Je suis dans la mouise...

Résolu/Fermé
wouaneguene Messages postés 12 Date d'inscription samedi 2 août 2008 Statut Membre Dernière intervention 15 avril 2014 - 2 août 2008 à 22:48
jacques.gache Messages postés 33453 Date d'inscription mardi 13 novembre 2007 Statut Contributeur sécurité Dernière intervention 25 janvier 2016 - 5 août 2008 à 10:18
Bonjour,

J'ai choppé une belle merde et j'arrive pas à m'en sortir. Ce serait un vers du type bagle. Voic la chronologie des évènements.
J'ai désinstallé Mcafee security center (en fin d'abonnement) pour le remplacer par antivir. Quand jai voulu installer antivir, j'ai eu le message suivant: Some files could not be created, Please close all applications, reboot Windows and restart this installation".
J'ai lancer MSNfix, et CCleaner ansi qu'un scan en ligne avec bitdefender qui a trouvé 4 virus.

Je refais un essai d'installation de antivir, même problème.

Je lance une utilitaire permettant de réparer la clef de registre permettant de redémarrer en mode sans échec car j'ai lu que des bagles bloquait cette possibilité.

J'ai essayé de relancer CCleaner mais impossible, il ne veut plus se lancer argg.
J'ai essayé 2 fois de démarrer en mode sans échec mais ... écran bleu code "0x0000007B (0xF78A6524 0xC0000034 0x00000000 0x00000000).
J'ai essayé d'installer ZetHelpTool mais impossible de poursuivre la procédure d'installation. J'ai essayé de lancer cureit.exe mais ça me planté à moitié le PC (=j'ai plus accès au bureau et dans le gestionnaire de tache, le répertoire où est cureit apparait sous l'état "pas de réponse" et je ne peux "terminer le processus).

J'avoue que je commence à désepérer un peu. Je vais essayé d'installer hijackthis, mais j'ai un peu peur pour la suite...

quelqu'un aurait il une solution miracle??? Je suis preneur de tout conseil, car le formatage ne m'attire pas beaucoup.

17 réponses

jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
2 août 2008 à 22:57
slt,

je suis peux dispo en ce moment mais pour t'aider et avancer fais tout:



si tu as bagle fais ceci:


Télécharge Combofix de sUBs : Renomme le avant toute installation, par exemple, nomme le "KillBagle". aide ici : https://forum.pcastuces.com/sujet.asp?f=25&s=37315

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Sauvegarde le sur ton bureau et pas ailleurs !

Aide à l’utilisation de combofix ici: https://bibou0007.forumpro.fr/login?redirect=%2Ft121-topic

Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider, laisse toi guider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.

-----------



* Téléchargez ELIBAGLA en bas de cette page http://www.zonavirus.com/datos/descargas/95/elibagla.asp
* Clique sur le bouton Descargar Elibagla cela va télécharger le fichier, placez le sur votre bureau.
* Double-cliquez dessus pour l'ouvrir
* Assurez-vous que dans le menu déroulant Unidad, vous avez bien C:\
* Vérifiquez aussi que l'option en bas de la fenêtre Eliminar Ficheros Automaticamente est bien cochée
* Cliquez sur le bouton Explorar pour lancer l'analyse

Si, dans le rapport,elibaga tu vois un texte semblable à celui-ci

Por favor, envienos una muestra del fichero
C:\Muestras\HLDRRR.EXE.Muestra EliBagle v10.24
a "virus@satinfo.es". Gracias;

envoie ce(s) fichier(s) (dans l'exemple C:\Muestras\HLDRRR.EXE.Muestra EliBagle v10.24 ) à l'adresse e-mail indiquée (virus@satinfo.es).


et ils mettront a jour elibaga dans les 48 heures ce qui permettra de virer le virus que tu as!!!

------------


scan avec
MalwareByte's Anti-Malware et vire ce qui est trouvé et colle le rapport

https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

-----------
ensuite essaye de remettre antivir et colles un rapport

et

colle un rapport hijackthis


http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download

manuel :

https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html

Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.

ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste

Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."


2
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
3 août 2008 à 20:34
les rapports combofix et élibaga.?
1
wouaneguene Messages postés 12 Date d'inscription samedi 2 août 2008 Statut Membre Dernière intervention 15 avril 2014
2 août 2008 à 22:54
Je précise que j'ai vu dans le gestionnaire de tache le bagle suivants: flec006, hldrrr et wintems.exe
0
Utilisateur anonyme
3 août 2008 à 20:40
suis jlp.....
il m a démmerdé + d 1 fois....
c est 1 as.....
vraiment.....
0
wtfbill Messages postés 71 Date d'inscription vendredi 25 juillet 2008 Statut Membre Dernière intervention 15 août 2008 5
2 août 2008 à 22:58
Bonsoir. Sa c'est pour plus tard, si t'est motivé, c'est une compil sécurité gratuite.
Mais, va falloir commencer par malwaresbytes, un petit scan ne feras pas de mal.

La combinaison gagnante, gratuite, pour une sécurité correcte est:
1) Firefox, c'est un bon début.
2)Antivir pour l'antivirus. Voila pourquoi:
https://forum.malekal.com/viewtopic.php?f=45&t=11659
Le lien pour avoir antivir:
https://www.commentcamarche.net/telecharger/ 55 antivir personal
3)Zone alarm + spybot ou Online armor (online armor c'est le mieux, mais zone alarme c'est le plus facile)
Lien zone alarm:
https://www.commentcamarche.net/telecharger/ 157 zonealarm
Tutorial:
http://forum.telecharger.01net.com/forum/
Online armor, le lien:
https://www.01net.com/telecharger/
Tutorial online armor:
https://forum.pcastuces.com/tutoriel_pare_feu_online_armor_free_edition-f25s35606.htm
4)Malwaresbytes pour compléter. Un scan de temps en temps.
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

Deux liens qui sont très utiles:
https://www.processlibrary.com/fr/
Process library, c'est pour avoir des renseignements sur tel ou tel processus.
https://www.virustotal.com/gui/
Celui-ci, c'est pour vérifier un ficher en cas de doute.

Après avoir fait un scan par malwaresbytes et effacé les cochonneries poste un rapport hyjackthis.
https://www.01net.com/
Une fois installé, tu clic sur "do a scan and save logfile".
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
wouaneguene Messages postés 12 Date d'inscription samedi 2 août 2008 Statut Membre Dernière intervention 15 avril 2014
3 août 2008 à 01:33
Salut et merci pour l'intérêt porté à mon problème. Je vais encore avoir la tête dans le c.. demain, mais bon...

Je saurais pas expliquer comment, mais j'ai réussi à passer en mode sans échec et lancer msnfix. Je suis alors ressortie du mode sans echec et j'ai pu installer antivir, lancer CCLEANER et lancer HIJAKTHIS.

J'ai lancer un scan avec antivir, mais je crois que je serais terrassé par Morphée avant qu'il n'arrive. Il a cependant déjà le compteur des détection à 11 à 88,8% et je viens de l'arrêter par erreur arggggg. Je le relance de ce pas.

Je poste le rapport de HIJACKthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:01:46, on 03/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Dell Network Assistant\hnm_svc.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NetDrive\wdService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Creative\Mixer\CTSVolFE.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avscan.exe
C:\Documents and Settings\wouaneguene\Bureau\mdelk.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr/ig/dell?hl=fr&client=dell-row&channel=fr&ibd=6070328
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row&channel=fr&ibd=6070328
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [CTSVolFE.exe] "C:\Program Files\Creative\Mixer\CTSVolFE.exe" /r
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
O4 - HKLM\..\Run: [WebDriveTray] C:\Program Files\NetDrive\netdrive.exe /trayicon
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\NetWaiting.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Dell Network Assistant.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.fr/ImageUploader4.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8ECC5128-E376-41BE-B2C9-781B0227FE42}: NameServer = 212.27.32.176,212.27.32.177
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Advanced Networking Service (hnmsvc) - SingleClick Systems - C:\Program Files\Dell Network Assistant\hnm_svc.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: WebDrive Service (WebDriveService) - Unknown owner - C:\Program Files\NetDrive\wdService.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
0
wouaneguene Messages postés 12 Date d'inscription samedi 2 août 2008 Statut Membre Dernière intervention 15 avril 2014
3 août 2008 à 03:02
Donc, voici le rapport de Malwarebytes.

