:\WINDOWS\$hf_mig$\KB885835\update\spcustom.dll"
Thu 14 Oct 2004       666,624 A..H. --- "C:\WINDOWS\$hf_mig$\KB885835\update\update.exe"
Thu 14 Oct 2004        21,504 A..H. --- "C:\WINDOWS\$hf_mig$\KB885836\update\spcustom.dll"
Thu 14 Oct 2004       666,624 A..H. --- "C:\WINDOWS\$hf_mig$\KB885836\update\update.exe"
Thu 30 Sep 2004       134,912 A..H. --- "C:\WINDOWS\$hf_mig$\KB886185\SP2QFE\ipnat.sys"
Fri 15 Oct 2004        21,504 A..H. --- "C:\WINDOWS\$hf_mig$\KB886185\update\spcustom.dll"
Fri 15 Oct 2004       666,624 A..H. --- "C:\WINDOWS\$hf_mig$\KB886185\update\update.exe"
Thu 14 Oct 2004     1,694,208 A..H. --- "C:\WINDOWS\$hf_mig$\KB887472\SP2QFE\msmsgs.exe"
Fri 15 Oct 2004        21,504 A..H. --- "C:\WINDOWS\$hf_mig$\KB887472\update\spcustom.dll"
Fri 15 Oct 2004       666,624 A..H. --- "C:\WINDOWS\$hf_mig$\KB887472\update\update.exe"
Wed 17 Nov 2004        68,608 A..H. --- "C:\WINDOWS\$hf_mig$\KB888113\SP2QFE\hlink.dll"
Fri 15 Oct 2004        21,504 A..H. --- "C:\WINDOWS\$hf_mig$\KB888113\update\spcustom.dll"
Fri 15 Oct 2004       666,624 A..H. --- "C:\WINDOWS\$hf_mig$\KB888113\update\update.exe"
Tue  7 Dec 2004        96,768 A..H. --- "C:\WINDOWS\$hf_mig$\KB888302\SP2QFE\srvsvc.dll"
Tue 30 Nov 2004        21,504 A..H. --- "C:\WINDOWS\$hf_mig$\KB888302\update\spcustom.dll"
Tue 30 Nov 2004       666,624 A..H. --- "C:\WINDOWS\$hf_mig$\KB888302\update\update.exe"
Fri 22 Apr 2005        57,344 A..H. --- "C:\WINDOWS\$hf_mig$\KB890046\SP2QFE\agentdpv.dll"
Tue 17 May 2005        19,456 A..H. --- "C:\WINDOWS\$hf_mig$\KB890046\SP2QFE\spru040c.dll"
Thu 24 Feb 2005        22,240 A..H. --- "C:\WINDOWS\$hf_mig$\KB890046\update\spcustom.dll"
Thu 24 Feb 2005       730,336 A..H. --- "C:\WINDOWS\$hf_mig$\KB890046\update\update.exe"
Thu 24 Feb 2005       395,488 A..H. --- "C:\WINDOWS\$hf_mig$\KB890046\update\updspapi.dll"
Wed  2 Mar 2005        62,464 A..H. --- "C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\authz.dll"
Wed  2 Mar 2005     2,137,600 A..H. --- "C:\WINDOWS\$hf_mig$\KB890859\SP2QFE
tkrnlmp.exe"
Wed  2 Mar 2005     2,059,008 A..H. --- "C:\WINDOWS\$hf_mig$\KB890859\SP2QFE
tkrnlpa.exe"
Wed  2 Mar 2005     2,017,280 A..H. --- "C:\WINDOWS\$hf_mig$\KB890859\SP2QFE
tkrpamp.exe"
Wed  2 Mar 2005     2,181,632 A..H. --- "C:\WINDOWS\$hf_mig$\KB890859\SP2QFE
toskrnl.exe"
Wed  2 Mar 2005       578,048 A..H. --- "C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll"
Wed  2 Mar 2005     1,836,416 A..H. --- "C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\win32k.sys"
Wed  2 Mar 2005       291,840 A..H. --- "C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\winsrv.dll"
Thu 24 Feb 2005        22,240 A..H. --- "C:\WINDOWS\$hf_mig$\KB890859\update\spcustom.dll"
Thu 24 Feb 2005       730,336 A..H. --- "C:\WINDOWS\$hf_mig$\KB890859\update\update.exe"
Thu 24 Feb 2005       395,488 A..H. --- "C:\WINDOWS\$hf_mig$\KB890859\update\updspapi.dll"
Fri 15 Oct 2004        21,504 A..H. --- "C:\WINDOWS\$hf_mig$\KB891781\update\spcustom.dll"
Fri 15 Oct 2004       666,624 A..H. --- "C:\WINDOWS\$hf_mig$\KB891781\update\update.exe"
Thu 26 May 2005       359,936 A..H. --- "C:\WINDOWS\$hf_mig$\KB893066\SP2QFE	cpip.sys"
Fri 25 Feb 2005        22,240 A..H. --- "C:\WINDOWS\$hf_mig$\KB893066\update\spcustom.dll"
Fri 25 Feb 2005       730,336 A..H. --- "C:\WINDOWS\$hf_mig$\KB893066\update\update.exe"
Fri 25 Feb 2005       395,488 A..H. --- "C:\WINDOWS\$hf_mig$\KB893066\update\updspapi.dll"
Fri  8 Jul 2005       249,344 A..H. --- "C:\WINDOWS\$hf_mig$\KB893756\SP2QFE	apisrv.dll"
Thu  7 Jul 2005        30,720 A..H. --- "C:\WINDOWS\$hf_mig$\KB893756\update\arpidfix.exe"
Thu 24 Feb 2005        22,240 A..H. --- "C:\WINDOWS\$hf_mig$\KB893756\update\spcustom.dll"
Thu 24 Feb 2005       730,336 A..H. --- "C:\WINDOWS\$hf_mig$\KB893756\update\update.exe"
Thu 24 Feb 2005       395,488 A..H. --- "C:\WINDOWS\$hf_mig$\KB893756\update\updspapi.dll"
Thu 28 Apr 2005     1,286,144 A..H. --- "C:\WINDOWS\$hf_mig$\KB894391\SP2QFE\ole32.dll"
