Bonjour, à vous tous. J'ai un problème. J'ai voulu installer un jeu Bigfish, je l'ai analysé avec (Nod32 à jour) il disait qu'il n'y avait rien. Lorsque j'ai fait exe mon ordi à capoté. L'écran est devenu tout rouge avec un dessin blanc au milieu il disait que c'était un virus. J'ai voulu aller voir dans restauration de système, mais il n'y avait plus de Programme. J'ai cliqué sur Démarrer pour aller dans Programme mais il n'avait plus rien d'écris. Ensuite j'ai voulu aller dans mon disque et le C: et D: mais il avait disparu eux aussi. Il y a une fenêtre qui apparaissait qui disait: ‘file:///C :Windows/privacy_danger/index.htm’est introuvable. Vérifiez que le chemin d’accès ou l’adresse internet sont corrects. Et il y avait toujours une fenêtre qui me disait de cliquer sur ok pour installer un programme pour les virus. Quand j'ai vu que rien ne changeait j'ai passé Spyware Terminator 2e Malwarebytes'Anti-Malware 3e Registry Mechanic 4e ATF-Cleaner. Quand j'ai rebooter la fenêtre rouge était disparu. Mais je me demande si tout est correct ou s'il y a du danger d'infecter mes amis (es). Merci de votre aide. J'apprécie beaucoup. Mymy

Virus très bizarre

Réponse 21 / 51

mymybyll Messages postés 92 Statut Membre 1

Bonjour et voilà. Merci Mymy

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:31:14, on 2008-08-11
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\vVX6000.exe
D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\ATI\Catalyst Media Center\CMCService.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\essspk.exe
C:\WINDOWS\system32\hphmon03.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9FA.EXE
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\lg_fwupdate\fwupdate.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
D:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ATI\Catalyst Media Center\Kernel\TV\CLCapSvc.exe
C:\Program Files\ATI\Catalyst Media Center\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\PROGRA~1\SPYWAR~1\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ATI\Catalyst Media Center\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\HPHipm09.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
D:\Anglais\Systran\SYSTRA~3.EXE
D:\Zip\Hijack\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [VX6000] C:\WINDOWS\vVX6000.exe
O4 - HKLM\..\Run: [CloneCDTray] "D:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [VirtualCloneDrive] "D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [CMCService] "C:\Program Files\ATI\Catalyst Media Center\CMCService.exe"
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [EssSpkPhone] essspk.exe
O4 - HKLM\..\Run: [HPHmon03] C:\WINDOWS\system32\hphmon03.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R320 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9FA.EXE /P30 "EPSON Stylus Photo R320 Series" /O6 "USB001" /M "Stylus Photo R320"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\RunServices: [Applications Driver] svohost.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [ATI Remote Control] C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [EPSON Stylus Photo R320 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9FA.EXE /P30 "EPSON Stylus Photo R320 Series" /M "Stylus Photo R320" /EF "HKCU"
O4 - HKCU\..\Run: [Anniversaires] D:\Anniversaires\Rappel.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: MSN Pictures Displayer.lnk = D:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
O4 - Global Startup: APC UPS Status.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Open and Translate in Word - res://D:\Anglais\Systran\IEShellExt.dll /10
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-caf.cab
O16 - DPF: {F137B9BA-89EA-4B04-9C67-2074A9DF61FD} (Photo Upload Plugin Class) - https://www.costcophotocentre.ca/SignIn?ReturnUrl=%2fFileNotFound.htm%3faspxerrorpath%3d%2fupload%2factivex%2fv2_0_0_10%2ferror.aspx&aspxerrorpath=/upload/activex/v2_0_0_10/error.aspx
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\ATI\Catalyst Media Center\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\ATI\Catalyst Media Center\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\ATI\Catalyst Media Center\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Pml Driver - HP - C:\WINDOWS\system32\HPHipm09.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\PROGRA~1\SPYWAR~1\sp_rsser.exe

Réponse 22 / 51

Destrio5 Messages postés 99820 Date d'inscription Statut Modérateur Dernière intervention 10 305

---> Relance HijackThis et choisis Do a system scan only

---> Coche les cases qui sont devant les lignes suivantes :

O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\RunServices: [Applications Driver] svohost.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O16 - DPF: {F137B9BA-89EA-4B04-9C67-2074A9DF61FD} (Photo Upload Plugin Class) - https://www.costcophotocentre.ca/SignIn?ReturnUrl=%2fFileNotFound.htm%3faspxerrorpath%3d%2fupload%2factivex%2fv2_0_0_10%2ferror.aspx&aspxerrorpath=/upload/activex/v2_0_0_10/error.aspx

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

---> Clique en bas sur Fix checked. Mets oui si HijackThis te demande quelque chose.

---> Redémarre ton PC et poste un dernier rapport HijackThis

Réponse 23 / 51

mymybyll Messages postés 92 Statut Membre 1

Salut je t'envoie ça. Je te trouve très patient. Merci

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:40:36, on 2008-08-11
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\vVX6000.exe
D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\ATI\Catalyst Media Center\CMCService.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\essspk.exe
C:\WINDOWS\system32\hphmon03.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9FA.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\lg_fwupdate\fwupdate.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
D:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ATI\Catalyst Media Center\Kernel\TV\CLCapSvc.exe
C:\Program Files\ATI\Catalyst Media Center\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\PROGRA~1\SPYWAR~1\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ATI\Catalyst Media Center\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\HPHipm09.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
D:\Zip\Hijack\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [VX6000] C:\WINDOWS\vVX6000.exe
O4 - HKLM\..\Run: [CloneCDTray] "D:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [VirtualCloneDrive] "D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [CMCService] "C:\Program Files\ATI\Catalyst Media Center\CMCService.exe"
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [EssSpkPhone] essspk.exe
O4 - HKLM\..\Run: [HPHmon03] C:\WINDOWS\system32\hphmon03.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R320 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9FA.EXE /P30 "EPSON Stylus Photo R320 Series" /O6 "USB001" /M "Stylus Photo R320"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [ATI Remote Control] C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [EPSON Stylus Photo R320 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9FA.EXE /P30 "EPSON Stylus Photo R320 Series" /M "Stylus Photo R320" /EF "HKCU"
O4 - HKCU\..\Run: [Anniversaires] D:\Anniversaires\Rappel.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: MSN Pictures Displayer.lnk = D:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
O4 - Global Startup: APC UPS Status.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Open and Translate in Word - res://D:\Anglais\Systran\IEShellExt.dll /10
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-caf.cab
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\ATI\Catalyst Media Center\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\ATI\Catalyst Media Center\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\ATI\Catalyst Media Center\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Pml Driver - HP - C:\WINDOWS\system32\HPHipm09.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\PROGRA~1\SPYWAR~1\sp_rsser.exe

Réponse 24 / 51

Destrio5 Messages postés 99820 Date d'inscription Statut Modérateur Dernière intervention 10 305

Plus de trace d'infection, tu peux désinstaller HijackThis.

Je te conseille de faire un scan avec MBAM en le mettant à jour avant.

Réponse 25 / 51

mymybyll Messages postés 92 Statut Membre 1

Wow c'est merveilleux Merci Merci Merci mille fois Merci. MBAM c'est quelle nom au juste? je ne le connais pas .
Merci Mymy

Réponse 26 / 51

Destrio5 Messages postés 99820 Date d'inscription Statut Modérateur Dernière intervention 10 305

MBAM = MalwareByte's Anti-Malware

http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.htm

Réponse 27 / 51

mymybyll Messages postés 92 Statut Membre 1

Je m'excuse je n'avais pas fait le rapport. Je fais ce scan complet et je te redonne des nouvelles. Merci Mymy

Réponse 28 / 51

Destrio5 Messages postés 99820 Date d'inscription Statut Modérateur Dernière intervention 10 305

Ok.

Réponse 29 / 51

mymybyll Messages postés 92 Statut Membre 1

Salut Je T'envoie le rapport. Merci Mymy

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:58:17, on 2008-08-12
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\vVX6000.exe
D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\ATI\Catalyst Media Center\CMCService.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\essspk.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\hphmon03.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9FA.EXE
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\lg_fwupdate\fwupdate.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
D:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ATI\Catalyst Media Center\Kernel\TV\CLCapSvc.exe
C:\Program Files\ATI\Catalyst Media Center\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\PROGRA~1\SPYWAR~1\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ATI\Catalyst Media Center\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\HPHipm09.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\PROGRA~1\INCRED~1\bin\IncMail.exe
D:\Zip\Hijack\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [VX6000] C:\WINDOWS\vVX6000.exe
O4 - HKLM\..\Run: [CloneCDTray] "D:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [VirtualCloneDrive] "D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [CMCService] "C:\Program Files\ATI\Catalyst Media Center\CMCService.exe"
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [EssSpkPhone] essspk.exe
O4 - HKLM\..\Run: [HPHmon03] C:\WINDOWS\system32\hphmon03.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R320 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9FA.EXE /P30 "EPSON Stylus Photo R320 Series" /O6 "USB001" /M "Stylus Photo R320"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [ATI Remote Control] C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [EPSON Stylus Photo R320 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9FA.EXE /P30 "EPSON Stylus Photo R320 Series" /M "Stylus Photo R320" /EF "HKCU"
O4 - HKCU\..\Run: [Anniversaires] D:\Anniversaires\Rappel.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: MSN Pictures Displayer.lnk = D:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
O4 - Global Startup: APC UPS Status.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Open and Translate in Word - res://D:\Anglais\Systran\IEShellExt.dll /10
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-caf.cab
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\ATI\Catalyst Media Center\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\ATI\Catalyst Media Center\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\ATI\Catalyst Media Center\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Pml Driver - HP - C:\WINDOWS\system32\HPHipm09.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\PROGRA~1\SPYWAR~1\sp_rsser.exe

Réponse 30 / 51

Destrio5 Messages postés 99820 Date d'inscription Statut Modérateur Dernière intervention 10 305

Ce n'est pas le bon rapport.

Réponse 31 / 51

mymybyll Messages postés 92 Statut Membre 1

Salut est-ce que c'est le rapport Malwarebytes' Anti-Malware que tu veux. C'est celui-là que je t'envoie.
Merci Mymy

Malwarebytes' Anti-Malware 1.24
Version de la base de données: 1043
Windows 5.1.2600 Service Pack 2

02:13:10 2008-08-12
mbam-log-8-12-2008 (02-12-46).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 286048
Temps écoulé: 2 hour(s), 6 minute(s), 31 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 15

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{03bbee1b-07c4-4992-9288-93ef191d3f83} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> No action taken.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\System Volume Information\_restore{F6D93DE1-2CBC-4E6C-BE50-EE5CF0B49A13}\RP266\A0056202.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{F6D93DE1-2CBC-4E6C-BE50-EE5CF0B49A13}\RP288\A0060188.exe (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{F6D93DE1-2CBC-4E6C-BE50-EE5CF0B49A13}\RP288\A0060196.exe (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\system32\eakwvxtc.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\ehuwat.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\ckfutpbk.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\xsnytk.dll (Trojan.Vundo) -> No action taken.
D:\Screensaver\Japanese Garden 3D Screensaver\patch.exe (Trojan.Downloader) -> No action taken.
D:\Zip\Screensaver\Japanese Garden 3D Screensaver v1.0\Patch\patch.exe (Trojan.Downloader) -> No action taken.
C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> No action taken.
C:\windows.bat (Trojan.Agent) -> No action taken.
C:\WINDOWS\pskt.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS\BMaf2604e8.xml (Trojan.Vundo) -> No action taken.
C:\WINDOWS\BMaf2604e8.txt (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\Muriel\Local Settings\Temporary Internet Files\pse_300_fra.exe (Trojan.Agent) -> No action taken.

Réponse 32 / 51

Destrio5 Messages postés 99820 Date d'inscription Statut Modérateur Dernière intervention 10 305

T'as bien pensé à supprimer ce que le logiciel a trouvé ?

Le rapport montre une infection assez tenace qui n'était pas visible dans HijackThis. Je préfère que tu fasses le scan suivant :

---> Télécharge ComboFix.exe de sUBs sur ton Bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

/!\ Déconnecte-toi du net et ferme toutes les applications, antivirus et antispyware y compris /!\

---> Double-clique sur Combofix.exe
Un "pop-up" va apparaître qui dit que "ComboFix est utilisé à vos risques et avec aucune garantie...".
Accepte en cliquant sur "Oui"

---> Mets-le en langue française F
Tape sur la touche 1 (Yes) pour démarrer le scan.

/!\ Ne touche à rien tant que le scan n'est pas terminé. /!\

En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.

Une fois le scan achevé, un rapport va s'afficher : Poste son contenu

/!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\

Note : Le rapport se trouve également là : C:\ComboFix.txt

Réponse 33 / 51

mymybyll Messages postés 92 Statut Membre 1

Rebonjour, je t'envoie le rapport Tu as une patience d'ange et tes explications sont très bien données.Merci Mymy

ComboFix 08-08-11.01 - Muriel 2008-08-12 14:34:38.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1388 [GMT -4:00]
Endroit: C:\Documents and Settings\Muriel\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
* Resident AV is active

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
[i] ADS - WINDOWS: deleted 24 bytes in 1 streams. [/i]

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Muriel\Application Data\macromedia\Flash Player\#SharedObjects\P54DYEFQ\interclick.com
C:\Documents and Settings\Muriel\Application Data\macromedia\Flash Player\#SharedObjects\P54DYEFQ\interclick.com\ud.sol
C:\Documents and Settings\Muriel\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com
C:\Documents and Settings\Muriel\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com\settings.sol
C:\WINDOWS\system32\DdKlonpo.ini
C:\WINDOWS\system32\DdKlonpo.ini2
C:\WINDOWS\system32\drivers\npf.sys
C:\WINDOWS\system32\dylnfjif.ini
C:\WINDOWS\system32\hsegkiqa.dll
C:\WINDOWS\system32\JSuEdMoq.ini
C:\WINDOWS\system32\JSuEdMoq.ini2
C:\WINDOWS\system32\kqkytchj.dll
C:\WINDOWS\system32\packet.dll
C:\WINDOWS\system32\peewlpuo.ini
C:\WINDOWS\system32\sBKSYcfe.ini
C:\WINDOWS\system32\sptahscu.ini
C:\WINDOWS\system32\thnrhlyg.ini
C:\WINDOWS\system32\uqovksfu.ini
C:\WINDOWS\system32\wpcap.dll
C:\WINDOWS\system32\ytjwwvth.ini

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_NPF

((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-07-12 to 2008-08-12 ))))))))))))))))))))))))))))))))))))
.