Malwarebytes' Anti-Malware 1.24
Version de la base de données: 1017
Windows 5.1.2600 Service Pack 2

02:28:17 03/08/2008
mbam-log-8-3-2008 (02-28-17).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 117768
Temps écoulé: 1 hour(s), 41 minute(s), 17 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 24

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Typelib\{50ccd00a-66b6-4d95-aaef-8ee959498f92} (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\WINDOWS\system32\drivers\downld (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\wouaneguene\Application Data\m (Trojan.Agent) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\drivers\downld\141203.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\151984.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\153921.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\180265.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\182421.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3984062.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4001359.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4003375.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4012609.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4014968.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\618328.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\633234.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\635765.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\641140.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\644546.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\693437.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\715296.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\799187.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\812328.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\814453.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\821250.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\823500.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\877281.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\943812.exe (Trojan.Agent) -> Quarantined and deleted successfully.
0
wtfbill Messages postés 71 Date d'inscription vendredi 25 juillet 2008 Statut Membre Dernière intervention 15 août 2008 5
3 août 2008 à 17:34
Tu peut poster un hijackthis, pour voir après les scans. Sa sert a rien que je lise, si les cochonneries sont parties du rapport.
0
wouaneguene Messages postés 12 Date d'inscription samedi 2 août 2008 Statut Membre Dernière intervention 15 avril 2014
3 août 2008 à 22:14
Salut,

Apparemment, ya plus de problème. J'ai installé antivir et je relance un scan complet ce soir avant dodo pour vérifier. En tout cas, merci pour votre aide.
0
wtfbill Messages postés 71 Date d'inscription vendredi 25 juillet 2008 Statut Membre Dernière intervention 15 août 2008 5
3 août 2008 à 22:29
Heu, c'est pas vraiment finit. Poste un hijackthis neuf, et t'était pas venu pour un ver bagle? Pas encore fait...
0
wouaneguene Messages postés 12 Date d'inscription samedi 2 août 2008 Statut Membre Dernière intervention 15 avril 2014
3 août 2008 à 23:15
Voilà un hilackthis tout neuf...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:12:02, on 03/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Creative\Mixer\CTSVolFE.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
C:\Program Files\NetDrive\netdrive.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Dell Network Assistant\hnm_svc.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NetDrive\wdService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr/ig/dell?hl=fr&client=dell-row&channel=fr&ibd=6070328
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row&channel=fr&ibd=6070328
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [CTSVolFE.exe] "C:\Program Files\Creative\Mixer\CTSVolFE.exe" /r
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
O4 - HKLM\..\Run: [WebDriveTray] C:\Program Files\NetDrive\netdrive.exe /trayicon
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Dell Network Assistant.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.fr/ImageUploader4.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8ECC5128-E376-41BE-B2C9-781B0227FE42}: NameServer = 212.27.32.176,212.27.32.177
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Advanced Networking Service (hnmsvc) - SingleClick Systems - C:\Program Files\Dell Network Assistant\hnm_svc.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: WebDrive Service (WebDriveService) - Unknown owner - C:\Program Files\NetDrive\wdService.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
0
jacques.gache Messages postés 33453 Date d'inscription mardi 13 novembre 2007 Statut Contributeur sécurité Dernière intervention 25 janvier 2016 1 616
4 août 2008 à 00:57
bonjour à tous, jlpjlp t'avais demandé de mettre les rapports combofix et elibagla c'est dommage de ne pas le faire ça permet de savoir ce qu'il y avait exactement sur le pc comme infection, et de savoir si c'est ces outils ou malwarebytes qui ont réglé le problèmes, je ne t'interpréterais pas hijackthis car c'est pas moi qui suis ton sujet @+
0
wouaneguene Messages postés 12 Date d'inscription samedi 2 août 2008 Statut Membre Dernière intervention 15 avril 2014
4 août 2008 à 10:43
Salut,

J'ai pas installé combofix mais je le ferais pour mettre un rapport. Pour ce qui est de eliglaba, j'ai pas vu de rapport. En revanche, je l'ai passé hier et il n'a rien trouvé.
0
wtfbill Messages postés 71 Date d'inscription vendredi 25 juillet 2008 Statut Membre Dernière intervention 15 août 2008 5
4 août 2008 à 13:25
C:\Program Files\BAE\BAE.dll verifie ce ficheir sur total virus BAE.dll
Télécharge ComboFix (http://download.bleepingcomputer.com/sUBs/ComboFix.exe) de sUBs
Sauvegarde le sur ton Bureau et pas ailleurs!
Double clique sur Combofix.exe et suis les instructions.
Quand il aura fini, il va généré un log. Poste le rapport dans ta prochaine réponse.
0
wouaneguene Messages postés 12 Date d'inscription samedi 2 août 2008 Statut Membre Dernière intervention 15 avril 2014
4 août 2008 à 20:27
Salut,

Voilà le rapport issu d'un passage de combofix.exe


ComboFix 08-08-03.05 - wouaneguene 2008-08-04 19:40:37.3 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.1526 [GMT 2:00]
Endroit: C:\Documents and Settings\wouaneguene\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\wouaneguene\Bureau\WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
* Création d'un nouveau point de restauration
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\wouaneguene\real.txt
C:\InfoSat.txt

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SROSA


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-07-04 to 2008-08-04 ))))))))))))))))))))))))))))))))))))
.

2008-08-03 02:16 . 2008-08-03 02:16 <REP> d-------- C:\Program Files\ZebHelpProcess 2
2008-08-03 01:22 . 2008-08-03 01:22 <REP> d-------- C:\Program Files\Ad-Aware
2008-08-03 01:21 . 2008-08-03 01:21 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-08-03 00:32 . 2008-08-03 00:32 <REP> d-------- C:\Documents and Settings\wouaneguene\Application Data\Malwarebytes
2008-08-03 00:31 . 2008-08-03 00:32 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-03 00:31 . 2008-08-03 00:31 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-03 00:31 . 2008-07-30 20:07 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-08-03 00:31 . 2008-07-30 20:07 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-08-03 00:29 . 2008-08-03 00:29 <REP> d-------- C:\Program Files\Avira
2008-08-03 00:29 . 2008-08-03 00:29 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-08-03 00:01 . 2008-08-03 00:08 3,696 --a------ C:\WINDOWS\system32\tmp.reg
2008-08-02 20:01 . 2008-08-02 20:01 <REP> d-------- C:\Program Files\Kerio
2008-08-02 19:12 . 2008-08-03 02:26 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-08-02 14:12 . 2008-08-02 23:28 <REP> d-------- C:\Program Files\MSNFix
2008-08-02 13:00 . 2008-08-02 14:01 15,836 --a------ C:\WINDOWS\system32\ban_list.MSNFix
2008-07-18 12:03 . 2008-07-18 12:03 268 --ah----- C:\sqmdata14.sqm
2008-07-18 12:03 . 2008-07-18 12:03 244 --ah----- C:\sqmnoopt14.sqm
2008-07-04 07:16 . 2008-07-04 07:16 268 --ah----- C:\sqmdata13.sqm
2008-07-04 07:16 . 2008-07-04 07:16 244 --ah----- C:\sqmnoopt13.sqm

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-04 17:51 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-04 16:44 --------- d-----w C:\Program Files\eMule
2008-08-04 15:18 --------- d-----w C:\Program Files\Mozilla Thunderbird
2008-08-03 00:00 --------- d-----w C:\Program Files\Yahoo!
2008-08-02 23:56 --------- d-----w C:\Program Files\Corel
2008-08-02 23:55 --------- d-----w C:\Program Files\Fichiers communs\Corel
2008-08-02 23:17 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-08-02 22:17 --------- d-----w C:\Program Files\NetWaiting
2008-08-02 17:24 --------- d-----w C:\Program Files\PartitionMagic 8.0
2008-07-11 18:30 --------- d-----w C:\Documents and Settings\wouaneguene\Application Data\OpenOffice.org2
2008-07-10 20:56 --------- d-----w C:\Documents and Settings\wouaneguene\Application Data\GrabIt
2008-07-05 06:43 --------- d-----w C:\Program Files\OpenOffice.org 2.4
2008-07-05 06:42 --------- d-----w C:\Program Files\Java
2008-07-03 19:11 --------- d-----w C:\Program Files\EarthView
2008-07-03 19:11 --------- d-----w C:\Documents and Settings\wouaneguene\Application Data\DeskSoft
2008-07-03 18:51 --------- d-----w C:\Program Files\FreeGo
2008-06-30 19:55 --------- d-----w C:\Documents and Settings\wouaneguene\Application Data\Corel
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
2007-11-15 13:44 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
2007-10-02 22:25 142 ----a-w C:\Documents and Settings\wouaneguene\Application Data\wklnhst.dat
2004-08-09 21:30 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe
.

