Sujet Précédent Sujet Suivant

Win 32

pistol pit Messages postés 3 Statut Membre -  
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonsoir,

Je pense avoir récolté le virus win32. J'ai procédé à l'analyse de hijackthis, voici le rapport.
Merci d'avance pour votre réponse.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:18:57, on 26/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI HydraVision\HydraDM.exe
C:\Program Files\ATI Technologies\ATI HydraVision\HydraMD.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
D:\Azureus\Azureus.exe
D:\eMule\emule.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.huddi.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HydraVision\HydraDM.exe
O4 - HKLM\..\Run: [HydraVisionViewport] C:\Program Files\ATI Technologies\ATI HydraVision\HydraMD.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [EnvyHFCPL] C:\Program Files\Audio Deck\EnMixCPL.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ItsTV] "C:\Program Files\ItsLabel\ItsTV.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Barre d'état système d'ATI CATALYST.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - https://sdlc-esd.oracle.com/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab?GroupName=JSC&FilePath=/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab&BHost=javadl.sun.com&File=jinstall-6u7-windows-i586-jc.cab&AuthParam=1580978829_3fac487ff39b191ded7866fc4973d48d&ext=.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
A voir également:

7 réponses

Réponse 1 / 7
pistol pit
 
Bonsoir,
Ok, voici le rapport de combo fix:
Merci pour l'aide.

ComboFix 08-09-16.05 - Quérin 2008-09-17 19:53:15.3 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.280 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\Quérin\Bureau\Combo-Fix.exe
* Un nouveau point de restauration a été créé

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\drivers\mdelk.exe
C:\Documents and Settings\Quérin\Cookies\quérin@voila[2].txt . . . . impossible à supprimer
C:\Documents and Settings\Quérin\Cookies\quérin@wysistat[1].txt . . . . impossible à supprimer

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s du 2008-08-17 au 2008-09-17 ))))))))))))))))))))))))))))))))))))
.

2008-09-16 20:01 . 2008-09-16 20:01 244 --ah----- C:\sqmnoopt03.sqm
2008-09-16 20:01 . 2008-09-16 20:01 232 --ah----- C:\sqmdata03.sqm
2008-08-30 12:46 . 2008-08-30 12:46 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-30 12:46 . 2008-08-30 12:46 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-30 12:46 . 2008-08-17 15:01 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-08-30 12:46 . 2008-08-17 15:01 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-08-28 00:22 . 2008-08-28 00:22 268 --ah----- C:\sqmdata02.sqm
2008-08-28 00:22 . 2008-08-28 00:22 244 --ah----- C:\sqmnoopt02.sqm
2008-08-27 12:15 . 2008-08-27 12:20 <REP> d-------- C:\Program Files\DivX
2008-08-26 23:04 . 2008-08-26 23:04 <REP> d-------- C:\Program Files\Lavasoft
2008-08-26 23:04 . 2008-08-26 23:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-08-26 23:02 . 2008-08-26 23:02 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-08-26 22:07 . 2008-08-26 22:08 <REP> d-------- C:\327882R2FWJFW
2008-08-26 22:03 . 2008-08-26 22:03 <REP> d-------- C:\Program Files\Trend Micro
2008-08-25 21:30 . 2008-08-25 21:30 <REP> d-------- C:\Program Files\CCleaner

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-30 10:41 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-29 10:21 --------- d-----w C:\Program Files\Spyware Doctor
2008-08-25 18:36 --------- d-----w C:\Program Files\SuperCopier2
2008-08-05 10:13 --------- d-----w C:\Documents and Settings\All Users\Application Data\Bluetooth
2008-08-05 10:10 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-05 10:10 --------- d-----w C:\Program Files\IVT Corporation
2008-07-27 01:16 --------- d-----w C:\Program Files\Windows Live
2008-07-26 18:32 --------- d-----w C:\Program Files\Sun
2008-07-26 18:32 --------- d-----w C:\Program Files\Java
2008-07-26 18:30 --------- d-----w C:\Program Files\Fichiers communs\Java
2008-07-26 17:35 --------- d-----w C:\Program Files\MSXML 4.0
2008-07-26 16:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\Azureus
2008-07-26 14:19 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-07-26 14:15 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-07-26 14:06 --------- d-----w C:\Program Files\EoRezo
2008-07-26 10:42 --------- d-----w C:\Program Files\Fichiers communs\Ahead
2008-07-26 10:38 --------- d-----w C:\Program Files\Nero
2008-07-26 10:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero
2008-07-25 23:05 --------- d-----w C:\Program Files\Audio Deck
2008-07-25 23:03 --------- d-----w C:\Program Files\AvRack
2008-07-25 19:42 --------- d-----w C:\Program Files\GIGABYTE
2008-07-25 19:25 --------- d-----w C:\Program Files\Alwil Software
2008-07-25 18:48 --------- d-----w C:\Program Files\Microsoft.NET
2008-07-25 17:45 --------- d-----w C:\Program Files\Webteh
2008-07-25 17:39 --------- d-----w C:\Program Files\Mirage-Team Encoder Pack
2008-07-25 17:39 --------- d-----w C:\Program Files\Mirage-Team Decoder Pack
2008-07-25 17:32 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-07-25 17:23 --------- d-----w C:\Program Files\Skype
2008-07-25 17:23 --------- d-----w C:\Program Files\Fichiers communs\Skype
2008-07-25 17:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\Skype
2008-07-25 16:58 4,096 ----a-w C:\WINDOWS\gdrv.sys
2008-07-25 16:54 --------- d-----w C:\Program Files\C-Media 3D Audio
2008-07-25 16:15 --------- d-----w C:\Program Files\iTunes
2008-07-25 16:14 --------- d-----w C:\Program Files\QuickTime
2008-07-25 16:14 --------- d-----w C:\Program Files\iPod
2008-07-25 16:14 --------- d-----w C:\Program Files\Bonjour
2008-07-25 16:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-07-25 16:13 --------- d-----w C:\Program Files\Fichiers communs\Apple
2008-07-25 16:13 --------- d-----w C:\Program Files\Apple Software Update
2008-07-25 16:13 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2008-07-25 16:11 --------- d-----w C:\Program Files\VideoLAN
2008-07-25 15:43 --------- d-----w C:\Program Files\Yahoo!
2008-07-25 15:43 --------- d-----w C:\Program Files\Marvell
2008-07-25 15:31 --------- d-----w C:\Program Files\CyberLink
2008-07-25 15:29 --------- d-----w C:\Program Files\ATI Technologies
2008-07-25 14:14 --------- d-----w C:\Program Files\Realtek Sound Manager
2008-07-25 14:13 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-07-25 14:06 --------- d-----w C:\Program Files\Intel
2008-07-25 13:46 --------- d-----w C:\Program Files\microsoft frontpage
2008-07-25 13:44 --------- d-----w C:\Program Files\Services en ligne
2008-07-25 08:36 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2008-07-23 16:50 9,464 ------w C:\WINDOWS\system32\drivers\cdralw2k.sys
2008-07-23 16:50 9,336 ------w C:\WINDOWS\system32\drivers\cdr4_xp.sys
2008-07-23 16:50 43,528 ------w C:\WINDOWS\system32\drivers\PxHelp20.sys
2008-07-23 16:50 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2008-07-23 16:50 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2008-07-23 16:50 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
2008-07-23 16:50 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2008-07-23 16:48 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2008-07-23 16:48 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2008-07-23 16:46 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-18 18:39 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-23 15:40 663,552 ----a-w C:\WINDOWS\system32\wininet.dll
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
.

