Sujet Précédent Sujet Suivant

Besoin d'aide pour éradiquer virus

Résolu
fredjibb Messages postés 230 Statut Membre -  
fredjibb Messages postés 230 Statut Membre -
Bonjour,
j'espere que quelqu'un pourra m'aider à localiser et nettoyer un virus de mon pc
je ne sais plus comment faire pour recuperer toutes les fonctions que j'avais merci d'avance
A voir également:

17 réponses

Réponse 1 / 17
noctambule28 Messages postés 33382 Date d'inscription   Statut Webmaster Dernière intervention   2 858
 
Salut

Bien que le fait d'avoir fait combofix n'apparaissait pas nécessaire pour l'instant ( c'est un logiciel à manier avec précaution) ce qui serait bien , c'est que tu postes le rapport en entier malgré tout

Fait edition, selectionné tout
edition copier

et viens ici coller , la methode du defilement ne fonctionne pas toujours avec les tres long rapports

Et comme pour l'instant il n'y a rien de flagrant , je vais te faire executer des logiciels de recherche , ils ne font que lire , eux, alors que combofix travaille des son utilisation, et ce n'est pas forcement recommander

Pour un ongle incarné , il n'y a prescription d'une emputation d'office ;)
==========================

Donc rapport combo en entier

et
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2

* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)

et ça
* Télécharge DiagHelp.zip sur ton bureau
http://www.malekal.com/download/DiagHelp.zip
* Ne double-clique pas dessus !! Fais un clic droit sur le fichier et extraire tout
* Un nouveau dossier chercher va être créé DiagHelp
* Ouvre le et double-clic sur go.cmd (le .cmd peut ne pas apparaître)
* Une fenêtre va s'ouvrir, choisis l'option 1
* L'analyse va commencer, ceci peut durer quelques minutes, laisse faire et appuie sur une touche quand on te le demande.

ATTENTION : pendant l'analyse, après le rapport catchme, il te sera demandé d'appuyer sur une touche afin de poursuivre le scan, suis bien les instructions à l'écran !

- A la fin de l'analyse, il peut-être (pas obligatoire) demandé de redemander l'ordinateur... Une fois l'ordinateur redémarré le rapport va apparaître sur le bloc-note.

Ce dernier se trouve sur C:resultat.txt

- Copie/colle le contenu du bloc-note qui s'ouvre, pour cela :
-- Dans le bloc-note, cliquez sur le menu Edition / Selectionner tout
-- A nouveau menu Edition / copier
-- Dans un nouveau message ici, faire un clic droit / coller

======================================================

Tuto : http://www.malekal.com/DiagHelp/DiagHelp.php

http://www.malekal.com/DiagHelp/

http://www.malekal.com/DiagHelp/DiagHelp_helper.php

@+

1
fredjibb Messages postés 230 Statut Membre 1
 
merci de l'interet que tu portes à m'apporter des reponses à mon problème
je te remercie pour ton aide et pour tes conseils
ci joint le rapport du premier logiciel

-----------\\ ToolBar S&D 1.2.5 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Turion(tm) 64 X2 Mobile Technology TL-50 )
BIOS : Insyde Software MobilePRO BIOS Version 4.20.10
USER : akira ( Administrator )
BOOT : Normal boot
Antivirus : Bitdefender Antivirus 8.0 (Activated)
Firewall : Bitdefender Firewall 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:85 Go (Free:50 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
F:\ (USB)

"C:\ToolBar SD" ( MAJ : 20-11-2008|20:25 )
Option : [1] ( 25/11/2008|12:00 )

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ Extensions

(akira) - {4AB21F99-91C5-4a9d-813E-425841874FB1} => bloodfire-1.0.1-fx
(akira) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\windows\\system32\\blank.htm"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\windows\\system32\\blank.htm"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - 25/11/2008|12:02 - Option : [1]

-----------\\ Fin du rapport a 12:02:38,90
0
Réponse 2 / 17
noctambule28 Messages postés 33382 Date d'inscription   Statut Webmaster Dernière intervention   2 858
 
OTMoveIt3 (de OldTimer)
Télécharger OTMoveIt3 via un clic droit sur le lien ci-dessous:
http://oldtimer.geekstogo.com/OTMoveIt3.exe
Enregistrer le fichier sur le Bureau.

Ouvrir une fenêtre du Bloc-notes, via Démarrer---->Exécuter, taper notepad puis cliquer sur OK
Sélectionner toutes les lignesen gras ci-dessous, puis appuyer simultanément sur les touches Ctrl et C


:Files
c:\windows\ZZZZZZZZ.ZZZ

Retourner dans la fenêtre du Bloc-notes, faire un clic droit dans la fenêtre et choisir Coller
Vérifier (dans le menu Format) que "Retour automatique à ligne" n'est pas actif (pas coché).
Enregistrer le fichier sous le nom OTfichiers.txt
Fermer le Bloc-notes.

Lance OTMoveIt3 (de OldTimer)
Faire un double clic sur OTMoveIt3.exe pour lancer l'outil.
Ouvrir le fichier OTfichiers.txt dans le Bloc-notes.
En sélectionner toutes les lignes puis appuyer simultanément sur les touches Ctrl et C

Retourner dans la fenêtre de OTMoveIt3, faire un clic droit dans la fenêtre située sur la gauche nommée "Paste Instructions for Items to be Moved"
et choisir Coller.

Cliquer sur le bouton MoveIt!:
Attendre la fin du travail de l'outil puis fermer OTMoveIt3.
Note: Un redémarrage est parfois nécessaire. S'il est demandé, cliquer sur Oui/Yes

Résultats
Envoye en réponse:
*- le rapport de OTMoveIt3 (contenu du fichier Lecteur\_OTMoveIt\MovedFiles\********_******.log - les *** sont des chiffres représentant la date [moisjourannée] et l'heure)
1
fredjibb Messages postés 230 Statut Membre 1
 
voici le rapport ot move it
je t'envoie le rapport de mbam quand il sera fini
encore merci
========== FILES ==========
c:\windows\ZZZZZZZZ.ZZZ moved successfully.

OTMoveIt3 by OldTimer - Version 1.0.7.1 log created on 11292008_075228
0
fredjibb Messages postés 230 Statut Membre 1
 
voici le rapport de MBAM qui a détecté un élément nuisible...
merci encore pour ton temps et ton aide
Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1433
Windows 5.1.2600 Service Pack 2

2008-11-29 11:14:06
mbam-log-2008-11-29 (11-14-06).txt

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|)
Eléments examinés: 134972
Temps écoulé: 1 hour(s), 4 minute(s), 58 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b69a9db4-d0a1-4722-b56b-f20757a29cdf} (Adware.Agent) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
0
Réponse 3 / 17
noctambule28 Messages postés 33382 Date d'inscription   Statut Webmaster Dernière intervention   2 858
 
Salut
Ca n'a pas l'air mal tout ça

Supprime combofix et toolbar S&D, si tu en avais besoin une autre fois il faudrait retélécharger.

Quelques conseils pour la suite:

Des nettoyages frequents avec ccleaner ( ça vire les temporare, ça evite l'engorgement du pc)
Le nettoyage du registre avec regseeker
tuto:https://www.zebulon.fr/dossiers/tutoriaux/53-regseeker.html

Une defragmentation de ton disque dur avec un outils autre que le defragmenteur Winndows qui est inéfficace
Avec jkdefrag par exemple

Il y aurait aussi la possibilité d'accelerer le demarrage en coupant l'activation de certains programmes au boot.
Tu tapes dans excuter: msconfig, dans l'onglet demarrrage, tu laisse coché les element de windows\sytem32 et ton antivirus ainsi que spybot, mais tu peux décocher le reste.
1
fredjibb Messages postés 230 Statut Membre 1
 
ok en tout cas merci pourtes conseils avisés merci pour ton dévouement et ton aide
je pense que mon probleme est résolu
merci et peut etre à bientot
0
Réponse 4 / 17
Utilisateur anonyme
 
bonsoir....

Commence par poster un rapport HijackThis stp,
>Télécharge HiJackThis : http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis
- Lance le programme, puis sélectionne < do a system scan and save a logfile >
- Enregistre le rapport sur ton bureau.
Et envoie, par copier/coller, ton log Hijackthis sur le forum,

A+

Tuto : si problème : http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 17
fredjibb Messages postés 230 Statut Membre 1
 
ok voici le rapport hi jack this merci de votre aide...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:09:09, on 23/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\lxctcoms.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\APPS\Powercinema\PCMService.exe
C:\Program Files\Lexmark 5400 Series\lxctmon.exe
C:\Program Files\Lexmark 5400 Series\ezprint.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
C:\APPS\SMP\SmpSys.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Opera\opera.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\HiJackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=6&key=OEM2
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: BitComet Helper - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - (no file)
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [PCMService] "c:\APPS\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [lxctmon.exe] "C:\Program Files\Lexmark 5400 Series\lxctmon.exe"
O4 - HKLM\..\Run: [Lexmark 5400 Series Fax Server] "C:\Program Files\Lexmark 5400 Series\fm3032.exe" /s
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 5400 Series\ezprint.exe"
O4 - HKLM\..\Run: [LXCTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Packard Bell Data Secure] C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x08da -f video -m logitech -d 10.5.1.2023 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x08da -f video -m logitech -d 10.5.1.2023 (User 'Default user')
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\Skype4COM.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: lxct_device - - C:\WINDOWS\system32\lxctcoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
0
Réponse 6 / 17
fredjibb Messages postés 230 Statut Membre 1
 
qu'est ce que je dois faire maintenant?
merci d'avance
0
Réponse 7 / 17
fredjibb Messages postés 230 Statut Membre 1
 
personne pour m'aider???
0
T911
 
Démarre ton pc en mode sans échec avec prise en charge du reseau
Choisi le mode ADMINISTRATEUR
Démarre Internet Explorer ou Firefox
Télécharge COMBOFIX à cet adresse https://forospyware.com
Exécute le fichier et redémarre en mode sans échec avec prise en charge du réseau encore une fois
Démarre Internet Explorer ou Firefox
Télécharge ROGUEFIX à cet adresse http://www.internetinspiration.co.uk/downloads/roguefix_2.224.bat
Exécute le fichier et laisse le redémarrer en mode normal.

J'espère que ça corrigera ton problème.


T911
0
Réponse 8 / 17
fredjibb Messages postés 230 Statut Membre 1
 
impossible de telecharger roguefix car c'est un fichier.dat c'est un fichier text en fait
0
fredjibb Messages postés 230 Statut Membre 1
 
voici le rapport de combofix merci à ceux qui prendront le temps d'y jeter un coup d'oeil...
ComboFix 08-11-23.01 - akira 2008-11-24 7:12:21.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.421 [GMT 1:00]
Lancé depuis: c:\documents and settings\akira\Bureau\ComboFix.exe
.

((((((((((((((((((((((((((((( Fichiers créés du 2008-10-24 au 2008-11-24 ))))))))))))))))))))))))))))))))))))
.

2008-11-24 00:32 . 2008-11-24 00:32 <REP> d-------- c:\documents and settings\akira\Application Data\Bitdefender
2008-11-24 00:31 . 2008-11-24 00:33 <REP> d-------- c:\documents and settings\All Users\Application Data\BitDefender
2008-11-23 20:47 . 2008-11-23 20:47 1,041,210 --a------ c:\windows\system32\PerfStringBackup.TMP
2008-11-23 20:47 . 2008-11-23 20:58 512 --a------ c:\windows\ZZZZZZZZ.ZZZ
2008-11-23 20:32 . 2007-09-05 23:22 289,144 --a------ c:\windows\system32\VCCLSID.exe
2008-11-23 20:32 . 2006-04-27 16:49 288,417 --a------ c:\windows\system32\SrchSTS.exe
2008-11-23 20:32 . 2008-10-01 14:51 87,552 --a------ c:\windows\system32\VACFix.exe
2008-11-23 20:32 . 2008-10-10 07:58 82,944 --a------ c:\windows\system32\o4Patch.exe
2008-11-23 20:32 . 2008-05-18 20:40 82,944 --a------ c:\windows\system32\IEDFix.exe
2008-11-23 20:32 . 2008-10-10 07:58 82,944 --a------ c:\windows\system32\IEDFix.C.exe
2008-11-23 20:32 . 2008-08-18 11:19 82,432 --a------ c:\windows\system32\404Fix.exe
2008-11-23 20:32 . 2003-06-05 20:13 53,248 --a------ c:\windows\system32\Process.exe
2008-11-23 20:32 . 2004-07-31 17:50 51,200 --a------ c:\windows\system32\dumphive.exe
2008-11-23 20:32 . 2007-10-03 23:36 25,600 --a------ c:\windows\system32\WS2Fix.exe
2008-11-23 20:04 . 2008-11-23 23:30 <REP> d-------- c:\program files\FindyKill
2008-11-22 06:59 . 2008-11-22 07:15 1,536 --a------ c:\windows\ZZZZZZZ.ZZZ
2008-11-12 01:15 . 2008-11-12 01:15 <REP> d-------- c:\program files\MSXML 4.0
2008-11-07 09:58 . 2008-11-20 12:23 54,156 --ah----- c:\windows\QTFont.qfn
2008-11-07 09:58 . 2008-11-07 09:58 1,409 --a------ c:\windows\QTFont.for
2008-11-02 21:04 . 2008-11-02 21:04 <REP> d-------- c:\program files\BitDefender
2008-11-02 21:03 . 2008-11-24 00:32 <REP> d-------- c:\program files\Fichiers communs\BitDefender

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-24 06:17 81,984 ----a-w c:\windows\system32\bdod.bin
2008-11-24 06:10 --------- d-----w c:\program files\Wanadoo
2008-11-24 05:39 --------- d-----w c:\program files\Lx_cats
2008-11-24 05:38 --------- d-----w c:\program files\Packard Bell Data Secure
2008-11-23 23:36 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-11-23 23:19 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-11-23 21:47 5,310 ----a-w c:\windows\system32\tmp.reg
2008-11-23 20:21 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2008-11-12 11:14 5,632 --sha-w c:\program files\Thumbs.db
2008-11-06 10:37 --------- d-----w c:\program files\Opera
2008-10-30 08:36 2,284,544 ----a-w c:\windows\system32\TUKernel.exe
2008-10-24 11:10 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-24 11:10 453,632 ----a-w c:\windows\system32\dllcache\mrxsmb.sys
2008-10-23 09:48 --------- d-----w c:\program files\eMule
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\dllcache\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\dllcache\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\dllcache\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\dllcache\wucltui.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\dllcache\cdm.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\dllcache\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\dllcache\wups.dll
2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll
2008-10-15 16:59 332,800 ----a-w c:\windows\system32\dllcache\netapi32.dll
2008-10-03 17:12 6,066,176 ----a-w c:\windows\system32\dllcache\ieframe.dll
2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-24 18:44 --------- d-----w c:\program files\Apple Software Update
2008-09-15 15:39 1,846,144 ----a-w c:\windows\system32\win32k.sys
2008-09-15 15:39 1,846,144 ----a-w c:\windows\system32\dllcache\win32k.sys
2008-09-04 16:45 1,106,944 ----a-w c:\windows\system32\msxml3.dll
2008-09-04 16:45 1,106,944 ----a-w c:\windows\system32\dllcache\msxml3.dll
2008-08-28 10:04 333,056 ----a-w c:\windows\system32\dllcache\srv.sys
2008-08-27 09:11 3,593,216 ----a-w c:\windows\system32\dllcache\mshtml.dll
2008-08-25 08:39 70,656 ----a-w c:\windows\system32\dllcache\ie4uinit.exe
2008-08-25 08:38 13,824 ----a-w c:\windows\system32\dllcache\ieudinit.exe
2007-10-25 05:03 47,360 ----a-w c:\documents and settings\akira\Application Data\pcouffin.sys
.