2008-08-12 14:26 . 2008-08-12 14:26 <REP> d-------- C:\Documents and Settings\All Users\Application Data\JollyBear
2008-08-12 11:47 . 2008-08-12 11:47 <REP> d-------- C:\Documents and Settings\Muriel\Application Data\Dossier de t‚l‚chargement Share-to-Web
2008-08-12 00:04 . 2008-07-30 20:07 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-08-11 00:42 . 2008-08-11 00:42 <REP> d-------- C:\WINDOWS\ERUNT
2008-08-11 00:01 . <REP> C:\Documents and Settings\Administrateur\Application Data\Dossier de t‚l‚chargement Share-to-Web
2008-08-10 23:58 . 2008-03-14 21:35 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage r‚seau
2008-08-10 23:58 . 2008-03-14 21:35 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-08-10 23:58 . 2008-03-14 02:50 <REP> d--h----- C:\Documents and Settings\Administrateur\ModŠles
2008-08-10 23:58 . 2008-03-14 21:35 <REP> d-------- C:\Documents and Settings\Administrateur\Mes documents
2008-08-10 23:58 . 2008-03-14 21:35 <REP> dr------- C:\Documents and Settings\Administrateur\Menu D‚marrer
2008-08-10 23:58 . 2008-03-14 21:35 <REP> d-------- C:\Documents and Settings\Administrateur\Favoris
2008-08-10 23:58 . 2008-08-11 00:52 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-08-10 23:58 . 2008-08-10 23:58 <REP> d-------- C:\Documents and Settings\Administrateur
2008-08-10 21:27 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-08-10 21:27 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-08-10 21:27 . 2008-04-24 08:10 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-08-10 21:27 . 2008-04-28 08:03 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-08-10 21:27 . 2008-04-28 08:03 82,944 --a------ C:\WINDOWS\system32\404Fix.exe
2008-08-10 21:27 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-08-10 21:27 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-08-10 21:27 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-08-10 01:54 . 2008-08-10 21:45 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-08-10 01:51 . 2008-08-10 01:51 <REP> d-------- C:\WINDOWS\Yard Sale Hidden Treasures Sunnyville
2008-08-08 12:58 . 2008-08-08 12:58 244 --ah----- C:\sqmnoopt09.sqm
2008-08-08 12:58 . 2008-08-08 12:58 232 --ah----- C:\sqmdata09.sqm
2008-08-07 22:24 . 2008-08-07 22:24 244 --ah----- C:\sqmnoopt08.sqm
2008-08-07 22:24 . 2008-08-07 22:24 232 --ah----- C:\sqmdata08.sqm
2008-08-03 18:32 . 2008-08-03 18:32 <REP> d-------- C:\Program Files\Team viewer3
2008-08-03 18:32 . 2008-08-03 18:32 <REP> d-------- C:\Documents and Settings\Muriel\Application Data\TeamViewer
2008-08-02 20:06 . 2008-08-02 20:06 <REP> d-------- C:\WINDOWS\Dream Day - First Home
2008-08-02 19:46 . 2008-08-02 19:46 <REP> d-------- C:\WINDOWS\Forgotten Riddles - The Moonlight Sonatas
2008-08-01 09:27 . 2008-08-01 09:27 99,648 --a------ C:\WINDOWS\system32\drivers\AnyDVD.sys
2008-07-25 21:18 . 2008-07-25 21:18 <REP> d-------- C:\Program Files\bfgclient
2008-07-24 11:43 . 2008-07-24 11:43 244 --ah----- C:\sqmnoopt07.sqm
2008-07-24 11:43 . 2008-07-24 11:43 232 --ah----- C:\sqmdata07.sqm
2008-07-21 22:05 . 2008-07-25 21:29 <REP> d-------- C:\Documents and Settings\All Users\Application Data\HiddenSecretsNightmare
2008-07-21 22:04 . 2008-07-21 22:04 <REP> d-------- C:\WINDOWS\Hidden Secrets - The Nightmare
2008-07-21 21:31 . 2008-07-21 21:31 <REP> d-------- C:\Documents and Settings\Muriel\Application Data\Zylom
2008-07-21 21:29 . 2008-07-21 21:38 <REP> d-------- C:\Program Files\Zylom Games
2008-07-21 21:29 . 2008-07-21 21:29 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Zylom
2008-07-21 08:11 . 2008-07-21 08:11 24,392 --a------ C:\WINDOWS\system32\drivers\ElbyCDIO.sys
2008-07-20 13:14 . 1998-10-01 15:22 299,520 --a------ C:\WINDOWS\uninst.exe
2008-07-13 23:07 . 2008-07-25 21:16 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BigFishGamesCache

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-12 18:39 --------- d-----w C:\Program Files\lg_fwupdate
2008-08-12 15:55 --------- d-----w C:\Program Files\Spyware Terminator
2008-08-12 15:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2008-08-12 15:49 --------- d-----w C:\Documents and Settings\Muriel\Application Data\Spyware Terminator
2008-08-12 15:47 --------- d-----w C:\Documents and Settings\Muriel\Application Data\Dossier de téléchargement Share-to-Web
2008-08-12 06:13 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-08-12 00:52 --------- d-----w C:\Program Files\Java
2008-08-11 04:01 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Dossier de téléchargement Share-to-Web
2008-08-10 05:50 --------- d-----w C:\Documents and Settings\Muriel\Application Data\uTorrent
2008-08-08 20:42 --------- d-----w C:\Program Files\EPSON Print CD
2008-08-08 01:09 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-07 20:12 --------- d-----w C:\Documents and Settings\Muriel\Application Data\LimeWire
2008-08-02 03:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-07-31 00:07 17,144 ----a-w C:\WINDOWS\system32\drivers\mbam.sys
2008-07-20 17:27 --------- d-----w C:\Program Files\Common Files
2008-07-14 03:08 0 ----a-w C:\Program Files\temp01
2008-07-10 15:28 3,702 ---ha-w C:\Documents and Settings\Muriel\runScreen.exe
2008-07-10 15:28 15,360 ---ha-w C:\Documents and Settings\Muriel\runScanner.exe
2008-07-09 21:19 --------- d-----w C:\Program Files\Elf Bowling - Hawaiian Vacation
2008-07-09 21:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\MumboJumbo
2008-07-07 02:27 --------- d-----w C:\Documents and Settings\Muriel\Application Data\???????sAppData
2008-06-27 20:02 --------- d-----w C:\Documents and Settings\Muriel\Application Data\Ancient Quest of Saqqarah__bfg
2008-06-27 19:54 28,889,038 ----a-w C:\WINDOWS\Ancient Quest of Saqqarah.exe
2008-06-27 19:53 34,304 ------w C:\WINDOWS\is157234.exe
2008-06-16 04:04 --------- d-----w C:\Program Files\SpywareBlaster
2008-06-15 00:31 --------- d-----w C:\Program Files\Fichiers communs\LightScribe
2008-06-15 00:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\LightScribe
2008-06-14 21:53 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-14 21:53 --------- d-----w C:\Program Files\CyberLink DVD Solution
2008-05-20 22:58 2,256 ----a-w C:\WINDOWS\current_settings.bin
2004-10-01 19:00 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe
2002-08-30 12:00 94,864 --sh--w C:\WINDOWS\twain.dll
2004-08-19 14:09 50,688 --sh--w C:\WINDOWS\twain_32.dll
2004-08-19 14:09 1,028,096 --sh--w C:\WINDOWS\system32\mfc42.dll
2004-08-19 14:09 54,784 --sh--w C:\WINDOWS\system32\msvcirt.dll
2004-08-19 14:09 413,696 --sh--w C:\WINDOWS\system32\msvcp60.dll
2004-08-19 14:09 343,040 --sh--w C:\WINDOWS\system32\msvcrt.dll
2007-12-04 18:41 550,912 --sh--w C:\WINDOWS\system32\oleaut32.dll
2004-08-19 14:09 83,456 --sh--w C:\WINDOWS\system32\olepro32.dll
2004-08-19 14:10 12,288 --sh--w C:\WINDOWS\system32\regsvr32.exe
.