((((((((((((((((((((((((((((( snapshot@2008-04-02_ 7.23.11,60 )))))))))))))))))))))))))))))))))))))))))
.
- 2004-10-14 18:22:11 666,624 -c--a-w C:\WINDOWS\$hf_mig$\KB873339\update\update.exe
+ 2008-08-02 18:38:16 666,624 -c--a-w C:\WINDOWS\$hf_mig$\KB873339\update\update.exe
- 2004-11-30 22:29:59 666,624 -c--a-w C:\WINDOWS\$hf_mig$\KB885250\update\update.exe
+ 2008-08-02 18:38:16 666,624 -c--a-w C:\WINDOWS\$hf_mig$\KB885250\update\update.exe
- 2004-10-14 18:35:11 666,624 -c--a-w C:\WINDOWS\$hf_mig$\KB885835\update\update.exe
+ 2008-08-02 18:38:17 666,624 -c--a-w C:\WINDOWS\$hf_mig$\KB885835\update\update.exe
- 2004-10-14 09:35:12 666,624 -c--a-w C:\WINDOWS\$hf_mig$\KB885836\update\update.exe
+ 2008-08-02 18:38:17 666,624 -c--a-w C:\WINDOWS\$hf_mig$\KB885836\update\update.exe
- 2004-10-14 18:35:11 666,624 -c--a-w C:\WINDOWS\$hf_mig$\KB886185\update\update.exe
+ 2008-08-02 18:38:17 666,624 -c--a-w C:\WINDOWS\$hf_mig$\KB886185\update\update.exe
- 2004-10-14 18:35:11 666,624 -c--a-w C:\WINDOWS\$hf_mig$\KB887472\update\update.exe
+ 2008-08-02 18:38:18 666,624 -c--a-w C:\WINDOWS\$hf_mig$\KB887472\update\update.exe
- 2004-11-30 12:46:52 666,624 -c--a-w C:\WINDOWS\$hf_mig$\KB888302\update\update.exe
+ 2008-08-02 18:38:18 666,624 -c--a-w C:\WINDOWS\$hf_mig$\KB888302\update\update.exe
- 2005-02-24 17:35:26 730,336 -c--a-w C:\WINDOWS\$hf_mig$\KB890859\update\update.exe
+ 2008-08-02 18:38:19 730,336 -c--a-w C:\WINDOWS\$hf_mig$\KB890859\update\update.exe
- 2004-10-14 18:22:11 666,624 -c--a-w C:\WINDOWS\$hf_mig$\KB891781\update\update.exe
+ 2008-08-02 18:38:20 666,624 -c--a-w C:\WINDOWS\$hf_mig$\KB891781\update\update.exe
- 2005-02-24 18:35:26 730,336 -c--a-w C:\WINDOWS\$hf_mig$\KB893756\update\update.exe
+ 2008-08-02 18:38:20 730,336 -c--a-w C:\WINDOWS\$hf_mig$\KB893756\update\update.exe
- 2005-02-24 18:35:26 730,336 -c--a-w C:\WINDOWS\$hf_mig$\KB894391\update\update.exe
+ 2008-08-02 18:38:21 730,336 -c--a-w C:\WINDOWS\$hf_mig$\KB894391\update\update.exe
- 2005-02-25 03:35:24 730,336 -c--a-w C:\WINDOWS\$hf_mig$\KB896358\update\update.exe
+ 2008-08-02 18:38:21 730,336 -c--a-w C:\WINDOWS\$hf_mig$\KB896358\update\update.exe
- 2005-02-25 03:35:24 730,336 -c--a-w C:\WINDOWS\$hf_mig$\KB896423\update\update.exe
+ 2008-08-02 18:38:22 730,336 -c--a-w C:\WINDOWS\$hf_mig$\KB896423\update\update.exe
- 2005-02-25 03:35:24 730,336 -c--a-w C:\WINDOWS\$hf_mig$\KB896424\update\update.exe
+ 2008-08-02 18:38:22 730,336 -c--a-w C:\WINDOWS\$hf_mig$\KB896424\update\update.exe
- 2005-02-24 18:35:26 730,336 -c--a-w C:\WINDOWS\$hf_mig$\KB896428\update\update.exe
+ 2008-08-02 18:38:23 730,336 -c--a-w C:\WINDOWS\$hf_mig$\KB896428\update\update.exe
- 2005-02-25 03:35:24 730,336 -c--a-w C:\WINDOWS\$hf_mig$\KB898461\update\update.exe
+ 2008-08-02 18:38:23 730,336 -c--a-w C:\WINDOWS\$hf_mig$\KB898461\update\update.exe
- 2005-02-24 18:35:26 730,336 -c--a-w C:\WINDOWS\$hf_mig$\KB899587\update\update.exe
+ 2008-08-02 18:38:24 730,336 -c--a-w C:\WINDOWS\$hf_mig$\KB899587\update\update.exe
- 2005-02-25 03:35:24 730,336 -c--a-w C:\WINDOWS\$hf_mig$\KB899588\update\update.exe
+ 2008-08-02 18:38:24 730,336 -c--a-w C:\WINDOWS\$hf_mig$\KB899588\update\update.exe
- 2005-02-25 03:35:24 730,336 -c--a-w C:\WINDOWS\$hf_mig$\KB899591\update\update.exe
+ 2008-08-02 18:38:25 730,336 -c--a-w C:\WINDOWS\$hf_mig$\KB899591\update\update.exe
- 2005-10-12 23:15:28 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB900485\update\update.exe
+ 2008-08-02 18:38:25 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB900485\update\update.exe
- 2005-02-24 18:35:26 730,336 -c--a-w C:\WINDOWS\$hf_mig$\KB900725\update\update.exe
+ 2008-08-02 18:38:26 730,336 -c--a-w C:\WINDOWS\$hf_mig$\KB900725\update\update.exe
- 2005-02-24 18:35:26 730,336 -c--a-w C:\WINDOWS\$hf_mig$\KB901017\update\update.exe
+ 2008-08-02 18:38:26 730,336 -c--a-w C:\WINDOWS\$hf_mig$\KB901017\update\update.exe
- 2005-02-25 03:35:24 730,336 -c--a-w C:\WINDOWS\$hf_mig$\KB901214\update\update.exe
+ 2008-08-02 18:38:27 730,336 -c--a-w C:\WINDOWS\$hf_mig$\KB901214\update\update.exe
- 2005-02-24 18:35:26 730,336 -c--a-w C:\WINDOWS\$hf_mig$\KB902400\update\update.exe
+ 2008-08-02 18:38:28 730,336 -c--a-w C:\WINDOWS\$hf_mig$\KB902400\update\update.exe
- 2005-02-25 03:35:24 730,336 -c--a-w C:\WINDOWS\$hf_mig$\KB904706\update\update.exe
+ 2008-08-02 18:38:29 730,336 -c--a-w C:\WINDOWS\$hf_mig$\KB904706\update\update.exe
- 2005-02-25 03:35:24 730,336 -c--a-w C:\WINDOWS\$hf_mig$\KB905414\update\update.exe
+ 2008-08-02 18:38:29 730,336 -c--a-w C:\WINDOWS\$hf_mig$\KB905414\update\update.exe
- 2005-02-24 18:35:26 730,336 -c--a-w C:\WINDOWS\$hf_mig$\KB905749\update\update.exe
+ 2008-08-02 18:38:30 730,336 -c--a-w C:\WINDOWS\$hf_mig$\KB905749\update\update.exe
- 2005-10-12 23:15:26 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB908519\update\update.exe
+ 2008-08-02 18:38:30 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB908519\update\update.exe
- 2005-10-12 23:15:28 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB908531\update\update.exe
+ 2008-08-02 18:38:31 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB908531\update\update.exe
- 2005-10-12 23:15:26 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB910437\update\update.exe
+ 2008-08-02 18:38:31 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB910437\update\update.exe
- 2005-10-12 23:15:28 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB911280\update\update.exe
+ 2008-08-02 18:38:32 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB911280\update\update.exe
- 2005-10-12 23:15:26 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB911562\update\update.exe
+ 2008-08-02 18:38:32 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB911562\update\update.exe
- 2005-10-12 23:15:28 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB911927\update\update.exe
+ 2008-08-02 18:38:33 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB911927\update\update.exe
- 2005-10-12 23:15:26 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB912919\update\update.exe
+ 2008-08-02 18:38:33 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB912919\update\update.exe
- 2005-10-12 23:15:28 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB912945\update\update.exe
+ 2008-08-02 18:38:35 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB912945\update\update.exe
- 2005-10-12 23:15:28 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB913580\update\update.exe
+ 2008-08-02 18:38:35 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB913580\update\update.exe
- 2005-10-12 23:15:26 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB914388\update\update.exe
+ 2008-08-02 18:38:36 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB914388\update\update.exe
- 2005-10-12 23:15:28 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB914389\update\update.exe
+ 2008-08-02 18:38:36 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB914389\update\update.exe
- 2005-10-12 23:18:46 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB916595\update\update.exe
+ 2008-08-02 18:38:37 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB916595\update\update.exe
- 2005-10-12 23:15:26 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB917344\update\update.exe
+ 2008-08-02 18:38:37 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB917344\update\update.exe
- 2005-10-12 23:15:26 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB917422\update\update.exe
+ 2008-08-02 18:38:38 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB917422\update\update.exe
- 2005-10-12 23:15:28 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB917953\update\update.exe
+ 2008-08-02 18:38:38 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB917953\update\update.exe
- 2005-10-12 23:15:28 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB918118\update\update.exe
+ 2008-08-02 18:38:39 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB918118\update\update.exe
- 2005-10-12 23:15:26 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB918439\update\update.exe
+ 2008-08-02 18:38:39 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB918439\update\update.exe
- 2005-10-12 23:15:28 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB918899\update\update.exe
+ 2008-08-02 18:38:41 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB918899\update\update.exe
- 2005-10-12 23:15:26 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB919007\update\update.exe
+ 2008-08-02 18:38:41 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB919007\update\update.exe
- 2005-10-12 23:15:26 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB920213\update\update.exe