((((((((((((((((((((((((((((( snapshot@2008-06-06_ 8.29.38,15 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB938464\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB938464\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB938464\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB938464\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB938464\update\updspapi.dll
+ 2008-05-02 13:33:12 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP2QFE\msgsc.dll
+ 2008-05-02 14:01:52 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP3GDR\msgsc.dll
+ 2008-05-02 13:44:40 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP3QFE\msgsc.dll
+ 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB946648\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB946648\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB946648\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB946648\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB946648\update\updspapi.dll
+ 2008-04-23 07:19:26 124,928 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\advpack.dll
+ 2008-04-23 07:19:26 347,136 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\dxtmsft.dll
+ 2008-04-23 07:19:26 214,528 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\dxtrans.dll
+ 2008-04-23 07:19:26 132,608 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\extmgr.dll
+ 2008-04-23 07:19:26 63,488 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\icardie.dll
+ 2008-04-22 08:02:19 70,656 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ie4uinit.exe
+ 2008-04-23 07:19:26 153,088 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieakeng.dll
+ 2008-04-23 07:19:26 230,400 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieaksie.dll
+ 2008-04-20 05:07:38 161,792 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dat
+ 2008-04-23 07:19:26 383,488 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dll
+ 2008-04-23 07:19:26 388,608 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iedkcs32.dll
+ 2008-04-23 07:19:26 6,068,224 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieframe.dll
+ 2008-04-23 07:19:26 44,544 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iernonce.dll
+ 2008-04-23 07:19:26 267,776 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iertutil.dll
+ 2008-04-22 08:02:19 13,824 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieudinit.exe
+ 2008-04-22 08:02:46 625,664 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iexplore.exe
+ 2008-04-23 07:19:26 27,648 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\jsproxy.dll
+ 2008-04-23 07:19:27 459,264 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\msfeeds.dll
+ 2008-04-23 07:19:27 52,224 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\msfeedsbs.dll
+ 2008-04-23 07:19:27 3,593,728 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtml.dll
+ 2008-04-23 07:19:27 478,208 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtmled.dll
+ 2008-04-23 07:19:27 193,024 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\msrating.dll
+ 2008-04-23 07:19:27 671,232 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mstime.dll
+ 2008-04-23 07:19:27 102,912 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\occache.dll
+ 2008-04-23 07:19:27 44,544 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\pngfilt.dll
+ 2008-04-23 07:19:27 105,984 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\url.dll
+ 2008-04-23 07:19:27 1,162,752 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\urlmon.dll
+ 2008-04-23 07:19:27 233,472 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\webcheck.dll
+ 2008-04-23 07:19:27 827,392 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:34:33 15,072 ----a-w c:\windows\$hf_mig$\KB950759-IE7\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w c:\windows\$hf_mig$\KB950759-IE7\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w c:\windows\$hf_mig$\KB950759-IE7\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w c:\windows\$hf_mig$\KB950759-IE7\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w c:\windows\$hf_mig$\KB950759-IE7\update\updspapi.dll
+ 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB950760\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB950760\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB950760\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB950760\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB950760\update\updspapi.dll
+ 2008-05-08 12:14:51 203,008 ----a-w c:\windows\$hf_mig$\KB950762\SP2QFE\rmcast.sys
+ 2008-05-08 14:02:52 203,136 ----a-w c:\windows\$hf_mig$\KB950762\SP3GDR\rmcast.sys
+ 2008-05-08 13:58:17 203,136 ----a-w c:\windows\$hf_mig$\KB950762\SP3QFE\rmcast.sys
+ 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB950762\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB950762\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB950762\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB950762\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB950762\update\updspapi.dll
+ 2008-07-07 20:18:27 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
+ 2008-07-07 20:28:20 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
+ 2008-07-07 20:24:11 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
+ 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB950974\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB950974\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB950974\update\spcustom.dll
+ 2007-11-30 12:39:26 767,352 ----a-w c:\windows\$hf_mig$\KB950974\update\update.exe
+ 2007-11-30 12:39:29 406,392 ----a-w c:\windows\$hf_mig$\KB950974\update\updspapi.dll
+ 2008-04-11 18:40:33 683,520 ----a-w c:\windows\$hf_mig$\KB951066\SP2QFE\inetcomm.dll
+ 2008-04-11 19:05:22 691,712 ----a-w c:\windows\$hf_mig$\KB951066\SP3GDR\inetcomm.dll
+ 2008-04-11 22:23:04 691,712 ----a-w c:\windows\$hf_mig$\KB951066\SP3QFE\inetcomm.dll
+ 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB951066\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB951066\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB951066\update\spcustom.dll
+ 2007-12-03 15:25:43 767,352 ----a-w c:\windows\$hf_mig$\KB951066\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB951066\update\updspapi.dll
+ 2008-07-14 11:03:00 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP2QFE\tzchange.exe
+ 2008-07-11 12:42:28 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP3GDR\tzchange.exe
+ 2008-07-11 12:51:51 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP3QFE\tzchange.exe
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB951072-v2\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB951072-v2\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\updspapi.dll
+ 2008-06-14 18:03:13 272,768 ----a-w c:\windows\$hf_mig$\KB951376-v2\SP2QFE\bthport.sys
+ 2008-06-14 17:33:37 272,768 ----a-w c:\windows\$hf_mig$\KB951376-v2\SP3GDR\bthport.sys
+ 2008-06-14 17:40:19 272,768 ----a-w c:\windows\$hf_mig$\KB951376-v2\SP3QFE\bthport.sys
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB951376-v2\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB951376-v2\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB951376-v2\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB951376-v2\update\update.exe
+ 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB951376-v2\update\updspapi.dll
+ 2008-04-14 16:17:04 272,768 ----a-w c:\windows\$hf_mig$\KB951376\SP2QFE\bthport.sys
+ 2008-04-14 15:59:30 272,768 ----a-w c:\windows\$hf_mig$\KB951376\SP3GDR\bthport.sys
+ 2008-04-14 16:22:05 272,768 ----a-w c:\windows\$hf_mig$\KB951376\SP3QFE\bthport.sys
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB951376\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB951376\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB951376\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB951376\update\update.exe
+ 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB951376\update\updspapi.dll
+ 2008-05-07 04:55:47 1,294,336 ----a-w c:\windows\$hf_mig$\KB951698\SP2QFE\quartz.dll
+ 2008-05-07 05:11:24 1,294,336 ----a-w c:\windows\$hf_mig$\KB951698\SP3GDR\quartz.dll
+ 2008-05-07 05:04:59 1,294,336 ----a-w c:\windows\$hf_mig$\KB951698\SP3QFE\quartz.dll
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB951698\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB951698\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB951698\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB951698\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB951698\update\updspapi.dll
+ 2006-08-16 12:13:24 100,352 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\6to4svc.dll
+ 2008-06-20 10:44:08 138,368 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\afd.sys
+ 2008-06-20 17:37:01 147,968 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\dnsapi.dll
+ 2008-06-20 17:37:01 247,808 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll
+ 2008-06-20 10:44:42 360,960 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
+ 2008-06-20 09:32:39 225,920 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip6.sys
+ 2008-06-20 11:40:08 138,496 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\afd.sys
+ 2008-06-20 17:47:22 147,968 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\dnsapi.dll
+ 2008-06-20 17:47:22 247,808 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
+ 2008-06-20 11:51:12 361,600 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
+ 2008-06-20 11:08:27 225,856 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip6.sys
+ 2008-06-20 11:48:03 138,496 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\afd.sys
+ 2008-06-20 17:44:02 147,968 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\dnsapi.dll
+ 2008-06-20 17:44:02 247,808 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
+ 2008-06-20 11:59:02 361,600 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
+ 2008-06-20 11:16:44 225,856 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip6.sys
+ 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB951748\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB951748\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB951748\update\spcustom.dll
+ 2007-11-30 12:39:26 767,352 ----a-w c:\windows\$hf_mig$\KB951748\update\update.exe
+ 2007-11-30 12:39:29 406,392 ----a-w c:\windows\$hf_mig$\KB951748\update\updspapi.dll
+ 2008-05-01 15:04:51 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP2QFE\msadce.dll
+ 2008-05-01 14:36:26 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP3GDR\msadce.dll
+ 2008-05-01 14:39:23 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP3QFE\msadce.dll
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB952287\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB952287\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB952287\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB952287\update\update.exe
+ 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB952287\update\updspapi.dll
+ 2008-06-24 16:30:27 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP2QFE\mscms.dll
+ 2008-06-24 16:44:02 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP3GDR\mscms.dll
+ 2008-06-24 16:53:52 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP3QFE\mscms.dll
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB952954\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB952954\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB952954\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB952954\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB952954\update\updspapi.dll
+ 2008-06-23 15:40:01 124,928 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\advpack.dll
+ 2008-06-23 15:40:01 347,136 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\dxtmsft.dll
+ 2008-06-23 15:40:01 214,528 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\dxtrans.dll
+ 2008-06-23 15:40:01 132,608 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\extmgr.dll
+ 2008-06-23 15:40:01 63,488 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\icardie.dll
+ 2008-06-23 08:23:18 70,656 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ie4uinit.exe
+ 2008-06-23 15:40:01 153,088 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieakeng.dll
+ 2008-06-23 15:40:01 230,400 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieaksie.dll
+ 2008-06-21 05:23:53 161,792 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieapfltr.dat
+ 2008-06-23 15:40:02 383,488 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieapfltr.dll
+ 2008-06-23 15:40:02 388,608 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iedkcs32.dll
+ 2008-06-23 15:40:04 6,068,736 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieframe.dll
+ 2008-06-23 15:40:04 44,544 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iernonce.dll
+ 2008-06-23 15:40:04 267,776 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iertutil.dll
+ 2008-06-23 08:23:18 13,824 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieudinit.exe
+ 2008-06-23 08:23:52 625,664 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iexplore.exe
+ 2008-06-23 15:40:05 27,648 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\jsproxy.dll
+ 2008-06-23 15:40:05 459,264 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msfeeds.dll
+ 2008-06-23 15:40:05 52,224 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msfeedsbs.dll
+ 2008-06-23 15:40:07 3,594,240 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtml.dll
+ 2008-06-23 15:40:07 477,696 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtmled.dll
+ 2008-06-23 15:40:07 193,024 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msrating.dll
+ 2008-06-23 15:40:07 671,232 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mstime.dll
+ 2008-06-23 15:40:07 102,912 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\occache.dll
+ 2008-06-23 15:40:07 44,544 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\pngfilt.dll
+ 2008-06-23 15:40:07 105,984 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\url.dll
+ 2008-06-23 15:40:08 1,162,752 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\urlmon.dll
+ 2008-06-23 15:40:08 233,472 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\webcheck.dll
+ 2008-06-23 15:40:08 827,904 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:34:33 15,072 ----a-w c:\windows\$hf_mig$\KB953838-IE7\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w c:\windows\$hf_mig$\KB953838-IE7\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w c:\windows\$hf_mig$\KB953838-IE7\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w c:\windows\$hf_mig$\KB953838-IE7\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w c:\windows\$hf_mig$\KB953838-IE7\update\updspapi.dll
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB953839\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB953839\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB953839\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB953839\update\update.exe
+ 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB953839\update\updspapi.dll
+ 2008-09-15 15:14:42 1,847,040 ----a-w c:\windows\$hf_mig$\KB954211\SP2QFE\win32k.sys
+ 2008-09-15 15:26:07 1,846,528 ----a-w c:\windows\$hf_mig$\KB954211\SP3GDR\win32k.sys
+ 2008-09-15 15:20:39 1,847,040 ----a-w c:\windows\$hf_mig$\KB954211\SP3QFE\win32k.sys
+ 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB954211\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB954211\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB954211\update\spcustom.dll
+ 2008-07-09 07:40:26 767,352 ----a-w c:\windows\$hf_mig$\KB954211\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB954211\update\updspapi.dll
+ 2008-08-26 09:10:25 124,928 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\advpack.dll
+ 2008-08-26 09:10:25 347,136 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\dxtmsft.dll
+ 2008-08-26 09:10:25 214,528 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\dxtrans.dll
+ 2008-08-26 09:10:25 132,608 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\extmgr.dll
+ 2008-08-26 09:10:25 63,488 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\icardie.dll
+ 2008-08-25 08:43:21 70,656 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ie4uinit.exe
+ 2008-08-26 09:10:26 153,088 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieakeng.dll
+ 2008-08-26 09:10:26 230,400 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieaksie.dll
+ 2008-08-23 05:54:50 161,792 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieapfltr.dat
+ 2008-08-26 09:10:26 380,928 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieapfltr.dll
+ 2008-08-26 09:10:26 388,608 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iedkcs32.dll
+ 2008-10-03 16:22:30 6,068,224 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieframe.dll