((((((((((((((((((((((((((((( snapshot@2008-05-10_21.04.31.32 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-07-09 16:10:03 69,800 ----a-w C:\WINDOWS\ Elf Bowling - Hawaiian Vacation\uninstall.dat
+ 2008-07-09 16:10:03 472,576 ----a-w C:\WINDOWS\ Elf Bowling - Hawaiian Vacation\uninstall.exe
+ 2006-03-24 04:49:05 49,152 ----a-w C:\WINDOWS\$hf_mig$\KB904942\SP2QFE\wdigest.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB904942\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB904942\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB904942\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB904942\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB904942\update\updspapi.dll
+ 2006-07-14 15:52:22 121,856 ----a-w C:\WINDOWS\$hf_mig$\KB915865\SP2QFE\xmllite.dll
+ 2005-10-12 23:12:25 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB915865\spmsg.dll
+ 2005-10-12 23:12:26 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB915865\spuninst.exe
+ 2005-10-12 23:12:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB915865\update\spcustom.dll
+ 2005-10-12 23:12:28 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB915865\update\update.exe
+ 2005-10-12 23:12:33 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB915865\update\updspapi.dll
+ 2008-02-26 11:49:32 297,984 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\SP2QFE\msctf.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\updspapi.dll
+ 2007-07-12 23:28:38 765,952 ----a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\SP2QFE\vgx.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\update\updspapi.dll
+ 2007-12-07 01:42:15 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\advpack.dll
+ 2007-12-19 22:20:28 347,136 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\dxtmsft.dll
+ 2007-12-07 01:42:15 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\dxtrans.dll
+ 2007-12-07 01:42:15 133,120 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\extmgr.dll
+ 2007-12-07 01:42:15 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\icardie.dll
+ 2007-12-06 08:34:28 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ie4uinit.exe
+ 2007-12-07 01:42:15 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieakeng.dll
+ 2007-12-07 01:42:16 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieaksie.dll
+ 2007-12-06 05:00:02 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieapfltr.dat
+ 2007-12-07 01:42:16 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieapfltr.dll
+ 2007-12-07 01:42:16 388,096 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iedkcs32.dll
+ 2007-12-07 01:42:19 6,067,200 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieframe.dll
+ 2007-12-07 01:42:19 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iernonce.dll
+ 2007-12-07 01:42:19 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iertutil.dll
+ 2007-12-06 08:34:29 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieudinit.exe
+ 2007-12-06 08:34:45 625,664 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iexplore.exe
+ 2007-12-07 01:42:20 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\jsproxy.dll
+ 2007-12-07 01:42:20 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\msfeeds.dll
+ 2007-12-07 01:42:20 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\msfeedsbs.dll
+ 2007-12-07 01:42:21 3,593,216 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\mshtml.dll
+ 2007-12-07 01:42:21 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\mshtmled.dll
+ 2007-12-07 01:42:21 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\msrating.dll
+ 2007-12-07 01:42:21 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\mstime.dll
+ 2007-12-07 01:42:21 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\occache.dll
+ 2008-01-11 05:54:27 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\pngfilt.dll
+ 2007-12-07 01:42:21 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\url.dll
+ 2007-12-07 01:42:22 1,162,752 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\urlmon.dll
+ 2007-12-07 01:42:22 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\webcheck.dll
+ 2007-12-07 01:42:22 825,344 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\update\updspapi.dll
+ 2008-03-01 12:34:26 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\advpack.dll
+ 2008-03-01 12:34:26 347,136 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\dxtmsft.dll
+ 2008-03-01 12:34:26 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\dxtrans.dll
+ 2008-03-01 12:34:27 132,608 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\extmgr.dll
+ 2008-03-01 12:34:27 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\icardie.dll
+ 2008-02-22 09:39:56 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ie4uinit.exe
+ 2008-03-01 12:34:27 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieakeng.dll
+ 2008-03-01 12:34:27 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieaksie.dll
+ 2008-02-15 05:44:25 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieapfltr.dat
+ 2008-03-01 12:34:27 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieapfltr.dll
+ 2008-03-01 12:34:27 388,608 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iedkcs32.dll
+ 2008-03-01 12:34:29 6,067,712 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieframe.dll
+ 2008-03-01 12:34:29 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iernonce.dll
+ 2008-03-01 12:34:29 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iertutil.dll
+ 2008-02-22 09:39:56 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieudinit.exe
+ 2008-02-22 09:40:22 625,664 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iexplore.exe
+ 2008-03-01 12:34:30 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\jsproxy.dll
+ 2008-03-01 12:34:30 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\msfeeds.dll
+ 2008-03-01 12:34:30 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\msfeedsbs.dll
+ 2008-03-01 12:34:32 3,593,216 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\mshtml.dll
+ 2008-03-01 12:34:32 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\mshtmled.dll
+ 2008-03-01 12:34:32 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\msrating.dll
+ 2008-03-01 12:34:32 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\mstime.dll
+ 2008-03-01 12:34:32 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\occache.dll
+ 2008-03-01 12:34:32 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\pngfilt.dll
+ 2008-03-01 12:34:32 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\url.dll
+ 2008-03-01 12:34:33 1,162,752 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\urlmon.dll
+ 2008-03-01 12:34:33 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\webcheck.dll
+ 2008-03-01 12:34:33 827,392 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\update\updspapi.dll
+ 2008-01-23 04:56:21 554,008 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\dao360.dll
+ 2007-12-10 12:41:11 518,944 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msexch40.dll
+ 2007-12-10 12:41:11 326,432 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msexcl40.dll
+ 2007-12-10 12:41:11 1,516,568 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjet40.dll
+ 2007-12-10 12:41:11 355,112 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjetol1.dll
+ 2008-03-25 06:56:31 194,144 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjint40.dll
+ 2007-12-10 12:41:12 60,192 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjter40.dll
+ 2007-12-10 12:41:12 248,608 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjtes40.dll
+ 2007-12-10 12:41:12 219,936 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msltus40.dll
+ 2007-12-10 12:41:12 355,104 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mspbde40.dll
+ 2007-12-10 12:41:13 432,928 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrd2x40.dll
+ 2007-12-10 12:41:13 322,336 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrd3x40.dll
+ 2007-12-10 12:41:13 559,904 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrepl40.dll
+ 2007-12-10 12:41:13 264,992 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mstext40.dll
+ 2007-12-10 12:41:13 838,432 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mswdat10.dll
+ 2007-11-01 05:15:27 621,344 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mswstr10.dll
+ 2007-12-10 12:41:14 355,104 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msxbde40.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB950749\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB950749\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\updspapi.dll
+ 2006-05-25 14:29:04 213,216 -c----w C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe
+ 2006-05-25 14:29:04 371,424 -c----w C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\updspapi.dll
+ 2006-05-24 16:32:48 213,216 -c----w C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe
+ 2006-05-24 16:32:48 371,424 -c----w C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\updspapi.dll
+ 2005-10-12 23:15:26 216,800 -c----w C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe
+ 2005-10-12 23:15:45 394,976 -c----w C:\WINDOWS\$NtUninstallKB904942$\spuninst\updspapi.dll
+ 2004-08-19 14:09:48 49,152 -c----w C:\WINDOWS\$NtUninstallKB904942$\wdigest.dll
+ 2004-08-19 14:09:22 28,672 -c----w C:\WINDOWS\$NtUninstallKB914440$\custsat.dll
+ 2005-10-12 23:15:24 216,800 -c----w C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe
+ 2005-10-12 23:15:43 394,976 -c----w C:\WINDOWS\$NtUninstallKB914440$\spuninst\updspapi.dll
+ 2005-10-12 23:12:26 213,216 -c----w C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe
+ 2005-10-12 23:12:33 371,424 -c----w C:\WINDOWS\$NtUninstallKB915865$\spuninst\updspapi.dll
+ 2005-10-12 23:12:26 213,216 -c----w C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe
+ 2005-10-12 23:12:33 371,424 -c----w C:\WINDOWS\$NtUninstallKB926239$\spuninst\updspapi.dll
+ 2006-10-19 01:47:16 414,208 -c----w C:\WINDOWS\$NtUninstallKB929399$\msscp.dll
+ 2005-06-28 14:23:26 213,216 -c----w C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe
+ 2005-06-28 14:23:54 371,424 -c----w C:\WINDOWS\$NtUninstallKB929399$\spuninst\updspapi.dll
+ 2004-08-19 14:09:34 294,400 -c----w C:\WINDOWS\$NtUninstallKB932823-v3$\msctf.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\updspapi.dll
+ 2005-06-28 14:23:40 216,800 -c----w C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe
+ 2005-06-28 14:23:54 371,424 -c----w C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\updspapi.dll
+ 2006-10-19 01:47:20 10,834,432 -c----w C:\WINDOWS\$NtUninstallKB936782_WMP11$\wmp.dll
+ 2005-06-28 14:23:40 216,800 -c----w C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe
+ 2005-06-28 14:23:54 371,424 -c----w C:\WINDOWS\$NtUninstallKB939683$\spuninst\updspapi.dll
+ 2006-11-03 13:58:34 317,440 -c----w C:\WINDOWS\$NtUninstallKB939683$\unregmp2.exe
+ 2004-08-19 14:09:24 561,179 -c----w C:\WINDOWS\$NtUninstallKB950749$\dao360.dll
+ 2004-08-19 14:09:34 512,029 -c----w C:\WINDOWS\$NtUninstallKB950749$\msexch40.dll
+ 2004-08-19 14:09:34 319,517 -c----w C:\WINDOWS\$NtUninstallKB950749$\msexcl40.dll
+ 2004-08-19 14:09:34 1,507,356 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjet40.dll
+ 2004-07-17 09:34:48 358,976 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjetol1.dll
+ 2004-07-17 09:34:48 358,976 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjetoledb40.dll
+ 2004-08-19 14:09:34 184,351 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjint40.dll
+ 2004-08-19 14:09:34 53,279 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjter40.dll
+ 2004-08-19 14:09:34 241,693 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjtes40.dll
+ 2004-08-19 14:09:34 213,023 -c----w C:\WINDOWS\$NtUninstallKB950749$\msltus40.dll
+ 2004-08-19 14:09:34 348,189 -c----w C:\WINDOWS\$NtUninstallKB950749$\mspbde40.dll
+ 2004-08-19 14:09:34 421,919 -c----w C:\WINDOWS\$NtUninstallKB950749$\msrd2x40.dll
+ 2004-08-19 14:09:34 315,423 -c----w C:\WINDOWS\$NtUninstallKB950749$\msrd3x40.dll
+ 2004-08-19 14:09:34 552,989 -c----w C:\WINDOWS\$NtUninstallKB950749$\msrepl40.dll
+ 2004-08-19 14:09:36 258,077 -c----w C:\WINDOWS\$NtUninstallKB950749$\mstext40.dll
+ 2004-08-19 14:09:36 831,519 -c----w C:\WINDOWS\$NtUninstallKB950749$\mswdat10.dll
+ 2004-08-19 14:09:36 614,429 -c----w C:\WINDOWS\$NtUninstallKB950749$\mswstr10.dll
+ 2004-08-19 14:09:36 348,189 -c----w C:\WINDOWS\$NtUninstallKB950749$\msxbde40.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\$NtUninstallKB950749$\spuninst\updspapi.dll
+ 2006-09-25 21:58:48 221,488 -c----w C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe
+ 2006-09-25 21:58:48 379,184 -c----w C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\updspapi.dll
+ 2005-01-28 17:44:28 294,912 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\blackbox.dll
+ 2005-01-28 17:44:28 164,864 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\cewmdm.dll
+ 2005-01-28 17:44:28 502,272 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\drmv2clt.dll
+ 2005-01-28 17:44:28 6,656 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\laprxy.dll
+ 2005-01-28 17:44:28 96,768 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\logagent.exe
+ 2004-08-19 14:09:32 310,272 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\mp43dmod.dll
+ 2004-08-19 14:09:32 384,512 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\mp4sdmod.dll
+ 2004-08-19 14:09:32 240,640 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\mpg4dmod.dll
+ 2005-01-28 17:44:28 142,336 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\msnetobj.dll
+ 2005-01-28 17:44:28 25,088 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\mspmsnsv.dll
+ 2005-01-28 17:44:28 173,568 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\mspmsp.dll
+ 2005-01-28 17:44:28 364,784 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\msscp.dll
+ 2005-01-28 17:44:28 315,904 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\mswmdm.dll
+ 2005-01-28 17:44:28 221,184 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\qasf.dll
+ 2006-05-16 22:11:54 213,216 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe
+ 2006-05-16 22:11:54 371,424 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\updspapi.dll
+ 2006-11-02 15:46:52 13,312 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\wpdinstallutil.dll
+ 2005-01-28 17:44:28 47,104 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\uwdf.exe
+ 2005-01-28 17:44:28 15,872 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wdfapi.dll
+ 2005-01-28 17:44:28 38,912 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wdfmgr.exe
+ 2005-01-28 17:44:28 396,528 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmadmod.dll
+ 2005-01-28 17:44:28 716,288 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmadmoe.dll
+ 2007-10-20 10:01:32 227,328 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmasf.dll
+ 2005-01-28 17:44:28 28,160 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmdmlog.dll
+ 2005-01-28 17:44:28 33,792 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmdmps.dll
+ 2005-01-28 17:44:28 335,872 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmdrmdev.dll
+ 2005-01-28 17:44:28 290,816 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmdrmnet.dll
+ 2005-01-28 17:44:28 150,016 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmidx.dll
+ 2005-01-28 17:44:28 1,027,072 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmnetmgr.dll
+ 2005-01-28 17:44:28 774,904 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmsdmod.dll
+ 2005-01-28 17:44:28 1,119,744 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmsdmoe2.dll
+ 2005-01-28 17:44:28 819,200 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmsetsdk.exe
+ 2005-01-28 17:44:28 413,944 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmspdmod.dll
+ 2005-01-28 17:44:28 940,544 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmspdmoe.dll
+ 2005-01-28 17:44:28 1,218,808 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmvadvd.dll
+ 2005-01-28 17:44:28 1,512,448 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmvadve.dll
+ 2006-12-07 05:29:34 2,374,472 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmvcore.dll
+ 2005-01-28 17:44:28 895,736 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmvdmod.dll
+ 2005-01-28 17:44:28 1,003,008 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmvdmoe2.dll
+ 2005-01-28 17:44:28 38,912 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wpd_ci.dll
+ 2005-01-28 17:44:28 61,952 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wpdconns.dll
+ 2005-01-28 17:44:28 114,176 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wpdmtp.dll
+ 2005-01-28 17:44:28 66,560 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wpdmtpus.dll
+ 2005-01-28 17:44:28 331,264 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wpdsp.dll
+ 2005-01-28 17:44:28 18,944 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wpdusb.sys
+ 2004-08-19 14:08:02 8,704 -c----w C:\WINDOWS\$NtUninstallwmp11$\asferror.dll
+ 2004-08-19 14:09:32 368,640 -c----w C:\WINDOWS\$NtUninstallwmp11$\mpvis.dll
+ 2004-08-19 14:10:04 778,240 -c----w C:\WINDOWS\$NtUninstallwmp11$\setup_wm.exe
+ 2006-05-16 22:11:54 213,216 -c----w C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe
+ 2006-05-16 22:11:56 394,976 -c----w C:\WINDOWS\$NtUninstallwmp11$\spuninst\updspapi.dll
+ 2004-08-19 14:10:04 208,896 -c----w C:\WINDOWS\$NtUninstallwmp11$\unregmp2.exe
+ 2004-08-19 14:09:08 200,704 -c----w C:\WINDOWS\$NtUninstallwmp11$\wmerror.dll
+ 2007-04-30 07:22:16 4,734,976 -c----w C:\WINDOWS\$NtUninstallwmp11$\wmp.dll
+ 2004-08-19 14:09:50 114,688 -c----w C:\WINDOWS\$NtUninstallwmp11$\wmpasf.dll
+ 2004-08-19 14:09:50 98,304 -c----w C:\WINDOWS\$NtUninstallwmp11$\wmpband.dll
+ 2004-08-19 14:09:50 233,472 -c----w C:\WINDOWS\$NtUninstallwmp11$\wmpdxm.dll
+ 2004-08-19 14:10:06 73,728 -c----w C:\WINDOWS\$NtUninstallwmp11$\wmplayer.exe
+ 2004-08-19 14:09:12 2,985,984 -c----w C:\WINDOWS\$NtUninstallwmp11$\wmploc.dll
+ 2004-08-19 14:09:50 102,400 -c----w C:\WINDOWS\$NtUninstallwmp11$\wmpshell.dll
+ 2006-09-16 05:05:22 221,488 -c----w C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe
+ 2006-09-16 05:05:22 379,184 -c----w C:\WINDOWS\$NtUninstallWudf01000$\spuninst\updspapi.dll
+ 2006-09-28 23:01:52 58,368 -c----w C:\WINDOWS\$NtUninstallWudf01000$\spuninst\WudfCustom.dll
+ 2008-06-27 19:55:04 451,072 ----a-w C:\WINDOWS\Ancient Quest of Saqqarah\uninstall.exe
+ 2006-10-04 14:05:26 39,424 ------w C:\WINDOWS\AppPatch\acadproc.dll
+ 2008-06-01 06:13:30 7,680 ----a-w C:\WINDOWS\assembly\GAC\Accessibility\1.0.5000.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2008-06-01 06:13:25 12,288 ----a-w C:\WINDOWS\assembly\GAC\cscompmgd\7.0.5000.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2008-06-01 06:13:32 33,792 ----a-w C:\WINDOWS\assembly\GAC\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2008-06-03 04:39:02 8,192 ----a-w C:\WINDOWS\assembly\GAC\IEExecRemote\1.0.5000.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2008-06-03 04:39:03 32,768 ----a-w C:\WINDOWS\assembly\GAC\IEHost\1.0.5000.0__b03f5f7f11d50a3a\IEHost.dll
+ 2008-06-01 06:13:32 4,608 ----a-w C:\WINDOWS\assembly\GAC\IIEHost\1.0.5000.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2008-06-01 06:13:32 26,112 ----a-w C:\WINDOWS\assembly\GAC\ISymWrapper\1.0.5000.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2008-06-03 04:39:11 720,896 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.JScript\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2008-06-01 06:13:25 28,672 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.VisualBasic.Vsa\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2008-06-03 04:39:04 299,008 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.VisualBasic\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2008-06-01 06:13:26 6,144 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.VisualC\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualC.dll
+ 2008-06-01 06:13:25 11,264 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Vsa.Vb.CodeDOMProcessor\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-06-01 06:13:24 32,768 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Vsa\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2008-06-01 06:13:25 6,656 ----a-w C:\WINDOWS\assembly\GAC\Microsoft_VsaVb\7.0.5000.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2008-06-01 06:13:32 1,564,672 ----a-w C:\WINDOWS\assembly\GAC\mscorcfg\1.0.5000.0__b03f5f7f11d50a3a\mscorcfg.dll
+ 2008-06-03 04:39:09 32,768 ----a-w C:\WINDOWS\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\RegCode.dll
+ 2008-06-01 06:13:32 77,824 ----a-w C:\WINDOWS\assembly\GAC\System.Configuration.Install\1.0.5000.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2008-06-03 04:39:07 303,104 ----a-w C:\WINDOWS\assembly\GAC\System.Data.OracleClient\1.0.5000.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2008-06-03 04:39:09 1,294,336 ----a-w C:\WINDOWS\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll
+ 2008-06-03 04:39:02 1,703,936 ----a-w C:\WINDOWS\assembly\GAC\System.Design\1.0.5000.0__b03f5f7f11d50a3a\System.Design.dll
+ 2008-06-03 04:39:11 90,112 ----a-w C:\WINDOWS\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2008-06-01 06:13:33 65,536 ----a-w C:\WINDOWS\assembly\GAC\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2008-06-03 04:39:07 466,944 ----a-w C:\WINDOWS\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2008-06-03 04:39:05 241,664 ----a-w C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2008-06-03 04:39:05 66,560 ----a-w C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll
+ 2008-06-03 04:39:08 372,736 ----a-w C:\WINDOWS\assembly\GAC\System.Management\1.0.5000.0__b03f5f7f11d50a3a\System.Management.dll
+ 2008-06-03 04:39:12 241,664 ----a-w C:\WINDOWS\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2008-06-03 04:39:07 323,584 ----a-w C:\WINDOWS\assembly\GAC\System.Runtime.Remoting\1.0.5000.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2008-06-03 04:39:05 131,072 ----a-w C:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-06-03 04:39:06 77,824 ----a-w C:\WINDOWS\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2008-06-03 04:39:10 126,976 ----a-w C:\WINDOWS\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2008-06-03 04:39:01 819,200 ----a-w C:\WINDOWS\assembly\GAC\System.Web.Mobile\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2008-06-03 04:39:04 57,344 ----a-w C:\WINDOWS\assembly\GAC\System.Web.RegularExpressions\1.0.5000.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2008-06-03 04:39:03 573,440 ----a-w C:\WINDOWS\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2008-06-06 05:34:31 1,265,664 ----a-w C:\WINDOWS\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2008-06-03 04:39:06 2,052,096 ----a-w C:\WINDOWS\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2008-06-03 04:39:08 1,339,392 ----a-w C:\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll
+ 2008-06-06 05:34:32 1,232,896 ----a-w C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2008-06-06 05:34:39 61,440 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_41bb2e05\CustomMarshalers.dll
+ 2008-06-06 05:34:52 3,391,488 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_30c2e1ef\mscorlib.dll