Fri 29 Apr 2005        75,264 A..H. --- "C:\WINDOWS\$hf_mig$\KB894391\SP2QFE\olecli32.dll"
Fri 29 Apr 2005        37,376 A..H. --- "C:\WINDOWS\$hf_mig$\KB894391\SP2QFE\olecnv32.dll"
Fri 29 Apr 2005       396,288 A..H. --- "C:\WINDOWS\$hf_mig$\KB894391\SP2QFEpcss.dll"
Fri 25 Feb 2005        22,240 A..H. --- "C:\WINDOWS\$hf_mig$\KB894391\update\spcustom.dll"
Fri 25 Feb 2005       730,336 A..H. --- "C:\WINDOWS\$hf_mig$\KB894391\update\update.exe"
Fri 25 Feb 2005       395,488 A..H. --- "C:\WINDOWS\$hf_mig$\KB894391\update\updspapi.dll"
Fri 27 May 2005        10,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\hh.exe"
Fri 27 May 2005        41,472 A..H. --- "C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\hhsetup.dll"
Fri 27 May 2005       155,136 A..H. --- "C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\itircl.dll"
Fri 27 May 2005       137,216 A..H. --- "C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\itss.dll"
Fri 25 Feb 2005        22,240 A..H. --- "C:\WINDOWS\$hf_mig$\KB896358\update\spcustom.dll"
Fri 25 Feb 2005       730,336 A..H. --- "C:\WINDOWS\$hf_mig$\KB896358\update\update.exe"
Fri 25 Feb 2005       395,488 A..H. --- "C:\WINDOWS\$hf_mig$\KB896358\update\updspapi.dll"
Tue 10 May 2005       332,544 A..H. --- "C:\WINDOWS\$hf_mig$\KB896422\SP2QFE\srv.sys"
Fri 25 Feb 2005        22,240 A..H. --- "C:\WINDOWS\$hf_mig$\KB896422\update\spcustom.dll"
Fri 25 Feb 2005       730,336 A..H. --- "C:\WINDOWS\$hf_mig$\KB896422\update\update.exe"
Fri 25 Feb 2005       395,488 A..H. --- "C:\WINDOWS\$hf_mig$\KB896422\update\updspapi.dll"
Sat 11 Jun 2005        57,856 A..H. --- "C:\WINDOWS\$hf_mig$\KB896423\SP2QFE\spoolsv.exe"
Thu 30 Jun 2005        30,720 A..H. --- "C:\WINDOWS\$hf_mig$\KB896423\update\arpidfix.exe"
Fri 25 Feb 2005        22,240 A..H. --- "C:\WINDOWS\$hf_mig$\KB896423\update\spcustom.dll"
Fri 25 Feb 2005       730,336 A..H. --- "C:\WINDOWS\$hf_mig$\KB896423\update\update.exe"
Fri 25 Feb 2005       395,488 A..H. --- "C:\WINDOWS\$hf_mig$\KB896423\update\updspapi.dll"
Thu  6 Oct 2005       280,064 A..H. --- "C:\WINDOWS\$hf_mig$\KB896424\SP2QFE\gdi32.dll"
Thu  6 Oct 2005     1,839,616 A..H. --- "C:\WINDOWS\$hf_mig$\KB896424\SP2QFE\win32k.sys"
Wed  5 Oct 2005        30,720 A..H. --- "C:\WINDOWS\$hf_mig$\KB896424\update\arpidfix.exe"
Thu 24 Feb 2005        22,240 A..H. --- "C:\WINDOWS\$hf_mig$\KB896424\update\spcustom.dll"
Thu 24 Feb 2005       730,336 A..H. --- "C:\WINDOWS\$hf_mig$\KB896424\update\update.exe"
Thu 24 Feb 2005       395,488 A..H. --- "C:\WINDOWS\$hf_mig$\KB896424\update\updspapi.dll"
Wed 11 May 2005        78,336 A..H. --- "C:\WINDOWS\$hf_mig$\KB896428\SP2QFE	elnet.exe"
Thu 24 Feb 2005        22,240 A..H. --- "C:\WINDOWS\$hf_mig$\KB896428\update\spcustom.dll"
Thu 24 Feb 2005       730,336 A..H. --- "C:\WINDOWS\$hf_mig$\KB896428\update\update.exe"
Thu 24 Feb 2005       395,488 A..H. --- "C:\WINDOWS\$hf_mig$\KB896428\update\updspapi.dll"
Sun  3 Jul 2005     1,020,416 A..H. --- "C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\browseui.dll"
Sun  3 Jul 2005       152,064 A..H. --- "C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\cdfview.dll"
Sun  3 Jul 2005        18,432 A..H. --- "C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\iedw.exe"
Sun  3 Jul 2005       251,904 A..H. --- "C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\iepeers.dll"
Sun  3 Jul 2005        96,768 A..H. --- "C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\inseng.dll"
Wed 20 Jul 2005     3,014,144 A..H. --- "C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\mshtml.dll"
Sun  3 Jul 2005       448,512 A..H. --- "C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\mshtmled.dll"
Sun  3 Jul 2005       146,432 A..H. --- "C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\msrating.dll"
Sun  3 Jul 2005        39,424 A..H. --- "C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\pngfilt.dll"
Sun  3 Jul 2005