+ 2008-08-26 09:10:27 44,544 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iernonce.dll
+ 2008-08-26 09:10:27 267,776 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iertutil.dll
+ 2008-08-25 08:43:21 13,824 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieudinit.exe
+ 2008-08-23 05:56:16 635,848 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iexplore.exe
+ 2008-08-26 09:10:27 27,648 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\jsproxy.dll
+ 2008-08-26 09:10:27 459,264 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msfeeds.dll
+ 2008-08-26 09:10:27 52,224 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msfeedsbs.dll
+ 2008-08-26 09:10:28 3,594,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtml.dll
+ 2008-08-26 09:10:28 477,696 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtmled.dll
+ 2008-08-26 09:10:28 193,024 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msrating.dll
+ 2008-08-26 09:10:29 671,232 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mstime.dll
+ 2008-08-26 09:10:29 102,912 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\occache.dll
+ 2008-08-26 09:10:29 44,544 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\pngfilt.dll
+ 2008-08-26 09:10:29 105,984 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\url.dll
+ 2008-08-26 09:10:29 1,162,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\urlmon.dll
+ 2008-08-26 09:10:29 233,472 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\webcheck.dll
+ 2008-08-26 09:10:29 827,904 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:34:33 15,072 ----a-w c:\windows\$hf_mig$\KB956390-IE7\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w c:\windows\$hf_mig$\KB956390-IE7\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w c:\windows\$hf_mig$\KB956390-IE7\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w c:\windows\$hf_mig$\KB956390-IE7\update\updspapi.dll
+ 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB956391\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB956391\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB956391\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB956391\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB956391\update\updspapi.dll
+ 2008-08-14 09:48:52 138,368 ----a-w c:\windows\$hf_mig$\KB956803\SP2QFE\afd.sys
+ 2008-08-14 10:04:36 138,496 ----a-w c:\windows\$hf_mig$\KB956803\SP3GDR\afd.sys
+ 2008-08-14 10:34:26 138,496 ----a-w c:\windows\$hf_mig$\KB956803\SP3QFE\afd.sys
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB956803\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB956803\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB956803\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB956803\update\update.exe
+ 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB956803\update\updspapi.dll
+ 2008-08-14 13:23:44 2,147,328 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlmp.exe
+ 2008-08-14 13:23:49 2,068,096 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe
+ 2008-08-14 13:23:44 2,025,984 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrpamp.exe
+ 2008-08-14 13:23:49 2,191,232 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe
+ 2008-08-14 13:55:54 2,147,328 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlmp.exe
+ 2008-08-14 17:26:00 2,068,096 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
+ 2008-08-14 13:55:47 2,025,984 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrpamp.exe
+ 2008-08-14 17:26:02 2,191,232 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB956841\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB956841\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB956841\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB956841\update\update.exe
+ 2008-07-09 07:40:35 406,392 ----a-w c:\windows\$hf_mig$\KB956841\update\updspapi.dll
+ 2008-08-28 10:35:33 333,056 ----a-w c:\windows\$hf_mig$\KB957095\SP2QFE\srv.sys
+ 2008-09-08 10:41:42 333,824 ----a-w c:\windows\$hf_mig$\KB957095\SP3GDR\srv.sys
+ 2008-09-08 11:37:19 333,824 ----a-w c:\windows\$hf_mig$\KB957095\SP3QFE\srv.sys
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB957095\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB957095\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB957095\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB957095\update\update.exe
+ 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB957095\update\updspapi.dll
- 2007-01-22 00:35:14 88,776 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath.Xml\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.Xml.dll
+ 2008-09-06 14:49:01 91,488 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath.Xml\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.Xml.dll
- 2007-01-22 00:35:13 101,064 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.dll
+ 2008-09-06 14:48:59 103,776 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.dll
- 2007-01-21 12:11:51 64,088 ----a-w c:\windows\assembly\GAC\Microsoft.Vbe.Interop\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
+ 2008-09-06 14:47:15 66,936 ----a-w c:\windows\assembly\GAC\Microsoft.Vbe.Interop\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
- 2007-01-21 12:11:51 223,800 ----a-w c:\windows\assembly\GAC\office\11.0.0.0__71e9bce111e9429c\OFFICE.DLL
+ 2008-09-06 14:47:04 226,656 ----a-w c:\windows\assembly\GAC\office\11.0.0.0__71e9bce111e9429c\OFFICE.DLL
- 2008-05-21 10:56:08 124,208 ----a-w c:\windows\Downloaded Program Files\as2stubie.dll
+ 2008-06-30 08:39:58 128,256 ----a-w c:\windows\Downloaded Program Files\as2stubie.dll
+ 2008-06-14 17:59:52 272,768 ------w c:\windows\Driver Cache\i386\bthport.sys
- 2006-05-05 09:41:45 453,120 ----a-w c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2008-10-24 11:10:42 453,632 ----a-w c:\windows\Driver Cache\i386\mrxsmb.sys
- 2007-02-28 16:08:15 2,139,648 ----a-w c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2008-08-14 13:39:07 2,144,768 ----a-w c:\windows\Driver Cache\i386\ntkrnlmp.exe
- 2007-02-28 16:08:25 2,061,440 ----a-w c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-08-14 13:39:12 2,065,024 ----a-w c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2007-02-28 16:08:11 2,019,328 ----a-w c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-08-14 13:39:03 2,022,912 ----a-w c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2007-02-28 16:08:21 2,184,192 ----a-w c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-08-14 13:39:11 2,188,032 ----a-w c:\windows\Driver Cache\i386\ntoskrnl.exe
- 2005-10-20 18:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE
+ 2005-10-20 19:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE
+ 2008-03-01 12:58:06 124,928 -c----w c:\windows\ie7updates\KB950759-IE7\advpack.dll
+ 2008-03-01 12:58:06 347,136 -c----w c:\windows\ie7updates\KB950759-IE7\dxtmsft.dll
+ 2008-03-01 12:58:06 214,528 -c----w c:\windows\ie7updates\KB950759-IE7\dxtrans.dll
+ 2008-03-01 12:58:06 133,120 -c----w c:\windows\ie7updates\KB950759-IE7\extmgr.dll
+ 2008-03-01 12:58:06 63,488 -c----w c:\windows\ie7updates\KB950759-IE7\icardie.dll
+ 2008-02-29 08:56:41 70,656 -c----w c:\windows\ie7updates\KB950759-IE7\ie4uinit.exe
+ 2008-03-01 12:58:06 153,088 -c----w c:\windows\ie7updates\KB950759-IE7\ieakeng.dll
+ 2008-03-01 12:58:06 230,400 -c----w c:\windows\ie7updates\KB950759-IE7\ieaksie.dll
+ 2008-02-15 05:44:25 161,792 -c----w c:\windows\ie7updates\KB950759-IE7\ieakui.dll
+ 2008-03-01 12:58:07 383,488 -c----w c:\windows\ie7updates\KB950759-IE7\ieapfltr.dll
+ 2008-03-01 12:58:07 384,512 -c----w c:\windows\ie7updates\KB950759-IE7\iedkcs32.dll
+ 2008-03-01 12:58:08 6,066,176 -c----w c:\windows\ie7updates\KB950759-IE7\ieframe.dll
+ 2008-03-01 12:58:08 44,544 -c----w c:\windows\ie7updates\KB950759-IE7\iernonce.dll
+ 2008-03-01 12:58:08 267,776 -c----w c:\windows\ie7updates\KB950759-IE7\iertutil.dll
+ 2008-02-22 10:00:51 13,824 -c----w c:\windows\ie7updates\KB950759-IE7\ieudinit.exe
+ 2008-02-29 08:57:05 625,664 -c----w c:\windows\ie7updates\KB950759-IE7\iexplore.exe
+ 2008-03-01 12:58:08 27,648 -c----w c:\windows\ie7updates\KB950759-IE7\jsproxy.dll
+ 2008-03-01 12:58:08 459,264 -c----w c:\windows\ie7updates\KB950759-IE7\msfeeds.dll
+ 2008-03-01 12:58:08 52,224 -c----w c:\windows\ie7updates\KB950759-IE7\msfeedsbs.dll
+ 2008-03-01 16:28:10 3,591,680 -c----w c:\windows\ie7updates\KB950759-IE7\mshtml.dll
+ 2008-03-01 12:58:09 478,208 -c----w c:\windows\ie7updates\KB950759-IE7\mshtmled.dll
+ 2008-03-01 12:58:10 193,024 -c----w c:\windows\ie7updates\KB950759-IE7\msrating.dll
+ 2008-03-01 12:58:10 671,232 -c----w c:\windows\ie7updates\KB950759-IE7\mstime.dll
+ 2008-03-01 12:58:10 102,912 -c----w c:\windows\ie7updates\KB950759-IE7\occache.dll
+ 2008-03-01 12:58:10 44,544 -c----w c:\windows\ie7updates\KB950759-IE7\pngfilt.dll
+ 2007-03-06 01:34:38 216,800 -c----w c:\windows\ie7updates\KB950759-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w c:\windows\ie7updates\KB950759-IE7\spuninst\updspapi.dll
+ 2008-03-01 12:58:10 105,984 -c----w c:\windows\ie7updates\KB950759-IE7\url.dll
+ 2008-03-01 12:58:10 1,159,680 -c----w c:\windows\ie7updates\KB950759-IE7\urlmon.dll
+ 2008-03-01 12:58:11 233,472 -c----w c:\windows\ie7updates\KB950759-IE7\webcheck.dll
+ 2008-03-01 12:58:11 826,368 -c----w c:\windows\ie7updates\KB950759-IE7\wininet.dll
+ 2008-04-23 04:16:39 124,928 -c----w c:\windows\ie7updates\KB953838-IE7\advpack.dll
+ 2008-04-23 04:16:39 347,136 -c----w c:\windows\ie7updates\KB953838-IE7\dxtmsft.dll
+ 2008-04-23 04:16:39 214,528 -c----w c:\windows\ie7updates\KB953838-IE7\dxtrans.dll
+ 2008-04-23 04:16:39 133,120 -c----w c:\windows\ie7updates\KB953838-IE7\extmgr.dll
+ 2008-04-23 04:16:39 63,488 -c----w c:\windows\ie7updates\KB953838-IE7\icardie.dll
+ 2008-04-22 07:41:08 70,656 -c----w c:\windows\ie7updates\KB953838-IE7\ie4uinit.exe
+ 2008-04-23 04:16:39 153,088 -c----w c:\windows\ie7updates\KB953838-IE7\ieakeng.dll
+ 2008-04-23 04:16:39 230,400 -c----w c:\windows\ie7updates\KB953838-IE7\ieaksie.dll
+ 2008-04-20 05:07:51 161,792 -c----w c:\windows\ie7updates\KB953838-IE7\ieakui.dll
+ 2008-04-23 04:16:39 383,488 -c----w c:\windows\ie7updates\KB953838-IE7\ieapfltr.dll
+ 2008-04-23 04:16:39 384,512 -c----w c:\windows\ie7updates\KB953838-IE7\iedkcs32.dll
+ 2008-04-23 04:16:39 6,066,176 -c----w c:\windows\ie7updates\KB953838-IE7\ieframe.dll
+ 2008-04-23 04:16:39 44,544 -c----w c:\windows\ie7updates\KB953838-IE7\iernonce.dll
+ 2008-04-23 04:16:39 267,776 -c----w c:\windows\ie7updates\KB953838-IE7\iertutil.dll
+ 2008-04-22 07:39:58 13,824 -c----w c:\windows\ie7updates\KB953838-IE7\ieudinit.exe
+ 2008-04-22 07:41:30 625,664 -c----w c:\windows\ie7updates\KB953838-IE7\iexplore.exe
+ 2008-04-23 04:16:40 27,648 -c----w c:\windows\ie7updates\KB953838-IE7\jsproxy.dll
+ 2008-04-23 04:16:40 459,264 -c----w c:\windows\ie7updates\KB953838-IE7\msfeeds.dll
+ 2008-04-23 04:16:40 52,224 -c----w c:\windows\ie7updates\KB953838-IE7\msfeedsbs.dll
+ 2008-04-23 20:16:42 3,591,680 -c----w c:\windows\ie7updates\KB953838-IE7\mshtml.dll
+ 2008-04-23 04:16:40 478,208 -c----w c:\windows\ie7updates\KB953838-IE7\mshtmled.dll
+ 2008-04-23 04:16:40 193,024 -c----w c:\windows\ie7updates\KB953838-IE7\msrating.dll
+ 2008-04-23 04:16:40 671,232 -c----w c:\windows\ie7updates\KB953838-IE7\mstime.dll
+ 2008-04-23 04:16:40 102,912 -c----w c:\windows\ie7updates\KB953838-IE7\occache.dll
+ 2008-04-23 04:16:40 44,544 -c----w c:\windows\ie7updates\KB953838-IE7\pngfilt.dll
+ 2007-03-06 01:34:38 216,800 -c----w c:\windows\ie7updates\KB953838-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w c:\windows\ie7updates\KB953838-IE7\spuninst\updspapi.dll
+ 2008-04-23 04:16:40 105,984 -c----w c:\windows\ie7updates\KB953838-IE7\url.dll
+ 2008-04-23 04:16:40 1,159,680 -c----w c:\windows\ie7updates\KB953838-IE7\urlmon.dll
+ 2008-04-23 04:16:40 233,472 -c----w c:\windows\ie7updates\KB953838-IE7\webcheck.dll
+ 2008-04-23 04:16:40 826,368 -c----w c:\windows\ie7updates\KB953838-IE7\wininet.dll
+ 2008-06-23 16:28:17 124,928 -c----w c:\windows\ie7updates\KB956390-IE7\advpack.dll
+ 2008-06-23 16:28:17 347,136 -c----w c:\windows\ie7updates\KB956390-IE7\dxtmsft.dll
+ 2008-06-23 16:28:17 214,528 -c----w c:\windows\ie7updates\KB956390-IE7\dxtrans.dll
+ 2008-06-23 16:28:17 133,120 -c----w c:\windows\ie7updates\KB956390-IE7\extmgr.dll
+ 2008-06-23 16:28:17 63,488 -c----w c:\windows\ie7updates\KB956390-IE7\icardie.dll
+ 2008-06-23 09:21:30 70,656 -c----w c:\windows\ie7updates\KB956390-IE7\ie4uinit.exe
+ 2008-06-23 16:28:18 153,088 -c----w c:\windows\ie7updates\KB956390-IE7\ieakeng.dll
+ 2008-06-23 16:28:18 230,400 -c----w c:\windows\ie7updates\KB956390-IE7\ieaksie.dll
+ 2008-06-21 05:23:54 161,792 -c----w c:\windows\ie7updates\KB956390-IE7\ieakui.dll
+ 2008-06-23 16:28:18 383,488 -c----w c:\windows\ie7updates\KB956390-IE7\ieapfltr.dll
+ 2008-06-23 16:28:18 384,512 -c----w c:\windows\ie7updates\KB956390-IE7\iedkcs32.dll
+ 2008-06-23 16:28:19 6,066,176 -c----w c:\windows\ie7updates\KB956390-IE7\ieframe.dll
+ 2008-06-23 16:28:19 44,544 -c----w c:\windows\ie7updates\KB956390-IE7\iernonce.dll
+ 2008-06-23 16:28:20 267,776 -c----w c:\windows\ie7updates\KB956390-IE7\iertutil.dll
+ 2008-06-23 09:20:26 13,824 -c----w c:\windows\ie7updates\KB956390-IE7\ieudinit.exe
+ 2008-06-23 09:21:49 625,664 -c----w c:\windows\ie7updates\KB956390-IE7\iexplore.exe
+ 2008-06-23 16:28:20 27,648 -c----w c:\windows\ie7updates\KB956390-IE7\jsproxy.dll
+ 2008-06-23 16:28:20 459,264 -c----w c:\windows\ie7updates\KB956390-IE7\msfeeds.dll
+ 2008-06-23 16:28:20 52,224 -c----w c:\windows\ie7updates\KB956390-IE7\msfeedsbs.dll
+ 2008-06-24 08:28:24 3,592,192 -c----w c:\windows\ie7updates\KB956390-IE7\mshtml.dll
+ 2008-06-23 16:28:22 477,696 -c----w c:\windows\ie7updates\KB956390-IE7\mshtmled.dll
+ 2008-06-23 16:28:22 193,024 -c----w c:\windows\ie7updates\KB956390-IE7\msrating.dll
+ 2008-06-23 16:28:22 671,232 -c----w c:\windows\ie7updates\KB956390-IE7\mstime.dll
+ 2008-06-23 16:28:22 102,912 -c----w c:\windows\ie7updates\KB956390-IE7\occache.dll
+ 2008-06-23 16:28:22 44,544 -c----w c:\windows\ie7updates\KB956390-IE7\pngfilt.dll
+ 2007-03-06 01:34:38 216,800 -c----w c:\windows\ie7updates\KB956390-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w c:\windows\ie7updates\KB956390-IE7\spuninst\updspapi.dll
+ 2008-06-23 16:28:22 105,984 -c----w c:\windows\ie7updates\KB956390-IE7\url.dll
+ 2008-06-23 16:28:23 1,159,680 -c----w c:\windows\ie7updates\KB956390-IE7\urlmon.dll
+ 2008-06-23 16:28:23 233,472 -c----w c:\windows\ie7updates\KB956390-IE7\webcheck.dll
+ 2008-06-23 16:28:23 826,368 -c----w c:\windows\ie7updates\KB956390-IE7\wininet.dll
+ 2003-07-15 05:57:34 38,968 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\AUTHZAX.DLL
+ 2003-07-15 05:53:06 94,768 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\AW.DLL
+ 2003-07-15 05:56:54 14,904 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\DSITF.DLL
+ 2003-07-15 05:57:14 98,360 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\DSSM.EXE
+ 2003-07-15 05:41:44 13,368 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\FINDER.EXE
+ 2003-07-15 05:40:12 179,768 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\FPERSON.DLL
+ 2003-07-15 05:45:14 58,944 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\INLAUNCH.DLL
+ 2003-06-19 00:31:10 252,928 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MDIINK.DLL
+ 2003-07-15 05:51:44 87,104 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSENCODE.DLL
+ 2003-07-15 05:52:52 17,464 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSMH.DLL
+ 2003-07-14 21:57:16 120,888 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOAUTH.DLL
+ 2003-07-15 05:52:52 27,704 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSODCW.DLL
+ 2003-07-15 05:52:56 55,360 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOHTMED.EXE
+ 2003-07-11 09:15:48 1,292,872 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSONSEXT.DLL
+ 2003-07-15 10:18:52 376,888 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSORUN.DLL
+ 2003-07-14 21:52:54 28,224 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOSTYLE.DLL
+ 2003-07-15 05:52:52 35,896 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOSV.DLL
+ 2003-07-15 05:53:20 39,488 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOSVFBR.DLL
+ 2003-07-15 05:46:16 42,040 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOXEV.DLL
+ 2003-07-15 05:45:12 55,360 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOXMLED.EXE
+ 2003-07-15 05:45:12 39,488 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOXMLMF.DLL
+ 2003-06-19 00:31:50 16,384 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSPGIMME.DLL
+ 2003-06-19 23:05:50 364,648 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSPVIEW.EXE
+ 2003-07-15 05:52:58 41,528 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSSH.DLL
+ 2003-07-15 06:00:54 145,984 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSWEBCAP.DLL