+ 2008-06-06 05:34:49 1,470,464 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_90f42468\System.Design.dll
+ 2008-06-06 05:34:40 90,112 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_fac2991b\System.Drawing.Design.dll
+ 2008-06-06 05:34:50 835,584 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_b3c0c05e\System.Drawing.dll
+ 2008-06-06 05:34:43 3,018,752 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_d6af9453\System.Windows.Forms.dll
+ 2008-06-06 05:34:46 2,088,960 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_804171e3\System.Xml.dll
+ 2008-06-06 05:34:38 1,966,080 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_e2c12bf2\System.dll
+ 2008-06-04 18:12:49 472,576 ----a-w C:\WINDOWS\ColorUp! Wedding Scrapbook\uninstall.exe
+ 2008-06-15 04:20:44 472,576 ------w C:\WINDOWS\Discovery A Seek And Find Adventure\uninstall.exe
+ 2008-08-03 00:06:33 472,576 ----a-w C:\WINDOWS\Dream Day - First Home\uninstall.exe
+ 2008-08-07 20:27:04 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE
+ 2008-08-11 05:04:59 9,887,744 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-08-11 05:05:00 172,032 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\[u]0[/u]0000002\UsrClass.dat
+ 2008-08-07 20:27:04 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE
+ 2008-08-11 04:42:56 733,184 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-08-11 04:42:56 8,192 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000002\UsrClass.dat
+ 2008-08-02 23:46:23 451,072 ----a-w C:\WINDOWS\Forgotten Riddles - The Moonlight Sonatas\uninstall.exe
+ 2008-06-01 06:26:31 472,576 ----a-w C:\WINDOWS\Hell's Kitchen\uninstall.exe
+ 2008-07-22 02:04:43 472,576 ----a-w C:\WINDOWS\Hidden Secrets - The Nightmare\uninstall.exe
+ 2008-05-23 05:48:33 472,576 ----a-w C:\WINDOWS\Hide & Secret 2 - Cliffhanger Castle\uninstall.exe
- 2008-03-16 07:26:59 111,292 ----a-w C:\WINDOWS\hpqins13.dat
+ 2008-05-30 18:35:57 115,686 ----a-w C:\WINDOWS\hpqins13.dat
+ 2004-08-19 14:09:20 61,440 -c----w C:\WINDOWS\ie7\admparse.dll
+ 2004-08-19 14:09:20 101,888 -c----w C:\WINDOWS\ie7\advpack.dll
+ 2004-08-19 14:09:22 35,328 -c----w C:\WINDOWS\ie7\corpol.dll
+ 2006-06-02 19:32:20 33,792 -c----w C:\WINDOWS\ie7\custsat.dll
+ 2008-02-16 09:02:34 357,888 -c----w C:\WINDOWS\ie7\dxtmsft.dll
+ 2008-02-16 09:02:35 205,312 -c----w C:\WINDOWS\ie7\dxtrans.dll
+ 2008-02-16 09:02:35 55,808 -c----w C:\WINDOWS\ie7\extmgr.dll
+ 2004-08-19 14:09:28 38,912 -c----w C:\WINDOWS\ie7\hmmapi.dll
+ 2004-08-19 14:09:56 34,304 -c----w C:\WINDOWS\ie7\ie4uinit.exe
+ 2004-08-19 14:09:28 139,264 -c----w C:\WINDOWS\ie7\ieakeng.dll
+ 2004-08-19 14:09:28 221,696 -c----w C:\WINDOWS\ie7\ieaksie.dll
+ 2002-08-30 12:00:00 245,760 -c----w C:\WINDOWS\ie7\ieakui.dll
+ 2004-08-19 14:09:28 323,584 -c----w C:\WINDOWS\ie7\iedkcs32.dll
+ 2008-02-15 09:23:37 18,432 -c----w C:\WINDOWS\ie7\iedw.exe
+ 2004-08-19 14:09:28 81,920 -c----w C:\WINDOWS\ie7\ieencode.dll
+ 2008-02-16 09:02:35 251,392 -c----w C:\WINDOWS\ie7\iepeers.dll
+ 2004-08-19 14:09:28 49,152 -c----w C:\WINDOWS\ie7\iernonce.dll
+ 2004-08-19 14:09:28 63,488 -c----w C:\WINDOWS\ie7\iesetup.dll
+ 2004-08-19 14:09:56 93,184 -c----w C:\WINDOWS\ie7\iexplore.exe
+ 2004-08-19 14:09:30 35,840 -c----w C:\WINDOWS\ie7\imgutil.dll
+ 2008-02-16 09:02:35 96,768 -c----w C:\WINDOWS\ie7\inseng.dll
+ 2007-12-18 14:41:58 450,560 -c----w C:\WINDOWS\ie7\jscript.dll
+ 2008-02-16 09:02:35 16,384 -c----w C:\WINDOWS\ie7\jsproxy.dll
+ 2004-08-19 14:09:32 22,528 -c----w C:\WINDOWS\ie7\licmgr10.dll
+ 2004-08-19 14:10:00 29,184 -c----w C:\WINDOWS\ie7\mshta.exe
+ 2008-02-16 22:32:38 3,080,704 -c----w C:\WINDOWS\ie7\mshtml.dll
+ 2008-02-16 09:02:36 449,024 -c----w C:\WINDOWS\ie7\mshtmled.dll
+ 2004-08-19 14:08:28 57,344 -c----w C:\WINDOWS\ie7\mshtmler.dll
+ 2002-08-30 12:00:00 146,432 -c----w C:\WINDOWS\ie7\msls31.dll
+ 2008-02-16 09:02:37 146,432 -c----w C:\WINDOWS\ie7\msrating.dll
+ 2008-02-16 09:02:37 532,480 -c----w C:\WINDOWS\ie7\mstime.dll
+ 2004-08-19 14:09:38 97,280 -c----w C:\WINDOWS\ie7\occache.dll
+ 2008-02-16 09:02:37 39,424 -c----w C:\WINDOWS\ie7\pngfilt.dll
+ 2007-09-26 22:34:42 33,472 -c----w C:\WINDOWS\ie7\spuninst\iecustom.dll
+ 2007-09-26 22:32:30 66,048 -c--a-w C:\WINDOWS\ie7\spuninst\ieResetIcons.exe
+ 2006-09-06 21:43:28 216,800 -c----w C:\WINDOWS\ie7\spuninst\spuninst.exe
+ 2006-09-06 21:43:30 394,976 -c----w C:\WINDOWS\ie7\spuninst\updspapi.dll
+ 2004-08-19 14:09:48 37,888 -c----w C:\WINDOWS\ie7\url.dll
+ 2008-02-16 09:02:39 617,984 -c----w C:\WINDOWS\ie7\urlmon.dll
+ 2007-12-18 14:41:59 417,792 -c----w C:\WINDOWS\ie7\vbscript.dll
+ 2007-06-26 13:56:54 851,968 -c----w C:\WINDOWS\ie7\vgx.dll
+ 2004-08-19 14:09:48 281,600 -c----w C:\WINDOWS\ie7\webcheck.dll
+ 2008-02-16 09:02:39 663,552 -c----w C:\WINDOWS\ie7\wininet.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\updspapi.dll
+ 2007-08-13 22:54:10 765,952 -c----w C:\WINDOWS\ie7updates\KB938127-IE7\vgx.dll
+ 2007-08-13 22:39:00 123,904 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\advpack.dll
+ 2007-08-13 22:35:46 346,624 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\dxtmsft.dll
+ 2007-08-13 22:35:38 214,528 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\dxtrans.dll
+ 2007-08-13 22:54:10 131,584 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\extmgr.dll
+ 2007-08-13 22:36:26 61,952 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\icardie.dll
+ 2007-08-13 22:39:06 54,784 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ie4uinit.exe
+ 2007-08-13 22:39:26 152,064 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieakeng.dll
+ 2007-08-13 22:39:54 229,376 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieaksie.dll
+ 2007-08-13 21:56:54 161,792 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieakui.dll
+ 2007-02-12 20:10:12 2,451,312 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieapfltr.dat
+ 2007-07-11 16:27:48 383,488 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieapfltr.dll
+ 2007-08-13 22:39:50 382,976 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iedkcs32.dll
+ 2007-08-13 22:54:10 6,049,280 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieframe.dll
+ 2007-08-13 22:39:10 43,008 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iernonce.dll
+ 2007-08-13 22:34:04 266,752 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iertutil.dll
+ 2007-08-13 22:39:10 13,312 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieudinit.exe
+ 2007-08-13 22:43:56 622,080 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iexplore.exe
+ 2007-08-13 22:54:10 27,136 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\jsproxy.dll
+ 2007-08-13 22:54:10 458,752 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\msfeeds.dll
+ 2007-08-13 22:54:10 50,688 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\msfeedsbs.dll
+ 2007-08-13 22:54:12 3,578,368 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\mshtml.dll
+ 2007-08-13 22:54:10 475,648 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\mshtmled.dll
+ 2007-08-13 22:44:26 192,000 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\msrating.dll
+ 2007-08-13 22:54:10 670,720 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\mstime.dll
+ 2007-08-13 22:44:06 101,376 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\occache.dll
+ 2007-08-13 22:36:12 44,544 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\pngfilt.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\updspapi.dll
+ 2007-08-13 22:44:30 105,984 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\url.dll
+ 2007-08-13 22:54:10 1,162,240 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\urlmon.dll
+ 2007-08-13 22:54:10 231,424 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\webcheck.dll
+ 2007-08-13 22:54:10 818,688 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\wininet.dll
+ 2007-12-07 02:08:32 124,928 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\advpack.dll
+ 2007-12-07 02:08:32 124,928 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\advpack.dll.000
+ 2007-12-19 22:53:23 347,136 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\dxtmsft.dll
+ 2007-12-19 22:53:23 347,136 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\dxtmsft.dll.000
+ 2007-12-07 02:08:32 214,528 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\dxtrans.dll
+ 2007-12-07 02:08:32 214,528 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\dxtrans.dll.000
+ 2007-12-07 02:08:32 133,120 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\extmgr.dll
+ 2007-12-07 02:08:32 63,488 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\icardie.dll
+ 2007-12-07 02:08:32 63,488 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\icardie.dll.000
+ 2007-12-06 11:02:31 70,656 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ie4uinit.exe
+ 2007-12-07 02:08:32 153,088 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieakeng.dll
+ 2007-12-07 02:08:32 230,400 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieaksie.dll
+ 2007-12-06 04:59:51 161,792 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieapfltr.dat
+ 2007-12-07 02:08:32 383,488 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieapfltr.dll
+ 2007-12-07 02:08:32 383,488 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieapfltr.dll.000
+ 2007-12-07 02:08:32 384,512 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iedkcs32.dll
+ 2007-12-07 02:08:33 6,066,176 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieframe.dll
+ 2007-12-07 02:08:33 6,066,176 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieframe.dll.000
+ 2007-12-07 02:08:33 44,544 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iernonce.dll
+ 2007-12-07 02:08:33 267,776 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iertutil.dll
+ 2007-12-07 02:08:33 267,776 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iertutil.dll.000
+ 2007-12-06 11:00:58 13,824 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieudinit.exe
+ 2007-12-06 11:03:16 625,664 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iexplore.exe
+ 2007-12-06 11:03:16 625,664 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iexplore.exe.000
+ 2007-12-07 02:08:33 27,648 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\jsproxy.dll
+ 2007-12-07 02:08:33 27,648 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\jsproxy.dll.000
+ 2007-12-07 02:08:33 459,264 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msfeeds.dll
+ 2007-12-07 02:08:33 459,264 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msfeeds.dll.000
+ 2007-12-07 02:08:33 52,224 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msfeedsbs.dll
+ 2007-12-07 02:08:33 52,224 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msfeedsbs.dll.000
+ 2007-12-08 14:38:36 3,592,192 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mshtml.dll
+ 2007-12-08 14:38:36 3,592,192 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mshtml.dll.000
+ 2007-12-07 02:08:34 478,208 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mshtmled.dll
+ 2007-12-07 02:08:34 478,208 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mshtmled.dll.000
+ 2007-12-07 02:08:34 193,024 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msrating.dll
+ 2007-12-07 02:08:34 671,232 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mstime.dll
+ 2007-12-07 02:08:34 102,912 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\occache.dll
+ 2007-12-07 02:08:34 102,912 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\occache.dll.000
+ 2008-01-11 05:36:55 44,544 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\pngfilt.dll
+ 2008-01-11 05:36:55 44,544 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\pngfilt.dll.000
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\updspapi.dll
+ 2007-12-07 02:08:34 105,984 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\url.dll
+ 2007-12-07 02:08:34 105,984 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\url.dll.000
+ 2007-12-07 02:08:34 1,159,680 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\urlmon.dll
+ 2007-12-07 02:08:34 1,159,680 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\urlmon.dll.000
+ 2007-12-07 02:08:34 233,472 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\webcheck.dll
+ 2007-12-07 02:08:34 233,472 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\webcheck.dll.000
+ 2007-12-07 02:08:34 824,832 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\wininet.dll
+ 2007-12-07 02:08:34 824,832 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\wininet.dll.000
- 2004-08-19 14:10:04 208,896 ----a-w C:\WINDOWS\inf\unregmp2.exe
+ 2007-06-29 15:59:14 318,976 ----a-w C:\WINDOWS\inf\unregmp2.exe
+ 2006-10-27 00:48:14 434,528 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\DWTRIG20.EXE
+ 2006-10-27 20:04:08 497,504 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\MORPH9.DLL
+ 2006-10-27 20:26:40 16,870,712 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\MSO.DLL
+ 2006-10-27 20:04:10 9,581,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\MSPUB.EXE
+ 2006-10-27 01:09:36 136,008 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\PRTF9.DLL
+ 2006-10-27 20:04:06 624,456 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\PTXT9.DLL
+ 2006-10-27 01:09:44 590,144 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\PUBCONV.DLL
+ 2006-10-27 20:23:04 347,432 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\WINWORD.EXE
+ 2006-10-27 20:11:38 4,235,560 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\WRD12CNV.DLL
+ 2006-10-27 20:11:36 21,264 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\WRD12EXE.EXE
+ 2006-10-27 20:23:08 17,483,560 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\WWLIB.DLL
+ 2008-05-30 18:34:55 25,214 ----a-r C:\WINDOWS\Installer\{09633A5E-3089-41A8-9FF1-382171423C5D}\ARPPRODUCTICON.exe
+ 2008-06-15 00:31:57 15,086 ----a-r C:\WINDOWS\Installer\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}\ARPPRODUCTICON.exe
+ 2008-06-15 00:31:58 65,536 ----a-r C:\WINDOWS\Installer\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}\LightScribeWebsite_9607541794D946E89D5752F753E35CC4.exe
+ 2008-06-15 00:31:57 323,584 ----a-r C:\WINDOWS\Installer\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}\NewShortcut1_C673DF680CDE41FC9DFBF63D31DE4F28.exe
+ 2008-06-15 00:31:57 339,968 ----a-r C:\WINDOWS\Installer\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}\NewShortcut1_FE82206EF6124B479F4EDD27A1E056A4.exe
+ 2008-06-15 00:31:57 323,584 ----a-r C:\WINDOWS\Installer\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}\NewShortcut2_C673DF680CDE41FC9DFBF63D31DE4F28.exe
+ 2008-06-15 00:31:57 65,536 ----a-r C:\WINDOWS\Installer\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}\QuickDemoUrl_E9752251A5AD4678977047FD65566D18.exe
- 2008-04-10 20:52:01 1,165,584 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\accicons.exe
+ 2008-06-09 19:48:26 1,165,584 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\accicons.exe
- 2008-04-10 20:52:01 20,240 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-06-09 19:48:26 20,240 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\cagicon.exe
- 2008-04-10 20:52:01 159,504 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\inficon.exe
+ 2008-06-09 19:48:26 159,504 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\inficon.exe
- 2008-04-10 20:52:01 217,864 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\misc.exe
+ 2008-06-09 19:48:26 217,864 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\misc.exe
- 2008-04-10 20:52:01 18,704 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-06-09 19:48:26 18,704 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\mspicons.exe
- 2008-04-10 20:52:01 35,088 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\oisicon.exe
+ 2008-06-09 19:48:26 35,088 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-04-10 20:52:01 845,584 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe
+ 2008-06-09 19:48:26 845,584 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe
- 2008-04-10 20:52:01 922,384 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe
+ 2008-06-09 19:48:26 922,384 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe
- 2008-04-10 20:52:01 272,648 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pubs.exe
+ 2008-06-09 19:48:26 272,648 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pubs.exe
- 2008-04-10 20:52:01 888,080 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe
+ 2008-06-09 19:48:26 888,080 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe
- 2008-04-10 20:52:01 1,172,240 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe
+ 2008-06-09 19:48:26 1,172,240 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe
+ 2008-05-30 18:35:27 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\ARPPRODUCTICON.exe
+ 2008-05-30 18:35:27 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut10.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:26 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut11.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:27 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut12.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:27 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut13.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:27 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut14.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:27 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut15.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:27 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut16.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:26 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut17.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:27 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut18.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:26 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut19.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:26 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut2_1.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:26 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut20.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:26 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut21.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:26 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut22.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:26 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut23.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:26 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut24.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:26 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut25.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:27 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut26.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:26 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut27.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:26 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut28.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:27 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut5.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:27 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut6.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:27 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut7.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:27 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut8.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:27 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut9.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-23 18:10:21 472,576 ----a-w C:\WINDOWS\Laura Jones and the Gates of Good and Evil\uninstall.exe
+ 2003-02-21 06:59:44 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\alinkui.dll
+ 2003-02-21 07:55:06 94,208 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\cscompui.dll
+ 2003-02-21 07:02:16 131,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\vbc7ui.dll
+ 2003-02-21 09:04:20 155,648 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\Vsavb7rtUI.dll
+ 2003-02-21 11:24:08 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Accessibility.dll
+ 2003-02-21 09:00:36 98,304 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\alink.dll
+ 2003-02-20 23:19:42 24,576 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2007-04-14 01:30:52 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2003-02-20 23:19:22 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_rc.dll
+ 2004-07-15 05:49:18 20,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_regiis.exe
+ 2004-07-15 05:49:26 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
+ 2007-04-14 01:30:52 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2002-07-29 15:11:50 219,136 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\c_g18030.dll
+ 2003-02-21 11:24:10 94,208 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CasPol.exe
+ 2003-02-21 11:24:32 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ConfigWizards.exe
+ 2007-04-14 00:57:52 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2004-07-15 15:23:28 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\csc.exe
+ 2004-07-15 15:23:44 626,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\cscomp.dll
+ 2003-02-21 11:24:34 12,288 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\cscompmgd.dll
+ 2003-02-21 11:24:36 33,792 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CustomMarshalers.dll
+ 2003-02-21 08:12:24 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\cvtres.exe
+ 2003-02-21 14:21:40 524,288 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\diasymreader.dll
+ 2003-02-20 23:16:32 798,720 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\EventLogMessages.dll
+ 2004-07-15 04:24:30 282,624 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll
+ 2003-10-08 18:30:14 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\gacutil.exe
+ 2003-02-21 11:24:38 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\IEExec.exe
+ 2004-07-15 18:31:00 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\IEExecRemote.dll
+ 2004-07-15 18:31:04 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\IEHost.dll
+ 2003-02-21 11:24:40 4,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\IIEHost.dll
+ 2004-07-15 04:35:30 196,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ilasm.exe
+ 2003-02-21 11:24:42 15,872 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\InstallUtil.exe
+ 2003-02-20 23:22:24 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\InstallUtilLib.dll
+ 2003-02-21 11:24:44 26,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ISymWrapper.dll
+ 2003-02-21 11:24:52 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\jsc.exe
+ 2004-07-15 18:28:58 720,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.JScript.dll
+ 2004-07-15 18:28:56 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.dll
+ 2003-02-21 11:24:54 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.Vsa.dll
+ 2003-02-21 11:25:02 6,144 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualC.Dll
+ 2003-02-21 11:24:58 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.Vsa.dll
+ 2003-02-21 11:25:06 11,264 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2003-02-21 11:25:02 6,656 ----a-w C:\WINDOWS\Microso