+ 2008-08-02 18:38:42 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB920213\update\update.exe
- 2005-10-12 23:15:26 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB920670\update\update.exe
+ 2008-08-02 18:38:43 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB920670\update\update.exe
- 2005-10-12 23:15:26 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB920683\update\update.exe
+ 2008-08-02 18:38:43 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB920683\update\update.exe
- 2005-10-12 23:15:26 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB920685\update\update.exe
+ 2008-08-02 18:38:43 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB920685\update\update.exe
- 2005-10-12 23:15:28 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB920872\update\update.exe
+ 2008-08-02 18:38:44 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB920872\update\update.exe
- 2006-01-19 19:29:26 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB921398\update\update.exe
+ 2008-08-02 18:38:44 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB921398\update\update.exe
- 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB921503\update\update.exe
+ 2008-08-02 18:38:45 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB921503\update\update.exe
- 2005-10-12 23:15:26 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB922582\update\update.exe
+ 2008-08-02 18:38:45 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB922582\update\update.exe
- 2005-10-12 23:15:26 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB922616\update\update.exe
+ 2008-08-02 18:38:46 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB922616\update\update.exe
- 2005-10-12 23:18:46 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB922819\update\update.exe
+ 2008-08-02 18:38:47 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB922819\update\update.exe
- 2005-10-12 23:15:26 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB923414\update\update.exe
+ 2008-08-02 18:38:47 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB923414\update\update.exe
- 2005-10-12 23:15:26 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB923694\update\update.exe
+ 2008-08-02 18:38:48 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB923694\update\update.exe
- 2005-10-12 23:18:46 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB923980\update\update.exe
+ 2008-08-02 18:38:49 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB923980\update\update.exe
- 2005-10-12 23:15:26 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB924191\update\update.exe
+ 2008-08-02 18:38:49 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB924191\update\update.exe
- 2005-10-12 23:15:26 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB924270\update\update.exe
+ 2008-08-02 18:38:50 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB924270\update\update.exe
- 2005-10-12 23:15:26 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB924496\update\update.exe
+ 2008-08-02 18:38:50 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB924496\update\update.exe
- 2006-01-19 19:29:26 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB925454\update\update.exe
+ 2008-08-02 18:38:52 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB925454\update\update.exe
- 2006-01-19 19:29:26 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB925902\update\update.exe
+ 2008-08-02 18:38:52 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB925902\update\update.exe
- 2005-10-12 23:15:26 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB926255\update\update.exe
+ 2008-08-02 18:38:53 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB926255\update\update.exe
- 2005-10-12 23:18:46 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB926436\update\update.exe
+ 2008-08-02 18:38:53 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB926436\update\update.exe
- 2006-01-19 19:29:26 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB927779\update\update.exe
+ 2008-08-02 18:38:54 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB927779\update\update.exe
- 2005-10-12 23:15:28 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB927802\update\update.exe
+ 2008-08-02 18:38:54 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB927802\update\update.exe
- 2006-12-14 08:53:58 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB927891\update\update.exe
+ 2008-08-02 18:38:54 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB927891\update\update.exe
- 2006-01-19 19:29:26 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB928255\update\update.exe
+ 2008-08-02 18:38:55 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB928255\update\update.exe
- 2005-10-12 23:15:26 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB928388\update\update.exe
+ 2008-08-02 18:38:55 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB928388\update\update.exe
- 2005-10-12 23:15:28 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB928843\update\update.exe
+ 2008-08-02 18:38:56 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB928843\update\update.exe
- 2006-01-19 19:29:26 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB929123\update\update.exe
+ 2008-08-02 18:38:57 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB929123\update\update.exe
- 2005-10-12 23:15:26 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB929969\update\update.exe
+ 2008-08-02 18:38:58 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB929969\update\update.exe
- 2005-10-12 23:15:28 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB930178\update\update.exe
+ 2008-08-02 18:38:58 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB930178\update\update.exe
- 2005-10-12 23:15:28 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB930916\update\update.exe
+ 2008-08-02 18:38:59 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB930916\update\update.exe
- 2006-01-19 19:29:26 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB931261\update\update.exe
+ 2008-08-02 18:38:59 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB931261\update\update.exe
- 2006-01-19 19:29:26 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB931836\update\update.exe
+ 2008-08-02 18:39:00 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB931836\update\update.exe
- 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB933360\update\update.exe
+ 2008-08-02 18:39:00 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB933360\update\update.exe
- 2005-10-12 23:15:26 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB933729\update\update.exe
+ 2008-08-02 18:39:00 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB933729\update\update.exe
- 2005-10-12 23:15:28 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB935839\update\update.exe
+ 2008-08-02 18:39:02 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB935839\update\update.exe
- 2006-01-19 19:29:26 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB935840\update\update.exe
+ 2008-08-02 18:39:02 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB935840\update\update.exe
- 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB936021\update\update.exe
+ 2008-08-02 18:39:02 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB936021\update\update.exe
- 2006-01-19 19:29:26 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB936357\update\update.exe
+ 2008-08-02 18:39:03 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB936357\update\update.exe
- 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB938127\update\update.exe
+ 2008-08-02 18:39:03 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB938127\update\update.exe
- 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB938828\update\update.exe
+ 2008-08-02 18:39:04 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB938828\update\update.exe
- 2006-01-19 19:29:26 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB938829\update\update.exe
+ 2008-08-02 18:39:04 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB938829\update\update.exe
- 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB941202\update\update.exe
+ 2008-08-02 18:39:05 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB941202\update\update.exe
- 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\update.exe
+ 2008-08-02 18:39:06 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\update.exe
- 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB941644\update\update.exe
+ 2008-08-02 18:39:06 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB941644\update\update.exe