+ 2003-07-15 05:57:10 56,888 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\NAME.DLL
+ 2003-07-15 05:56:52 13,888 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\NPOFFICE.DLL
+ 2007-01-21 12:11:51 223,800 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\OFFICE.DLL
+ 2003-07-15 10:14:26 242,240 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\OISGRAPH.DLL
+ 2003-07-15 06:05:24 1,054,264 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\OMFC.DLL
+ 2003-07-15 05:44:34 102,968 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\OUTLCTL.DLL
+ 2003-07-15 05:43:16 49,208 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\OUTLWAB.DLL
+ 2003-07-15 10:18:44 93,752 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\PP7X32.DLL
+ 2003-07-15 05:40:16 51,256 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\PUBTRAP.DLL
+ 2003-05-09 04:54:00 77,824 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\REFEDIT.DLL
+ 2003-07-15 05:57:08 40,512 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\REFIEBAR.DLL
+ 2003-07-21 18:46:38 390,712 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\RTFHTML.DLL
+ 2003-07-15 05:44:16 66,616 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\SENDTO.DLL
+ 2003-07-14 21:57:08 58,944 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\SEQCHK10.DLL
+ 2003-07-15 05:53:14 11,848 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\SMARTTAGINSTALL.EXE
+ 2007-01-21 12:11:51 64,088 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\VBIDEPIA.DLL
+ 2007-04-19 12:09:30 167,256 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.8173\IETAG.DLL
+ 2005-02-03 16:59:22 346,840 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.8173\METCONV.DLL
+ 2005-05-03 23:06:28 465,640 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.8173\MSDMENG.DLL
+ 2005-05-03 23:06:32 1,411,816 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.8173\MSDMINE.DLL
+ 2005-05-03 23:06:26 199,408 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.8173\MSMDUN80.DLL
+ 2008-11-23 22:39:46 22,486 ----a-r c:\windows\Installer\{31E5AE86-4F07-4433-B27F-7FCD341A6655}\register_icon.exe
+ 2008-11-12 00:15:18 32,768 ----a-r c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
- 2008-05-14 01:03:00 593,920 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2008-11-12 00:17:35 593,920 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2008-05-14 01:03:00 12,288 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2008-11-12 00:17:35 12,288 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-05-14 01:03:00 86,016 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2008-11-12 00:17:35 86,016 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2008-05-14 01:03:00 135,168 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-11-12 00:17:35 135,168 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-05-14 01:03:00 11,264 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-11-12 00:17:35 11,264 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-05-14 01:03:00 27,136 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-11-12 00:17:35 27,136 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-05-14 01:03:00 4,096 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-11-12 00:17:35 4,096 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-05-14 01:03:00 794,624 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-11-12 00:17:35 794,624 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-05-14 01:03:00 249,856 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-11-12 00:17:35 249,856 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-05-14 01:03:00 61,440 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2008-11-12 00:17:35 61,440 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2008-05-14 01:03:01 23,040 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-11-12 00:17:35 23,040 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-05-14 01:03:00 286,720 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-11-12 00:17:35 286,720 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-05-14 01:03:00 409,600 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-11-12 00:17:35 409,600 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2008-02-27 19:09:20 123,008 ----a-r c:\windows\Installer\{A70FA218-6598-4AC9-813D-63597C5DD068}\WLXPhotoGalleryIcon.exe
+ 2008-08-17 01:25:18 123,008 ----a-r c:\windows\Installer\{A70FA218-6598-4AC9-813D-63597C5DD068}\WLXPhotoGalleryIcon.exe
+ 2008-06-22 22:03:01 25,214 ----a-r c:\windows\Installer\{AC76BA86-7AD7-1036-7B44-A71000000002}\SC_Reader.exe
+ 2008-11-23 23:33:26 61,440 ----a-r c:\windows\Installer\{BF7D87C5-CFC3-40C5-A367-24586EEBB8CA}\helpicon.exe
+ 2008-11-23 23:33:26 32,768 ----a-r c:\windows\Installer\{BF7D87C5-CFC3-40C5-A367-24586EEBB8CA}\maintenance_icon.exe
+ 2008-11-23 23:33:26 22,486 ----a-r c:\windows\Installer\{BF7D87C5-CFC3-40C5-A367-24586EEBB8CA}\register_icon.exe
+ 2008-11-23 23:33:26 57,344 ----a-r c:\windows\Installer\{BF7D87C5-CFC3-40C5-A367-24586EEBB8CA}\texticon.exe
- 2000-08-31 06:00:00 28,160 ----a-w c:\windows\Nircmd.exe
+ 2000-08-31 07:00:00 28,672 ----a-w c:\windows\Nircmd.exe
+ 2008-10-29 10:55:26 958,464 ----a-w c:\windows\Resources\Themes\Chivalry\Shell\NormalColor\shellstyle.dll
+ 2008-10-30 08:32:18 756,736 ----a-w c:\windows\Resources\Themes\Crimson\Shell\NormalColor\shellstyle.dll
- 2000-08-31 06:00:00 161,792 ----a-w c:\windows\swreg.exe
+ 2000-08-31 07:00:00 161,792 ----a-w c:\windows\swreg.exe
- 2008-03-01 12:58:06 124,928 ----a-w c:\windows\system32\advpack.dll
+ 2008-08-26 08:11:45 124,928 ----a-w c:\windows\system32\advpack.dll
+ 2004-08-03 21:10:08 53,248 ----a-w c:\windows\system32\dllcache\1394bus.sys
+ 2001-08-17 20:06:48 11,264 ----a-w c:\windows\system32\dllcache\1394vdbg.sys
+ 2001-08-17 19:28:00 762,780 ----a-w c:\windows\system32\dllcache\3cwmcru.sys
+ 2001-08-23 15:46:44 689,216 ----a-w c:\windows\system32\dllcache\3dfxvs.dll
+ 2001-08-17 18:48:32 148,352 ----a-w c:\windows\system32\dllcache\3dfxvsm.sys
+ 2004-08-03 21:00:04 12,288 ----a-w c:\windows\system32\dllcache\4mmdat.sys
+ 2004-08-03 21:10:12 48,128 ----a-w c:\windows\system32\dllcache\61883.sys
+ 2001-08-23 15:46:44 38,400 ----a-w c:\windows\system32\dllcache\8514a.dll
+ 2001-08-23 15:46:58 98,304 ----a-w c:\windows\system32\dllcache\a3d.dll
+ 2001-08-23 15:46:58 462,848 ----a-w c:\windows\system32\dllcache\a3dapi.dll
+ 2004-08-05 12:00:00 26,624 ----a-w c:\windows\system32\dllcache\aaaamon.dll
+ 2001-08-17 19:52:00 23,552 ----a-w c:\windows\system32\dllcache\abp480n5.sys
+ 2004-08-03 20:32:22 231,552 ----a-w c:\windows\system32\dllcache\ac97ali.sys
+ 2001-08-17 18:20:04 96,256 ----a-w c:\windows\system32\dllcache\ac97intc.sys
+ 2001-08-17 18:20:16 297,728 ----a-w c:\windows\system32\dllcache\ac97sis.sys
+ 2004-08-03 20:32:32 84,480 ----a-w c:\windows\system32\dllcache\ac97via.sys
+ 2004-08-05 12:00:00 72,192 ----a-w c:\windows\system32\dllcache\acctres.dll
+ 2004-08-05 12:00:00 189,952 ----a-w c:\windows\system32\dllcache\accwiz.exe
+ 2001-08-23 15:46:58 61,952 ----a-w c:\windows\system32\dllcache\acerscad.dll
+ 2004-08-05 12:00:00 450,048 ----a-w c:\windows\system32\dllcache\aclayers.dll
+ 2004-08-05 12:00:00 135,680 ----a-w c:\windows\system32\dllcache\acledit.dll
+ 2004-08-05 12:00:00 137,728 ----a-w c:\windows\system32\dllcache\aclua.dll
+ 2004-08-05 12:00:00 119,296 ----a-w c:\windows\system32\dllcache\aclui.dll
+ 2004-08-05 12:00:00 188,672 ----a-w c:\windows\system32\dllcache\acpi.sys
+ 2004-08-05 12:00:00 12,032 ----a-w c:\windows\system32\dllcache\acpiec.sys
+ 2004-08-05 12:00:00 244,736 ----a-w c:\windows\system32\dllcache\acspecfc.dll
+ 2004-08-05 12:00:00 4,096 ----a-w c:\windows\system32\dllcache\actmovie.exe
+ 2004-08-05 12:00:00 101,888 ----a-w c:\windows\system32\dllcache\actxprxy.dll
+ 2004-08-05 12:00:00 116,224 ----a-w c:\windows\system32\dllcache\acxtrnal.dll
+ 2001-08-17 19:53:02 7,424 ----a-w c:\windows\system32\dllcache\adicvls.sys
+ 2001-08-17 18:11:18 20,160 ----a-w c:\windows\system32\dllcache\adm8511.sys
+ 2001-08-17 18:19:10 584,448 ----a-w c:\windows\system32\dllcache\adm8810.sys
+ 2001-08-17 18:19:14 553,984 ----a-w c:\windows\system32\dllcache\adm8820.sys
+ 2001-08-17 18:19:14 747,392 ----a-w c:\windows\system32\dllcache\adm8830.sys
+ 2003-03-24 13:52:04 20,540 ----a-w c:\windows\system32\dllcache\admin.dll
+ 2003-03-24 13:52:04 16,439 ----a-w c:\windows\system32\dllcache\admin.exe
+ 2004-08-03 20:32:24 10,880 ----a-w c:\windows\system32\dllcache\admjoy.sys
+ 2004-08-05 12:00:00 26,112 ----a-w c:\windows\system32\dllcache\adptif.dll
+ 2001-08-17 18:11:16 46,112 ----a-w c:\windows\system32\dllcache\adptsf50.sys
+ 2001-08-17 20:07:32 101,888 ----a-w c:\windows\system32\dllcache\adpu160m.sys
+ 2004-08-05 12:00:00 175,616 ----a-w c:\windows\system32\dllcache\adsldp.dll
+ 2004-08-05 12:00:00 68,096 ----a-w c:\windows\system32\dllcache\adsmsext.dll
+ 2004-08-05 12:00:00 263,680 ----a-w c:\windows\system32\dllcache\adsnt.dll
+ 2004-08-03 22:54:22 4,255 ----a-w c:\windows\system32\dllcache\adv01nt5.dll
+ 2004-08-03 22:54:22 3,967 ----a-w c:\windows\system32\dllcache\adv02nt5.dll
+ 2004-08-03 22:54:22 3,615 ----a-w c:\windows\system32\dllcache\adv05nt5.dll
+ 2004-08-03 22:54:22 3,647 ----a-w c:\windows\system32\dllcache\adv07nt5.dll
+ 2004-08-03 22:54:22 3,135 ----a-w c:\windows\system32\dllcache\adv08nt5.dll
+ 2004-08-03 22:54:22 3,711 ----a-w c:\windows\system32\dllcache\adv09nt5.dll
+ 2004-08-03 22:54:22 3,775 ----a-w c:\windows\system32\dllcache\adv11nt5.dll
- 2008-03-01 12:58:06 124,928 ----a-w c:\windows\system32\dllcache\advpack.dll
+ 2008-08-26 08:11:45 124,928 ----a-w c:\windows\system32\dllcache\advpack.dll
+ 2008-08-14 09:51:43 138,368 ----a-w c:\windows\system32\dllcache\afd.sys
+ 2004-08-05 12:00:00 24,064 ----a-w c:\windows\system32\dllcache\agentanm.dll
+ 2004-08-05 12:00:00 214,016 ----a-w c:\windows\system32\dllcache\agentctl.dll
+ 2004-08-05 12:00:00 49,152 ----a-w c:\windows\system32\dllcache\agentmpx.dll
+ 2004-08-05 12:00:00 24,064 ----a-w c:\windows\system32\dllcache\agentpsh.dll
+ 2004-08-05 12:00:00 44,032 ----a-w c:\windows\system32\dllcache\agentsr.dll
+ 2004-08-03 21:07:42 42,368 ----a-w c:\windows\system32\dllcache\agp440.sys
+ 2004-08-03 21:07:44 44,928 ----a-w c:\windows\system32\dllcache\agpcpq.sys
+ 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0401.dll
+ 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0404.dll
+ 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0405.dll
+ 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0406.dll
+ 2004-08-05 12:00:00 21,504 ----a-w c:\windows\system32\dllcache\agt0407.dll
+ 2004-08-05 12:00:00 22,016 ----a-w c:\windows\system32\dllcache\agt0408.dll
+ 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0409.dll
+ 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt040b.dll
+ 2004-08-05 12:00:00 21,504 ----a-w c:\windows\system32\dllcache\agt040c.dll
+ 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt040d.dll
+ 2004-08-05 12:00:00 19,968 ----a-w c:\windows\system32\dllcache\agt040e.dll
+ 2004-08-05 12:00:00 20,992 ----a-w c:\windows\system32\dllcache\agt0410.dll
+ 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0411.dll
+ 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0412.dll
+ 2004-08-05 12:00:00 20,992 ----a-w c:\windows\system32\dllcache\agt0413.dll
+ 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0414.dll
+ 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0415.dll
+ 2004-08-05 12:00:00 20,480 ----a-w c:\windows\system32\dllcache\agt0416.dll
+ 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0419.dll
+ 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt041d.dll
+ 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt041f.dll
+ 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0804.dll
+ 2004-08-05 12:00:00 20,992 ----a-w c:\windows\system32\dllcache\agt0816.dll
+ 2004-08-05 12:00:00 20,480 ----a-w c:\windows\system32\dllcache\agt0c0a.dll
+ 2004-08-05 12:00:00 24,064 ----a-w c:\windows\system32\dllcache\agtintl.dll
+ 2001-08-17 19:52:02 12,800 ----a-w c:\windows\system32\dllcache\aha154x.sys
+ 2004-08-05 12:00:00 98,304 ----a-w c:\windows\system32\dllcache\ahui.exe
+ 2001-08-17 20:07:36 55,168 ----a-w c:\windows\system32\dllcache\aic78u2.sys
+ 2001-08-17 20:07:38 56,960 ----a-w c:\windows\system32\dllcache\aic78xx.sys
+ 2004-08-05 12:00:00 44,544 ----a-w c:\windows\system32\dllcache\alg.exe
+ 2001-08-17 18:11:18 27,678 ----a-w c:\windows\system32\dllcache\ali5261.sys
+ 2001-08-17 19:49:02 26,624 ----a-w c:\windows\system32\dllcache\alifir.sys
+ 2001-08-17 19:51:56 5,248 ----a-w c:\windows\system32\dllcache\aliide.sys
+ 2004-08-03 21:07:42 42,752 ----a-w c:\windows\system32\dllcache\alim1541.sys
+ 2004-08-05 12:00:00 17,408 ----a-w c:\windows\system32\dllcache\alrsvc.dll
+ 2001-08-17 18:11:20 16,969 ----a-w c:\windows\system32\dllcache\amb8002.sys
+ 2004-08-03 21:07:44 43,008 ----a-w c:\windows\system32\dllcache\amdagp.sys
+ 2004-08-05 12:00:00 41,216 ----a-w c:\windows\system32\dllcache\amdk6.sys
+ 2004-08-05 12:00:00 41,600 ----a-w c:\windows\system32\dllcache\amdk7.sys
+ 2001-08-17 19:52:04 12,032 ----a-w c:\windows\system32\dllcache\amsint.sys
+ 2004-08-05 12:00:00 70,656 ----a-w c:\windows\system32\dllcache\amstream.dll
+ 2004-08-03 20:31:20 36,224 ----a-w c:\windows\system32\dllcache\an983.sys
+ 2004-08-05 12:00:00 9,037 ----a-w c:\windows\system32\dllcache\ansi.sys
+ 2004-08-05 12:00:00 102,912 ----a-w c:\windows\system32\dllcache\apcups.dll
+ 2001-08-17 19:47:22 6,272 ----a-w c:\windows\system32\dllcache\apmbatt.sys
+ 2004-08-05 12:00:00 12,642 ----a-w c:\windows\system32\dllcache\append.exe
+ 2004-08-05 12:00:00 334,336 ----a-w c:\windows\system32\dllcache\aqueue.dll
+ 2004-08-05 12:00:00 19,968 ----a-w c:\windows\system32\dllcache\arp.exe
+ 2004-08-05 12:00:00 60,800 ----a-w c:\windows\system32\dllcache\arp1394.sys
+ 2001-08-17 19:52:00 26,496 ----a-w c:\windows\system32\dllcache\asc.sys
+ 2001-08-17 19:52:04 22,400 ----a-w c:\windows\system32\dllcache\asc3350p.sys
+ 2001-08-17 19:51:58 14,848 ----a-w c:\windows\system32\dllcache\asc3550.sys
+ 2001-08-17 18:12:34 97,354 ----a-w c:\windows\system32\dllcache\aspndis3.sys
+ 2004-08-05 12:00:00 65,024 ----a-w c:\windows\system32\dllcache\asycfilt.dll
+ 2004-08-05 12:00:00 14,336 ----a-w c:\windows\system32\dllcache\asyncmac.sys
+ 2004-08-05 12:00:00 25,088 ----a-w c:\windows\system32\dllcache\at.exe
+ 2004-08-03 20:59:44 95,360 ----a-w c:\windows\system32\dllcache\atapi.sys
+ 2001-08-23 15:46:44 96,128 ----a-w c:\windows\system32\dllcache\ati.dll
+ 2001-08-23 14:59:32 77,824 ----a-w c:\windows\system32\dllcache\ati.sys
+ 2004-08-03 20:29:30 56,623 ----a-w c:\windows\system32\dllcache\ati1btxx.sys
+ 2004-08-03 20:29:30 11,615 ----a-w c:\windows\system32\dllcache\ati1mdxx.sys
+ 2004-08-03 20:29:30 12,047 ----a-w c:\windows\system32\dllcache\ati1pdxx.sys
+ 2004-08-03 20:29:32 30,671 ----a-w c:\windows\system32\dllcache\ati1raxx.sys
+ 2004-08-03 20:29:32 63,663 ----a-w c:\windows\system32\dllcache\ati1rvxx.sys
+ 2004-08-03 20:29:32 26,367 ----a-w c:\windows\system32\dllcache\ati1snxx.sys
+ 2004-08-03 20:29:32 21,343 ----a-w c:\windows\system32\dllcache\ati1ttxx.sys
+ 2004-08-03 20:29:32 36,463 ----a-w c:\windows\system32\dllcache\ati1tuxx.sys
+ 2004-08-03 20:29:32 29,455 ----a-w c:\windows\system32\dllcache\ati1xbxx.sys
+ 2004-08-03 20:29:32 34,735 ----a-w c:\windows\system32\dllcache\ati1xsxx.sys
+ 2004-08-03 22:54:22 229,376 ----a-w c:\windows\system32\dllcache\ati2cqag.dll
+ 2004-08-03 22:54:22 377,984 ----a-w c:\windows\system32\dllcache\ati2dvaa.dll
+ 2004-08-03 22:54:22 201,728 ----a-w c:\windows\system32\dllcache\ati2dvag.dll
+ 2004-08-03 22:38:42 327,168 ----a-w c:\windows\system32\dllcache\ati2mtaa.sys
+ 2004-08-03 22:38:44 701,440 ----a-w c:\windows\system32\dllcache\ati2mtag.sys
+ 2004-08-03 22:54:22 870,784 ----a-w c:\windows\system32\dllcache\ati3d1ag.dll
+ 2004-08-03 22:54:22 1,888,992 ----a-w c:\windows\system32\dllcache\ati3duag.dll
+ 2001-08-17 18:49:04 46,464 ----a-w c:\windows\system32\dllcache\atibt829.sys
+ 2001-08-23 15:46:44 382,592 ----a-w c:\windows\system32\dllcache\atidrab.dll
+ 2001-08-23 15:46:44 137,216 ----a-w c:\windows\system32\dllcache\atidrae.dll
+ 2001-08-23 15:46:44 268,160 ----a-w c:\windows\system32\dllcache\atidvai.dll
+ 2001-08-23 15:47:26 37,376 ----a-w c:\windows\system32\dllcache\atievxx.exe
+ 2001-08-23 14:59:36 289,920 ----a-w c:\windows\system32\dllcache\atimpab.sys
+ 2001-08-23 14:59:36 75,392 ----a-w c:\windows\system32\dllcache\atimpae.sys
+ 2001-08-23 14:59:38 281,728 ----a-w c:\windows\system32\dllcache\atimtai.sys
+ 2004-08-03 20:29:28 57,856 ----a-w c:\windows\system32\dllcache\atinbtxx.sys
+ 2004-08-03 20:29:30 13,824 ----a-w c:\windows\system32\dllcache\atinmdxx.sys
+ 2004-08-03 20:29:30 14,336 ----a-w c:\wind
0
fredjibb Messages postés 230 Statut Membre 1
 