Réponse 34 / 51

mymybyll Messages postés 92 Statut Membre 1

Je t'envoie le rapport. Tu as une patience d'ange et tes explications sont très bien données. Merci Mymy

ComboFix 08-08-11.01 - Muriel 2008-08-12 14:34:38.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1388 [GMT -4:00]
Endroit: C:\Documents and Settings\Muriel\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
* Resident AV is active

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
[i] ADS - WINDOWS: deleted 24 bytes in 1 streams. [/i]

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Muriel\Application Data\macromedia\Flash Player\#SharedObjects\P54DYEFQ\interclick.com
C:\Documents and Settings\Muriel\Application Data\macromedia\Flash Player\#SharedObjects\P54DYEFQ\interclick.com\ud.sol
C:\Documents and Settings\Muriel\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com
C:\Documents and Settings\Muriel\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com\settings.sol
C:\WINDOWS\system32\DdKlonpo.ini
C:\WINDOWS\system32\DdKlonpo.ini2
C:\WINDOWS\system32\drivers\npf.sys
C:\WINDOWS\system32\dylnfjif.ini
C:\WINDOWS\system32\hsegkiqa.dll
C:\WINDOWS\system32\JSuEdMoq.ini
C:\WINDOWS\system32\JSuEdMoq.ini2
C:\WINDOWS\system32\kqkytchj.dll
C:\WINDOWS\system32\packet.dll
C:\WINDOWS\system32\peewlpuo.ini
C:\WINDOWS\system32\sBKSYcfe.ini
C:\WINDOWS\system32\sptahscu.ini
C:\WINDOWS\system32\thnrhlyg.ini
C:\WINDOWS\system32\uqovksfu.ini
C:\WINDOWS\system32\wpcap.dll
C:\WINDOWS\system32\ytjwwvth.ini

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_NPF

((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-07-12 to 2008-08-12 ))))))))))))))))))))))))))))))))))))
.

2008-08-12 14:26 . 2008-08-12 14:26 <REP> d-------- C:\Documents and Settings\All Users\Application Data\JollyBear
2008-08-12 11:47 . 2008-08-12 11:47 <REP> d-------- C:\Documents and Settings\Muriel\Application Data\Dossier de t‚l‚chargement Share-to-Web
2008-08-12 00:04 . 2008-07-30 20:07 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-08-11 00:42 . 2008-08-11 00:42 <REP> d-------- C:\WINDOWS\ERUNT
2008-08-11 00:01 . <REP> C:\Documents and Settings\Administrateur\Application Data\Dossier de t‚l‚chargement Share-to-Web
2008-08-10 23:58 . 2008-03-14 21:35 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage r‚seau
2008-08-10 23:58 . 2008-03-14 21:35 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-08-10 23:58 . 2008-03-14 02:50 <REP> d--h----- C:\Documents and Settings\Administrateur\ModŠles
2008-08-10 23:58 . 2008-03-14 21:35 <REP> d-------- C:\Documents and Settings\Administrateur\Mes documents
2008-08-10 23:58 . 2008-03-14 21:35 <REP> dr------- C:\Documents and Settings\Administrateur\Menu D‚marrer
2008-08-10 23:58 . 2008-03-14 21:35 <REP> d-------- C:\Documents and Settings\Administrateur\Favoris
2008-08-10 23:58 . 2008-08-11 00:52 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-08-10 23:58 . 2008-08-10 23:58 <REP> d-------- C:\Documents and Settings\Administrateur
2008-08-10 21:27 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-08-10 21:27 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-08-10 21:27 . 2008-04-24 08:10 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-08-10 21:27 . 2008-04-28 08:03 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-08-10 21:27 . 2008-04-28 08:03 82,944 --a------ C:\WINDOWS\system32\404Fix.exe
2008-08-10 21:27 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-08-10 21:27 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-08-10 21:27 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-08-10 01:54 . 2008-08-10 21:45 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-08-10 01:51 . 2008-08-10 01:51 <REP> d-------- C:\WINDOWS\Yard Sale Hidden Treasures Sunnyville
2008-08-08 12:58 . 2008-08-08 12:58 244 --ah----- C:\sqmnoopt09.sqm
2008-08-08 12:58 . 2008-08-08 12:58 232 --ah----- C:\sqmdata09.sqm
2008-08-07 22:24 . 2008-08-07 22:24 244 --ah----- C:\sqmnoopt08.sqm
2008-08-07 22:24 . 2008-08-07 22:24 232 --ah----- C:\sqmdata08.sqm
2008-08-03 18:32 . 2008-08-03 18:32 <REP> d-------- C:\Program Files\Team viewer3
2008-08-03 18:32 . 2008-08-03 18:32 <REP> d-------- C:\Documents and Settings\Muriel\Application Data\TeamViewer
2008-08-02 20:06 . 2008-08-02 20:06 <REP> d-------- C:\WINDOWS\Dream Day - First Home
2008-08-02 19:46 . 2008-08-02 19:46 <REP> d-------- C:\WINDOWS\Forgotten Riddles - The Moonlight Sonatas
2008-08-01 09:27 . 2008-08-01 09:27 99,648 --a------ C:\WINDOWS\system32\drivers\AnyDVD.sys
2008-07-25 21:18 . 2008-07-25 21:18 <REP> d-------- C:\Program Files\bfgclient
2008-07-24 11:43 . 2008-07-24 11:43 244 --ah----- C:\sqmnoopt07.sqm
2008-07-24 11:43 . 2008-07-24 11:43 232 --ah----- C:\sqmdata07.sqm
2008-07-21 22:05 . 2008-07-25 21:29 <REP> d-------- C:\Documents and Settings\All Users\Application Data\HiddenSecretsNightmare
2008-07-21 22:04 . 2008-07-21 22:04 <REP> d-------- C:\WINDOWS\Hidden Secrets - The Nightmare
2008-07-21 21:31 . 2008-07-21 21:31 <REP> d-------- C:\Documents and Settings\Muriel\Application Data\Zylom
2008-07-21 21:29 . 2008-07-21 21:38 <REP> d-------- C:\Program Files\Zylom Games
2008-07-21 21:29 . 2008-07-21 21:29 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Zylom
2008-07-21 08:11 . 2008-07-21 08:11 24,392 --a------ C:\WINDOWS\system32\drivers\ElbyCDIO.sys
2008-07-20 13:14 . 1998-10-01 15:22 299,520 --a------ C:\WINDOWS\uninst.exe
2008-07-13 23:07 . 2008-07-25 21:16 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BigFishGamesCache

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-12 18:39 --------- d-----w C:\Program Files\lg_fwupdate
2008-08-12 15:55 --------- d-----w C:\Program Files\Spyware Terminator
2008-08-12 15:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2008-08-12 15:49 --------- d-----w C:\Documents and Settings\Muriel\Application Data\Spyware Terminator
2008-08-12 15:47 --------- d-----w C:\Documents and Settings\Muriel\Application Data\Dossier de téléchargement Share-to-Web
2008-08-12 06:13 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-08-12 00:52 --------- d-----w C:\Program Files\Java
2008-08-11 04:01 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Dossier de téléchargement Share-to-Web
2008-08-10 05:50 --------- d-----w C:\Documents and Settings\Muriel\Application Data\uTorrent
2008-08-08 20:42 --------- d-----w C:\Program Files\EPSON Print CD
2008-08-08 01:09 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-07 20:12 --------- d-----w C:\Documents and Settings\Muriel\Application Data\LimeWire
2008-08-02 03:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-07-31 00:07 17,144 ----a-w C:\WINDOWS\system32\drivers\mbam.sys
2008-07-20 17:27 --------- d-----w C:\Program Files\Common Files
2008-07-14 03:08 0 ----a-w C:\Program Files\temp01
2008-07-10 15:28 3,702 ---ha-w C:\Documents and Settings\Muriel\runScreen.exe
2008-07-10 15:28 15,360 ---ha-w C:\Documents and Settings\Muriel\runScanner.exe
2008-07-09 21:19 --------- d-----w C:\Program Files\Elf Bowling - Hawaiian Vacation
2008-07-09 21:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\MumboJumbo
2008-07-07 02:27 --------- d-----w C:\Documents and Settings\Muriel\Application Data\???????sAppData
2008-06-27 20:02 --------- d-----w C:\Documents and Settings\Muriel\Application Data\Ancient Quest of Saqqarah__bfg
2008-06-27 19:54 28,889,038 ----a-w C:\WINDOWS\Ancient Quest of Saqqarah.exe
2008-06-27 19:53 34,304 ------w C:\WINDOWS\is157234.exe
2008-06-16 04:04 --------- d-----w C:\Program Files\SpywareBlaster
2008-06-15 00:31 --------- d-----w C:\Program Files\Fichiers communs\LightScribe
2008-06-15 00:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\LightScribe
2008-06-14 21:53 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-14 21:53 --------- d-----w C:\Program Files\CyberLink DVD Solution
2008-05-20 22:58 2,256 ----a-w C:\WINDOWS\current_settings.bin
2004-10-01 19:00 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe
2002-08-30 12:00 94,864 --sh--w C:\WINDOWS\twain.dll
2004-08-19 14:09 50,688 --sh--w C:\WINDOWS\twain_32.dll
2004-08-19 14:09 1,028,096 --sh--w C:\WINDOWS\system32\mfc42.dll
2004-08-19 14:09 54,784 --sh--w C:\WINDOWS\system32\msvcirt.dll
2004-08-19 14:09 413,696 --sh--w C:\WINDOWS\system32\msvcp60.dll
2004-08-19 14:09 343,040 --sh--w C:\WINDOWS\system32\msvcrt.dll
2007-12-04 18:41 550,912 --sh--w C:\WINDOWS\system32\oleaut32.dll
2004-08-19 14:09 83,456 --sh--w C:\WINDOWS\system32\olepro32.dll
2004-08-19 14:10 12,288 --sh--w C:\WINDOWS\system32\regsvr32.exe
.