((((((((((((((((((((((((((((( snapshot@2008-07-25_23.48.16.92 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-02-25 03:35:24 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB898461\spmsg.dll
+ 2005-02-25 03:35:24 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB898461\spuninst.exe
+ 2005-02-25 03:35:24 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB898461\spupdsvc.exe
+ 2005-02-25 03:35:24 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB898461\update\spcustom.dll
+ 2005-02-25 03:35:24 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB898461\update\update.exe
+ 2005-02-25 03:35:25 395,488 ----a-w C:\WINDOWS\$hf_mig$\KB898461\update\updspapi.dll
+ 2006-05-18 05:49:55 450,560 ----a-w C:\WINDOWS\$hf_mig$\KB917344\SP2QFE\jscript.dll
+ 2005-10-12 23:18:45 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB917344\spmsg.dll
+ 2005-10-12 23:18:45 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB917344\spuninst.exe
+ 2005-10-12 23:18:45 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB917344\update\spcustom.dll
+ 2005-10-12 23:18:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB917344\update\update.exe
+ 2005-10-12 23:18:49 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB917344\update\updspapi.dll
+ 2008-03-27 09:22:32 60,416 ----a-w C:\WINDOWS\$hf_mig$\KB942763\SP2QFE\tzchange.exe
+ 2008-03-27 10:40:24 60,416 ----a-w C:\WINDOWS\$hf_mig$\KB942763\SP3GDR\tzchange.exe
+ 2008-03-27 10:46:15 60,416 ----a-w C:\WINDOWS\$hf_mig$\KB942763\SP3QFE\tzchange.exe
+ 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB942763\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB942763\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\update.exe
+ 2007-11-30 11:19:10 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\updspapi.dll
+ 2007-11-14 07:19:25 450,560 ----a-w C:\WINDOWS\$hf_mig$\KB942840\SP2QFE\jscript.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB942840\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB942840\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB942840\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB942840\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB942840\update\updspapi.dll
+ 2007-12-18 14:32:57 450,560 ----a-w C:\WINDOWS\$hf_mig$\KB944338-v2\SP2QFE\jscript.dll
+ 2007-12-18 14:32:57 417,792 ----a-w C:\WINDOWS\$hf_mig$\KB944338-v2\SP2QFE\vbscript.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB944338-v2\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB944338-v2\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB944338-v2\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB944338-v2\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB944338-v2\update\updspapi.dll
+ 2008-05-02 13:33:12 83,968 ----a-w C:\WINDOWS\$hf_mig$\KB946648\SP2QFE\msgsc.dll
+ 2008-05-02 14:01:52 83,968 ----a-w C:\WINDOWS\$hf_mig$\KB946648\SP3GDR\msgsc.dll
+ 2008-05-02 13:44:40 83,968 ----a-w C:\WINDOWS\$hf_mig$\KB946648\SP3QFE\msgsc.dll
+ 2007-11-30 12:39:29 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB946648\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB946648\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB946648\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB946648\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB946648\update\updspapi.dll
+ 2008-01-23 04:56:21 554,008 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\dao360.dll
+ 2007-12-10 12:41:11 518,944 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msexch40.dll
+ 2007-12-10 12:41:11 326,432 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msexcl40.dll
+ 2007-12-10 12:41:11 1,516,568 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjet40.dll
+ 2007-12-10 12:41:11 355,112 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjetol1.dll
+ 2008-03-25 06:56:31 194,144 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjint40.dll
+ 2007-12-10 12:41:12 60,192 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjter40.dll
+ 2007-12-10 12:41:12 248,608 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjtes40.dll
+ 2007-12-10 12:41:12 219,936 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msltus40.dll
+ 2007-12-10 12:41:12 355,104 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mspbde40.dll
+ 2007-12-10 12:41:13 432,928 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrd2x40.dll
+ 2007-12-10 12:41:13 322,336 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrd3x40.dll
+ 2007-12-10 12:41:13 559,904 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrepl40.dll
+ 2007-12-10 12:41:13 264,992 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mstext40.dll
+ 2007-12-10 12:41:13 838,432 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mswdat10.dll
+ 2007-11-01 05:15:27 621,344 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mswstr10.dll
+ 2007-12-10 12:41:14 355,104 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msxbde40.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB950749\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB950749\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\updspapi.dll
+ 2008-04-21 06:57:16 1,024,512 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\browseui.dll
+ 2008-04-21 06:57:16 152,064 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\cdfview.dll
+ 2008-04-21 06:57:17 1,056,768 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\danim.dll
+ 2008-04-21 06:57:17 357,888 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\dxtmsft.dll
+ 2008-04-21 06:57:18 205,312 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\dxtrans.dll
+ 2008-04-21 06:57:18 55,808 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\extmgr.dll
+ 2008-04-17 10:46:59 18,432 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\iedw.exe
+ 2008-04-21 06:57:18 251,904 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\iepeers.dll
+ 2008-04-21 06:57:18 96,768 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\inseng.dll
+ 2008-04-21 06:57:18 16,384 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\jsproxy.dll
+ 2008-04-21 06:57:22 3,087,872 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\mshtml.dll
+ 2008-04-21 06:57:22 449,024 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\mshtmled.dll
+ 2008-04-21 06:57:23 146,432 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\msrating.dll
+ 2008-04-21 06:57:23 532,480 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\mstime.dll
+ 2008-04-21 06:57:23 39,424 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\pngfilt.dll
+ 2008-04-21 06:57:25 1,499,648 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\shdocvw.dll
+ 2008-04-21 06:57:26 474,624 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\shlwapi.dll
+ 2008-04-17 11:03:45 370,176 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\spru040c.dll
+ 2008-04-21 06:57:26 620,544 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\urlmon.dll
+ 2008-04-21 06:57:27 670,720 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\wininet.dll
+ 2008-04-21 06:43:36 3,087,872 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP3GDR\mshtml.dll
+ 2008-04-21 06:43:36 670,208 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP3GDR\wininet.dll
+ 2008-04-21 06:30:24 3,088,384 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP3QFE\mshtml.dll
+ 2008-04-21 06:30:24 670,720 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP3QFE\wininet.dll
+ 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB950759\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB950759\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB950759\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB950759\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB950759\update\updspapi.dll