voici le rapport de combofix merci à ceux qui prendront le temps d'y jeter un coup d'oeil...
ComboFix 08-11-23.01 - akira 2008-11-24 7:12:21.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.421 [GMT 1:00]
Lancé depuis: c:\documents and settings\akira\Bureau\ComboFix.exe
.

((((((((((((((((((((((((((((( Fichiers créés du 2008-10-24 au 2008-11-24 ))))))))))))))))))))))))))))))))))))
.

2008-11-24 00:32 . 2008-11-24 00:32 <REP> d-------- c:\documents and settings\akira\Application Data\Bitdefender
2008-11-24 00:31 . 2008-11-24 00:33 <REP> d-------- c:\documents and settings\All Users\Application Data\BitDefender
2008-11-23 20:47 . 2008-11-23 20:47 1,041,210 --a------ c:\windows\system32\PerfStringBackup.TMP
2008-11-23 20:47 . 2008-11-23 20:58 512 --a------ c:\windows\ZZZZZZZZ.ZZZ
2008-11-23 20:32 . 2007-09-05 23:22 289,144 --a------ c:\windows\system32\VCCLSID.exe
2008-11-23 20:32 . 2006-04-27 16:49 288,417 --a------ c:\windows\system32\SrchSTS.exe
2008-11-23 20:32 . 2008-10-01 14:51 87,552 --a------ c:\windows\system32\VACFix.exe
2008-11-23 20:32 . 2008-10-10 07:58 82,944 --a------ c:\windows\system32\o4Patch.exe
2008-11-23 20:32 . 2008-05-18 20:40 82,944 --a------ c:\windows\system32\IEDFix.exe
2008-11-23 20:32 . 2008-10-10 07:58 82,944 --a------ c:\windows\system32\IEDFix.C.exe
2008-11-23 20:32 . 2008-08-18 11:19 82,432 --a------ c:\windows\system32\404Fix.exe
2008-11-23 20:32 . 2003-06-05 20:13 53,248 --a------ c:\windows\system32\Process.exe
2008-11-23 20:32 . 2004-07-31 17:50 51,200 --a------ c:\windows\system32\dumphive.exe
2008-11-23 20:32 . 2007-10-03 23:36 25,600 --a------ c:\windows\system32\WS2Fix.exe
2008-11-23 20:04 . 2008-11-23 23:30 <REP> d-------- c:\program files\FindyKill
2008-11-22 06:59 . 2008-11-22 07:15 1,536 --a------ c:\windows\ZZZZZZZ.ZZZ
2008-11-12 01:15 . 2008-11-12 01:15 <REP> d-------- c:\program files\MSXML 4.0
2008-11-07 09:58 . 2008-11-20 12:23 54,156 --ah----- c:\windows\QTFont.qfn
2008-11-07 09:58 . 2008-11-07 09:58 1,409 --a------ c:\windows\QTFont.for
2008-11-02 21:04 . 2008-11-02 21:04 <REP> d-------- c:\program files\BitDefender
2008-11-02 21:03 . 2008-11-24 00:32 <REP> d-------- c:\program files\Fichiers communs\BitDefender

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-24 06:17 81,984 ----a-w c:\windows\system32\bdod.bin
2008-11-24 06:10 --------- d-----w c:\program files\Wanadoo
2008-11-24 05:39 --------- d-----w c:\program files\Lx_cats
2008-11-24 05:38 --------- d-----w c:\program files\Packard Bell Data Secure
2008-11-23 23:36 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-11-23 23:19 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-11-23 21:47 5,310 ----a-w c:\windows\system32\tmp.reg
2008-11-23 20:21 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2008-11-12 11:14 5,632 --sha-w c:\program files\Thumbs.db
2008-11-06 10:37 --------- d-----w c:\program files\Opera
2008-10-30 08:36 2,284,544 ----a-w c:\windows\system32\TUKernel.exe
2008-10-24 11:10 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-24 11:10 453,632 ----a-w c:\windows\system32\dllcache\mrxsmb.sys
2008-10-23 09:48 --------- d-----w c:\program files\eMule
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\dllcache\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\dllcache\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\dllcache\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\dllcache\wucltui.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\dllcache\cdm.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\dllcache\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\dllcache\wups.dll
2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll
2008-10-15 16:59 332,800 ----a-w c:\windows\system32\dllcache\netapi32.dll
2008-10-03 17:12 6,066,176 ----a-w c:\windows\system32\dllcache\ieframe.dll
2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-24 18:44 --------- d-----w c:\program files\Apple Software Update
2008-09-15 15:39 1,846,144 ----a-w c:\windows\system32\win32k.sys
2008-09-15 15:39 1,846,144 ----a-w c:\windows\system32\dllcache\win32k.sys
2008-09-04 16:45 1,106,944 ----a-w c:\windows\system32\msxml3.dll
2008-09-04 16:45 1,106,944 ----a-w c:\windows\system32\dllcache\msxml3.dll
2008-08-28 10:04 333,056 ----a-w c:\windows\system32\dllcache\srv.sys
2008-08-27 09:11 3,593,216 ----a-w c:\windows\system32\dllcache\mshtml.dll
2008-08-25 08:39 70,656 ----a-w c:\windows\system32\dllcache\ie4uinit.exe
2008-08-25 08:38 13,824 ----a-w c:\windows\system32\dllcache\ieudinit.exe
2007-10-25 05:03 47,360 ----a-w c:\documents and settings\akira\Application Data\pcouffin.sys
.