((((((((((((((((((((((((((((( snapshot@2008-05-10_21.04.31.32 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-07-09 16:10:03 69,800 ----a-w C:\WINDOWS\ Elf Bowling - Hawaiian Vacation\uninstall.dat
+ 2008-07-09 16:10:03 472,576 ----a-w C:\WINDOWS\ Elf Bowling - Hawaiian Vacation\uninstall.exe
+ 2006-03-24 04:49:05 49,152 ----a-w C:\WINDOWS\$hf_mig$\KB904942\SP2QFE\wdigest.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB904942\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB904942\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB904942\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB904942\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB904942\update\updspapi.dll
+ 2006-07-14 15:52:22 121,856 ----a-w C:\WINDOWS\$hf_mig$\KB915865\SP2QFE\xmllite.dll
+ 2005-10-12 23:12:25 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB915865\spmsg.dll
+ 2005-10-12 23:12:26 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB915865\spuninst.exe
+ 2005-10-12 23:12:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB915865\update\spcustom.dll
+ 2005-10-12 23:12:28 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB915865\update\update.exe
+ 2005-10-12 23:12:33 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB915865\update\updspapi.dll
+ 2008-02-26 11:49:32 297,984 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\SP2QFE\msctf.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\updspapi.dll
+ 2007-07-12 23:28:38 765,952 ----a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\SP2QFE\vgx.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\update\updspapi.dll
+ 2007-12-07 01:42:15 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\advpack.dll
+ 2007-12-19 22:20:28 347,136 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\dxtmsft.dll
+ 2007-12-07 01:42:15 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\dxtrans.dll
+ 2007-12-07 01:42:15 133,120 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\extmgr.dll
+ 2007-12-07 01:42:15 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\icardie.dll
+ 2007-12-06 08:34:28 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ie4uinit.exe
+ 2007-12-07 01:42:15 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieakeng.dll
+ 2007-12-07 01:42:16 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieaksie.dll
+ 2007-12-06 05:00:02 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieapfltr.dat
+ 2007-12-07 01:42:16 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieapfltr.dll
+ 2007-12-07 01:42:16 388,096 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iedkcs32.dll
+ 2007-12-07 01:42:19 6,067,200 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieframe.dll
+ 2007-12-07 01:42:19 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iernonce.dll
+ 2007-12-07 01:42:19 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iertutil.dll
+ 2007-12-06 08:34:29 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieudinit.exe
+ 2007-12-06 08:34:45 625,664 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iexplore.exe
+ 2007-12-07 01:42:20 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\jsproxy.dll
+ 2007-12-07 01:42:20 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\msfeeds.dll
+ 2007-12-07 01:42:20 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\msfeedsbs.dll
+ 2007-12-07 01:42:21 3,593,216 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\mshtml.dll
+ 2007-12-07 01:42:21 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\mshtmled.dll
+ 2007-12-07 01:42:21 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\msrating.dll
+ 2007-12-07 01:42:21 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\mstime.dll
+ 2007-12-07 01:42:21 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\occache.dll
+ 2008-01-11 05:54:27 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\pngfilt.dll
+ 2007-12-07 01:42:21 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\url.dll
+ 2007-12-07 01:42:22 1,162,752 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\urlmon.dll
+ 2007-12-07 01:42:22 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\webcheck.dll
+ 2007-12-07 01:42:22 825,344 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\update\updspapi.dll
+ 2008-03-01 12:34:26 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\advpack.dll
+ 2008-03-01 12:34:26 347,136 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\dxtmsft.dll
+ 2008-03-01 12:34:26 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\dxtrans.dll
+ 2008-03-01 12:34:27 132,608 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\extmgr.dll
+ 2008-03-01 12:34:27 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\icardie.dll
+ 2008-02-22 09:39:56 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ie4uinit.exe
+ 2008-03-01 12:34:27 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieakeng.dll
+ 2008-03-01 12:34:27 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieaksie.dll
+ 2008-02-15 05:44:25 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieapfltr.dat
+ 2008-03-01 12:34:27 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieapfltr.dll
+ 2008-03-01 12:34:27 388,608 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iedkcs32.dll
+ 2008-03-01 12:34:29 6,067,712 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieframe.dll
+ 2008-03-01 12:34:29 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iernonce.dll
+ 2008-03-01 12:34:29 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iertutil.dll
+ 2008-02-22 09:39:56 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieudinit.exe
+ 2008-02-22 09:40:22 625,664 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iexplore.exe
+ 2008-03-01 12:34:30 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\jsproxy.dll
+ 2008-03-01 12:34:30 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\msfeeds.dll
+ 2008-03-01 12:34:30 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\msfeedsbs.dll
+ 2008-03-01 12:34:32 3,593,216 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\mshtml.dll
+ 2008-03-01 12:34:32 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\mshtmled.dll
+ 2008-03-01 12:34:32 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\msrating.dll
+ 2008-03-01 12:34:32 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\mstime.dll
+ 2008-03-01 12:34:32 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\occache.dll
+ 2008-03-01 12:34:32 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\pngfilt.dll
+ 2008-03-01 12:34:32 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\url.dll
+ 2008-03-01 12:34:33 1,162,752 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\urlmon.dll
+ 2008-03-01 12:34:33 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\webcheck.dll
+ 2008-03-01 12:34:33 827,392 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\update\updspapi.dll
+ 2008-01-23 04:56:21 554,008 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\dao360.dll
+ 2007-12-10 12:41:11 518,944 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msexch40.dll
+ 2007-12-10 12:41:11 326,432 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msexcl40.dll
+ 2007-12-10 12:41:11 1,516,568 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjet40.dll
+ 2007-12-10 12:41:11 355,112 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjetol1.dll
+ 2008-03-25 06:56:31 194,144 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjint40.dll
+ 2007-12-10 12:41:12 60,192 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjter40.dll
+ 2007-12-10 12:41:12 248,608 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjtes40.dll
+ 2007-12-10 12:41:12 219,936 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msltus40.dll
+ 2007-12-10 12:41:12 355,104 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mspbde40.dll
+ 2007-12-10 12:41:13 432,928 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrd2x40.dll
+ 2007-12-10 12:41:13 322,336 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrd3x40.dll
+ 2007-12-10 12:41:13 559,904 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrepl40.dll
+ 2007-12-10 12:41:13 264,992 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mstext40.dll
+ 2007-12-10 12:41:13 838,432 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mswdat10.dll
+ 2007-11-01 05:15:27 621,344 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mswstr10.dll
+ 2007-12-10 12:41:14 355,104 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msxbde40.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB950749\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB950749\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\updspapi.dll
+ 2006-05-25 14:29:04 213,216 -c----w C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe
+ 2006-05-25 14:29:04 371,424 -c----w C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\updspapi.dll
+ 2006-05-24 16:32:48 213,216 -c----w C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe
+ 2006-05-24 16:32:48 371,424 -c----w C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\updspapi.dll
+ 2005-10-12 23:15:26 216,800 -c----w C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe
+ 2005-10-12 23:15:45 394,976 -c----w C:\WINDOWS\$NtUninstallKB904942$\spuninst\updspapi.dll
+ 2004-08-19 14:09:48 49,152 -c----w C:\WINDOWS\$NtUninstallKB904942$\wdigest.dll
+ 2004-08-19 14:09:22 28,672 -c----w C:\WINDOWS\$NtUninstallKB914440$\custsat.dll
+ 2005-10-12 23:15:24 216,800 -c----w C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe
+ 2005-10-12 23:15:43 394,976 -c----w C:\WINDOWS\$NtUninstallKB914440$\spuninst\updspapi.dll
+ 2005-10-12 23:12:26 213,216 -c----w C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe
+ 2005-10-12 23:12:33 371,424 -c----w C:\WINDOWS\$NtUninstallKB915865$\spuninst\updspapi.dll
+ 2005-10-12 23:12:26 213,216 -c----w C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe
+ 2005-10-12 23:12:33 371,424 -c----w C:\WINDOWS\$NtUninstallKB926239$\spuninst\updspapi.dll
+ 2006-10-19 01:47:16 414,208 -c----w C:\WINDOWS\$NtUninstallKB929399$\msscp.dll
+ 2005-06-28 14:23:26 213,216 -c----w C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe
+ 2005-06-28 14:23:54 371,424 -c----w C:\WINDOWS\$NtUninstallKB929399$\spuninst\updspapi.dll
+ 2004-08-19 14:09:34 294,400 -c----w C:\WINDOWS\$NtUninstallKB932823-v3$\msctf.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\updspapi.dll
+ 2005-06-28 14:23:40 216,800 -c----w C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe
+ 2005-06-28 14:23:54 371,424 -c----w C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\updspapi.dll
+ 2006-10-19 01:47:20 10,834,432 -c----w C:\WINDOWS\$NtUninstallKB936782_WMP11$\wmp.dll
+ 2005-06-28 14:23:40 216,800 -c----w C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe
+ 2005-06-28 14:23:54 371,424 -c----w C:\WINDOWS\$NtUninstallKB939683$\spuninst\updspapi.dll
+ 2006-11-03 13:58:34 317,440 -c----w C:\WINDOWS\$NtUninstallKB939683$\unregmp2.exe
+ 2004-08-19 14:09:24 561,179 -c----w C:\WINDOWS\$NtUninstallKB950749$\dao360.dll
+ 2004-08-19 14:09:34 512,029 -c----w C:\WINDOWS\$NtUninstallKB950749$\msexch40.dll
+ 2004-08-19 14:09:34 319,517 -c----w C:\WINDOWS\$NtUninstallKB950749$\msexcl40.dll
+ 2004-08-19 14:09:34 1,507,356 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjet40.dll
+ 2004-07-17 09:34:48 358,976 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjetol1.dll
+ 2004-07-17 09:34:48 358,976 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjetoledb40.dll
+ 2004-08-19 14:09:34 184,351 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjint40.dll
+ 2004-08-19 14:09:34 53,279 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjter40.dll
+ 2004-08-19 14:09:34 241,693 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjtes40.dll
+ 2004-08-19 14:09:34 213,023 -c----w C:\WINDOWS\$NtUninstallKB950749$\msltus40.dll
+ 2004-08-19 14:09:34 348,189 -c----w C:\WINDOWS\$NtUninstallKB950749$\mspbde40.dll
+ 2004-08-19 14:09:34 421,919 -c----w C:\WINDOWS\$NtUninstallKB950749$\msrd2x40.dll
+ 2004-08-19 14:09:34 315,423 -c----w C:\WINDOWS\$NtUninstallKB950749$\msrd3x40.dll
+ 2004-08-19 14:09:34 552,989 -c----w C:\WINDOWS\$NtUninstallKB950749$\msrepl40.dll
+ 2004-08-19 14:09:36 258,077 -c----w C:\WINDOWS\$NtUninstallKB950749$\mstext40.dll
+ 2004-08-19 14:09:36 831,519 -c----w C:\WINDOWS\$NtUninstallKB950749$\mswdat10.dll
+ 2004-08-19 14:09:36 614,429 -c----w C:\WINDOWS\$NtUninstallKB950749$\mswstr10.dll
+ 2004-08-19 14:09:36 348,189 -c----w C:\WINDOWS\$NtUninstallKB950749$\msxbde40.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\$NtUninstallKB950749$\spuninst\updspapi.dll
+ 2006-09-25 21:58:48 221,488 -c----w C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe
+ 2006-09-25 21:58:48 379,184 -c----w C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\updspapi.dll
+ 2005-01-28 17:44:28 294,912 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\blackbox.dll
+ 2005-01-28 17:44:28 164,864 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\cewmdm.dll
+ 2005-01-28 17:44:28 502,272 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\drmv2clt.dll
+ 2005-01-28 17:44:28 6,656 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\laprxy.dll
+ 2005-01-28 17:44:28 96,768 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\logagent.exe
+ 2004-08-19 14:09:32 310,272 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\mp43dmod.dll
+ 2004-08-19 14:09:32 384,512 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\mp4sdmod.dll
+ 2004-08-19 14:09:32 240,640 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\mpg4dmod.dll
+ 2005-01-28 17:44:28 142,336 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\msnetobj.dll
+ 2005-01-28 17:44:28 25,088 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\mspmsnsv.dll
+ 2005-01-28 17:44:28 173,568 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\mspmsp.dll
+ 2005-01-28 17:44:28 364,784 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\msscp.dll
+ 2005-01-28 17:44:28 315,904 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\mswmdm.dll
+ 2005-01-28 17:44:28 221,184 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\qasf.dll
+ 2006-05-16 22:11:54 213,216 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe
+ 2006-05-16 22:11:54 371,424 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\updspapi.dll
+ 2006-11-02 15:46:52 13,312 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\wpdinstallutil.dll
+ 2005-01-28 17:44:28 47,104 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\uwdf.exe
+ 2005-01-28 17:44:28 15,872 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wdfapi.dll
+ 2005-01-28 17:44:28 38,912 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wdfmgr.exe
+ 2005-01-28 17:44:28 396,528 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmadmod.dll
+ 2005-01-28 17:44:28 716,288 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmadmoe.dll
+ 2007-10-20 10:01:32 227,328 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmasf.dll
+ 2005-01-28 17:44:28 28,160 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmdmlog.dll
+ 2005-01-28 17:44:28 33,792 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmdmps.dll
+ 2005-01-28 17:44:28 335,872 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmdrmdev.dll
+ 2005-01-28 17:44:28 290,816 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmdrmnet.dll
+ 2005-01-28 17:44:28 150,016 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmidx.dll
+ 2005-01-28 17:44:28 1,027,072 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmnetmgr.dll
+ 2005-01-28 17:44:28 774,904 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmsdmod.dll
+ 2005-01-28 17:44:28 1,119,744 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmsdmoe2.dll
+ 2005-01-28 17:44:28 819,200 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmsetsdk.exe
+ 2005-01-28 17:44:28 413,944 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmspdmod.dll
+ 2005-01-28 17:44:28 940,544 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmspdmoe.dll
+ 2005-01-28 17:44:28 1,218,808 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmvadvd.dll
+ 2005-01-28 17:44:28 1,512,448 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmvadve.dll
+ 2006-12-07 05:29:34 2,374,472 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmvcore.dll
+ 2005-01-28 17:44:28 895,736 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmvdmod.dll
+ 2005-01-28 17:44:28 1,003,008 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmvdmoe2.dll
+ 2005-01-28 17:44:28 38,912 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wpd_ci.dll
+ 2005-01-28 17:44:28 61,952 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wpdconns.dll
+ 2005-01-28 17:44:28 114,176 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wpdmtp.dll
+ 2005-01-28 17:44:28 66,560 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wpdmtpus.dll
+ 2005-01-28 17:44:28 331,264 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wpdsp.dll
+ 2005-01-28 17:44:28 18,944 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wpdusb.sys
+ 2004-08-19 14:08:02 8,704 -c----w C:\WINDOWS\$NtUninstallwmp11$\asferror.dll
+ 2004-08-19 14:09:32 368,640 -c----w C:\WINDOWS\$NtUninstallwmp11$\mpvis.dll
+ 2004-08-19 14:10:04 778,240 -c----w C:\WINDOWS\$NtUninstallwmp11$\setup_wm.exe
+ 2006-05-16 22:11:54 213,216 -c----w C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe
+ 2006-05-16 22:11:56 394,976 -c----w C:\WINDOWS\$NtUninstallwmp11$\spuninst\updspapi.dll
+ 2004-08-19 14:10:04 208,896 -c----w C:\WINDOWS\$NtUninstallwmp11$\unregmp2.exe
+ 2004-08-19 14:09:08 200,704 -c----w C:\WINDOWS\$NtUninstallwmp11$\wmerror.dll
+ 2007-04-30 07:22:16 4,734,976 -c----w C:\WINDOWS\$NtUninstallwmp11$\wmp.dll
+ 2004-08-19 14:09:50 114,688 -c----w C:\WINDOWS\$NtUninstallwmp11$\wmpasf.dll
+ 2004-08-19 14:09:50 98,304 -c----w C:\WINDOWS\$NtUninstallwmp11$\wmpband.dll
+ 2004-08-19 14:09:50 233,472 -c----w C:\WINDOWS\$NtUninstallwmp11$\wmpdxm.dll
+ 2004-08-19 14:10:06 73,728 -c----w C:\WINDOWS\$NtUninstallwmp11$\wmplayer.exe
+ 2004-08-19 14:09:12 2,985,984 -c----w C:\WINDOWS\$NtUninstallwmp11$\wmploc.dll
+ 2004-08-19 14:09:50 102,400 -c----w C:\WINDOWS\$NtUninstallwmp11$\wmpshell.dll
+ 2006-09-16 05:05:22 221,488 -c----w C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe
+ 2006-09-16 05:05:22 379,184 -c----w C:\WINDOWS\$NtUninstallWudf01000$\spuninst\updspapi.dll
+ 2006-09-28 23:01:52 58,368 -c----w C:\WINDOWS\$NtUninstallWudf01000$\spuninst\WudfCustom.dll
+ 2008-06-27 19:55:04 451,072 ----a-w C:\WINDOWS\Ancient Quest of Saqqarah\uninstall.exe
+ 2006-10-04 14:05:26 39,424 ------w C:\WINDOWS\AppPatch\acadproc.dll
+ 2008-06-01 06:13:30 7,680 ----a-w C:\WINDOWS\assembly\GAC\Accessibility\1.0.5000.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2008-06-01 06:13:25 12,288 ----a-w C:\WINDOWS\assembly\GAC\cscompmgd\7.0.5000.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2008-06-01 06:13:32 33,792 ----a-w C:\WINDOWS\assembly\GAC\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2008-06-03 04:39:02 8,192 ----a-w C:\WINDOWS\assembly\GAC\IEExecRemote\1.0.5000.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2008-06-03 04:39:03 32,768 ----a-w C:\WINDOWS\assembly\GAC\IEHost\1.0.5000.0__b03f5f7f11d50a3a\IEHost.dll
+ 2008-06-01 06:13:32 4,608 ----a-w C:\WINDOWS\assembly\GAC\IIEHost\1.0.5000.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2008-06-01 06:13:32 26,112 ----a-w C:\WINDOWS\assembly\GAC\ISymWrapper\1.0.5000.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2008-06-03 04:39:11 720,896 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.JScript\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2008-06-01 06:13:25 28,672 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.VisualBasic.Vsa\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2008-06-03 04:39:04 299,008 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.VisualBasic\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2008-06-01 06:13:26 6,144 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.VisualC\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualC.dll
+ 2008-06-01 06:13:25 11,264 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Vsa.Vb.CodeDOMProcessor\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-06-01 06:13:24 32,768 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Vsa\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2008-06-01 06:13:25 6,656 ----a-w C:\WINDOWS\assembly\GAC\Microsoft_VsaVb\7.0.5000.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2008-06-01 06:13:32 1,564,672 ----a-w C:\WINDOWS\assembly\GAC\mscorcfg\1.0.5000.0__b03f5f7f11d50a3a\mscorcfg.dll
+ 2008-06-03 04:39:09 32,768 ----a-w C:\WINDOWS\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\RegCode.dll
+ 2008-06-01 06:13:32 77,824 ----a-w C:\WINDOWS\assembly\GAC\System.Configuration.Install\1.0.5000.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2008-06-03 04:39:07 303,104 ----a-w C:\WINDOWS\assembly\GAC\System.Data.OracleClient\1.0.5000.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2008-06-03 04:39:09 1,294,336 ----a-w C:\WINDOWS\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll
+ 2008-06-03 04:39:02 1,703,936 ----a-w C:\WINDOWS\assembly\GAC\System.Design\1.0.5000.0__b03f5f7f11d50a3a\System.Design.dll
+ 2008-06-03 04:39:11 90,112 ----a-w C:\WINDOWS\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2008-06-01 06:13:33 65,536 ----a-w C:\WINDOWS\assembly\GAC\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2008-06-03 04:39:07 466,944 ----a-w C:\WINDOWS\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2008-06-03 04:39:05 241,664 ----a-w C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2008-06-03 04:39:05 66,560 ----a-w C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll
+ 2008-06-03 04:39:08 372,736 ----a-w C:\WINDOWS\assembly\GAC\System.Management\1.0.5000.0__b03f5f7f11d50a3a\System.Management.dll
+ 2008-06-03 04:39:12 241,664 ----a-w C:\WINDOWS\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2008-06-03 04:39:07 323,584 ----a-w C:\WINDOWS\assembly\GAC\System.Runtime.Remoting\1.0.5000.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2008-06-03 04:39:05 131,072 ----a-w C:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-06-03 04:39:06 77,824 ----a-w C:\WINDOWS\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2008-06-03 04:39:10 126,976 ----a-w C:\WINDOWS\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2008-06-03 04:39:01 819,200 ----a-w C:\WINDOWS\assembly\GAC\System.Web.Mobile\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2008-06-03 04:39:04 57,344 ----a-w C:\WINDOWS\assembly\GAC\System.Web.RegularExpressions\1.0.5000.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2008-06-03 04:39:03 573,440 ----a-w C:\WINDOWS\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2008-06-06 05:34:31 1,265,664 ----a-w C:\WINDOWS\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2008-06-03 04:39:06 2,052,096 ----a-w C:\WINDOWS\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2008-06-03 04:39:08 1,339,392 ----a-w C:\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll
+ 2008-06-06 05:34:32 1,232,896 ----a-w C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2008-06-06 05:34:39 61,440 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_41bb2e05\CustomMarshalers.dll
+ 2008-06-06 05:34:52 3,391,488 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_30c2e1ef\mscorlib.dll