jserret · Answer

la suite...

Sun  3 Jul 2005     1,485,824 A..H. --- "C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\shdocvw.dll"
Sun  3 Jul 2005       474,112 A..H. --- "C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\shlwapi.dll"
Sun  3 Jul 2005       606,208 A..H. --- "C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\urlmon.dll"
Sun  3 Jul 2005       663,552 A..H. --- "C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\wininet.dll"
Wed 20 Jul 2005        30,720 A..H. --- "C:\WINDOWS\$hf_mig$\KB896727\update\arpidfix.exe"
Fri 25 Feb 2005        22,240 A..H. --- "C:\WINDOWS\$hf_mig$\KB896727\update\spcustom.dll"
Fri 25 Feb 2005       730,336 A..H. --- "C:\WINDOWS\$hf_mig$\KB896727\update\update.exe"
Fri 25 Feb 2005       395,488 A..H. --- "C:\WINDOWS\$hf_mig$\KB896727\update\updspapi.dll"
Fri 25 Feb 2005        22,240 A..H. --- "C:\WINDOWS\$hf_mig$\KB898461\update\spcustom.dll"
Fri 25 Feb 2005       730,336 A..H. --- "C:\WINDOWS\$hf_mig$\KB898461\update\update.exe"
Fri 25 Feb 2005       395,488 A..H. --- "C:\WINDOWS\$hf_mig$\KB898461\update\updspapi.dll"
Wed 15 Jun 2005       297,984 A..H. --- "C:\WINDOWS\$hf_mig$\KB899587\SP2QFE\kerberos.dll"
Wed 29 Jun 2005        30,720 A..H. --- "C:\WINDOWS\$hf_mig$\KB899587\update\arpidfix.exe"
Thu 24 Feb 2005        22,240 A..H. --- "C:\WINDOWS\$hf_mig$\KB899587\update\spcustom.dll"
Thu 24 Feb 2005       730,336 A..H. --- "C:\WINDOWS\$hf_mig$\KB899587\update\update.exe"
Thu 24 Feb 2005       395,488 A..H. --- "C:\WINDOWS\$hf_mig$\KB899587\update\updspapi.dll"
Fri 10 Jun 2005       139,528 A..H. --- "C:\WINDOWS\$hf_mig$\KB899591\SP2QFEdpwd.sys"
Wed 29 Jun 2005        30,720 A..H. --- "C:\WINDOWS\$hf_mig$\KB899591\update\arpidfix.exe"
Thu 24 Feb 2005        22,240 A..H. --- "C:\WINDOWS\$hf_mig$\KB899591\update\spcustom.dll"
Thu 24 Feb 2005       730,336 A..H. --- "C:\WINDOWS\$hf_mig$\KB899591\update\update.exe"
Thu 24 Feb 2005       395,488 A..H. --- "C:\WINDOWS\$hf_mig$\KB899591\update\updspapi.dll"
Wed 15 Feb 2006       142,464 A..H. --- "C:\WINDOWS\$hf_mig$\KB900485\SP2QFE\aec.sys"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB900485\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB900485\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB900485\update\updspapi.dll"
Thu  1 Sep 2005        19,968 A..H. --- "C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\linkinfo.dll"
Fri 23 Sep 2005     8,508,928 A..H. --- "C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\shell32.dll"
Sat  3 Sep 2005       474,624 A..H. --- "C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\shlwapi.dll"
Tue 27 Sep 2005        23,552 A..H. --- "C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\spru040c.dll"
Thu  1 Sep 2005       292,352 A..H. --- "C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\winsrv.dll"
Mon 26 Sep 2005        30,720 A..H. --- "C:\WINDOWS\$hf_mig$\KB900725\update\arpidfix.exe"
Thu 24 Feb 2005        22,240 A..H. --- "C:\WINDOWS\$hf_mig$\KB900725\update\spcustom.dll"
Thu 24 Feb 2005       730,336 A..H. --- "C:\WINDOWS\$hf_mig$\KB900725\update\update.exe"
Thu 24 Feb 2005       395,488 A..H. --- "C:\WINDOWS\$hf_mig$\KB900725\update\updspapi.dll"
Sat 10 Sep 2005     2,068,480 A..H. --- "C:\WINDOWS\$hf_mig$\KB901017\SP2QFE\cdosys.dll"
Fri  9 Sep 2005        30,720 A..H. --- "C:\WINDOWS\$hf_mig$\KB901017\update\arpidfix.exe"
Thu 24 Feb 2005        22,240 A..H. --- "C:\WINDOWS\$hf_mig$\KB901017\update\spcustom.dll"
Thu 24 Feb 2005       730,336 A..H. --- "C:\WINDOWS\$hf_mig$\KB901017\update\update.exe"
Thu 24 Feb 2005       395,488 A..H. --- "C:\WINDOWS\$hf_mig$\KB901017\update\updspapi.dll"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB901190\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB901190\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB901190\update\updspapi.dll"
Wed 29 Jun 2005       254,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB901214\SP2QFE\icm32.dll"
Wed 29 Jun 2005        73,728 A..H. --- "C:\WINDOWS\$hf_mig$\KB901214\SP2QFE\mscms.dll"
Fri 25 Feb 2005        22,240 A..H. --- "C:\WINDOWS\$hf_mig$\KB901214\update\spcustom.dll"
Fri 25 Feb 2005       730,336 A..H. --- "C:\WINDOWS\$hf_mig$\KB901214\update\update.exe"
Fri 25 Feb 2005       395,488 A..H. --- "C:\WINDOWS\$hf_mig$\KB901214\update\updspapi.dll"
Tue 26 Jul 2005       225,792 A..H. --- "C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\catsrv.dll"
Tue 26 Jul 2005       625,152 A..H. --- "C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\catsrvut.dll"
Tue 26 Jul 2005       110,080 A..H. --- "C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\clbcatex.dll"
Tue 26 Jul 2005       498,688 A..H. --- "C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\clbcatq.dll"
Tue 26 Jul 2005        60,416 A..H. --- "C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\colbact.dll"
Tue 26 Jul 2005       195,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\comadmin.dll"
Tue 26 Jul 2005        97,792 A..H. --- "C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\comrepl.dll"
Tue 26 Jul 2005     1,267,200 A..H. --- "C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\comsvcs.dll"
Tue 26 Jul 2005       540,160 A..H. --- "C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\comuid.dll"
Tue 26 Jul 2005       243,200 A..H. --- "C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\es.dll"
Tue 26 Jul 2005         8,704 A..H. --- "C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\migregdb.exe"
Tue 26 Jul 2005       425,472 A..H. --- "C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\msdtcprx.dll"
Tue 26 Jul 2005       945,152 A..H. --- "C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\msdtctm.dll"
Tue 26 Jul 2005       161,280 A..H. --- "C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\msdtcuiu.dll"
Tue 26 Jul 2005        66,560 A..H. --- "C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\mtxclu.dll"
Tue 26 Jul 2005        91,136 A..H. --- "C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\mtxoci.dll"
Tue 26 Jul 2005     1,285,632 A..H. --- "C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\ole32.dll"
Tue 26 Jul 2005        75,264 A..H. --- "C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\olecli32.dll"