+ 2008-03-20 07:56:50 1,846,016 ----a-w C:\WINDOWS\$hf_mig$\KB941693\SP2QFE\win32k.sys
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB941693\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB941693\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB941693\update\spcustom.dll
+ 2008-08-02 18:39:07 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB941693\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB941693\update\updspapi.dll
- 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\update.exe
+ 2008-08-02 18:39:08 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\update.exe
- 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB942840\update\update.exe
+ 2008-08-02 18:39:08 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB942840\update\update.exe
- 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB943055\update\update.exe
+ 2008-08-02 18:39:09 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB943055\update\update.exe
- 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB943485\update\update.exe
+ 2008-08-02 18:39:09 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB943485\update\update.exe
+ 2007-12-18 14:32:57 450,560 ----a-w C:\WINDOWS\$hf_mig$\KB944338\SP2QFE\jscript.dll
+ 2007-12-18 14:32:57 417,792 ----a-w C:\WINDOWS\$hf_mig$\KB944338\SP2QFE\vbscript.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB944338\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB944338\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB944338\update\spcustom.dll
+ 2008-08-02 18:39:10 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB944338\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB944338\update\updspapi.dll
- 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\update.exe
+ 2008-08-02 18:39:10 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\update.exe
+ 2008-02-20 05:20:23 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB945553\SP2QFE\dnsapi.dll
+ 2008-02-20 18:50:24 45,568 ----a-w C:\WINDOWS\$hf_mig$\KB945553\SP2QFE\dnsrslvr.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB945553\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB945553\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB945553\update\spcustom.dll
+ 2008-08-02 18:39:10 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB945553\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB945553\update\updspapi.dll
- 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB946026\update\update.exe
+ 2008-08-02 18:39:11 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB946026\update\update.exe
- 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB946627\update\update.exe
+ 2008-08-02 18:39:11 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB946627\update\update.exe
+ 2008-02-20 06:52:42 282,624 ----a-w C:\WINDOWS\$hf_mig$\KB948590\SP2QFE\gdi32.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB948590\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB948590\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB948590\update\spcustom.dll
+ 2008-08-02 18:39:12 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB948590\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB948590\update\updspapi.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB948881\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB948881\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB948881\update\spcustom.dll
+ 2008-08-02 18:39:12 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB948881\update\update.exe
+ 2007-03-06 01:35:47 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB948881\update\updspapi.dll
+ 2008-01-23 04:56:21 554,008 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\dao360.dll
+ 2007-12-10 12:41:11 518,944 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msexch40.dll
+ 2007-12-10 12:41:11 326,432 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msexcl40.dll
+ 2007-12-10 12:41:11 1,516,568 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjet40.dll
+ 2007-12-10 12:41:11 355,112 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjetol1.dll
+ 2008-03-25 06:56:31 194,144 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjint40.dll
+ 2007-12-10 12:41:12 60,192 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjter40.dll
+ 2007-12-10 12:41:12 248,608 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjtes40.dll
+ 2007-12-10 12:41:12 219,936 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msltus40.dll
+ 2007-12-10 12:41:12 355,104 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mspbde40.dll
+ 2007-12-10 12:41:13 432,928 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrd2x40.dll
+ 2007-12-10 12:41:13 322,336 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrd3x40.dll
+ 2007-12-10 12:41:13 559,904 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrepl40.dll
+ 2007-12-10 12:41:13 264,992 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mstext40.dll
+ 2007-12-10 12:41:13 838,432 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mswdat10.dll
+ 2007-11-01 05:15:27 621,344 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mswstr10.dll
+ 2007-12-10 12:41:14 355,104 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msxbde40.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB950749\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB950749\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\spcustom.dll
+ 2008-08-02 18:39:14 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\updspapi.dll
+ 2008-04-21 06:43:36 3,087,872 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP3GDR\mshtml.dll
+ 2008-04-21 06:43:36 670,208 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP3GDR\wininet.dll
+ 2008-04-21 06:30:24 3,088,384 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP3QFE\mshtml.dll
+ 2008-04-21 06:30:24 670,720 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP3QFE\wininet.dll
+ 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB950759\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB950759\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB950759\update\spcustom.dll
+ 2008-08-02 18:39:15 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB950759\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB950759\update\updspapi.dll
+ 2007-11-30 12:39:29 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB950760\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB950760\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB950760\update\spcustom.dll
+ 2008-08-02 18:39:15 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB950760\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB950760\update\updspapi.dll
+ 2008-05-08 12:14:51 203,008 ----a-w C:\WINDOWS\$hf_mig$\KB950762\SP2QFE\rmcast.sys
+ 2008-05-08 14:02:52 203,136 ----a-w C:\WINDOWS\$hf_mig$\KB950762\SP3GDR\rmcast.sys
+ 2008-05-08 13:58:17 203,136 ----a-w C:\WINDOWS\$hf_mig$\KB950762\SP3QFE\rmcast.sys
+ 2007-11-30 12:39:29 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB950762\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB950762\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB950762\update\spcustom.dll
+ 2008-08-02 18:39:16 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB950762\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB950762\update\updspapi.dll
+ 2008-06-14 18:03:13 272,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\SP2QFE\bthport.sys
+ 2008-06-14 17:33:37 272,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\SP3GDR\bthport.sys
+ 2008-06-14 17:40:19 272,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\SP3QFE\bthport.sys
+ 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\update\spcustom.dll
+ 2008-08-02 18:39:17 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\update\update.exe
+ 2007-11-30 11:19:10 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\update\updspapi.dll
+ 2008-04-14 16:17:04 272,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376\SP2QFE\bthport.sys
+ 2008-04-14 15:59:30 272,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376\SP3GDR\bthport.sys
+ 2008-04-14 16:22:05 272,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376\SP3QFE\bthport.sys
+ 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB951376\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951376\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951376\update\spcustom.dll
+ 2008-08-02 18:39:16 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951376\update\update.exe
+ 2007-11-30 11:19:10 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB951376\update\updspapi.dll