+ 2007-11-30 12:39:29 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB950760\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB950760\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB950760\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB950760\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB950760\update\updspapi.dll
+ 2008-05-08 12:14:51 203,008 ----a-w C:\WINDOWS\$hf_mig$\KB950762\SP2QFE\rmcast.sys
+ 2008-05-08 14:02:52 203,136 ----a-w C:\WINDOWS\$hf_mig$\KB950762\SP3GDR\rmcast.sys
+ 2008-05-08 13:58:17 203,136 ----a-w C:\WINDOWS\$hf_mig$\KB950762\SP3QFE\rmcast.sys
+ 2007-11-30 12:39:29 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB950762\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB950762\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB950762\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB950762\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB950762\update\updspapi.dll
+ 2008-07-07 20:18:27 253,952 ----a-w C:\WINDOWS\$hf_mig$\KB950974\SP2QFE\es.dll
+ 2008-07-07 20:28:20 253,952 ----a-w C:\WINDOWS\$hf_mig$\KB950974\SP3GDR\es.dll
+ 2008-07-07 20:24:11 253,952 ----a-w C:\WINDOWS\$hf_mig$\KB950974\SP3QFE\es.dll
+ 2007-11-30 12:39:29 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB950974\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB950974\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\spcustom.dll
+ 2007-11-30 12:39:26 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\update.exe
+ 2007-11-30 12:39:29 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\updspapi.dll
+ 2008-04-11 18:40:33 683,520 ----a-w C:\WINDOWS\$hf_mig$\KB951066\SP2QFE\inetcomm.dll
+ 2008-04-11 19:05:22 691,712 ----a-w C:\WINDOWS\$hf_mig$\KB951066\SP3GDR\inetcomm.dll
+ 2008-04-11 22:23:04 691,712 ----a-w C:\WINDOWS\$hf_mig$\KB951066\SP3QFE\inetcomm.dll
+ 2007-11-30 12:39:29 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB951066\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951066\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951066\update\spcustom.dll
+ 2007-12-03 15:25:43 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951066\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB951066\update\updspapi.dll
+ 2008-07-14 11:03:00 62,976 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\SP2QFE\tzchange.exe
+ 2008-07-11 12:42:28 62,976 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\SP3GDR\tzchange.exe
+ 2008-07-11 12:51:51 62,976 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\SP3QFE\tzchange.exe
+ 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\updspapi.dll
+ 2008-06-14 18:03:13 272,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\SP2QFE\bthport.sys
+ 2008-06-14 17:33:37 272,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\SP3GDR\bthport.sys
+ 2008-06-14 17:40:19 272,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\SP3QFE\bthport.sys
+ 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\update\update.exe
+ 2007-11-30 11:19:10 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\update\updspapi.dll
+ 2008-05-07 04:55:47 1,294,336 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP2QFE\quartz.dll
+ 2008-05-07 05:11:24 1,294,336 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP3GDR\quartz.dll
+ 2008-05-07 05:04:59 1,294,336 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP3QFE\quartz.dll
+ 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB951698\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951698\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\updspapi.dll
+ 2006-08-16 12:13:24 100,352 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\6to4svc.dll
+ 2008-06-20 10:44:08 138,368 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\afd.sys
+ 2008-06-20 17:37:01 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\dnsapi.dll
+ 2008-06-20 17:37:01 247,808 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\mswsock.dll
+ 2008-06-20 10:44:42 360,960 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
+ 2008-06-20 09:32:39 225,920 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip6.sys
+ 2008-06-20 11:40:08 138,496 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\afd.sys
+ 2008-06-20 17:47:22 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\dnsapi.dll
+ 2008-06-20 17:47:22 247,808 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\mswsock.dll
+ 2008-06-20 11:51:12 361,600 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
+ 2008-06-20 11:08:27 225,856 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip6.sys
+ 2008-06-20 11:48:03 138,496 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\afd.sys
+ 2008-06-20 17:44:02 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\dnsapi.dll
+ 2008-06-20 17:44:02 247,808 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll
+ 2008-06-20 11:59:02 361,600 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
+ 2008-06-20 11:16:44 225,856 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip6.sys
+ 2007-11-30 12:39:29 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB951748\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951748\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951748\update\spcustom.dll
+ 2007-11-30 12:39:26 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951748\update\update.exe
+ 2007-11-30 12:39:29 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB951748\update\updspapi.dll
+ 2008-05-01 15:04:51 331,776 ----a-w C:\WINDOWS\$hf_mig$\KB952287\SP2QFE\msadce.dll
+ 2008-05-01 14:36:26 331,776 ----a-w C:\WINDOWS\$hf_mig$\KB952287\SP3GDR\msadce.dll
+ 2008-05-01 14:39:23 331,776 ----a-w C:\WINDOWS\$hf_mig$\KB952287\SP3QFE\msadce.dll
+ 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB952287\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB952287\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB952287\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB952287\update\update.exe
+ 2007-11-30 11:19:10 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB952287\update\updspapi.dll
+ 2008-06-24 16:30:27 74,240 ----a-w C:\WINDOWS\$hf_mig$\KB952954\SP2QFE\mscms.dll
+ 2008-06-24 16:44:02 74,240 ----a-w C:\WINDOWS\$hf_mig$\KB952954\SP3GDR\mscms.dll
+ 2008-06-24 16:53:52 74,240 ----a-w C:\WINDOWS\$hf_mig$\KB952954\SP3QFE\mscms.dll
+ 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB952954\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB952954\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\updspapi.dll
+ 2008-06-23 16:15:33 1,024,512 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\browseui.dll
+ 2008-06-23 16:15:34 152,064 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\cdfview.dll
+ 2008-06-23 16:15:35 1,056,768 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\danim.dll
+ 2008-06-23 16:15:35 357,888 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\dxtmsft.dll
+ 2008-06-23 16:15:35 205,312 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\dxtrans.dll
+ 2008-06-23 16:15:35 55,808 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\extmgr.dll
+ 2008-06-23 09:53:58 18,432 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\iedw.exe
+ 2008-06-23 16:15:36 251,904 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\iepeers.dll
+ 2008-06-23 16:15:36 96,768 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\inseng.dll
+ 2008-06-23 16:15:36 16,384 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\jsproxy.dll
+ 2008-06-23 16:15:39 3,088,384 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\mshtml.dll
+ 2008-06-23 16:15:40 449,024 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\mshtmled.dll