Tue 26 Jul 2005        37,376 A..H. --- "C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\olecnv32.dll"
Tue 26 Jul 2005       398,336 A..H. --- "C:\WINDOWS\$hf_mig$\KB902400\SP2QFEpcss.dll"
Tue 26 Jul 2005       101,376 A..H. --- "C:\WINDOWS\$hf_mig$\KB902400\SP2QFE	xflog.dll"
Tue 26 Jul 2005        11,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\xolehlp.dll"
Mon 25 Jul 2005        30,720 A..H. --- "C:\WINDOWS\$hf_mig$\KB902400\update\arpidfix.exe"
Thu 24 Feb 2005        22,240 A..H. --- "C:\WINDOWS\$hf_mig$\KB902400\update\spcustom.dll"
Thu 24 Feb 2005       730,336 A..H. --- "C:\WINDOWS\$hf_mig$\KB902400\update\update.exe"
Thu 24 Feb 2005       395,488 A..H. --- "C:\WINDOWS\$hf_mig$\KB902400\update\updspapi.dll"
Tue 30 Aug 2005     1,293,824 A..H. --- "C:\WINDOWS\$hf_mig$\KB904706\SP2QFE\quartz.dll"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB904706\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB904706\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB904706\update\updspapi.dll"
Fri 24 Mar 2006        49,152 A..H. --- "C:\WINDOWS\$hf_mig$\KB904942\SP2QFE\wdigest.dll"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB904942\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB904942\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB904942\update\updspapi.dll"
Mon 22 Aug 2005       197,632 A..H. --- "C:\WINDOWS\$hf_mig$\KB905414\SP2QFE
etman.dll"
Sat 20 Aug 2005        30,720 A..H. --- "C:\WINDOWS\$hf_mig$\KB905414\update\arpidfix.exe"
Fri 25 Feb 2005        22,240 A..H. --- "C:\WINDOWS\$hf_mig$\KB905414\update\spcustom.dll"
Fri 25 Feb 2005       730,336 A..H. --- "C:\WINDOWS\$hf_mig$\KB905414\update\update.exe"
Fri 25 Feb 2005       395,488 A..H. --- "C:\WINDOWS\$hf_mig$\KB905414\update\updspapi.dll"
Tue 23 Aug 2005       124,928 A..H. --- "C:\WINDOWS\$hf_mig$\KB905749\SP2QFE\umpnpmgr.dll"
Mon 22 Aug 2005        30,720 A..H. --- "C:\WINDOWS\$hf_mig$\KB905749\update\arpidfix.exe"
Thu 24 Feb 2005        22,240 A..H. --- "C:\WINDOWS\$hf_mig$\KB905749\update\spcustom.dll"
Thu 24 Feb 2005       730,336 A..H. --- "C:\WINDOWS\$hf_mig$\KB905749\update\update.exe"
Thu 24 Feb 2005       395,488 A..H. --- "C:\WINDOWS\$hf_mig$\KB905749\update\updspapi.dll"
Tue 18 Oct 2005        80,896 A..H. --- "C:\WINDOWS\$hf_mig$\KB908519\SP2QFE\fontsub.dll"
Tue 18 Oct 2005       117,760 A..H. --- "C:\WINDOWS\$hf_mig$\KB908519\SP2QFE	2embed.dll"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB908519\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB908519\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB908519\update\updspapi.dll"
Fri 17 Mar 2006     8,510,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB908531\SP2QFE\shell32.dll"
Wed 22 Mar 2006        25,088 A..H. --- "C:\WINDOWS\$hf_mig$\KB908531\SP2QFE\spru040c.dll"
Fri 17 Mar 2006        28,672 A..H. --- "C:\WINDOWS\$hf_mig$\KB908531\SP2QFE\verclsid.exe"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB908531\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB908531\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB908531\update\updspapi.dll"
Thu 20 Oct 2005     1,097,728 A..H. --- "C:\WINDOWS\$hf_mig$\KB910437\SP2QFE\esent.dll"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB910437\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB910437\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB910437\update\updspapi.dll"
Thu 22 Jun 2006       180,736 A..H. --- "C:\WINDOWS\$hf_mig$\KB911280\SP2QFEasmans.dll"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB911280\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB911280\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB911280\update\updspapi.dll"
Thu 23 Mar 2006       143,360 A..H. --- "C:\WINDOWS\$hf_mig$\KB911562\SP2QFE\msadco.dll"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB911562\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB911562\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB911562\update\updspapi.dll"
Fri 17 Mar 2006       679,424 A..H. --- "C:\WINDOWS\$hf_mig$\KB911567\SP2QFE\inetcomm.dll"
Fri 17 Mar 2006     1,311,744 A..H. --- "C:\WINDOWS\$hf_mig$\KB911567\SP2QFE\msoe.dll"
Fri 17 Mar 2006       510,464 A..H. --- "C:\WINDOWS\$hf_mig$\KB911567\SP2QFE\wab32.dll"
Fri 17 Mar 2006        85,504 A..H. --- "C:\WINDOWS\$hf_mig$\KB911567\SP2QFE\wabimp.dll"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB911567\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB911567\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB911567\update\updspapi.dll"
Wed  4 Jan 2006        68,096 A..H. --- "C:\WINDOWS\$hf_mig$\KB911927\SP2QFE\webclnt.dll"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB911927\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB911927\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB911927\update\updspapi.dll"
Thu 29 Dec 2005       280,064 A..H. --- "C:\WINDOWS\$hf_mig$\KB912919\SP2QFE\gdi32.dll"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB912919\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB912919\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB912919\update\updspapi.dll"
Mon  9 Jan 2006     1,022,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB912945\SP2QFE\browseui.dll"
Mon  9 Jan 2006       152,064 A..H. --- "C:\WINDOWS\$hf_mig$\KB912945\SP2QFE\cdfview.dll"
Mon  9 Jan 2006     1,056,768 A..H. --- "C:\WINDOWS\$hf_mig$\KB912945\SP2QFE\danim.dll"
Mon  9 Jan 2006       205,312 A..H. --- "C:\WINDOWS\$hf_mig$\KB912945\SP2QFE\dxtrans.dll"
Mon  9 Jan 2006        55,808 A..H. --- "C:\WINDOWS\$hf_mig$\KB912945\SP2QFE\extmgr.dll"
Sat  7 Jan 2006        18,432 A..H. --- "C:\WINDOWS\$hf_mig$\KB912945\SP2QFE\iedw.exe"
Mon  9 Jan 2006       251,904 A..H. --- "C:\WINDOWS\$hf_mig$\KB912945\SP2QFE\iepeers.dll"
Mon  9 Jan 2006        96,768 A..H. --- "C:\WINDOWS\$hf_mig$\KB912945\SP2QFE\inseng.dll"
Wed  1 Feb 2006     3,035,648 A..H. --- "C:\WINDOWS\$hf_mig$\KB912945\SP2QFE\mshtml.dll"
Mon  9 Jan 2006       448,512 A..H. --- "C:\WINDOWS\$hf_mig$\KB912945\SP2QFE\mshtmled.dll"
Mon  9 Jan 2006       146,432 A..H. --- "C:\WINDOWS\$hf_mig$\KB912945\SP2QFE\msrating.dll"