+ 2008-05-07 04:55:47 1,294,336 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP2QFE\quartz.dll
+ 2008-05-07 05:11:24 1,294,336 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP3GDR\quartz.dll
+ 2008-05-07 05:04:59 1,294,336 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP3QFE\quartz.dll
+ 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB951698\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951698\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\spcustom.dll
+ 2008-08-02 18:39:17 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\updspapi.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\$NtUninstallKB941693$\spuninst\updspapi.dll
+ 2007-03-08 15:33:58 1,843,712 -c----w C:\WINDOWS\$NtUninstallKB941693$\win32k.sys
+ 2007-11-14 07:28:02 450,560 -c----w C:\WINDOWS\$NtUninstallKB944338$\jscript.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\$NtUninstallKB944338$\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\$NtUninstallKB944338$\spuninst\updspapi.dll
+ 2004-08-05 11:00:00 417,792 -c----w C:\WINDOWS\$NtUninstallKB944338$\vbscript.dll
+ 2006-06-26 17:41:32 148,480 -c----w C:\WINDOWS\$NtUninstallKB945553$\dnsapi.dll
+ 2004-08-05 11:00:00 45,568 -c----w C:\WINDOWS\$NtUninstallKB945553$\dnsrslvr.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\$NtUninstallKB945553$\spuninst\updspapi.dll
+ 2007-12-07 00:47:14 1,024,512 -c----w C:\WINDOWS\$NtUninstallKB947864$\browseui.dll
+ 2007-12-07 00:47:14 152,064 -c----w C:\WINDOWS\$NtUninstallKB947864$\cdfview.dll
+ 2007-12-07 00:47:14 1,056,768 -c----w C:\WINDOWS\$NtUninstallKB947864$\danim.dll
+ 2007-12-07 00:47:15 357,888 -c----w C:\WINDOWS\$NtUninstallKB947864$\dxtmsft.dll
+ 2007-12-07 00:47:15 205,824 -c----w C:\WINDOWS\$NtUninstallKB947864$\dxtrans.dll
+ 2007-12-07 00:47:15 55,808 -c----w C:\WINDOWS\$NtUninstallKB947864$\extmgr.dll
+ 2007-12-06 10:05:52 18,432 -c----w C:\WINDOWS\$NtUninstallKB947864$\iedw.exe
+ 2007-12-07 00:47:15 251,904 -c----w C:\WINDOWS\$NtUninstallKB947864$\iepeers.dll
+ 2007-12-07 00:47:15 96,768 -c----w C:\WINDOWS\$NtUninstallKB947864$\inseng.dll
+ 2007-12-07 00:47:15 16,384 -c----w C:\WINDOWS\$NtUninstallKB947864$\jsproxy.dll
+ 2007-12-07 00:47:18 3,087,360 -c----w C:\WINDOWS\$NtUninstallKB947864$\mshtml.dll
+ 2007-12-07 00:47:18 449,024 -c----w C:\WINDOWS\$NtUninstallKB947864$\mshtmled.dll
+ 2007-12-07 00:47:18 146,432 -c----w C:\WINDOWS\$NtUninstallKB947864$\msrating.dll
+ 2007-12-07 00:47:19 532,480 -c----w C:\WINDOWS\$NtUninstallKB947864$\mstime.dll
+ 2007-12-07 00:47:19 39,424 -c----w C:\WINDOWS\$NtUninstallKB947864$\pngfilt.dll
+ 2007-12-07 00:47:20 1,499,648 -c----w C:\WINDOWS\$NtUninstallKB947864$\shdocvw.dll
+ 2007-12-07 00:47:20 474,624 -c----w C:\WINDOWS\$NtUninstallKB947864$\shlwapi.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\$NtUninstallKB947864$\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\$NtUninstallKB947864$\spuninst\updspapi.dll
+ 2007-12-07 00:47:21 620,032 -c----w C:\WINDOWS\$NtUninstallKB947864$\urlmon.dll
+ 2007-12-07 00:47:21 670,208 -c----w C:\WINDOWS\$NtUninstallKB947864$\wininet.dll
+ 2007-12-06 23:40:30 369,152 -c----w C:\WINDOWS\$NtUninstallKB947864$\xpsp3res.dll
+ 2007-06-19 13:32:25 282,112 -c----w C:\WINDOWS\$NtUninstallKB948590$\gdi32.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\$NtUninstallKB948590$\spuninst\updspapi.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe
+ 2007-03-06 01:35:47 394,976 -c----w C:\WINDOWS\$NtUninstallKB948881$\spuninst\updspapi.dll
+ 2004-08-05 11:00:00 561,179 -c----w C:\WINDOWS\$NtUninstallKB950749$\dao360.dll
+ 2004-08-05 11:00:00 512,029 -c----w C:\WINDOWS\$NtUninstallKB950749$\msexch40.dll
+ 2004-08-05 11:00:00 319,517 -c----w C:\WINDOWS\$NtUninstallKB950749$\msexcl40.dll
+ 2004-08-05 11:00:00 1,507,356 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjet40.dll
+ 2004-08-05 11:00:00 358,976 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjetoledb40.dll
+ 2004-08-05 11:00:00 184,351 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjint40.dll
+ 2004-08-05 11:00:00 53,279 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjter40.dll
+ 2004-08-05 11:00:00 241,693 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjtes40.dll
+ 2004-08-05 11:00:00 213,023 -c----w C:\WINDOWS\$NtUninstallKB950749$\msltus40.dll
+ 2004-08-05 11:00:00 348,189 -c----w C:\WINDOWS\$NtUninstallKB950749$\mspbde40.dll
+ 2004-08-05 11:00:00 421,919 -c----w C:\WINDOWS\$NtUninstallKB950749$\msrd2x40.dll
+ 2004-08-05 11:00:00 315,423 -c----w C:\WINDOWS\$NtUninstallKB950749$\msrd3x40.dll
+ 2004-08-05 11:00:00 552,989 -c----w C:\WINDOWS\$NtUninstallKB950749$\msrepl40.dll
+ 2004-08-05 11:00:00 258,077 -c----w C:\WINDOWS\$NtUninstallKB950749$\mstext40.dll
+ 2004-08-05 11:00:00 831,519 -c----w C:\WINDOWS\$NtUninstallKB950749$\mswdat10.dll
+ 2004-08-05 11:00:00 614,429 -c----w C:\WINDOWS\$NtUninstallKB950749$\mswstr10.dll
+ 2004-08-05 11:00:00 348,189 -c----w C:\WINDOWS\$NtUninstallKB950749$\msxbde40.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\$NtUninstallKB950749$\spuninst\updspapi.dll
+ 2008-02-16 09:31:57 1,024,512 -c----w C:\WINDOWS\$NtUninstallKB950759$\browseui.dll
+ 2008-02-16 09:31:57 152,064 -c----w C:\WINDOWS\$NtUninstallKB950759$\cdfview.dll
+ 2008-02-16 09:31:58 1,056,768 -c----w C:\WINDOWS\$NtUninstallKB950759$\danim.dll
+ 2008-02-16 09:31:58 357,888 -c----w C:\WINDOWS\$NtUninstallKB950759$\dxtmsft.dll
+ 2008-02-16 09:31:58 205,312 -c----w C:\WINDOWS\$NtUninstallKB950759$\dxtrans.dll
+ 2008-02-16 09:31:58 55,808 -c----w C:\WINDOWS\$NtUninstallKB950759$\extmgr.dll
+ 2008-02-15 09:07:53 18,432 -c----w C:\WINDOWS\$NtUninstallKB950759$\iedw.exe
+ 2008-02-16 09:31:58 251,904 -c----w C:\WINDOWS\$NtUninstallKB950759$\iepeers.dll
+ 2008-02-16 09:31:58 96,768 -c----w C:\WINDOWS\$NtUninstallKB950759$\inseng.dll
+ 2008-02-16 09:31:58 16,384 -c----w C:\WINDOWS\$NtUninstallKB950759$\jsproxy.dll
+ 2008-02-16 09:31:59 3,087,872 -c----w C:\WINDOWS\$NtUninstallKB950759$\mshtml.dll
+ 2008-02-16 09:31:59 449,024 -c----w C:\WINDOWS\$NtUninstallKB950759$\mshtmled.dll
+ 2008-02-16 09:31:59 146,432 -c----w C:\WINDOWS\$NtUninstallKB950759$\msrating.dll
+ 2008-02-16 09:31:59 532,480 -c----w C:\WINDOWS\$NtUninstallKB950759$\mstime.dll
+ 2008-02-16 09:31:59 39,424 -c----w C:\WINDOWS\$NtUninstallKB950759$\pngfilt.dll
+ 2008-02-16 09:32:00 1,499,648 -c----w C:\WINDOWS\$NtUninstallKB950759$\shdocvw.dll
+ 2008-02-16 09:32:00 474,624 -c----w C:\WINDOWS\$NtUninstallKB950759$\shlwapi.dll
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB950759$\spuninst\updspapi.dll
+ 2008-02-16 09:32:00 620,544 -c----w C:\WINDOWS\$NtUninstallKB950759$\urlmon.dll
+ 2008-02-16 09:32:00 670,208 -c----w C:\WINDOWS\$NtUninstallKB950759$\wininet.dll
+ 2008-02-15 23:03:14 370,176 -c----w C:\WINDOWS\$NtUninstallKB950759$\xpsp3res.dll
+ 2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB950760$\spuninst\updspapi.dll
+ 2006-07-13 08:48:58 202,240 -c----w C:\WINDOWS\$NtUninstallKB950762$\rmcast.sys
+ 2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB950762$\spuninst\updspapi.dll
+ 2008-04-14 15:52:45 272,768 -c----w C:\WINDOWS\$NtUninstallKB951376-v2$\bthport.sys
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe
+ 2007-11-30 11:19:10 406,392 -c----w C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\updspapi.dll
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe
+ 2007-11-30 11:19:10 406,392 -c----w C:\WINDOWS\$NtUninstallKB951376$\spuninst\updspapi.dll
+ 2007-10-29 22:43:32 1,293,824 -c----w C:\WINDOWS\$NtUninstallKB951698$\quartz.dll
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB951698$\spuninst\updspapi.dll
+ 2008-07-05 06:43:36 12,288 ----a-w C:\WINDOWS\assembly\GAC\cli_basetypes\1.0.10.0__ce2cb7e279207b9e\cli_basetypes.dll
+ 2008-07-05 06:43:38 32,256 ----a-w C:\WINDOWS\assembly\GAC\cli_cppuhelper\1.0.13.0__ce2cb7e279207b9e\cli_cppuhelper.dll
+ 2008-07-05 06:43:39 847,872 ----a-w C:\WINDOWS\assembly\GAC\cli_types\1.1.13.0__ce2cb7e279207b9e\cli_types.dll
+ 2008-07-05 06:43:39 8,192 ----a-w C:\WINDOWS\assembly\GAC\cli_ure\1.0.13.0__ce2cb7e279207b9e\cli_ure.dll
+ 2008-07-05 06:43:15 3,072 ----a-w C:\WINDOWS\assembly\GAC\policy.1.0.cli_basetypes\9.1.0.0__ce2cb7e279207b9e\policy.1.0.cli_basetypes.dll
+ 2008-07-05 06:43:15 3,072 ----a-w C:\WINDOWS\assembly\GAC\policy.1.0.cli_cppuhelper\13.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_cppuhelper.dll
+ 2008-07-05 06:43:15 3,072 ----a-w C:\WINDOWS\assembly\GAC\policy.1.0.cli_ure\13.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_ure.dll
+ 2008-07-05 06:43:46 3,072 ----a-w C:\WINDOWS\assembly\GAC\policy.1.1.cli_types\13.0.0.0__ce2cb7e279207b9e\policy.1.1.cli_types.dll