((((((((((((((((((((((((((((( snapshot@2008-06-06_ 8.29.38,15 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB938464\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB938464\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB938464\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB938464\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB938464\update\updspapi.dll
+ 2008-05-02 13:33:12 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP2QFE\msgsc.dll
+ 2008-05-02 14:01:52 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP3GDR\msgsc.dll
+ 2008-05-02 13:44:40 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP3QFE\msgsc.dll
+ 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB946648\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB946648\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB946648\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB946648\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB946648\update\updspapi.dll
+ 2008-04-23 07:19:26 124,928 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\advpack.dll
+ 2008-04-23 07:19:26 347,136 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\dxtmsft.dll
+ 2008-04-23 07:19:26 214,528 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\dxtrans.dll
+ 2008-04-23 07:19:26 132,608 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\extmgr.dll
+ 2008-04-23 07:19:26 63,488 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\icardie.dll
+ 2008-04-22 08:02:19 70,656 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ie4uinit.exe
+ 2008-04-23 07:19:26 153,088 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieakeng.dll
+ 2008-04-23 07:19:26 230,400 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieaksie.dll
+ 2008-04-20 05:07:38 161,792 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dat
+ 2008-04-23 07:19:26 383,488 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dll
+ 2008-04-23 07:19:26 388,608 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iedkcs32.dll
+ 2008-04-23 07:19:26 6,068,224 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieframe.dll
+ 2008-04-23 07:19:26 44,544 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iernonce.dll
+ 2008-04-23 07:19:26 267,776 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iertutil.dll
+ 2008-04-22 08:02:19 13,824 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieudinit.exe
+ 2008-04-22 08:02:46 625,664 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iexplore.exe
+ 2008-04-23 07:19:26 27,648 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\jsproxy.dll
+ 2008-04-23 07:19:27 459,264 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\msfeeds.dll
+ 2008-04-23 07:19:27 52,224 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\msfeedsbs.dll
+ 2008-04-23 07:19:27 3,593,728 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtml.dll
+ 2008-04-23 07:19:27 478,208 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtmled.dll
+ 2008-04-23 07:19:27 193,024 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\msrating.dll
+ 2008-04-23 07:19:27 671,232 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mstime.dll
+ 2008-04-23 07:19:27 102,912 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\occache.dll
+ 2008-04-23 07:19:27 44,544 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\pngfilt.dll
+ 2008-04-23 07:19:27 105,984 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\url.dll
+ 2008-04-23 07:19:27 1,162,752 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\urlmon.dll
+ 2008-04-23 07:19:27 233,472 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\webcheck.dll
+ 2008-04-23 07:19:27 827,392 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:34:33 15,072 ----a-w c:\windows\$hf_mig$\KB950759-IE7\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w c:\windows\$hf_mig$\KB950759-IE7\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w c:\windows\$hf_mig$\KB950759-IE7\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w c:\windows\$hf_mig$\KB950759-IE7\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w c:\windows\$hf_mig$\KB950759-IE7\update\updspapi.dll
+ 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB950760\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB950760\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB950760\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB950760\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB950760\update\updspapi.dll
+ 2008-05-08 12:14:51 203,008 ----a-w c:\windows\$hf_mig$\KB950762\SP2QFE\rmcast.sys
+ 2008-05-08 14:02:52 203,136 ----a-w c:\windows\$hf_mig$\KB950762\SP3GDR\rmcast.sys
+ 2008-05-08 13:58:17 203,136 ----a-w c:\windows\$hf_mig$\KB950762\SP3QFE\rmcast.sys
+ 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB950762\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB950762\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB950762\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB950762\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB950762\update\updspapi.dll
+ 2008-07-07 20:18:27 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
+ 2008-07-07 20:28:20 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
+ 2008-07-07 20:24:11 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
+ 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB950974\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB950974\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB950974\update\spcustom.dll
+ 2007-11-30 12:39:26 767,352 ----a-w c:\windows\$hf_mig$\KB950974\update\update.exe
+ 2007-11-30 12:39:29 406,392 ----a-w c:\windows\$hf_mig$\KB950974\update\updspapi.dll
+ 2008-04-11 18:40:33 683,520 ----a-w c:\windows\$hf_mig$\KB951066\SP2QFE\inetcomm.dll
+ 2008-04-11 19:05:22 691,712 ----a-w c:\windows\$hf_mig$\KB951066\SP3GDR\inetcomm.dll
+ 2008-04-11 22:23:04 691,712 ----a-w c:\windows\$hf_mig$\KB951066\SP3QFE\inetcomm.dll
+ 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB951066\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB951066\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB951066\update\spcustom.dll
+ 2007-12-03 15:25:43 767,352 ----a-w c:\windows\$hf_mig$\KB951066\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB951066\update\updspapi.dll
+ 2008-07-14 11:03:00 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP2QFE\tzchange.exe
+ 2008-07-11 12:42:28 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP3GDR\tzchange.exe
+ 2008-07-11 12:51:51 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP3QFE\tzchange.exe
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB951072-v2\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB951072-v2\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\updspapi.dll
+ 2008-06-14 18:03:13 272,768 ----a-w c:\windows\$hf_mig$\KB951376-v2\SP2QFE\bthport.sys
+ 2008-06-14 17:33:37 272,768 ----a-w c:\windows\$hf_mig$\KB951376-v2\SP3GDR\bthport.sys
+ 2008-06-14 17:40:19 272,768 ----a-w c:\windows\$hf_mig$\KB951376-v2\SP3QFE\bthport.sys
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB951376-v2\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB951376-v2\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB951376-v2\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB951376-v2\update\update.exe
+ 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB951376-v2\update\updspapi.dll
+ 2008-04-14 16:17:04 272,768 ----a-w c:\windows\$hf_mig$\KB951376\SP2QFE\bthport.sys
+ 2008-04-14 15:59:30 272,768 ----a-w c:\windows\$hf_mig$\KB951376\SP3GDR\bthport.sys
+ 2008-04-14 16:22:05 272,768 ----a-w c:\windows\$hf_mig$\KB951376\SP3QFE\bthport.sys
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB951376\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB951376\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB951376\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB951376\update\update.exe
+ 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB951376\update\updspapi.dll
+ 2008-05-07 04:55:47 1,294,336 ----a-w c:\windows\$hf_mig$\KB951698\SP2QFE\quartz.dll
+ 2008-05-07 05:11:24 1,294,336 ----a-w c:\windows\$hf_mig$\KB951698\SP3GDR\quartz.dll
+ 2008-05-07 05:04:59 1,294,336 ----a-w c:\windows\$hf_mig$\KB951698\SP3QFE\quartz.dll
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB951698\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB951698\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB951698\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB951698\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB951698\update\updspapi.dll
+ 2006-08-16 12:13:24 100,352 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\6to4svc.dll
+ 2008-06-20 10:44:08 138,368 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\afd.sys
+ 2008-06-20 17:37:01 147,968 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\dnsapi.dll
+ 2008-06-20 17:37:01 247,808 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll
+ 2008-06-20 10:44:42 360,960 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
+ 2008-06-20 09:32:39 225,920 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip6.sys
+ 2008-06-20 11:40:08 138,496 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\afd.sys
+ 2008-06-20 17:47:22 147,968 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\dnsapi.dll
+ 2008-06-20 17:47:22 247,808 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
+ 2008-06-20 11:51:12 361,600 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
+ 2008-06-20 11:08:27 225,856 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip6.sys
+ 2008-06-20 11:48:03 138,496 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\afd.sys
+ 2008-06-20 17:44:02 147,968 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\dnsapi.dll
+ 2008-06-20 17:44:02 247,808 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
+ 2008-06-20 11:59:02 361,600 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
+ 2008-06-20 11:16:44 225,856 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip6.sys
+ 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB951748\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB951748\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB951748\update\spcustom.dll
+ 2007-11-30 12:39:26 767,352 ----a-w c:\windows\$hf_mig$\KB951748\update\update.exe
+ 2007-11-30 12:39:29 406,392 ----a-w c:\windows\$hf_mig$\KB951748\update\updspapi.dll
+ 2008-05-01 15:04:51 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP2QFE\msadce.dll
+ 2008-05-01 14:36:26 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP3GDR\msadce.dll
+ 2008-05-01 14:39:23 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP3QFE\msadce.dll
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB952287\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB952287\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB952287\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB952287\update\update.exe
+ 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB952287\update\updspapi.dll
+ 2008-06-24 16:30:27 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP2QFE\mscms.dll
+ 2008-06-24 16:44:02 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP3GDR\mscms.dll
+ 2008-06-24 16:53:52 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP3QFE\mscms.dll
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB952954\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB952954\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB952954\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB952954\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB952954\update\updspapi.dll
+ 2008-06-23 15:40:01 124,928 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\advpack.dll
+ 2008-06-23 15:40:01 347,136 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\dxtmsft.dll
+ 2008-06-23 15:40:01 214,528 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\dxtrans.dll
+ 2008-06-23 15:40:01 132,608 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\extmgr.dll
+ 2008-06-23 15:40:01 63,488 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\icardie.dll
+ 2008-06-23 08:23:18 70,656 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ie4uinit.exe
+ 2008-06-23 15:40:01 153,088 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieakeng.dll
+ 2008-06-23 15:40:01 230,400 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieaksie.dll
+ 2008-06-21 05:23:53 161,792 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieapfltr.dat
+ 2008-06-23 15:40:02 383,488 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieapfltr.dll
+ 2008-06-23 15:40:02 388,608 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iedkcs32.dll
+ 2008-06-23 15:40:04 6,068,736 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieframe.dll
+ 2008-06-23 15:40:04 44,544 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iernonce.dll
+ 2008-06-23 15:40:04 267,776 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iertutil.dll
+ 2008-06-23 08:23:18 13,824 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieudinit.exe
+ 2008-06-23 08:23:52 625,664 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iexplore.exe
+ 2008-06-23 15:40:05 27,648 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\jsproxy.dll
+ 2008-06-23 15:40:05 459,264 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msfeeds.dll
+ 2008-06-23 15:40:05 52,224 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msfeedsbs.dll
+ 2008-06-23 15:40:07 3,594,240 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtml.dll
+ 2008-06-23 15:40:07 477,696 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtmled.dll
+ 2008-06-23 15:40:07 193,024 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msrating.dll
+ 2008-06-23 15:40:07 671,232 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mstime.dll
+ 2008-06-23 15:40:07 102,912 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\occache.dll
+ 2008-06-23 15:40:07 44,544 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\pngfilt.dll
+ 2008-06-23 15:40:07 105,984 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\url.dll
+ 2008-06-23 15:40:08 1,162,752 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\urlmon.dll
+ 2008-06-23 15:40:08 233,472 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\webcheck.dll