Mon  9 Jan 2006       530,944 A..H. --- "C:\WINDOWS\$hf_mig$\KB912945\SP2QFE\mstime.dll"
Mon  9 Jan 2006        39,424 A..H. --- "C:\WINDOWS\$hf_mig$\KB912945\SP2QFE\pngfilt.dll"
Mon  9 Jan 2006     1,495,040 A..H. --- "C:\WINDOWS\$hf_mig$\KB912945\SP2QFE\shdocvw.dll"
Mon  9 Jan 2006       474,624 A..H. --- "C:\WINDOWS\$hf_mig$\KB912945\SP2QFE\shlwapi.dll"
Tue  7 Feb 2006        25,088 A..H. --- "C:\WINDOWS\$hf_mig$\KB912945\SP2QFE\spru040c.dll"
Mon  9 Jan 2006       615,424 A..H. --- "C:\WINDOWS\$hf_mig$\KB912945\SP2QFE\urlmon.dll"
Mon  9 Jan 2006       666,112 A..H. --- "C:\WINDOWS\$hf_mig$\KB912945\SP2QFE\wininet.dll"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB912945\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB912945\update\update.exe"
Thu 19 Jan 2006       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB912945\update\updspapi.dll"
Sat 14 Jan 2006       360,448 A..H. --- "C:\WINDOWS\$hf_mig$\KB913446\SP2QFE	cpip.sys"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB913446\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB913446\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB913446\update\updspapi.dll"
Wed  1 Mar 2006       426,496 A..H. --- "C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\msdtcprx.dll"
Wed  1 Mar 2006       956,416 A..H. --- "C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\msdtctm.dll"
Wed  1 Mar 2006       161,280 A..H. --- "C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\msdtcuiu.dll"
Wed  1 Mar 2006        66,560 A..H. --- "C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\mtxclu.dll"
Wed  1 Mar 2006        91,136 A..H. --- "C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\mtxoci.dll"
Wed  1 Mar 2006        11,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\xolehlp.dll"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB913580\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB913580\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB913580\update\updspapi.dll"
Fri 19 May 2006       112,640 A..H. --- "C:\WINDOWS\$hf_mig$\KB914388\SP2QFE\dhcpcsvc.dll"
Fri 19 May 2006       147,456 A..H. --- "C:\WINDOWS\$hf_mig$\KB914388\SP2QFE\dnsapi.dll"
Fri 19 May 2006        95,744 A..H. --- "C:\WINDOWS\$hf_mig$\KB914388\SP2QFE\iphlpapi.dll"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB914388\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB914388\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB914388\update\updspapi.dll"
Fri  5 May 2006       454,400 A..H. --- "C:\WINDOWS\$hf_mig$\KB914389\SP2QFE\mrxsmb.sys"
Fri  5 May 2006       174,592 A..H. --- "C:\WINDOWS\$hf_mig$\KB914389\SP2QFEdbss.sys"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB914389\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB914389\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB914389\update\updspapi.dll"
Fri 14 Jul 2006       121,856 A..H. --- "C:\WINDOWS\$hf_mig$\KB915865\SP2QFE\xmllite.dll"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB915865\update\spcustom.dll"
Thu 13 Oct 2005       716,000 A..H. --- "C:\WINDOWS\$hf_mig$\KB915865\update\update.exe"
Thu 13 Oct 2005       371,424 A..H. --- "C:\WINDOWS\$hf_mig$\KB915865\update\updspapi.dll"
Fri 17 Mar 2006       262,656 A..H. --- "C:\WINDOWS\$hf_mig$\KB916595\SP2QFE\http.sys"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB916595\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB916595\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB916595\update\updspapi.dll"
Thu 18 May 2006       450,560 A..H. --- "C:\WINDOWS\$hf_mig$\KB917344\SP2QFE\jscript.dll"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB917344\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB917344\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB917344\update\updspapi.dll"
Wed  5 Jul 2006     1,050,112 A..H. --- "C:\WINDOWS\$hf_mig$\KB917422\SP2QFE\kernel32.dll"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB917422\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB917422\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB917422\update\updspapi.dll"
Thu 20 Apr 2006       360,576 A..H. --- "C:\WINDOWS\$hf_mig$\KB917953\SP2QFE	cpip.sys"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB917953\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB917953\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB917953\update\updspapi.dll"
Mon 27 Nov 2006       539,136 A..H. --- "C:\WINDOWS\$hf_mig$\KB918118\SP2QFE\msftedit.dll"
Mon 27 Nov 2006       433,664 A..H. --- "C:\WINDOWS\$hf_mig$\KB918118\SP2QFEiched20.dll"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB918118\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB918118\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB918118\update\updspapi.dll"
Thu  1 Jun 2006       163,840 A..H. --- "C:\WINDOWS\$hf_mig$\KB918439\SP2QFE\jgdw400.dll"
Thu  1 Jun 2006        27,648 A..H. --- "C:\WINDOWS\$hf_mig$\KB918439\SP2QFE\jgpl400.dll"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB918439\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB918439\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB918439\update\updspapi.dll"
Fri 23 Jun 2006     1,022,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB918899\SP2QFE\browseui.dll"
Fri 23 Jun 2006       152,064 A..H. --- "C:\WINDOWS\$hf_mig$\KB918899\SP2QFE\cdfview.dll"
Fri 23 Jun 2006     1,056,768 A..H. --- "C:\WINDOWS\$hf_mig$\KB918899\SP2QFE\danim.dll"
Fri 23 Jun 2006       357,888 A..H. --- "C:\WINDOWS\$hf_mig$\KB918899\SP2QFE\dxtmsft.dll"
Fri 23 Jun 2006       205,312 A..H. --- "C:\WINDOWS\$hf_mig$\KB918899\SP2QFE\dxtrans.dll"
Fri 23 Jun 2006        55,808 A..H. --- "C:\WINDOWS\$hf_mig$\KB918899\SP2QFE\extmgr.dll"
Fri 23 Jun 2006        18,432 A..H. --- "C:\WINDOWS\$hf_mig$\KB918899\SP2QFE\iedw.exe"
Fri 23 Jun 2006       251,904 A..H. --- "C:\WINDOWS\$hf_mig$\KB918899\SP2QFE\iepeers.dll"
Fri 23 Jun 2006        96,768 A..H. --- "C:\WINDOWS\$hf_mig$\KB918899\SP2QFE\inseng.dll"
Fri 23 Jun 2006        15,872 A..H. --- "C:\WINDOWS\$hf_mig$\KB918899\SP2QFE\jsproxy.dll"
Fri 28 Jul 2006     3,079,168 A..H. --- "C:\WINDOWS\$hf_mig$\KB918899\SP2QFE\mshtml.dll"
Fri 23 Jun 2006       448,512 A..H. --- "C:\WINDOWS\$hf_mig$\KB918899\SP2QFE\mshtmled.dll"