+ 2008-06-23 16:15:40 146,432 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\msrating.dll
+ 2008-06-23 16:15:41 532,480 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\mstime.dll
+ 2008-06-23 16:15:41 39,424 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\pngfilt.dll
+ 2008-06-23 16:15:42 1,499,648 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\shdocvw.dll
+ 2008-06-23 16:15:43 474,624 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\shlwapi.dll
+ 2008-07-03 09:42:35 370,176 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\spru040c.dll
+ 2008-06-23 16:15:43 620,544 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\urlmon.dll
+ 2008-06-23 16:15:44 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\wininet.dll
+ 2008-06-23 15:10:27 3,088,384 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP3GDR\mshtml.dll
+ 2008-06-26 08:13:32 1,499,648 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP3GDR\shdocvw.dll
+ 2008-06-26 08:13:32 620,544 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP3GDR\urlmon.dll
+ 2008-06-23 15:10:27 670,208 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP3GDR\wininet.dll
+ 2008-06-25 04:26:28 3,088,896 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP3QFE\mshtml.dll
+ 2008-06-26 08:00:28 1,499,648 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP3QFE\shdocvw.dll
+ 2008-06-26 08:00:28 620,544 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP3QFE\urlmon.dll
+ 2008-06-23 14:56:26 670,720 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP3QFE\wininet.dll
+ 2007-11-30 12:39:29 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB953838\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB953838\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB953838\update\spcustom.dll
+ 2007-11-30 12:39:26 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB953838\update\update.exe
+ 2007-11-30 12:39:29 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB953838\update\updspapi.dll
+ 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB953839\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB953839\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB953839\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB953839\update\update.exe
+ 2007-11-30 11:19:10 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB953839\update\updspapi.dll
+ 2004-08-05 12:00:00 2,804,224 -c----w C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msi.dll
+ 2004-08-05 12:00:00 77,312 -c----w C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msiexec.exe
+ 2004-08-05 12:00:00 331,264 -c----w C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msihnd.dll
+ 2004-08-05 12:00:00 884,736 -c----w C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msimsg.dll
+ 2004-08-05 12:00:00 44,032 -c----w C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msisip.dll
+ 2005-05-04 12:45:28 213,216 -c----w C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe
+ 2005-05-04 12:45:28 395,488 -c----w C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\updspapi.dll
+ 2005-02-25 03:35:24 213,216 -c----w C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe
+ 2005-02-25 03:35:25 395,488 -c----w C:\WINDOWS\$NtUninstallKB898461$\spuninst\updspapi.dll
+ 2004-08-05 12:00:00 450,560 -c----w C:\WINDOWS\$NtUninstallKB917344$\jscript.dll
+ 2005-10-12 23:18:45 216,800 -c----w C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe
+ 2005-10-12 23:18:49 394,976 -c----w C:\WINDOWS\$NtUninstallKB917344$\spuninst\updspapi.dll
+ 2005-06-28 17:23:38 216,800 -c----w C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe
+ 2005-06-28 17:23:53 371,424 -c----w C:\WINDOWS\$NtUninstallKB923689$\spuninst\updspapi.dll
+ 2004-08-10 23:45:06 2,362,104 -c----w C:\WINDOWS\$NtUninstallKB923689$\wmvcore.dll
+ 2005-06-28 08:23:40 216,800 -c----w C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe
+ 2005-06-28 08:23:54 371,424 -c----w C:\WINDOWS\$NtUninstallKB941569$\spuninst\updspapi.dll
+ 2004-08-10 23:45:04 229,376 -c----w C:\WINDOWS\$NtUninstallKB941569$\wmasf.dll
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe
+ 2007-11-30 11:19:10 406,392 -c----w C:\WINDOWS\$NtUninstallKB942763$\spuninst\updspapi.dll
+ 2006-05-18 05:31:21 450,560 -c----w C:\WINDOWS\$NtUninstallKB942840$\jscript.dll
+ 2006-05-18 05:31:21 450,560 -c----w C:\WINDOWS\$NtUninstallKB942840$\jscript.dll.000
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\$NtUninstallKB942840$\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\$NtUninstallKB942840$\spuninst\updspapi.dll
+ 2007-11-14 07:28:02 450,560 -c----w C:\WINDOWS\$NtUninstallKB944338-v2$\jscript.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\$NtUninstallKB944338-v2$\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\$NtUninstallKB944338-v2$\spuninst\updspapi.dll
+ 2004-08-05 12:00:00 417,792 -c----w C:\WINDOWS\$NtUninstallKB944338-v2$\vbscript.dll
+ 2004-08-03 23:07:10 82,944 -c----w C:\WINDOWS\$NtUninstallKB946648$\msgsc.dll
+ 2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB946648$\spuninst\updspapi.dll
+ 2004-08-05 12:00:00 561,179 -c----w C:\WINDOWS\$NtUninstallKB950749$\dao360.dll
+ 2004-08-05 12:00:00 512,029 -c----w C:\WINDOWS\$NtUninstallKB950749$\msexch40.dll
+ 2004-08-05 12:00:00 319,517 -c----w C:\WINDOWS\$NtUninstallKB950749$\msexcl40.dll
+ 2004-08-05 12:00:00 1,507,356 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjet40.dll
+ 2004-08-05 12:00:00 358,976 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjetol1.dll
+ 2004-08-05 12:00:00 358,976 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjetoledb40.dll
+ 2004-08-05 12:00:00 184,351 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjint40.dll
+ 2004-08-05 12:00:00 53,279 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjter40.dll
+ 2004-08-05 12:00:00 241,693 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjtes40.dll
+ 2004-08-05 12:00:00 213,023 -c----w C:\WINDOWS\$NtUninstallKB950749$\msltus40.dll
+ 2004-08-05 12:00:00 348,189 -c----w C:\WINDOWS\$NtUninstallKB950749$\mspbde40.dll
+ 2004-08-05 12:00:00 421,919 -c----w C:\WINDOWS\$NtUninstallKB950749$\msrd2x40.dll
+ 2004-08-05 12:00:00 315,423 -c----w C:\WINDOWS\$NtUninstallKB950749$\msrd3x40.dll
+ 2004-08-05 12:00:00 552,989 -c----w C:\WINDOWS\$NtUninstallKB950749$\msrepl40.dll
+ 2004-08-05 12:00:00 258,077 -c----w C:\WINDOWS\$NtUninstallKB950749$\mstext40.dll
+ 2004-08-05 12:00:00 831,519 -c----w C:\WINDOWS\$NtUninstallKB950749$\mswdat10.dll
+ 2004-08-05 12:00:00 614,429 -c----w C:\WINDOWS\$NtUninstallKB950749$\mswstr10.dll
+ 2004-08-05 12:00:00 348,189 -c----w C:\WINDOWS\$NtUninstallKB950749$\msxbde40.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\$NtUninstallKB950749$\spuninst\updspapi.dll
+ 2004-08-05 12:00:00 1,017,344 -c----w C:\WINDOWS\$NtUninstallKB950759$\browseui.dll
+ 2004-08-05 12:00:00 151,552 -c----w C:\WINDOWS\$NtUninstallKB950759$\cdfview.dll
+ 2004-08-05 12:00:00 1,056,256 -c----w C:\WINDOWS\$NtUninstallKB950759$\danim.dll
+ 2004-08-05 12:00:00 357,888 -c----w C:\WINDOWS\$NtUninstallKB950759$\dxtmsft.dll
+ 2004-08-05 12:00:00 201,728 -c----w C:\WINDOWS\$NtUninstallKB950759$\dxtrans.dll
+ 2004-08-05 12:00:00 55,808 -c----w C:\WINDOWS\$NtUninstallKB950759$\extmgr.dll
+ 2004-08-05 12:00:00 18,432 -c----w C:\WINDOWS\$NtUninstallKB950759$\iedw.exe
+ 2004-08-05 12:00:00 249,344 -c----w C:\WINDOWS\$NtUninstallKB950759$\iepeers.dll
+ 2004-08-05 12:00:00 96,768 -c----w C:\WINDOWS\$NtUninstallKB950759$\inseng.dll
+ 2004-08-05 12:00:00 15,872 -c----w C:\WINDOWS\$NtUninstallKB950759$\jsproxy.dll
+ 2004-08-05 12:00:00 3,003,392 -c----w C:\WINDOWS\$NtUninstallKB950759$\mshtml.dll