+ 2008-06-23 15:40:08 827,904 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:34:33 15,072 ----a-w c:\windows\$hf_mig$\KB953838-IE7\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w c:\windows\$hf_mig$\KB953838-IE7\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w c:\windows\$hf_mig$\KB953838-IE7\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w c:\windows\$hf_mig$\KB953838-IE7\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w c:\windows\$hf_mig$\KB953838-IE7\update\updspapi.dll
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB953839\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB953839\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB953839\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB953839\update\update.exe
+ 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB953839\update\updspapi.dll
+ 2008-09-15 15:14:42 1,847,040 ----a-w c:\windows\$hf_mig$\KB954211\SP2QFE\win32k.sys
+ 2008-09-15 15:26:07 1,846,528 ----a-w c:\windows\$hf_mig$\KB954211\SP3GDR\win32k.sys
+ 2008-09-15 15:20:39 1,847,040 ----a-w c:\windows\$hf_mig$\KB954211\SP3QFE\win32k.sys
+ 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB954211\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB954211\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB954211\update\spcustom.dll
+ 2008-07-09 07:40:26 767,352 ----a-w c:\windows\$hf_mig$\KB954211\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB954211\update\updspapi.dll
+ 2008-08-26 09:10:25 124,928 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\advpack.dll
+ 2008-08-26 09:10:25 347,136 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\dxtmsft.dll
+ 2008-08-26 09:10:25 214,528 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\dxtrans.dll
+ 2008-08-26 09:10:25 132,608 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\extmgr.dll
+ 2008-08-26 09:10:25 63,488 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\icardie.dll
+ 2008-08-25 08:43:21 70,656 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ie4uinit.exe
+ 2008-08-26 09:10:26 153,088 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieakeng.dll
+ 2008-08-26 09:10:26 230,400 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieaksie.dll
+ 2008-08-23 05:54:50 161,792 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieapfltr.dat
+ 2008-08-26 09:10:26 380,928 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieapfltr.dll
+ 2008-08-26 09:10:26 388,608 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iedkcs32.dll
+ 2008-10-03 16:22:30 6,068,224 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieframe.dll
+ 2008-08-26 09:10:27 44,544 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iernonce.dll
+ 2008-08-26 09:10:27 267,776 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iertutil.dll
+ 2008-08-25 08:43:21 13,824 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieudinit.exe
+ 2008-08-23 05:56:16 635,848 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iexplore.exe
+ 2008-08-26 09:10:27 27,648 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\jsproxy.dll
+ 2008-08-26 09:10:27 459,264 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msfeeds.dll
+ 2008-08-26 09:10:27 52,224 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msfeedsbs.dll
+ 2008-08-26 09:10:28 3,594,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtml.dll
+ 2008-08-26 09:10:28 477,696 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtmled.dll
+ 2008-08-26 09:10:28 193,024 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msrating.dll
+ 2008-08-26 09:10:29 671,232 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mstime.dll
+ 2008-08-26 09:10:29 102,912 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\occache.dll
+ 2008-08-26 09:10:29 44,544 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\pngfilt.dll
+ 2008-08-26 09:10:29 105,984 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\url.dll
+ 2008-08-26 09:10:29 1,162,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\urlmon.dll
+ 2008-08-26 09:10:29 233,472 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\webcheck.dll
+ 2008-08-26 09:10:29 827,904 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:34:33 15,072 ----a-w c:\windows\$hf_mig$\KB956390-IE7\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w c:\windows\$hf_mig$\KB956390-IE7\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w c:\windows\$hf_mig$\KB956390-IE7\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w c:\windows\$hf_mig$\KB956390-IE7\update\updspapi.dll
+ 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB956391\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB956391\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB956391\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB956391\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB956391\update\updspapi.dll
+ 2008-08-14 09:48:52 138,368 ----a-w c:\windows\$hf_mig$\KB956803\SP2QFE\afd.sys
+ 2008-08-14 10:04:36 138,496 ----a-w c:\windows\$hf_mig$\KB956803\SP3GDR\afd.sys
+ 2008-08-14 10:34:26 138,496 ----a-w c:\windows\$hf_mig$\KB956803\SP3QFE\afd.sys
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB956803\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB956803\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB956803\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB956803\update\update.exe
+ 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB956803\update\updspapi.dll
+ 2008-08-14 13:23:44 2,147,328 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlmp.exe
+ 2008-08-14 13:23:49 2,068,096 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe
+ 2008-08-14 13:23:44 2,025,984 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrpamp.exe
+ 2008-08-14 13:23:49 2,191,232 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe
+ 2008-08-14 13:55:54 2,147,328 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlmp.exe
+ 2008-08-14 17:26:00 2,068,096 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
+ 2008-08-14 13:55:47 2,025,984 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrpamp.exe
+ 2008-08-14 17:26:02 2,191,232 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB956841\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB956841\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB956841\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB956841\update\update.exe
+ 2008-07-09 07:40:35 406,392 ----a-w c:\windows\$hf_mig$\KB956841\update\updspapi.dll
+ 2008-08-28 10:35:33 333,056 ----a-w c:\windows\$hf_mig$\KB957095\SP2QFE\srv.sys
+ 2008-09-08 10:41:42 333,824 ----a-w c:\windows\$hf_mig$\KB957095\SP3GDR\srv.sys
+ 2008-09-08 11:37:19 333,824 ----a-w c:\windows\$hf_mig$\KB957095\SP3QFE\srv.sys
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB957095\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB957095\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB957095\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB957095\update\update.exe
+ 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB957095\update\updspapi.dll
- 2007-01-22 00:35:14 88,776 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath.Xml\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.Xml.dll
+ 2008-09-06 14:49:01 91,488 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath.Xml\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.Xml.dll
- 2007-01-22 00:35:13 101,064 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.dll
+ 2008-09-06 14:48:59 103,776 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.dll
- 2007-01-21 12:11:51 64,088 ----a-w c:\windows\assembly\GAC\Microsoft.Vbe.Interop\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
+ 2008-09-06 14:47:15 66,936 ----a-w c:\windows\assembly\GAC\Microsoft.Vbe.Interop\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
- 2007-01-21 12:11:51 223,800 ----a-w c:\windows\assembly\GAC\office\11.0.0.0__71e9bce111e9429c\OFFICE.DLL
+ 2008-09-06 14:47:04 226,656 ----a-w c:\windows\assembly\GAC\office\11.0.0.0__71e9bce111e9429c\OFFICE.DLL
- 2008-05-21 10:56:08 124,208 ----a-w c:\windows\Downloaded Program Files\as2stubie.dll
+ 2008-06-30 08:39:58 128,256 ----a-w c:\windows\Downloaded Program Files\as2stubie.dll
+ 2008-06-14 17:59:52 272,768 ------w c:\windows\Driver Cache\i386\bthport.sys
- 2006-05-05 09:41:45 453,120 ----a-w c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2008-10-24 11:10:42 453,632 ----a-w c:\windows\Driver Cache\i386\mrxsmb.sys
- 2007-02-28 16:08:15 2,139,648 ----a-w c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2008-08-14 13:39:07 2,144,768 ----a-w c:\windows\Driver Cache\i386\ntkrnlmp.exe
- 2007-02-28 16:08:25 2,061,440 ----a-w c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-08-14 13:39:12 2,065,024 ----a-w c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2007-02-28 16:08:11 2,019,328 ----a-w c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-08-14 13:39:03 2,022,912 ----a-w c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2007-02-28 16:08:21 2,184,192 ----a-w c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-08-14 13:39:11 2,188,032 ----a-w c:\windows\Driver Cache\i386\ntoskrnl.exe
- 2005-10-20 18:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE
+ 2005-10-20 19:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE
+ 2008-03-01 12:58:06 124,928 -c----w c:\windows\ie7updates\KB950759-IE7\advpack.dll
+ 2008-03-01 12:58:06 347,136 -c----w c:\windows\ie7updates\KB950759-IE7\dxtmsft.dll
+ 2008-03-01 12:58:06 214,528 -c----w c:\windows\ie7updates\KB950759-IE7\dxtrans.dll
+ 2008-03-01 12:58:06 133,120 -c----w c:\windows\ie7updates\KB950759-IE7\extmgr.dll
+ 2008-03-01 12:58:06 63,488 -c----w c:\windows\ie7updates\KB950759-IE7\icardie.dll
+ 2008-02-29 08:56:41 70,656 -c----w c:\windows\ie7updates\KB950759-IE7\ie4uinit.exe
+ 2008-03-01 12:58:06 153,088 -c----w c:\windows\ie7updates\KB950759-IE7\ieakeng.dll
+ 2008-03-01 12:58:06 230,400 -c----w c:\windows\ie7updates\KB950759-IE7\ieaksie.dll
+ 2008-02-15 05:44:25 161,792 -c----w c:\windows\ie7updates\KB950759-IE7\ieakui.dll
+ 2008-03-01 12:58:07 383,488 -c----w c:\windows\ie7updates\KB950759-IE7\ieapfltr.dll
+ 2008-03-01 12:58:07 384,512 -c----w c:\windows\ie7updates\KB950759-IE7\iedkcs32.dll
+ 2008-03-01 12:58:08 6,066,176 -c----w c:\windows\ie7updates\KB950759-IE7\ieframe.dll
+ 2008-03-01 12:58:08 44,544 -c----w c:\windows\ie7updates\KB950759-IE7\iernonce.dll
+ 2008-03-01 12:58:08 267,776 -c----w c:\windows\ie7updates\KB950759-IE7\iertutil.dll
+ 2008-02-22 10:00:51 13,824 -c----w c:\windows\ie7updates\KB950759-IE7\ieudinit.exe
+ 2008-02-29 08:57:05 625,664 -c----w c:\windows\ie7updates\KB950759-IE7\iexplore.exe
+ 2008-03-01 12:58:08 27,648 -c----w c:\windows\ie7updates\KB950759-IE7\jsproxy.dll
+ 2008-03-01 12:58:08 459,264 -c----w c:\windows\ie7updates\KB950759-IE7\msfeeds.dll
+ 2008-03-01 12:58:08 52,224 -c----w c:\windows\ie7updates\KB950759-IE7\msfeedsbs.dll
+ 2008-03-01 16:28:10 3,591,680 -c----w c:\windows\ie7updates\KB950759-IE7\mshtml.dll
+ 2008-03-01 12:58:09 478,208 -c----w c:\windows\ie7updates\KB950759-IE7\mshtmled.dll
+ 2008-03-01 12:58:10 193,024 -c----w c:\windows\ie7updates\KB950759-IE7\msrating.dll
+ 2008-03-01 12:58:10 671,232 -c----w c:\windows\ie7updates\KB950759-IE7\mstime.dll
+ 2008-03-01 12:58:10 102,912 -c----w c:\windows\ie7updates\KB950759-IE7\occache.dll
+ 2008-03-01 12:58:10 44,544 -c----w c:\windows\ie7updates\KB950759-IE7\pngfilt.dll
+ 2007-03-06 01:34:38 216,800 -c----w c:\windows\ie7updates\KB950759-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w c:\windows\ie7updates\KB950759-IE7\spuninst\updspapi.dll
+ 2008-03-01 12:58:10 105,984 -c----w c:\windows\ie7updates\KB950759-IE7\url.dll
+ 2008-03-01 12:58:10 1,159,680 -c----w c:\windows\ie7updates\KB950759-IE7\urlmon.dll
+ 2008-03-01 12:58:11 233,472 -c----w c:\windows\ie7updates\KB950759-IE7\webcheck.dll
+ 2008-03-01 12:58:11 826,368 -c----w c:\windows\ie7updates\KB950759-IE7\wininet.dll
+ 2008-04-23 04:16:39 124,928 -c----w c:\windows\ie7updates\KB953838-IE7\advpack.dll
+ 2008-04-23 04:16:39 347,136 -c----w c:\windows\ie7updates\KB953838-IE7\dxtmsft.dll
+ 2008-04-23 04:16:39 214,528 -c----w c:\windows\ie7updates\KB953838-IE7\dxtrans.dll
+ 2008-04-23 04:16:39 133,120 -c----w c:\windows\ie7updates\KB953838-IE7\extmgr.dll
+ 2008-04-23 04:16:39 63,488 -c----w c:\windows\ie7updates\KB953838-IE7\icardie.dll
+ 2008-04-22 07:41:08 70,656 -c----w c:\windows\ie7updates\KB953838-IE7\ie4uinit.exe
+ 2008-04-23 04:16:39 153,088 -c----w c:\windows\ie7updates\KB953838-IE7\ieakeng.dll
+ 2008-04-23 04:16:39 230,400 -c----w c:\windows\ie7updates\KB953838-IE7\ieaksie.dll
+ 2008-04-20 05:07:51 161,792 -c----w c:\windows\ie7updates\KB953838-IE7\ieakui.dll
+ 2008-04-23 04:16:39 383,488 -c----w c:\windows\ie7updates\KB953838-IE7\ieapfltr.dll
+ 2008-04-23 04:16:39 384,512 -c----w c:\windows\ie7updates\KB953838-IE7\iedkcs32.dll
+ 2008-04-23 04:16:39 6,066,176 -c----w c:\windows\ie7updates\KB953838-IE7\ieframe.dll
+ 2008-04-23 04:16:39 44,544 -c----w c:\windows\ie7updates\KB953838-IE7\iernonce.dll
+ 2008-04-23 04:16:39 267,776 -c----w c:\windows\ie7updates\KB953838-IE7\iertutil.dll
+ 2008-04-22 07:39:58 13,824 -c----w c:\windows\ie7updates\KB953838-IE7\ieudinit.exe
+ 2008-04-22 07:41:30 625,664 -c----w c:\windows\ie7updates\KB953838-IE7\iexplore.exe
+ 2008-04-23 04:16:40 27,648 -c----w c:\windows\ie7updates\KB953838-IE7\jsproxy.dll
+ 2008-04-23 04:16:40 459,264 -c----w c:\windows\ie7updates\KB953838-IE7\msfeeds.dll
+ 2008-04-23 04:16:40 52,224 -c----w c:\windows\ie7updates\KB953838-IE7\msfeedsbs.dll
+ 2008-04-23 20:16:42 3,591,680 -c----w c:\windows\ie7updates\KB953838-IE7\mshtml.dll
+ 2008-04-23 04:16:40 478,208 -c----w c:\windows\ie7updates\KB953838-IE7\mshtmled.dll
+ 2008-04-23 04:16:40 193,024 -c----w c:\windows\ie7updates\KB953838-IE7\msrating.dll
+ 2008-04-23 04:16:40 671,232 -c----w c:\windows\ie7updates\KB953838-IE7\mstime.dll
+ 2008-04-23 04:16:40 102,912 -c----w c:\windows\ie7updates\KB953838-IE7\occache.dll
+ 2008-04-23 04:16:40 44,544 -c----w c:\windows\ie7updates\KB953838-IE7\pngfilt.dll
+ 2007-03-06 01:34:38 216,800 -c----w c:\windows\ie7updates\KB953838-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w c:\windows\ie7updates\KB953838-IE7\spuninst\updspapi.dll