Fri 23 Jun 2006       146,432 A..H. --- "C:\WINDOWS\$hf_mig$\KB918899\SP2QFE\msrating.dll"
Fri 23 Jun 2006       532,480 A..H. --- "C:\WINDOWS\$hf_mig$\KB918899\SP2QFE\mstime.dll"
Fri 23 Jun 2006        39,424 A..H. --- "C:\WINDOWS\$hf_mig$\KB918899\SP2QFE\pngfilt.dll"
Fri 23 Jun 2006     1,497,088 A..H. --- "C:\WINDOWS\$hf_mig$\KB918899\SP2QFE\shdocvw.dll"
Fri 23 Jun 2006       474,624 A..H. --- "C:\WINDOWS\$hf_mig$\KB918899\SP2QFE\shlwapi.dll"
Fri 23 Jun 2006       100,864 A..H. --- "C:\WINDOWS\$hf_mig$\KB918899\SP2QFE\spru040c.dll"
Tue 25 Jul 2006       617,472 A..H. --- "C:\WINDOWS\$hf_mig$\KB918899\SP2QFE\urlmon.dll"
Fri 23 Jun 2006       668,672 A..H. --- "C:\WINDOWS\$hf_mig$\KB918899\SP2QFE\wininet.dll"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB918899\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB918899\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB918899\update\updspapi.dll"
Thu 13 Jul 2006       202,496 A..H. --- "C:\WINDOWS\$hf_mig$\KB919007\SP2QFEmcast.sys"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB919007\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB919007\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB919007\update\updspapi.dll"
Thu 12 Oct 2006        42,496 A..H. --- "C:\WINDOWS\$hf_mig$\KB920213\SP2QFE\agentdp2.dll"
Thu 12 Oct 2006        57,344 A..H. --- "C:\WINDOWS\$hf_mig$\KB920213\SP2QFE\agentdpv.dll"
Thu 12 Oct 2006       256,512 A..H. --- "C:\WINDOWS\$hf_mig$\KB920213\SP2QFE\agentsvr.exe"
Mon 16 Oct 2006       265,216 A..H. --- "C:\WINDOWS\$hf_mig$\KB920213\SP2QFE\spru040c.dll"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB920213\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB920213\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB920213\update\updspapi.dll"
Thu 27 Jul 2006       679,424 A..H. --- "C:\WINDOWS\$hf_mig$\KB920214\SP2QFE\inetcomm.dll"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB920214\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB920214\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB920214\update\updspapi.dll"
Fri 21 Jul 2006        72,704 A..H. --- "C:\WINDOWS\$hf_mig$\KB920670\SP2QFE\hlink.dll"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB920670\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB920670\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB920670\update\updspapi.dll"
Mon 26 Jun 2006       147,456 A..H. --- "C:\WINDOWS\$hf_mig$\KB920683\SP2QFE\dnsapi.dll"
Mon 26 Jun 2006         7,680 A..H. --- "C:\WINDOWS\$hf_mig$\KB920683\SP2QFEasadhlp.dll"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB920683\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB920683\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB920683\update\updspapi.dll"
Thu 22 Jun 2006        69,120 A..H. --- "C:\WINDOWS\$hf_mig$\KB920685\SP2QFE\ciodm.dll"
Thu 22 Jun 2006     1,440,768 A..H. --- "C:\WINDOWS\$hf_mig$\KB920685\SP2QFE\query.dll"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB920685\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB920685\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB920685\update\updspapi.dll"
Wed 14 Jun 2006       172,416 A..H. --- "C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\kmixer.sys"
Wed 14 Jun 2006         6,272 A..H. --- "C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\splitter.sys"
Wed 14 Jun 2006        82,944 A..H. --- "C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\wdmaud.sys"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB920872\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB920872\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB920872\update\updspapi.dll"
Thu 13 Jul 2006     8,514,048 A..H. --- "C:\WINDOWS\$hf_mig$\KB921398\SP2QFE\shell32.dll"
Thu 13 Jul 2006       164,864 A..H. --- "C:\WINDOWS\$hf_mig$\KB921398\SP2QFE\spru040c.dll"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB921398\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB921398\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB921398\update\updspapi.dll"
Fri 14 Jul 2006       336,896 A..H. --- "C:\WINDOWS\$hf_mig$\KB921883\SP2QFE
etapi32.dll"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB921883\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB921883\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB921883\update\updspapi.dll"
Mon 21 Aug 2006        16,896 A..H. --- "C:\WINDOWS\$hf_mig$\KB922582\SP2QFE\fltlib.dll"
Mon 21 Aug 2006        23,040 A..H. --- "C:\WINDOWS\$hf_mig$\KB922582\SP2QFE\fltmc.exe"
Mon 21 Aug 2006       128,768 A..H. --- "C:\WINDOWS\$hf_mig$\KB922582\SP2QFE\fltmgr.sys"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB922582\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB922582\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB922582\update\updspapi.dll"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB922616\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB922616\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB922616\update\updspapi.dll"
Wed 16 Aug 2006       100,352 A..H. --- "C:\WINDOWS\$hf_mig$\KB922819\SP2QFE\6to4svc.dll"
Wed 16 Aug 2006       225,664 A..H. --- "C:\WINDOWS\$hf_mig$\KB922819\SP2QFE	cpip6.sys"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB922819\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB922819\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB922819\update\updspapi.dll"
Mon 14 Aug 2006       332,928 A..H. --- "C:\WINDOWS\$hf_mig$\KB923414\SP2QFE\srv.sys"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB923414\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB923414\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB923414\update\updspapi.dll"
Wed  8 Nov 2006        86,528 A..H. --- "C:\WINDOWS\$hf_mig$\KB923694\SP2QFE\directdb.dll"
Wed  8 Nov 2006       679,424 A..H. --- "C:\WINDOWS\$hf_mig$\KB923694\SP2QFE\inetcomm.dll"
Wed  8 Nov 2006     1,314,816 A..H. --- "C:\WINDOWS\$hf_mig$\KB923694\SP2QFE\msoe.dll"
Wed  8 Nov 2006       510,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB923694\SP2QFE\wab32.dll"
Wed  8 Nov 2006        85,504 A..H. --- "C:\WINDOWS\$hf_mig$\KB923694\SP2QFE\wabimp.dll"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB923694\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB923694\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB923694\update\updspapi.dll"