- 2007-10-07 22:33:59 68,608 ----a-w C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2008-04-12 21:49:15 69,120 ----a-w C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2007-10-07 22:34:06 72,192 ----a-w C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2008-04-12 21:49:22 72,192 ----a-w C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2007-10-07 22:34:06 4,308,992 ----a-w C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2008-04-12 21:48:54 4,444,160 ----a-w C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2007-10-07 22:34:07 482,304 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2008-04-12 21:49:25 483,840 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2007-10-07 22:34:04 2,902,016 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2008-04-12 21:49:08 3,036,160 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2007-10-07 22:33:54 258,048 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2008-04-12 21:49:28 258,048 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2007-10-07 22:33:54 114,176 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2008-04-12 21:49:28 113,664 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2007-10-07 22:34:12 260,096 ----a-w C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2008-04-12 21:49:23 261,120 ----a-w C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2007-10-07 22:34:01 5,156,864 ----a-w C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2008-04-12 21:49:06 5,431,296 ----a-w C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2007-10-07 22:33:58 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2008-04-12 21:49:13 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2007-10-07 22:33:53 507,904 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2008-04-12 21:49:06 507,904 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2007-10-07 22:33:54 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2008-04-12 21:49:15 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2007-10-07 22:34:05 8,192 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2008-04-12 21:49:18 8,192 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2007-10-07 22:34:05 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2008-04-12 21:49:20 77,824 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2007-10-07 22:34:06 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2008-04-12 21:49:20 6,656 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2007-10-07 22:33:55 413,696 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2008-04-12 21:49:28 348,160 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2007-10-07 22:33:57 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2008-04-12 21:49:29 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2007-10-07 22:33:57 647,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2008-04-12 21:49:30 655,360 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2007-10-07 22:33:58 73,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2008-04-12 21:49:30 77,824 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2007-10-07 22:33:55 749,568 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2008-04-12 21:49:21 749,568 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2007-10-07 22:34:13 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-04-12 21:49:19 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2007-10-07 22:34:13 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2008-04-12 21:49:17 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2007-10-07 22:33:52 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2008-04-12 21:49:25 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2007-10-07 22:34:13 667,648 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2008-04-12 21:49:17 671,744 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2007-10-07 22:34:14 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2008-04-12 21:49:02 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2007-10-07 22:33:53 12,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-04-12 21:49:26 12,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2007-10-07 22:33:52 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2008-04-12 21:49:16 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2007-10-07 22:33:53 7,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2008-04-12 21:49:16 7,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2007-10-07 22:34:09 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2008-04-12 21:49:21 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2007-10-07 22:33:59 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2008-04-12 21:49:22 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2007-10-07 22:34:10 413,696 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2008-04-12 21:49:07 425,984 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2007-10-07 22:34:08 716,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2008-04-12 21:49:09 741,376 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2007-10-07 22:33:54 888,832 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2008-04-12 21:49:09 933,888 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2007-10-07 22:34:04 5,001,216 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2008-04-12 21:49:31 5,070,848 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2007-10-07 22:34:00 188,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2008-04-12 21:49:29 188,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2007-10-07 22:34:00 397,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2008-04-12 21:49:13 401,408 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2007-10-07 22:34:00 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2008-04-12 21:49:26 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2007-10-07 22:34:11 577,536 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2008-04-12 21:49:03 630,784 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2007-10-07 22:34:08 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2008-04-12 21:49:27 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2007-10-07 22:34:11 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2008-04-12 21:49:26 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2007-10-07 22:34:08 299,008 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2008-04-12 21:49:24 299,008 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2007-10-07 22:34:09 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-04-12 21:49:23 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2007-10-07 22:33:58 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2008-04-12 21:49:04 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2007-10-07 22:34:01 114,688 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2008-04-12 21:49:04 114,688 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2007-10-07 22:34:12 835,584 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2008-04-12 21:49:12 884,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2007-10-07 22:34:02 86,016 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2008-04-12 21:49:12 90,112 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2007-10-07 22:34:02 823,296 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2008-04-12 21:49:11 839,680 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2007-10-07 22:34:03 5,152,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2008-04-12 21:49:14 5,013,504 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2007-10-07 22:34:03 2,027,520 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2008-04-12 21:49:05 2,068,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2007-10-07 22:34:10 2,940,928 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2008-04-12 21:49:10 3,076,096 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2008-04-12 21:53:08 27,136 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\c6772fd12a581ad3be49e3f2a80b5622\Accessibility.ni.dll
+ 2008-04-12 21:53:09 884,736 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\a1d353edc300e3aff0784202f68a657b\AspNetMMCExt.ni.dll
+ 2008-04-12 21:53:10 237,568 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\c10ec9b4de2b366236ec83237dc31281\CustomMarshalers.ni.dll
+ 2008-04-12 21:53:09 15,360 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\dfsvc\837fe02bdcf637d5bf1e5ffb935ebb80\dfsvc.ni.exe
+ 2008-04-12 21:53:11 876,544 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\9710a3c0d11dd264c3a6b88977699e9b\Microsoft.Build.Engine.ni.dll