+ 2004-08-05 12:00:00 448,512 -c----w C:\WINDOWS\$NtUninstallKB950759$\mshtmled.dll
+ 2004-08-05 12:00:00 146,432 -c----w C:\WINDOWS\$NtUninstallKB950759$\msrating.dll
+ 2004-08-05 12:00:00 530,432 -c----w C:\WINDOWS\$NtUninstallKB950759$\mstime.dll
+ 2004-08-05 12:00:00 39,424 -c----w C:\WINDOWS\$NtUninstallKB950759$\pngfilt.dll
+ 2004-08-05 12:00:00 1,483,776 -c----w C:\WINDOWS\$NtUninstallKB950759$\shdocvw.dll
+ 2004-08-05 12:00:00 474,112 -c----w C:\WINDOWS\$NtUninstallKB950759$\shlwapi.dll
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB950759$\spuninst\updspapi.dll
+ 2004-08-05 12:00:00 603,136 -c----w C:\WINDOWS\$NtUninstallKB950759$\urlmon.dll
+ 2004-08-05 12:00:00 660,480 -c----w C:\WINDOWS\$NtUninstallKB950759$\wininet.dll
+ 2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB950760$\spuninst\updspapi.dll
+ 2004-08-05 12:00:00 200,064 -c----w C:\WINDOWS\$NtUninstallKB950762$\rmcast.sys
+ 2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB950762$\spuninst\updspapi.dll
+ 2004-08-05 12:00:00 243,200 -c----w C:\WINDOWS\$NtUninstallKB950974$\es.dll
+ 2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe
+ 2007-11-30 12:39:29 406,392 -c----w C:\WINDOWS\$NtUninstallKB950974$\spuninst\updspapi.dll
+ 2004-08-05 12:00:00 678,400 -c----w C:\WINDOWS\$NtUninstallKB951066$\inetcomm.dll
+ 2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB951066$\spuninst\updspapi.dll
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\updspapi.dll
+ 2008-03-27 09:24:20 60,416 -c----w C:\WINDOWS\$NtUninstallKB951072-v2$\tzchange.exe
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe
+ 2007-11-30 11:19:10 406,392 -c----w C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\updspapi.dll
+ 2004-08-05 12:00:00 1,293,824 -c----w C:\WINDOWS\$NtUninstallKB951698$\quartz.dll
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB951698$\spuninst\updspapi.dll
+ 2004-08-05 12:00:00 100,352 -c----w C:\WINDOWS\$NtUninstallKB951748$\6to4svc.dll
+ 2004-08-05 12:00:00 138,496 -c----w C:\WINDOWS\$NtUninstallKB951748$\afd.sys
+ 2004-08-05 12:00:00 148,480 -c----w C:\WINDOWS\$NtUninstallKB951748$\dnsapi.dll
+ 2004-08-05 12:00:00 247,808 -c----w C:\WINDOWS\$NtUninstallKB951748$\mswsock.dll
+ 2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe
+ 2007-11-30 12:39:29 406,392 -c----w C:\WINDOWS\$NtUninstallKB951748$\spuninst\updspapi.dll
+ 2004-08-05 12:00:00 359,040 -c----w C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
+ 2004-08-05 12:00:00 223,616 -c----w C:\WINDOWS\$NtUninstallKB951748$\tcpip6.sys
+ 2004-08-05 12:00:00 331,776 -c----w C:\WINDOWS\$NtUninstallKB952287$\msadce.dll
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe
+ 2007-11-30 11:19:10 406,392 -c----w C:\WINDOWS\$NtUninstallKB952287$\spuninst\updspapi.dll
+ 2004-08-05 12:00:00 73,728 -c----w C:\WINDOWS\$NtUninstallKB952954$\mscms.dll
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB952954$\spuninst\updspapi.dll
+ 2008-04-21 07:02:27 1,024,000 -c----w C:\WINDOWS\$NtUninstallKB953838$\browseui.dll
+ 2008-04-21 07:02:27 152,064 -c----w C:\WINDOWS\$NtUninstallKB953838$\cdfview.dll
+ 2008-04-21 07:02:28 1,056,768 -c----w C:\WINDOWS\$NtUninstallKB953838$\danim.dll
+ 2008-04-21 07:02:28 357,888 -c----w C:\WINDOWS\$NtUninstallKB953838$\dxtmsft.dll
+ 2008-04-21 07:02:28 205,312 -c----w C:\WINDOWS\$NtUninstallKB953838$\dxtrans.dll
+ 2008-04-21 07:02:28 55,808 -c----w C:\WINDOWS\$NtUninstallKB953838$\extmgr.dll
+ 2008-04-17 10:52:54 18,432 -c----w C:\WINDOWS\$NtUninstallKB953838$\iedw.exe
+ 2008-04-21 07:02:29 251,392 -c----w C:\WINDOWS\$NtUninstallKB953838$\iepeers.dll
+ 2008-04-21 07:02:29 96,768 -c----w C:\WINDOWS\$NtUninstallKB953838$\inseng.dll
+ 2008-04-21 07:02:29 16,384 -c----w C:\WINDOWS\$NtUninstallKB953838$\jsproxy.dll
+ 2008-04-21 07:02:34 3,080,704 -c----w C:\WINDOWS\$NtUninstallKB953838$\mshtml.dll
+ 2008-04-21 07:02:34 449,024 -c----w C:\WINDOWS\$NtUninstallKB953838$\mshtmled.dll
+ 2008-04-21 07:02:34 146,432 -c----w C:\WINDOWS\$NtUninstallKB953838$\msrating.dll
+ 2008-04-21 07:02:35 532,480 -c----w C:\WINDOWS\$NtUninstallKB953838$\mstime.dll
+ 2008-04-21 07:02:35 39,424 -c----w C:\WINDOWS\$NtUninstallKB953838$\pngfilt.dll
+ 2008-04-21 07:02:37 1,495,040 -c----w C:\WINDOWS\$NtUninstallKB953838$\shdocvw.dll
+ 2008-04-21 07:02:38 474,624 -c----w C:\WINDOWS\$NtUninstallKB953838$\shlwapi.dll
+ 2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe
+ 2007-11-30 12:39:29 406,392 -c----w C:\WINDOWS\$NtUninstallKB953838$\spuninst\updspapi.dll
+ 2008-04-21 07:02:39 617,984 -c----w C:\WINDOWS\$NtUninstallKB953838$\urlmon.dll
+ 2008-04-21 07:02:40 663,552 -c----w C:\WINDOWS\$NtUninstallKB953838$\wininet.dll
+ 2008-04-17 11:03:45 370,176 -c----w C:\WINDOWS\$NtUninstallKB953838$\xpsp3res.dll
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe
+ 2007-11-30 11:19:10 406,392 -c----w C:\WINDOWS\$NtUninstallKB953839$\spuninst\updspapi.dll
+ 2006-10-16 14:10:58 221,488 -c----w C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe
+ 2006-10-16 14:10:58 379,184 -c----w C:\WINDOWS\$NtUninstallWIC$\spuninst\updspapi.dll
- 2008-07-25 14:49:47 7,168 ----a-w C:\WINDOWS\assembly\GAC\IEExecRemote\1.0.5000.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2008-07-26 14:40:25 8,192 ----a-w C:\WINDOWS\assembly\GAC\IEExecRemote\1.0.5000.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2008-07-25 14:49:26 32,768 ----a-w C:\WINDOWS\assembly\GAC\IEHost\1.0.5000.0__b03f5f7f11d50a3a\IEHost.dll
+ 2008-07-26 14:40:28 32,768 ----a-w C:\WINDOWS\assembly\GAC\IEHost\1.0.5000.0__b03f5f7f11d50a3a\IEHost.dll
- 2008-07-25 14:48:32 716,800 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.JScript\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2008-07-26 14:40:41 720,896 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.JScript\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2008-07-27 01:11:51 91,488 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.InfoPath.Xml\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.Xml.dll
+ 2008-07-27 01:11:51 103,776 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.InfoPath\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.dll
- 2008-07-25 18:56:04 64,088 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Vbe.Interop\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
+ 2008-07-27 01:11:14 66,936 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Vbe.Interop\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
- 2008-07-25 14:48:34 299,008 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.VisualBasic\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2008-07-26 14:40:28 299,008 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.VisualBasic\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2008-07-25 18:56:03 223,800 ----a-w C:\WINDOWS\assembly\GAC\office\11.0.0.0__71e9bce111e9429c\OFFICE.DLL
+ 2008-07-27 01:11:02 226,656 ----a-w C:\WINDOWS\assembly\GAC\office\11.0.0.0__71e9bce111e9429c\OFFICE.DLL
- 2008-07-25 14:49:47 32,768 ----a-w C:\WINDOWS\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\RegCode.dll
+ 2008-07-26 14:40:37 32,768 ----a-w C:\WINDOWS\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\RegCode.dll
- 2008-07-25 14:49:56 299,008 ----a-w C:\WINDOWS\assembly\GAC\System.Data.OracleClient\1.0.5000.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2008-07-26 14:40:33 303,104 ----a-w C:\WINDOWS\assembly\GAC\System.Data.OracleClient\1.0.5000.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2008-07-25 14:49:31 1,290,240 ----a-w C:\WINDOWS\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll
+ 2008-07-26 14:40:38 1,294,336 ----a-w C:\WINDOWS\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll
- 2008-07-25 14:49:33 1,699,840 ----a-w C:\WINDOWS\assembly\GAC\System.Design\1.0.5000.0__b03f5f7f11d50a3a\System.Design.dll
+ 2008-07-26 14:40:27 1,703,936 ----a-w C:\WINDOWS\assembly\GAC\System.Design\1.0.5000.0__b03f5f7f11d50a3a\System.Design.dll
- 2008-07-25 14:49:34 86,016 ----a-w C:\WINDOWS\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2008-07-26 14:40:40 90,112 ----a-w C:\WINDOWS\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2008-07-25 14:49:37 466,944 ----a-w C:\WINDOWS\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2008-07-26 14:40:33 466,944 ----a-w C:\WINDOWS\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2008-07-25 14:49:34 241,664 ----a-w C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2008-07-26 14:40:30 241,664 ----a-w C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2008-07-25 14:49:34 64,000 ----a-w C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll
+ 2008-07-26 14:40:30 66,560 ----a-w C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll
- 2008-07-25 14:49:37 368,640 ----a-w C:\WINDOWS\assembly\GAC\System.Management\1.0.5000.0__b03f5f7f11d50a3a\System.Management.dll
+ 2008-07-26 14:40:36 372,736 ----a-w C:\WINDOWS\assembly\GAC\System.Management\1.0.5000.0__b03f5f7f11d50a3a\System.Management.dll
- 2008-07-25 14:49:38 241,664 ----a-w C:\WINDOWS\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2008-07-26 14:40:41 241,664 ----a-w C:\WINDOWS\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2008-07-25 14:49:38 323,584 ----a-w C:\WINDOWS\assembly\GAC\System.Runtime.Remoting\1.0.5000.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2008-07-26 14:40:34 323,584 ----a-w C:\WINDOWS\assembly\GAC\System.Runtime.Remoting\1.0.5000.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2008-07-25 14:49:39 131,072 ----a-w C:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-07-26 14:40:30 131,072 ----a-w C:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2008-07-25 14:49:39 77,824 ----a-w C:\WINDOWS\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2008-07-26 14:40:32 77,824 ----a-w C:\WINDOWS\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
- 2008-07-25 14:49:39 126,976 ----a-w C:\WINDOWS\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2008-07-26 14:40:38 126,976 ----a-w C:\WINDOWS\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2008-07-25 14:49:51 819,200 ----a-w C:\WINDOWS\assembly\GAC\System.Web.Mobile\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2008-07-26 14:40:25 819,200 ----a-w C:\WINDOWS\assembly\GAC\System.Web.Mobile\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2008-07-25 14:49:41 57,344 ----a-w C:\WINDOWS\assembly\GAC\System.Web.RegularExpressions\1.0.5000.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2008-07-26 14:40:29 57,344 ----a-w C:\WINDOWS\assembly\GAC\System.Web.RegularExpressions\1.0.5000.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2008-07-25 14:49:42 569,344 ----a-w C:\WINDOWS\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2008-07-26 14:40:27 573,440 ----a-w C:\WINDOWS\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2008-07-25 14:49:41 1,245,184 ----a-w C:\WINDOWS\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2008-07-27 01:19:57 1,265,664 ----a-w C:\WINDOWS\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
- 2008-07-25 14:49:45 2,039,808 ----a-w C:\WINDOWS\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2008-07-26 14:40:31 2,052,096 ----a-w C:\WINDOWS\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
- 2008-07-25 14:49:47 1,335,296 ----a-w C:\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.Xml.dll
+ 2008-07-26 14:40:36 1,339,392 ----a-w C:\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll
- 2008-07-25 14:49:36 1,216,512 ----a-w C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2008-07-27 01:20:00 1,232,896 ----a-w C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2008-07-27 01:22:11 118,784 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_b234c455\CustomMarshalers.dll
+ 2008-07-27 01:20:30 61,440 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_b3b53ba3\CustomMarshalers.dll
+ 2008-07-27 01:23:44 8,908,800 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_9be36afe\mscorlib.dll
+ 2008-07-27 01:21:52 3,391,488 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_d37c7fd6\mscorlib.dll
+ 2008-07-27 01:23:08 3,395,584 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_6137af7a\System.Design.dll
+ 2008-07-27 01:21:30 1,470,464 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_ab4e0619\System.Design.dll
+ 2008-07-27 01:22:13 192,512 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_24148a46\System.Drawing.Design.dll
+ 2008-07-27 01:20:36 90,112 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_274b66fd\System.Drawing.Design.dll
+ 2008-07-27 01:23:20 2,244,608 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_36fea1a6\System.Drawing.dll
+ 2008-07-27 01:21:39 835,584 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_787f6e86\System.Drawing.dll
+ 2008-07-27 01:22:34 7,884,800 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_40ce302e\System.Windows.Forms.dll
+ 2008-07-27 01:20:57 3,018,752 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_7a9b1104\System.Windows.Forms.dll
+ 2008-07-27 01:21:17 2,088,960 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_332bf2ea\System.Xml.dll
+ 2008-07-27 01:22:48 5,513,216 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_e7baa562\System.Xml.dll
+ 2008-07-27 01:20:26 1,966,080 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_b531c6dc\System.dll
+ 2008-07-27 01:22:09 4,788,224 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_df50c61c\System.dll
+ 2008-07-26 14:42:39 835,584 ------w C:\WINDOWS\assembly\temp\[u]0[/u]7DJPV17DJ\System.Drawing.dll
+ 2008-07-26 14:41:05 1,953,792 ------w C:\WINDOWS\assembly\temp\5BHNTZ5BHN\System.dll
+ 2008-07-26 14:41:36 3,014,656 ------w C:\WINDOWS\assembly\temp\7EKQW28EKQ\System.Windows.Forms.dll
+ 2008-07-26 14:40:39 1,257,472 ------w C:\WINDOWS\assembly\temp\LSY4AGMSY4\System.Web.dll
+ 2008-07-26 14:42:12 2,088,960 ------w C:\WINDOWS\assembly\temp\OV17DJPV17\System.Xml.dll
+ 2008-07-26 14:42:51 3,379,200 ------w C:\WINDOWS\assembly\temp\SZ6CIOU06C\mscorlib.dll
+ 2008-07-26 14:40:42 1,224,704 ------w C:\WINDOWS\assembly\temp\U28EKQW28E\System.dll
+ 2008-03-24 17:33:02 1,527,056 ----a-w C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe
+ 2008-06-14 17:59:52 272,768 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys
+ 2008-02-04 08:10:10 208,928 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\ImagingDevice.dll
+ 2008-02-04 08:06:54 417,312 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\ImagingServices.dll
+ 2008-02-04 08:08:42 83,488 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\LiveAlbumXCtrl.dll
+ 2008-02-04 08:07:46 1,779,744 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\MicrosoftEffects.dll
+ 2008-02-04 08:05:04 46,112 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\PhotoViewerShim.dll
+ 2008-02-04 08:06:46 372,256 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXAlbumDownloadWizard.exe
+ 2008-02-01 09:23:12 279,680 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\wlxclip.dll
+ 2008-02-01 09:13:40 191,104 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXDSPA.dll
+ 2008-02-04 08:10:02 130,592 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXGrinderScheduler.dll
+ 2008-02-04 08:06:00 59,424 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXImageTranscode.dll
+ 2008-02-04 08:08:26 712,224 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXMediaPublishSubscribe.dll