Fri 13 Oct 2006        64,000 A..H. --- "C:\WINDOWS\$hf_mig$\KB923980\SP2QFE
wapi32.dll"
Fri 13 Oct 2006       145,920 A..H. --- "C:\WINDOWS\$hf_mig$\KB923980\SP2QFE
wprovau.dll"
Fri 13 Oct 2006       163,456 A..H. --- "C:\WINDOWS\$hf_mig$\KB923980\SP2QFE
wrdr.sys"
Fri 13 Oct 2006        65,536 A..H. --- "C:\WINDOWS\$hf_mig$\KB923980\SP2QFE
wwks.dll"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB923980\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB923980\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB923980\update\updspapi.dll"
Wed 13 Sep 2006     1,084,416 A..H. --- "C:\WINDOWS\$hf_mig$\KB924191\SP2QFE\msxml3.dll"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB924191\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB924191\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB924191\update\updspapi.dll"
Thu 17 Aug 2006       733,184 A..H. --- "C:\WINDOWS\$hf_mig$\KB924270\SP2QFE\lsasrv.dll"
Thu 17 Aug 2006       337,408 A..H. --- "C:\WINDOWS\$hf_mig$\KB924270\SP2QFE
etapi32.dll"
Thu 17 Aug 2006       132,096 A..H. --- "C:\WINDOWS\$hf_mig$\KB924270\SP2QFE\wkssvc.dll"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB924270\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB924270\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB924270\update\updspapi.dll"
Mon  4 Sep 2006     1,497,088 A..H. --- "C:\WINDOWS\$hf_mig$\KB924496\SP2QFE\shdocvw.dll"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB924496\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB924496\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB924496\update\updspapi.dll"
Mon 18 Sep 2006       851,968 A..H. --- "C:\WINDOWS\$hf_mig$\KB925486\SP2QFE\vgx.dll"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB925486\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB925486\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB925486\update\updspapi.dll"
Fri 20 Oct 2006       716,800 A..H. --- "C:\WINDOWS\$hf_mig$\KB926255\SP2QFE\sxs.dll"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB926255\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB926255\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB926255\update\updspapi.dll"
Mon 16 Oct 2006       124,928 A..H. --- "C:\WINDOWS\$hf_mig$\KB926436\SP2QFE\oledlg.dll"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB926436\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB926436\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB926436\update\updspapi.dll"
Tue 26 Dec 2006       536,576 A..H. --- "C:\WINDOWS\$hf_mig$\KB927779\SP2QFE\msado15.dll"
Tue 26 Dec 2006       180,224 A..H. --- "C:\WINDOWS\$hf_mig$\KB927779\SP2QFE\msadomd.dll"
Tue 26 Dec 2006       200,704 A..H. --- "C:\WINDOWS\$hf_mig$\KB927779\SP2QFE\msadox.dll"
Tue 26 Dec 2006       102,400 A..H. --- "C:\WINDOWS\$hf_mig$\KB927779\SP2QFE\msjro.dll"
Thu 19 Jan 2006        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB927779\update\spcustom.dll"
Thu 19 Jan 2006       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB927779\update\update.exe"
Thu 19 Jan 2006       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB927779\update\updspapi.dll"
Tue 19 Dec 2006       334,336 A..H. --- "C:\WINDOWS\$hf_mig$\KB927802\SP2QFE\wiaservc.dll"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB927802\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB927802\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB927802\update\updspapi.dll"
Tue 19 Dec 2006     8,515,072 A..H. --- "C:\WINDOWS\$hf_mig$\KB928255\SP2QFE\shell32.dll"
Tue 19 Dec 2006       135,680 A..H. --- "C:\WINDOWS\$hf_mig$\KB928255\SP2QFE\shsvcs.dll"
Tue 19 Dec 2006       265,216 A..H. --- "C:\WINDOWS\$hf_mig$\KB928255\SP2QFE\spru040c.dll"
Thu 19 Jan 2006        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB928255\update\spcustom.dll"
Thu 19 Jan 2006       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB928255\update\update.exe"
Thu 19 Jan 2006       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB928255\update\updspapi.dll"
Thu 13 Oct 2005        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB928843\update\spcustom.dll"
Thu 13 Oct 2005       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB928843\update\update.exe"
Thu 13 Oct 2005       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB928843\update\updspapi.dll"
Mon 29 Jan 2007        60,416 A..H. --- "C:\WINDOWS\$hf_mig$\KB931836\SP2QFE	zchange.exe"
Thu 19 Jan 2006        22,752 A..H. --- "C:\WINDOWS\$hf_mig$\KB931836\update\spcustom.dll"
Thu 19 Jan 2006       727,776 A..H. --- "C:\WINDOWS\$hf_mig$\KB931836\update\update.exe"
Thu 19 Jan 2006       394,976 A..H. --- "C:\WINDOWS\$hf_mig$\KB931836\update\updspapi.dll"
Mon 28 Jan 2008     2,575,360 A..H. --- "C:\Documents and Settings\Julien SERRET\Mes documents\Mon travail\Anne\Chapitre 5\~WRL3004.tmp"
Wed  9 May 2007        34,304 A..H. --- "C:\Documents and Settings\Julien SERRET\Mes documents\Mon travail\Julien\ENFA\Stage Cirad\PCR\~WRL0001.tmp"
Mon 14 May 2007        50,176 A..H. --- "C:\Documents and Settings\Julien SERRET\Mes documents\Mon travail\Julien\ENFA\Stage Cirad\PCR\~WRL0005.tmp"
Sun 25 Feb 2007     1,292,800 A..H. --- "C:\Documents and Settings\Julien SERRET\Mes documents\Mon travail\Julien\ENFA\Stage Cirad\Pr‚-rapport\~WRL1622.tmp"
Fri  6 Jul 2007     2,451,456 A..H. --- "C:\Documents and Settings\Julien SERRET\Mes documents\Mon travail\Julien\ENFA\Stage Cirad\Rapport\~WRL1839.tmp"
Thu 26 Jul 2007     5,850,112 A..H. --- "C:\Documents and Settings\Julien SERRET\Mes documents\Mon travail\Julien\ENFA\Stage Cirad\Rapportapport\~WRL1466.tmp"
Tue 31 Jul 2007     6,356,992 A..H. --- "C:\Documents and Settings\Julien SERRET\Mes documents\Mon travail\Julien\ENFA\Stage Cirad\Rapportapport\~WRL1679.tmp"
Fri 27 Jul 2007     6,208,512 A..H. --- "C:\Documents and Settings\Julien SERRET\Mes documents\Mon travail\Julien\ENFA\Stage Cirad\Rapportapport\~WRL1686.tmp"
Wed  1 Aug 2007     6,353,920 A..H. --- "C:\Documents and Settings\Julien SERRET\Mes documents\Mon travail\Julien\ENFA\Stage Cirad\Rapportapport\~WRL2905.tmp"