+ 2008-06-06 05:34:49 1,470,464 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_90f42468\System.Design.dll
+ 2008-06-06 05:34:40 90,112 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_fac2991b\System.Drawing.Design.dll
+ 2008-06-06 05:34:50 835,584 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_b3c0c05e\System.Drawing.dll
+ 2008-06-06 05:34:43 3,018,752 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_d6af9453\System.Windows.Forms.dll
+ 2008-06-06 05:34:46 2,088,960 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_804171e3\System.Xml.dll
+ 2008-06-06 05:34:38 1,966,080 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_e2c12bf2\System.dll
+ 2008-06-04 18:12:49 472,576 ----a-w C:\WINDOWS\ColorUp! Wedding Scrapbook\uninstall.exe
+ 2008-06-15 04:20:44 472,576 ------w C:\WINDOWS\Discovery A Seek And Find Adventure\uninstall.exe
+ 2008-08-03 00:06:33 472,576 ----a-w C:\WINDOWS\Dream Day - First Home\uninstall.exe
+ 2008-08-07 20:27:04 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE
+ 2008-08-11 05:04:59 9,887,744 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-08-11 05:05:00 172,032 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\[u]0[/u]0000002\UsrClass.dat
+ 2008-08-07 20:27:04 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE
+ 2008-08-11 04:42:56 733,184 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-08-11 04:42:56 8,192 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000002\UsrClass.dat
+ 2008-08-02 23:46:23 451,072 ----a-w C:\WINDOWS\Forgotten Riddles - The Moonlight Sonatas\uninstall.exe
+ 2008-06-01 06:26:31 472,576 ----a-w C:\WINDOWS\Hell's Kitchen\uninstall.exe
+ 2008-07-22 02:04:43 472,576 ----a-w C:\WINDOWS\Hidden Secrets - The Nightmare\uninstall.exe
+ 2008-05-23 05:48:33 472,576 ----a-w C:\WINDOWS\Hide & Secret 2 - Cliffhanger Castle\uninstall.exe
- 2008-03-16 07:26:59 111,292 ----a-w C:\WINDOWS\hpqins13.dat
+ 2008-05-30 18:35:57 115,686 ----a-w C:\WINDOWS\hpqins13.dat
+ 2004-08-19 14:09:20 61,440 -c----w C:\WINDOWS\ie7\admparse.dll
+ 2004-08-19 14:09:20 101,888 -c----w C:\WINDOWS\ie7\advpack.dll
+ 2004-08-19 14:09:22 35,328 -c----w C:\WINDOWS\ie7\corpol.dll
+ 2006-06-02 19:32:20 33,792 -c----w C:\WINDOWS\ie7\custsat.dll
+ 2008-02-16 09:02:34 357,888 -c----w C:\WINDOWS\ie7\dxtmsft.dll
+ 2008-02-16 09:02:35 205,312 -c----w C:\WINDOWS\ie7\dxtrans.dll
+ 2008-02-16 09:02:35 55,808 -c----w C:\WINDOWS\ie7\extmgr.dll
+ 2004-08-19 14:09:28 38,912 -c----w C:\WINDOWS\ie7\hmmapi.dll
+ 2004-08-19 14:09:56 34,304 -c----w C:\WINDOWS\ie7\ie4uinit.exe
+ 2004-08-19 14:09:28 139,264 -c----w C:\WINDOWS\ie7\ieakeng.dll
+ 2004-08-19 14:09:28 221,696 -c----w C:\WINDOWS\ie7\ieaksie.dll
+ 2002-08-30 12:00:00 245,760 -c----w C:\WINDOWS\ie7\ieakui.dll
+ 2004-08-19 14:09:28 323,584 -c----w C:\WINDOWS\ie7\iedkcs32.dll
+ 2008-02-15 09:23:37 18,432 -c----w C:\WINDOWS\ie7\iedw.exe
+ 2004-08-19 14:09:28 81,920 -c----w C:\WINDOWS\ie7\ieencode.dll
+ 2008-02-16 09:02:35 251,392 -c----w C:\WINDOWS\ie7\iepeers.dll
+ 2004-08-19 14:09:28 49,152 -c----w C:\WINDOWS\ie7\iernonce.dll
+ 2004-08-19 14:09:28 63,488 -c----w C:\WINDOWS\ie7\iesetup.dll
+ 2004-08-19 14:09:56 93,184 -c----w C:\WINDOWS\ie7\iexplore.exe
+ 2004-08-19 14:09:30 35,840 -c----w C:\WINDOWS\ie7\imgutil.dll
+ 2008-02-16 09:02:35 96,768 -c----w C:\WINDOWS\ie7\inseng.dll
+ 2007-12-18 14:41:58 450,560 -c----w C:\WINDOWS\ie7\jscript.dll
+ 2008-02-16 09:02:35 16,384 -c----w C:\WINDOWS\ie7\jsproxy.dll
+ 2004-08-19 14:09:32 22,528 -c----w C:\WINDOWS\ie7\licmgr10.dll
+ 2004-08-19 14:10:00 29,184 -c----w C:\WINDOWS\ie7\mshta.exe
+ 2008-02-16 22:32:38 3,080,704 -c----w C:\WINDOWS\ie7\mshtml.dll
+ 2008-02-16 09:02:36 449,024 -c----w C:\WINDOWS\ie7\mshtmled.dll
+ 2004-08-19 14:08:28 57,344 -c----w C:\WINDOWS\ie7\mshtmler.dll
+ 2002-08-30 12:00:00 146,432 -c----w C:\WINDOWS\ie7\msls31.dll
+ 2008-02-16 09:02:37 146,432 -c----w C:\WINDOWS\ie7\msrating.dll
+ 2008-02-16 09:02:37 532,480 -c----w C:\WINDOWS\ie7\mstime.dll
+ 2004-08-19 14:09:38 97,280 -c----w C:\WINDOWS\ie7\occache.dll
+ 2008-02-16 09:02:37 39,424 -c----w C:\WINDOWS\ie7\pngfilt.dll
+ 2007-09-26 22:34:42 33,472 -c----w C:\WINDOWS\ie7\spuninst\iecustom.dll
+ 2007-09-26 22:32:30 66,048 -c--a-w C:\WINDOWS\ie7\spuninst\ieResetIcons.exe
+ 2006-09-06 21:43:28 216,800 -c----w C:\WINDOWS\ie7\spuninst\spuninst.exe
+ 2006-09-06 21:43:30 394,976 -c----w C:\WINDOWS\ie7\spuninst\updspapi.dll
+ 2004-08-19 14:09:48 37,888 -c----w C:\WINDOWS\ie7\url.dll
+ 2008-02-16 09:02:39 617,984 -c----w C:\WINDOWS\ie7\urlmon.dll
+ 2007-12-18 14:41:59 417,792 -c----w C:\WINDOWS\ie7\vbscript.dll
+ 2007-06-26 13:56:54 851,968 -c----w C:\WINDOWS\ie7\vgx.dll
+ 2004-08-19 14:09:48 281,600 -c----w C:\WINDOWS\ie7\webcheck.dll
+ 2008-02-16 09:02:39 663,552 -c----w C:\WINDOWS\ie7\wininet.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\updspapi.dll
+ 2007-08-13 22:54:10 765,952 -c----w C:\WINDOWS\ie7updates\KB938127-IE7\vgx.dll
+ 2007-08-13 22:39:00 123,904 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\advpack.dll
+ 2007-08-13 22:35:46 346,624 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\dxtmsft.dll
+ 2007-08-13 22:35:38 214,528 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\dxtrans.dll
+ 2007-08-13 22:54:10 131,584 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\extmgr.dll
+ 2007-08-13 22:36:26 61,952 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\icardie.dll
+ 2007-08-13 22:39:06 54,784 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ie4uinit.exe
+ 2007-08-13 22:39:26 152,064 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieakeng.dll
+ 2007-08-13 22:39:54 229,376 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieaksie.dll
+ 2007-08-13 21:56:54 161,792 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieakui.dll
+ 2007-02-12 20:10:12 2,451,312 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieapfltr.dat
+ 2007-07-11 16:27:48 383,488 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieapfltr.dll
+ 2007-08-13 22:39:50 382,976 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iedkcs32.dll
+ 2007-08-13 22:54:10 6,049,280 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieframe.dll
+ 2007-08-13 22:39:10 43,008 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iernonce.dll
+ 2007-08-13 22:34:04 266,752 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iertutil.dll
+ 2007-08-13 22:39:10 13,312 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieudinit.exe
+ 2007-08-13 22:43:56 622,080 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iexplore.exe
+ 2007-08-13 22:54:10 27,136 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\jsproxy.dll
+ 2007-08-13 22:54:10 458,752 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\msfeeds.dll
+ 2007-08-13 22:54:10 50,688 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\msfeedsbs.dll
+ 2007-08-13 22:54:12 3,578,368 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\mshtml.dll
+ 2007-08-13 22:54:10 475,648 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\mshtmled.dll
+ 2007-08-13 22:44:26 192,000 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\msrating.dll
+ 2007-08-13 22:54:10 670,720 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\mstime.dll
+ 2007-08-13 22:44:06 101,376 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\occache.dll
+ 2007-08-13 22:36:12 44,544 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\pngfilt.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\updspapi.dll
+ 2007-08-13 22:44:30 105,984 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\url.dll
+ 2007-08-13 22:54:10 1,162,240 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\urlmon.dll
+ 2007-08-13 22:54:10 231,424 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\webcheck.dll
+ 2007-08-13 22:54:10 818,688 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\wininet.dll
+ 2007-12-07 02:08:32 124,928 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\advpack.dll
+ 2007-12-07 02:08:32 124,928 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\advpack.dll.000
+ 2007-12-19 22:53:23 347,136 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\dxtmsft.dll
+ 2007-12-19 22:53:23 347,136 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\dxtmsft.dll.000
+ 2007-12-07 02:08:32 214,528 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\dxtrans.dll
+ 2007-12-07 02:08:32 214,528 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\dxtrans.dll.000
+ 2007-12-07 02:08:32 133,120 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\extmgr.dll
+ 2007-12-07 02:08:32 63,488 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\icardie.dll
+ 2007-12-07 02:08:32 63,488 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\icardie.dll.000
+ 2007-12-06 11:02:31 70,656 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ie4uinit.exe
+ 2007-12-07 02:08:32 153,088 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieakeng.dll
+ 2007-12-07 02:08:32 230,400 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieaksie.dll
+ 2007-12-06 04:59:51 161,792 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieapfltr.dat
+ 2007-12-07 02:08:32 383,488 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieapfltr.dll
+ 2007-12-07 02:08:32 383,488 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieapfltr.dll.000
+ 2007-12-07 02:08:32 384,512 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iedkcs32.dll
+ 2007-12-07 02:08:33 6,066,176 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieframe.dll
+ 2007-12-07 02:08:33 6,066,176 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieframe.dll.000
+ 2007-12-07 02:08:33 44,544 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iernonce.dll
+ 2007-12-07 02:08:33 267,776 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iertutil.dll
+ 2007-12-07 02:08:33 267,776 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iertutil.dll.000
+ 2007-12-06 11:00:58 13,824 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieudinit.exe
+ 2007-12-06 11:03:16 625,664 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iexplore.exe
+ 2007-12-06 11:03:16 625,664 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iexplore.exe.000
+ 2007-12-07 02:08:33 27,648 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\jsproxy.dll
+ 2007-12-07 02:08:33 27,648 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\jsproxy.dll.000
+ 2007-12-07 02:08:33 459,264 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msfeeds.dll
+ 2007-12-07 02:08:33 459,264 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msfeeds.dll.000
+ 2007-12-07 02:08:33 52,224 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msfeedsbs.dll
+ 2007-12-07 02:08:33 52,224 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msfeedsbs.dll.000
+ 2007-12-08 14:38:36 3,592,192 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mshtml.dll
+ 2007-12-08 14:38:36 3,592,192 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mshtml.dll.000
+ 2007-12-07 02:08:34 478,208 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mshtmled.dll
+ 2007-12-07 02:08:34 478,208 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mshtmled.dll.000
+ 2007-12-07 02:08:34 193,024 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msrating.dll
+ 2007-12-07 02:08:34 671,232 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mstime.dll
+ 2007-12-07 02:08:34 102,912 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\occache.dll
+ 2007-12-07 02:08:34 102,912 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\occache.dll.000
+ 2008-01-11 05:36:55 44,544 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\pngfilt.dll
+ 2008-01-11 05:36:55 44,544 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\pngfilt.dll.000
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\updspapi.dll
+ 2007-12-07 02:08:34 105,984 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\url.dll
+ 2007-12-07 02:08:34 105,984 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\url.dll.000
+ 2007-12-07 02:08:34 1,159,680 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\urlmon.dll
+ 2007-12-07 02:08:34 1,159,680 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\urlmon.dll.000
+ 2007-12-07 02:08:34 233,472 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\webcheck.dll
+ 2007-12-07 02:08:34 233,472 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\webcheck.dll.000
+ 2007-12-07 02:08:34 824,832 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\wininet.dll
+ 2007-12-07 02:08:34 824,832 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\wininet.dll.000
- 2004-08-19 14:10:04 208,896 ----a-w C:\WINDOWS\inf\unregmp2.exe
+ 2007-06-29 15:59:14 318,976 ----a-w C:\WINDOWS\inf\unregmp2.exe
+ 2006-10-27 00:48:14 434,528 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\DWTRIG20.EXE
+ 2006-10-27 20:04:08 497,504 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\MORPH9.DLL
+ 2006-10-27 20:26:40 16,870,712 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\MSO.DLL
+ 2006-10-27 20:04:10 9,581,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\MSPUB.EXE
+ 2006-10-27 01:09:36 136,008 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\PRTF9.DLL
+ 2006-10-27 20:04:06 624,456 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\PTXT9.DLL
+ 2006-10-27 01:09:44 590,144 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\PUBCONV.DLL
+ 2006-10-27 20:23:04 347,432 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\WINWORD.EXE
+ 2006-10-27 20:11:38 4,235,560 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\WRD12CNV.DLL
+ 2006-10-27 20:11:36 21,264 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\WRD12EXE.EXE
+ 2006-10-27 20:23:08 17,483,560 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\WWLIB.DLL
+ 2008-05-30 18:34:55 25,214 ----a-r C:\WINDOWS\Installer\{09633A5E-3089-41A8-9FF1-382171423C5D}\ARPPRODUCTICON.exe
+ 2008-06-15 00:31:57 15,086 ----a-r C:\WINDOWS\Installer\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}\ARPPRODUCTICON.exe
+ 2008-06-15 00:31:58 65,536 ----a-r C:\WINDOWS\Installer\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}\LightScribeWebsite_9607541794D946E89D5752F753E35CC4.exe
+ 2008-06-15 00:31:57 323,584 ----a-r C:\WINDOWS\Installer\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}\NewShortcut1_C673DF680CDE41FC9DFBF63D31DE4F28.exe
+ 2008-06-15 00:31:57 339,968 ----a-r C:\WINDOWS\Installer\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}\NewShortcut1_FE82206EF6124B479F4EDD27A1E056A4.exe
+ 2008-06-15 00:31:57 323,584 ----a-r C:\WINDOWS\Installer\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}\NewShortcut2_C673DF680CDE41FC9DFBF63D31DE4F28.exe
+ 2008-06-15 00:31:57 65,536 ----a-r C:\WINDOWS\Installer\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}\QuickDemoUrl_E9752251A5AD4678977047FD65566D18.exe
- 2008-04-10 20:52:01 1,165,584 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\accicons.exe
+ 2008-06-09 19:48:26 1,165,584 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\accicons.exe
- 2008-04-10 20:52:01 20,240 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-06-09 19:48:26 20,240 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\cagicon.exe
- 2008-04-10 20:52:01 159,504 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\inficon.exe
+ 2008-06-09 19:48:26 159,504 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\inficon.exe
- 2008-04-10 20:52:01 217,864 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\misc.exe
+ 2008-06-09 19:48:26 217,864 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\misc.exe
- 2008-04-10 20:52:01 18,704 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-06-09 19:48:26 18,704 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\mspicons.exe
- 2008-04-10 20:52:01 35,088 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\oisicon.exe
+ 2008-06-09 19:48:26 35,088 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-04-10 20:52:01 845,584 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe
+ 2008-06-09 19:48:26 845,584 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe
- 2008-04-10 20:52:01 922,384 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe
+ 2008-06-09 19:48:26 922,384 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe
- 2008-04-10 20:52:01 272,648 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pubs.exe
+ 2008-06-09 19:48:26 272,648 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pubs.exe
- 2008-04-10 20:52:01 888,080 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe
+ 2008-06-09 19:48:26 888,080 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe
- 2008-04-10 20:52:01 1,172,240 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe
+ 2008-06-09 19:48:26 1,172,240 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe
+ 2008-05-30 18:35:27 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\ARPPRODUCTICON.exe
+ 2008-05-30 18:35:27 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut10.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:26 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut11.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:27 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut12.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:27 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut13.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:27 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut14.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:27 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut15.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:27 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut16.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:26 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut17.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:27 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut18.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:26 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut19.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:26 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut2_1.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:26 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut20.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:26 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut21.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:26 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut22.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:26 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut23.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:26 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut24.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:26 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut25.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:27 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut26.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:26 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut27.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:26 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut28.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:27 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut5.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:27 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut6.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:27 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut7.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:27 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut8.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-30 18:35:27 25,214 ----a-r C:\WINDOWS\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\NewShortcut9.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-05-23 18:10:21 472,576 ----a-w C:\WINDOWS\Laura Jones and the Gates of Good and Evil\uninstall.exe
+ 2003-02-21 06:59:44 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\alinkui.dll
+ 2003-02-21 07:55:06 94,208 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\cscompui.dll
+ 2003-02-21 07:02:16 131,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\vbc7ui.dll
+ 2003-02-21 09:04:20 155,648 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\Vsavb7rtUI.dll
+ 2003-02-21 11:24:08 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Accessibility.dll
+ 2003-02-21 09:00:36 98,304 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\alink.dll
+ 2003-02-20 23:19:42 24,576 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2007-04-14 01:30:52 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2003-02-20 23:19:22 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_rc.dll
+ 2004-07-15 05:49:18 20,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_regiis.exe
+ 2004-07-15 05:49:26 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
+ 2007-04-14 01:30:52 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2002-07-29 15:11:50 219,136 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\c_g18030.dll
+ 2003-02-21 11:24:10 94,208 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CasPol.exe
+ 2003-02-21 11:24:32 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ConfigWizards.exe
+ 2007-04-14 00:57:52 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2004-07-15 15:23:28 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\csc.exe
+ 2004-07-15 15:23:44 626,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\cscomp.dll
+ 2003-02-21 11:24:34 12,288 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\cscompmgd.dll
+ 2003-02-21 11:24:36 33,792 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CustomMarshalers.dll
+ 2003-02-21 08:12:24 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\cvtres.exe
+ 2003-02-21 14:21:40 524,288 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\diasymreader.dll
+ 2003-02-20 23:16:32 798,720 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\EventLogMessages.dll
+ 2004-07-15 04:24:30 282,624 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll
+ 2003-10-08 18:30:14 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\gacutil.exe
+ 2003-02-21 11:24:38 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\IEExec.exe
+ 2004-07-15 18:31:00 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\IEExecRemote.dll
+ 2004-07-15 18:31:04 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\IEHost.dll
+ 2003-02-21 11:24:40 4,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\IIEHost.dll
+ 2004-07-15 04:35:30 196,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ilasm.exe
+ 2003-02-21 11:24:42 15,872 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\InstallUtil.exe
+ 2003-02-20 23:22:24 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\InstallUtilLib.dll
+ 2003-02-21 11:24:44 26,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ISymWrapper.dll
+ 2003-02-21 11:24:52 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\jsc.exe
+ 2004-07-15 18:28:58 720,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.JScript.dll
+ 2004-07-15 18:28:56 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.dll
+ 2003-02-21 11:24:54 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.Vsa.dll
+ 2003-02-21 11:25:02 6,144 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualC.Dll
+ 2003-02-21 11:24:58 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.Vsa.dll
+ 2003-02-21 11:25:06 11,264 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2003-02-21 11:25:02 6,656 ----a-w C:\WINDOWS\Microsoft.NET\Fra