+ 2008-02-01 09:17:40 587,264 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPGSS.SCR
+ 2008-02-04 08:07:22 1,565,728 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoAcq.dll
+ 2008-02-01 09:13:40 227,456 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoAcquireWizard.exe
+ 2008-02-04 08:08:38 86,560 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoCinematic.dll
+ 2008-02-04 08:08:32 83,488 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoClassic.dll
+ 2008-02-04 08:09:08 125,472 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoGallery.exe
+ 2008-02-01 09:13:42 16,000 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoGalleryRepair.exe
+ 2008-02-04 08:06:54 394,272 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoLibraryDatabase.dll
+ 2008-02-04 08:06:20 1,515,040 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoViewer.dll
+ 2008-02-04 08:06:20 1,250,336 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoVoyager.dll
+ 2008-02-04 08:06:18 752,672 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPipeline.dll
+ 2008-02-04 08:06:14 734,752 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPipetran.dll
+ 2008-02-01 09:13:42 101,504 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXQuickTimeControlHost.exe
+ 2008-02-04 08:05:00 20,512 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXQuickTimeControlHostPS.dll
+ 2008-02-04 08:05:04 53,792 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXQuickTimeShellExt.dll
+ 2008-02-04 08:08:42 85,024 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXThumbCache.dll
+ 2008-02-04 08:10:04 144,416 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXVAFilt.dll
+ 2008-02-04 08:07:40 675,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXVideoAcquireWizard.exe
+ 2008-02-04 08:07:10 69,152 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXVideoCameraAutoPlayManager.exe
+ 2008-02-04 08:10:10 165,408 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXVideoTrim.dll
+ 2003-07-15 09:13:58 166,456 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\ACCWIZ.DLL
+ 2003-07-15 04:43:20 87,616 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\ADDRPARS.DLL
+ 2003-07-15 04:57:34 38,968 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\AUTHZAX.DLL
+ 2003-07-15 04:53:06 94,768 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\AW.DLL
+ 2003-07-15 01:14:28 350,264 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\CDLMSO.DLL
+ 2003-07-15 09:18:12 47,160 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\DFUICOM.EXE
+ 2003-07-26 00:57:20 75,832 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\DLGSETP.DLL
+ 2003-07-15 04:56:54 14,904 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\DSITF.DLL
+ 2003-07-15 04:57:14 98,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\DSSM.EXE
+ 2003-07-31 21:19:52 131,648 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\ENVELOPE.DLL
+ 2003-08-13 08:34:38 10,073,144 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\EXCEL.EXE
+ 2003-07-15 04:41:44 13,368 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\FINDER.EXE
+ 2003-08-03 16:56:16 1,146,184 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\FM20.DLL
+ 2003-07-24 05:01:40 1,949,240 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\FPCUTL.DLL
+ 2003-07-15 05:36:14 186,424 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\FPDTC.DLL
+ 2003-07-15 04:40:12 179,768 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\FPERSON.DLL
+ 2003-07-26 01:00:16 1,157,696 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\FPSRVUTL.DLL
+ 2003-07-26 01:14:50 799,288 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\FPWEC.DLL
+ 2003-07-15 05:11:42 2,139,192 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\GRAPH.EXE
+ 2003-07-14 20:57:44 87,096 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\IEAWSDC.DLL
+ 2003-07-15 04:53:50 161,336 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\IETAG.DLL
+ 2003-07-24 04:32:32 121,400 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\IMPMAIL.DLL
+ 2003-08-01 21:07:36 4,815,424 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\INFOPATH.EXE
+ 2003-07-15 04:45:14 58,944 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\INLAUNCH.DLL
+ 2003-05-28 21:42:48 514,680 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\INTLNAME.DLL
+ 2003-06-18 23:31:44 758,784 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MDIGRAPH.DLL
+ 2003-06-18 23:31:10 252,928 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MDIINK.DLL
+ 2003-06-18 23:31:48 17,920 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MDIMON.DLL
+ 2003-06-18 23:31:48 18,944 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MDIPPR.DLL
+ 2003-06-18 23:31:46 35,328 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MDIUI.DLL
+ 2003-06-18 23:31:34 443,904 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MDIVWCTL.DLL
+ 2003-05-28 21:42:50 342,616 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\METCONV.DLL
+ 2003-07-15 04:46:08 176,696 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MIMEDIR.DLL
+ 2003-08-15 06:54:08 6,627,392 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSACCESS.EXE
+ 2003-07-15 09:13:58 130,112 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSAEXP30.DLL
+ 2003-07-14 20:58:04 230,968 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSCDM.DLL
+ 2003-07-15 04:51:50 116,288 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSCONV97.DLL
+ 2002-12-18 01:08:50 359,600 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSDMENG.DLL
+ 2002-12-18 01:08:54 1,383,592 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSDMINE.DLL
+ 2003-07-15 04:51:44 87,104 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSENCODE.DLL
+ 2003-07-15 09:14:00 139,328 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSJSPP40.DLL
+ 2002-04-10 02:14:36 187,560 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSMDUN80.DLL
+ 2003-07-15 04:52:52 17,464 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSMH.DLL
+ 2003-08-08 06:23:16 12,172,336 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSO.DLL
+ 2003-07-14 20:57:16 120,888 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOAUTH.DLL
+ 2003-07-15 01:14:18 106,552 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOCF.DLL
+ 2003-07-23 20:35:26 127,032 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOCFU.DLL
+ 2003-07-15 04:52:52 27,704 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSODCW.DLL
+ 2003-07-15 04:44:06 25,144 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOEURO.DLL
+ 2003-07-15 04:52:56 55,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOHTMED.EXE
+ 2002-12-18 01:09:24 2,071,752 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOLAP80.DLL
+ 2003-07-11 08:15:48 1,292,872 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSONSEXT.DLL
+ 2003-07-15 09:18:52 376,888 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSORUN.DLL
+ 2003-07-14 20:52:54 28,224 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOSTYLE.DLL
+ 2003-07-15 04:52:52 35,896 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOSV.DLL
+ 2003-07-15 04:53:20 39,488 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOSVFBR.DLL
+ 2003-07-15 04:46:16 42,040 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOXEV.DLL
+ 2003-07-15 04:45:12 55,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOXMLED.EXE
+ 2003-07-15 04:45:12 39,488 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOXMLMF.DLL
+ 2003-06-18 23:31:24 1,033,216 ----a-r C:\WINDOWS\Installer\$Patch
0
Réponse 2 / 7
pistol pit
 