+ 2008-04-12 21:53:11 81,920 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e2858a45971fb30b0c0523dbb52c1d4e\Microsoft.Build.Framework.ni.dll
+ 2008-04-12 21:53:14 1,695,744 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\63d69ffdf3c640d2d104a4b74e8115f8\Microsoft.Build.Tasks.ni.dll
+ 2008-04-12 21:53:14 167,936 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\11cb5418c06e30100616fbf205588489\Microsoft.Build.Utilities.ni.dll
+ 2008-04-12 21:53:17 1,740,800 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\923bd55258380eae77353d36a5a1b08f\Microsoft.VisualBasic.ni.dll
+ 2008-04-12 21:50:53 11,722,752 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\32e6f703c114f3a971cbe706586e3655\mscorlib.ni.dll
+ 2008-04-12 21:53:18 1,011,712 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\eee9b48577689e92db5a7b5c5de98d9b\System.Configuration.ni.dll
+ 2008-04-12 21:51:14 7,049,216 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\5f669e819da7010c1dca347a25597c42\System.Data.ni.dll
+ 2008-04-12 21:53:20 1,798,144 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\c7dea4895e1fa33d65e448c03de48d26\System.Deployment.ni.dll
+ 2008-04-12 21:51:29 10,969,088 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Design\c1e16b40e30a05c39be8aee46311841c\System.Design.ni.dll
+ 2008-04-12 21:53:21 1,224,704 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\914668b240550f529e54bb772c6fc881\System.DirectoryServices.ni.dll
+ 2008-04-12 21:53:22 512,000 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\f11bc82c09955cb8438d3885a99c297d\System.DirectoryServices.Protocols.ni.dll
+ 2008-04-12 21:51:32 229,376 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\b974f6c17d17a533adf6e7710c5a62fa\System.Drawing.Design.ni.dll
+ 2008-04-12 21:51:31 1,667,072 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\[u]0/ue83aac37b2623f1a24c70979f31dd56\System.Drawing.ni.dll
+ 2008-04-12 21:53:24 659,456 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\646131eda5f21f4e6216733d49c22c56\System.EnterpriseServices.ni.dll
+ 2008-04-12 21:53:24 294,912 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\646131eda5f21f4e6216733d49c22c56\System.EnterpriseServices.Wrapper.dll
+ 2008-04-12 21:53:26 733,184 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\2b5994269cc5b996231c9b21afea9a91\System.Security.ni.dll
+ 2008-04-12 21:53:27 233,472 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\193ac978af569ad9ee45110b359961b9\System.ServiceProcess.ni.dll
+ 2008-04-12 21:53:28 679,936 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\12e0aa1030badf4524f897e3f57b037a\System.Transactions.ni.dll
+ 2008-04-12 21:53:44 2,342,912 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\37d87b3cab1c66ec4430ebb2abeaa570\System.Web.Mobile.ni.dll
+ 2008-04-12 21:53:44 237,568 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\b5b81faf46fc63c20d5339b36edd02fa\System.Web.RegularExpressions.ni.dll
+ 2008-04-12 21:53:47 1,986,560 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\38991368499e2109ea4099a0fe29c5a3\System.Web.Services.ni.dll
+ 2008-04-12 21:53:41 12,509,184 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\67cfb70213562afe2ca9b9066764af3a\System.Web.ni.dll
+ 2008-04-12 21:51:45 13,193,216 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3d8c79c45aa674e43f075e2e66b8caf5\System.Windows.Forms.ni.dll
+ 2008-04-12 21:51:52 5,771,264 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\c98cb65a79cfccb44ea727ebe4593ede\System.Xml.ni.dll
+ 2008-04-12 21:51:05 8,265,728 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\ba0e3a22211ba7343e0116b051f2965a\System.ni.dll
+ 2008-08-02 17:12:23 45,056 ----a-w C:\WINDOWS\BDOSCAN8\avxdisk.dll
+ 2008-08-02 17:12:23 10,240 ----a-w C:\WINDOWS\BDOSCAN8\avxs.dll
+ 2008-08-02 17:12:23 27,136 ----a-w C:\WINDOWS\BDOSCAN8\avxt.dll
+ 2008-08-02 17:12:26 181,760 ----a-w C:\WINDOWS\BDOSCAN8\bdcore.dll
+ 2006-05-24 23:21:00 118,784 ----a-w C:\WINDOWS\BDOSCAN8\bdupd.dll
+ 2006-05-24 23:21:14 53,248 ----a-w C:\WINDOWS\BDOSCAN8\ipsupd.dll
+ 2008-08-02 17:12:26 142,848 ----a-w C:\WINDOWS\BDOSCAN8\libfn.dll
+ 2008-08-02 17:12:24 86,016 ----a-w C:\WINDOWS\BDOSCAN8\librtvr.dll
+ 2006-05-24 23:22:06 53,248 ----a-w C:\WINDOWS\bdoscandel.exe
+ 2006-05-24 23:21:00 118,784 ----a-w C:\WINDOWS\Downloaded Program Files\bdupd.dll
+ 2006-05-24 23:21:14 53,248 ----a-w C:\WINDOWS\Downloaded Program Files\ipsupd.dll
- 2007-07-04 09:41:58 115,536 ----a-w C:\WINDOWS\Downloaded Program Files\McContentMgr.dll
+ 2008-04-17 13:56:58 117,584 ----a-w C:\WINDOWS\Downloaded Program Files\McContentMgr.dll
- 2007-07-04 09:41:18 346,968 ----a-w C:\WINDOWS\Downloaded Program Files\McHealthCheck.dll
+ 2008-04-17 13:56:16 354,136 ----a-w C:\WINDOWS\Downloaded Program Files\McHealthCheck.dll
- 2007-07-04 09:42:22 119,112 ----a-w C:\WINDOWS\Downloaded Program Files\McLogMgr.dll
+ 2008-04-17 13:57:18 119,112 ----a-w C:\WINDOWS\Downloaded Program Files\McLogMgr.dll
- 2007-07-04 09:41:42 517,456 ----a-w C:\WINDOWS\Downloaded Program Files\McPlugins.dll
+ 2008-04-17 13:56:38 527,696 ----a-w C:\WINDOWS\Downloaded Program Files\McPlugins.dll
- 2007-07-04 09:42:40 233,808 ----a-w C:\WINDOWS\Downloaded Program Files\McProdMgr.dll
+ 2008-04-17 13:57:38 238,416 ----a-w C:\WINDOWS\Downloaded Program Files\McProdMgr.dll
- 2007-07-04 09:40:58 285,536 ----a-w C:\WINDOWS\Downloaded Program Files\MVT.dll
+ 2008-04-17 13:55:34 291,680 ----a-w C:\WINDOWS\Downloaded Program Files\MVT.dll
- 2007-07-04 09:40:34 139,776 ----a-w C:\WINDOWS\Downloaded Program Files\Uploader.exe
+ 2008-04-17 13:53:54 147,456 ----a-w C:\WINDOWS\Downloaded Program Files\Uploader.exe
+ 2008-06-14 17:59:52 272,768 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys
- 2000-08-31 06:00:00 163,328 ----a-w C:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE
+ 2005-10-20 18:02:28 163,328 ----a-w C:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE
+ 2005-10-20 18:02:28 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
+ 2008-04-01 08:56:58 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE
+ 2008-04-02 05:55:59 581,632 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\[u]0/u0000001\NTUSER.DAT
+ 2008-04-02 05:55:59 98,304 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\[u]0/u0000002\UsrClass.dat
+ 2008-04-01 08:56:58 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE
+ 2008-04-02 05:55:44 581,632 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0/u0000001\NTUSER.DAT
+ 2008-04-02 05:55:44 98,304 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0/u0000002\UsrClass.dat
+ 2000-08-31 06:00:00 89,504 ----a-w C:\WINDOWS\fdsv.exe
+ 2000-08-31 06:00:00 80,412 ----a-w C:\WINDOWS\grep.exe
+ 2008-07-05 06:45:35 2,363,392 ----a-r C:\WINDOWS\Installer\{A122962F-331A-4C2E-93DB-AD92D8A4FB14}\soffice.exe
+ 2008-04-18 23:25:11 25,214 ----a-r C:\WINDOWS\Installer\{B4649EFB-54CB-42AB-8536-8FED519E1036}\ARPPRODUCTICON.exe
+ 2008-05-27 21:45:03 382,303 ----a-w C:\WINDOWS\Installer\SandboxieInstall.exe
- 2005-09-23 05:28:52 72,704 ----a-w C:\WINDOWS\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2007-10-23 23:47:38 82,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\NETFXSBS10.exe
- 2005-09-23 05:28:52 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp10.dll
+ 2007-10-23 23:47:38 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp10.dll
- 2005-09-23 05:28:56 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2007-10-23 23:47:40 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
- 2005-09-23 05:28:58 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2007-10-23 23:47:42 16,896 ----a-w C:\WINDOWS\M
0
jacques.gache Messages postés 33453 Date d'inscription mardi 13 novembre 2007 Statut Contributeur sécurité Dernière intervention 25 janvier 2016 1 616
4 août 2008 à 21:41
bonjour, c'est bien de mettre un combofix mais il t'avait été demandé dans le cadre d'une procédure de désinfection à un moment précis de même que élibagla, tu le passes après malwarebytes que veux tu vraiment qu'il nous révèle comme infection car malwarebytes en as sûrement effacer les entrées c'est pour ça qu'il t'était demander avant et ce n'était pas que pour faire bien @+
0
wouaneguene Messages postés 12 Date d'inscription samedi 2 août 2008 Statut Membre Dernière intervention 15 avril 2014
5 août 2008 à 07:06
Bein le message 14 me parlait pas de rapport ELIGLABA il me semble.
0
jacques.gache Messages postés 33453 Date d'inscription mardi 13 novembre 2007 Statut Contributeur sécurité Dernière intervention 25 janvier 2016 1 616
5 août 2008 à 10:18
bonjour, si tu avais suivi jlpjlp comme il te demandait dans son premier message c'est à dire le 2 tu comprendrais
0