Finished!

jserret · Answer

et le rapport Hijack

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:43:12, on 15/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\HP\TVPlay\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32
vsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\HP\TVPlay\Kernel\TV\TVPCapSvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\HP\TVPlay\Kernel\TV\TVPSched.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32
otepad.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\HP\TVPlay\TVPService.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\USBToolbox\Res.EXE
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HP Wireless Adapter\HPWLAN.exe
C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Hewlett-Packard\HP Pavilion Webcam\HPWebcam.exe
C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe
C:\Program Files\NoBrand\Wireless Network Manager\Monitor.exe
C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\Julien SERRET\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = HTTP=proxy.club-internet.fr:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [TVPService] "C:\Program Files\HP\TVPlay\TVPService.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [USB Storage Toolbox] C:\Program Files\USBToolbox\Res.EXE
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HPWireless] "C:\Program Files\HP Wireless Adapter\HPWLAN.exe"
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [Club-Internet_McciTrayApp] C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Pavilion Webcam Tray Icon.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe
O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Wireless Network Manager.lnk = C:\Program Files\NoBrand\Wireless Network Manager\Monitor.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: CyberLink Media Library Service(HP TVPlay) - Cyberlink - C:\Program Files\HP\TVPlay\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Symantec AntiVirus Definition Watcher DefWatchLightScribeService (DefWatchLightScribeService) - Unknown owner - C:\WINDOWS\system32\amcompatb.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: CyberLink Background Capture Service (CBCS HP TVPlay) (TVPCapSvc) - Unknown owner - C:\Program Files\HP\TVPlay\Kernel\TV\TVPCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS HP TVPlay) (TVPSched) - Unknown owner - C:\Program Files\HP\TVPlay\Kernel\TV\TVPSched.exe

Regis59 · Answer

Ok Ou en sont tes soucis?

A+

jserret · Answer

salut!!
je n'ai plus de soucis ça a l'air résolu, j'espere que ca va durer comme ca!!!
en tout cas merci beaucoup pour ton aide et ta disponibilité!!!
A+

Regis59 · Answer

Au fait, en affichant les fichiers cachés, tu ne vois pas :
F:\ReadMe.exe
F:\AdobeR.exe

A+

jserret · Answer

je n'ai pas de disque F!!!

Regis59 · Answer

Ok. Une clé USB peut être ou un disque amovible?

jserret · Answer

Non rien de tout ca!!
Tu penses que le problème viendrait de ces fichiers ???

Regis59 · Answer

Non. C'etait juste pour vérifier.

Les problèmes initials sont ils tous résolus?

A+

jserret · Answer

Ben oui ça a l'air bon je n'ai plus mes fenetres qui m'envahissent!!!
merci pour tes bons conseils!!

Regis59 · Answer

De rien ! :)

Bonne semaine.

jserret · Answer

merci de mm!!!

Regis59 · Answer

:)

++

xxmmleclaraxx · Answer

dsl je ne peux t'aidé mé moi je ne peux plu utilisé msn car ils disent ke je ne ss pa connectée au serveur proxy !est-ce un virus?

Virus Msn puis Proxy de messagerie Symantec

53 réponses

Discussions similaires

Newsletters