Ok j'ai fait la manip avec elibaga, mais pas moyen d'accéder au lien FindB!
0
Réponse 3 / 7
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
slt

colle un rapport avec malwarebyte antimalware après suppression de ce qui a été trouvé:
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
-1
Réponse 4 / 7
pistol pit Messages postés 3 Statut Membre
 
Re bonjour,

Voici le rapport avec malwarebyte antimalware après suppression de ce qui a été trouvé. Visiblement il m'a supprimé trojan et rootkit agent, mais j'ai encore des souçis, du genre impossible d'accéder aux fichiers cachés.
Merci d'avance pour votre aide.

Malwarebytes' Anti-Malware 1.25
Version de la base de données: 1097
Windows 5.1.2600 Service Pack 2

13:43:09 30/08/2008
mbam-log-08-30-2008 (13-43-07).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 77430
Temps écoulé: 32 minute(s), 49 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\WINDOWS\system32\drivers\downld (Trojan.Agent) -> No action taken.

Fichier(s) infecté(s):
C:\WINDOWS\system32\drivers\hldrrr.exe (Rootkit.Agent) -> No action taken.
-1

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 7
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
Télécharge Combofix de sUBs : Renomme le avant toute installation, par exemple, nomme le "KillBagle". aide ici : https://forum.pcastuces.com/sujet.asp?f=25&s=37315

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Sauvegarde le sur ton bureau et pas ailleurs !

Aide à l’utilisation de combofix ici: https://bibou0007.forumpro.fr/login?redirect=%2Ft121-topic

Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider, laisse toi guider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.

-----------

* Téléchargez ELIBAGLA en bas de cette page http://www.zonavirus.com/datos/descargas/95/elibagla.asp
* Clique sur le bouton Descargar Elibagla cela va télécharger le fichier, placez le sur votre bureau.
* Double-cliquez dessus pour l'ouvrir
* Assurez-vous que dans le menu déroulant Unidad, vous avez bien C:\
* Vérifiquez aussi que l'option en bas de la fenêtre Eliminar Ficheros Automaticamente est bien cochée
* Cliquez sur le bouton Explorar pour lancer l'analyse
------------

colle le rapport d'un scan en ligne
avec un des suivants:

bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html

Panda en ligne :
http://pandasoftware.fr
-1
Réponse 6 / 7
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
ok fais elibaga puis

Telecharge FindB :

- Fas un clic droit sur le lien, enregistrer sous .... sur le bureau

---> http://sd-1.archive-host.com/membres/up/116615172019703188/FindB.exe

--> Double clic sur FindB

--> Post le rapport FindB.txt dans ton prochain message

Note : le rapport FindB.txt est sauvegardé a la racine du disque
-1
Réponse 7 / 7
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
colle le rapport elibaga

_______

scan avec
MalwareByte's Anti-Malware et vire ce qui est trouvé et colle le rapport

https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

------------

colle le rapport d'un scan en ligne
avec un des suivants:

bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html

Panda en ligne :
http://pandasoftware.fr
-1

Discussions similaires

svp 32Gb est il egal a 32Go??
William Fernand -
nemrod18 -

3 réponses