Réponse 35 / 51

Destrio5 Messages postés 99820 Date d'inscription Statut Modérateur Dernière intervention 10 305

J'ai bien fait de te faire faire ce scan, j'avais raison, tu étais infecté par Vundo/Virtumonde.

Le rapport n'est pas complet malheureusement.

Réponse 36 / 51

mymybyll Messages postés 92 Statut Membre 1

bonjour, est-ce que tu veux que j'en fasse un autre avec ComboFix Merci Mymy

Réponse 37 / 51

Destrio5 Messages postés 99820 Date d'inscription Statut Modérateur Dernière intervention 10 305

Non. Peux-tu m'envoyer le rapport sur destrio5@free.fr s'il te plaît ?

Réponse 38 / 51

Destrio5 Messages postés 99820 Date d'inscription Statut Modérateur Dernière intervention 10 305

Je suis de retour.

Réponse 39 / 51

Destrio5 Messages postés 99820 Date d'inscription Statut Modérateur Dernière intervention 10 305

Peux-tu réinstaller HijackThis et faire un rapport ?

Réponse 40 / 51

mymybyll Messages postés 92 Statut Membre 1

Bonjour, je t'envoie le rapport. Merci, je suis très contente que tu sois de retour.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:50:43, on 2008-08-15
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\vVX6000.exe
D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\ATI\Catalyst Media Center\CMCService.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\essspk.exe
C:\WINDOWS\system32\hphmon03.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9FA.EXE
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\lg_fwupdate\fwupdate.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
D:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ATI\Catalyst Media Center\Kernel\TV\CLCapSvc.exe
C:\Program Files\ATI\Catalyst Media Center\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\PROGRA~1\SPYWAR~1\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ATI\Catalyst Media Center\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\HPHipm09.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
D:\Anglais\Systran\SYSTRA~3.EXE
D:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
D:\Zip\Hijack\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [VX6000] C:\WINDOWS\vVX6000.exe
O4 - HKLM\..\Run: [CloneCDTray] "D:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [VirtualCloneDrive] "D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [CMCService] "C:\Program Files\ATI\Catalyst Media Center\CMCService.exe"
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [EssSpkPhone] essspk.exe
O4 - HKLM\..\Run: [HPHmon03] C:\WINDOWS\system32\hphmon03.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R320 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9FA.EXE /P30 "EPSON Stylus Photo R320 Series" /O6 "USB001" /M "Stylus Photo R320"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [ATI Remote Control] C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [EPSON Stylus Photo R320 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9FA.EXE /P30 "EPSON Stylus Photo R320 Series" /M "Stylus Photo R320" /EF "HKCU"
O4 - HKCU\..\Run: [Anniversaires] D:\Anniversaires\Rappel.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: MSN Pictures Displayer.lnk = D:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
O4 - Global Startup: APC UPS Status.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Open and Translate in Word - res://D:\Anglais\Systran\IEShellExt.dll /10
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-caf.cab
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\ATI\Catalyst Media Center\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\ATI\Catalyst Media Center\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\ATI\Catalyst Media Center\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Pml Driver - HP - C:\WINDOWS\system32\HPHipm09.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\PROGRA~1\SPYWAR~1\sp_rsser.exe

Virus très bizarre

51 réponses

Votre réponse

Discussions similaires

Newsletters