+ 2008-04-23 04:16:40 105,984 -c----w c:\windows\ie7updates\KB953838-IE7\url.dll
+ 2008-04-23 04:16:40 1,159,680 -c----w c:\windows\ie7updates\KB953838-IE7\urlmon.dll
+ 2008-04-23 04:16:40 233,472 -c----w c:\windows\ie7updates\KB953838-IE7\webcheck.dll
+ 2008-04-23 04:16:40 826,368 -c----w c:\windows\ie7updates\KB953838-IE7\wininet.dll
+ 2008-06-23 16:28:17 124,928 -c----w c:\windows\ie7updates\KB956390-IE7\advpack.dll
+ 2008-06-23 16:28:17 347,136 -c----w c:\windows\ie7updates\KB956390-IE7\dxtmsft.dll
+ 2008-06-23 16:28:17 214,528 -c----w c:\windows\ie7updates\KB956390-IE7\dxtrans.dll
+ 2008-06-23 16:28:17 133,120 -c----w c:\windows\ie7updates\KB956390-IE7\extmgr.dll
+ 2008-06-23 16:28:17 63,488 -c----w c:\windows\ie7updates\KB956390-IE7\icardie.dll
+ 2008-06-23 09:21:30 70,656 -c----w c:\windows\ie7updates\KB956390-IE7\ie4uinit.exe
+ 2008-06-23 16:28:18 153,088 -c----w c:\windows\ie7updates\KB956390-IE7\ieakeng.dll
+ 2008-06-23 16:28:18 230,400 -c----w c:\windows\ie7updates\KB956390-IE7\ieaksie.dll
+ 2008-06-21 05:23:54 161,792 -c----w c:\windows\ie7updates\KB956390-IE7\ieakui.dll
+ 2008-06-23 16:28:18 383,488 -c----w c:\windows\ie7updates\KB956390-IE7\ieapfltr.dll
+ 2008-06-23 16:28:18 384,512 -c----w c:\windows\ie7updates\KB956390-IE7\iedkcs32.dll
+ 2008-06-23 16:28:19 6,066,176 -c----w c:\windows\ie7updates\KB956390-IE7\ieframe.dll
+ 2008-06-23 16:28:19 44,544 -c----w c:\windows\ie7updates\KB956390-IE7\iernonce.dll
+ 2008-06-23 16:28:20 267,776 -c----w c:\windows\ie7updates\KB956390-IE7\iertutil.dll
+ 2008-06-23 09:20:26 13,824 -c----w c:\windows\ie7updates\KB956390-IE7\ieudinit.exe
+ 2008-06-23 09:21:49 625,664 -c----w c:\windows\ie7updates\KB956390-IE7\iexplore.exe
+ 2008-06-23 16:28:20 27,648 -c----w c:\windows\ie7updates\KB956390-IE7\jsproxy.dll
+ 2008-06-23 16:28:20 459,264 -c----w c:\windows\ie7updates\KB956390-IE7\msfeeds.dll
+ 2008-06-23 16:28:20 52,224 -c----w c:\windows\ie7updates\KB956390-IE7\msfeedsbs.dll
+ 2008-06-24 08:28:24 3,592,192 -c----w c:\windows\ie7updates\KB956390-IE7\mshtml.dll
+ 2008-06-23 16:28:22 477,696 -c----w c:\windows\ie7updates\KB956390-IE7\mshtmled.dll
+ 2008-06-23 16:28:22 193,024 -c----w c:\windows\ie7updates\KB956390-IE7\msrating.dll
+ 2008-06-23 16:28:22 671,232 -c----w c:\windows\ie7updates\KB956390-IE7\mstime.dll
+ 2008-06-23 16:28:22 102,912 -c----w c:\windows\ie7updates\KB956390-IE7\occache.dll
+ 2008-06-23 16:28:22 44,544 -c----w c:\windows\ie7updates\KB956390-IE7\pngfilt.dll
+ 2007-03-06 01:34:38 216,800 -c----w c:\windows\ie7updates\KB956390-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w c:\windows\ie7updates\KB956390-IE7\spuninst\updspapi.dll
+ 2008-06-23 16:28:22 105,984 -c----w c:\windows\ie7updates\KB956390-IE7\url.dll
+ 2008-06-23 16:28:23 1,159,680 -c----w c:\windows\ie7updates\KB956390-IE7\urlmon.dll
+ 2008-06-23 16:28:23 233,472 -c----w c:\windows\ie7updates\KB956390-IE7\webcheck.dll
+ 2008-06-23 16:28:23 826,368 -c----w c:\windows\ie7updates\KB956390-IE7\wininet.dll
+ 2003-07-15 05:57:34 38,968 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\AUTHZAX.DLL
+ 2003-07-15 05:53:06 94,768 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\AW.DLL
+ 2003-07-15 05:56:54 14,904 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\DSITF.DLL
+ 2003-07-15 05:57:14 98,360 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\DSSM.EXE
+ 2003-07-15 05:41:44 13,368 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\FINDER.EXE
+ 2003-07-15 05:40:12 179,768 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\FPERSON.DLL
+ 2003-07-15 05:45:14 58,944 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\INLAUNCH.DLL
+ 2003-06-19 00:31:10 252,928 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MDIINK.DLL
+ 2003-07-15 05:51:44 87,104 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSENCODE.DLL
+ 2003-07-15 05:52:52 17,464 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSMH.DLL
+ 2003-07-14 21:57:16 120,888 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOAUTH.DLL
+ 2003-07-15 05:52:52 27,704 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSODCW.DLL
+ 2003-07-15 05:52:56 55,360 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOHTMED.EXE
+ 2003-07-11 09:15:48 1,292,872 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSONSEXT.DLL
+ 2003-07-15 10:18:52 376,888 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSORUN.DLL
+ 2003-07-14 21:52:54 28,224 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOSTYLE.DLL
+ 2003-07-15 05:52:52 35,896 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOSV.DLL
+ 2003-07-15 05:53:20 39,488 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOSVFBR.DLL
+ 2003-07-15 05:46:16 42,040 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOXEV.DLL
+ 2003-07-15 05:45:12 55,360 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOXMLED.EXE
+ 2003-07-15 05:45:12 39,488 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOXMLMF.DLL
+ 2003-06-19 00:31:50 16,384 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSPGIMME.DLL
+ 2003-06-19 23:05:50 364,648 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSPVIEW.EXE
+ 2003-07-15 05:52:58 41,528 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSSH.DLL
+ 2003-07-15 06:00:54 145,984 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSWEBCAP.DLL
+ 2003-07-15 05:57:10 56,888 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\NAME.DLL
+ 2003-07-15 05:56:52 13,888 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\NPOFFICE.DLL
+ 2007-01-21 12:11:51 223,800 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\OFFICE.DLL
+ 2003-07-15 10:14:26 242,240 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\OISGRAPH.DLL
+ 2003-07-15 06:05:24 1,054,264 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\OMFC.DLL
+ 2003-07-15 05:44:34 102,968 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\OUTLCTL.DLL
+ 2003-07-15 05:43:16 49,208 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\OUTLWAB.DLL
+ 2003-07-15 10:18:44 93,752 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\PP7X32.DLL
+ 2003-07-15 05:40:16 51,256 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\PUBTRAP.DLL
+ 2003-05-09 04:54:00 77,824 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\REFEDIT.DLL
+ 2003-07-15 05:57:08 40,512 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\REFIEBAR.DLL
+ 2003-07-21 18:46:38 390,712 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\RTFHTML.DLL
+ 2003-07-15 05:44:16 66,616 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\SENDTO.DLL
+ 2003-07-14 21:57:08 58,944 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\SEQCHK10.DLL
+ 2003-07-15 05:53:14 11,848 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\SMARTTAGINSTALL.EXE
+ 2007-01-21 12:11:51 64,088 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\VBIDEPIA.DLL
+ 2007-04-19 12:09:30 167,256 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.8173\IETAG.DLL
+ 2005-02-03 16:59:22 346,840 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.8173\METCONV.DLL
+ 2005-05-03 23:06:28 465,640 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.8173\MSDMENG.DLL
+ 2005-05-03 23:06:32 1,411,816 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.8173\MSDMINE.DLL
+ 2005-05-03 23:06:26 199,408 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.8173\MSMDUN80.DLL
+ 2008-11-23 22:39:46 22,486 ----a-r c:\windows\Installer\{31E5AE86-4F07-4433-B27F-7FCD341A6655}\register_icon.exe
+ 2008-11-12 00:15:18 32,768 ----a-r c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
- 2008-05-14 01:03:00 593,920 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2008-11-12 00:17:35 593,920 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2008-05-14 01:03:00 12,288 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2008-11-12 00:17:35 12,288 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-05-14 01:03:00 86,016 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2008-11-12 00:17:35 86,016 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2008-05-14 01:03:00 135,168 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-11-12 00:17:35 135,168 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-05-14 01:03:00 11,264 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-11-12 00:17:35 11,264 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-05-14 01:03:00 27,136 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-11-12 00:17:35 27,136 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-05-14 01:03:00 4,096 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-11-12 00:17:35 4,096 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-05-14 01:03:00 794,624 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-11-12 00:17:35 794,624 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-05-14 01:03:00 249,856 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-11-12 00:17:35 249,856 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-05-14 01:03:00 61,440 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2008-11-12 00:17:35 61,440 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2008-05-14 01:03:01 23,040 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-11-12 00:17:35 23,040 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-05-14 01:03:00 286,720 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-11-12 00:17:35 286,720 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-05-14 01:03:00 409,600 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-11-12 00:17:35 409,600 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2008-02-27 19:09:20 123,008 ----a-r c:\windows\Installer\{A70FA218-6598-4AC9-813D-63597C5DD068}\WLXPhotoGalleryIcon.exe
+ 2008-08-17 01:25:18 123,008 ----a-r c:\windows\Installer\{A70FA218-6598-4AC9-813D-63597C5DD068}\WLXPhotoGalleryIcon.exe
+ 2008-06-22 22:03:01 25,214 ----a-r c:\windows\Installer\{AC76BA86-7AD7-1036-7B44-A71000000002}\SC_Reader.exe
+ 2008-11-23 23:33:26 61,440 ----a-r c:\windows\Installer\{BF7D87C5-CFC3-40C5-A367-24586EEBB8CA}\helpicon.exe
+ 2008-11-23 23:33:26 32,768 ----a-r c:\windows\Installer\{BF7D87C5-CFC3-40C5-A367-24586EEBB8CA}\maintenance_icon.exe
+ 2008-11-23 23:33:26 22,486 ----a-r c:\windows\Installer\{BF7D87C5-CFC3-40C5-A367-24586EEBB8CA}\register_icon.exe
+ 2008-11-23 23:33:26 57,344 ----a-r c:\windows\Installer\{BF7D87C5-CFC3-40C5-A367-24586EEBB8CA}\texticon.exe
- 2000-08-31 06:00:00 28,160 ----a-w c:\windows\Nircmd.exe
+ 2000-08-31 07:00:00 28,672 ----a-w c:\windows\Nircmd.exe
+ 2008-10-29 10:55:26 958,464 ----a-w c:\windows\Resources\Themes\Chivalry\Shell\NormalColor\shellstyle.dll
+ 2008-10-30 08:32:18 756,736 ----a-w c:\windows\Resources\Themes\Crimson\Shell\NormalColor\shellstyle.dll
- 2000-08-31 06:00:00 161,792 ----a-w c:\windows\swreg.exe
+ 2000-08-31 07:00:00 161,792 ----a-w c:\windows\swreg.exe
- 2008-03-01 12:58:06 124,928 ----a-w c:\windows\system32\advpack.dll
+ 2008-08-26 08:11:45 124,928 ----a-w c:\windows\system32\advpack.dll
+ 2004-08-03 21:10:08 53,248 ----a-w c:\windows\system32\dllcache\1394bus.sys
+ 2001-08-17 20:06:48 11,264 ----a-w c:\windows\system32\dllcache\1394vdbg.sys
+ 2001-08-17 19:28:00 762,780 ----a-w c:\windows\system32\dllcache\3cwmcru.sys
+ 2001-08-23 15:46:44 689,216 ----a-w c:\windows\system32\dllcache\3dfxvs.dll
+ 2001-08-17 18:48:32 148,352 ----a-w c:\windows\system32\dllcache\3dfxvsm.sys
+ 2004-08-03 21:00:04 12,288 ----a-w c:\windows\system32\dllcache\4mmdat.sys
+ 2004-08-03 21:10:12 48,128 ----a-w c:\windows\system32\dllcache\61883.sys
+ 2001-08-23 15:46:44 38,400 ----a-w c:\windows\system32\dllcache\8514a.dll
+ 2001-08-23 15:46:58 98,304 ----a-w c:\windows\system32\dllcache\a3d.dll
+ 2001-08-23 15:46:58 462,848 ----a-w c:\windows\system32\dllcache\a3dapi.dll
+ 2004-08-05 12:00:00 26,624 ----a-w c:\windows\system32\dllcache\aaaamon.dll
+ 2001-08-17 19:52:00 23,552 ----a-w c:\windows\system32\dllcache\abp480n5.sys
+ 2004-08-03 20:32:22 231,552 ----a-w c:\windows\system32\dllcache\ac97ali.sys
+ 2001-08-17 18:20:04 96,256 ----a-w c:\windows\system32\dllcache\ac97intc.sys
+ 2001-08-17 18:20:16 297,728 ----a-w c:\windows\system32\dllcache\ac97sis.sys
+ 2004-08-03 20:32:32 84,480 ----a-w c:\windows\system32\dllcache\ac97via.sys
+ 2004-08-05 12:00:00 72,192 ----a-w c:\windows\system32\dllcache\acctres.dll
+ 2004-08-05 12:00:00 189,952 ----a-w c:\windows\system32\dllcache\accwiz.exe
+ 2001-08-23 15:46:58 61,952 ----a-w c:\windows\system32\dllcache\acerscad.dll
+ 2004-08-05 12:00:00 450,048 ----a-w c:\windows\system32\dllcache\aclayers.dll
+ 2004-08-05 12:00:00 135,680 ----a-w c:\windows\system32\dllcache\acledit.dll
+ 2004-08-05 12:00:00 137,728 ----a-w c:\windows\system32\dllcache\aclua.dll
+ 2004-08-05 12:00:00 119,296 ----a-w c:\windows\system32\dllcache\aclui.dll
+ 2004-08-05 12:00:00 188,672 ----a-w c:\windows\system32\dllcache\acpi.sys
+ 2004-08-05 12:00:00 12,032 ----a-w c:\windows\system32\dllcache\acpiec.sys
+ 2004-08-05 12:00:00 244,736 ----a-w c:\windows\system32\dllcache\acspecfc.dll
+ 2004-08-05 12:00:00 4,096 ----a-w c:\windows\system32\dllcache\actmovie.exe
+ 2004-08-05 12:00:00 101,888 ----a-w c:\windows\system32\dllcache\actxprxy.dll
+ 2004-08-05 12:00:00 116,224 ----a-w c:\windows\system32\dllcache\acxtrnal.dll
+ 2001-08-17 19:53:02 7,424 ----a-w c:\windows\system32\dllcache\adicvls.sys
+ 2001-08-17 18:11:18 20,160 ----a-w c:\windows\system32\dllcache\adm8511.sys
+ 2001-08-17 18:19:10 584,448 ----a-w c:\windows\system32\dllcache\adm8810.sys
+ 2001-08-17 18:19:14 553,984 ----a-w c:\windows\system32\dllcache\adm8820.sys
+ 2001-08-17 18:19:14 747,392 ----a-w c:\windows\system32\dllcache\adm8830.sys
+ 2003-03-24 13:52:04 20,540 ----a-w c:\windows\system32\dllcache\admin.dll
+ 2003-03-24 13:52:04 16,439 ----a-w c:\windows\system32\dllcache\admin.exe
+ 2004-08-03 20:32:24 10,880 ----a-w c:\windows\system32\dllcache\admjoy.sys
+ 2004-08-05 12:00:00 26,112 ----a-w c:\windows\system32\dllcache\adptif.dll
+ 2001-08-17 18:11:16 46,112 ----a-w c:\windows\system32\dllcache\adptsf50.sys
+ 2001-08-17 20:07:32 101,888 ----a-w c:\windows\system32\dllcache\adpu160m.sys
+ 2004-08-05 12:00:00 175,616 ----a-w c:\windows\system32\dllcache\adsldp.dll
+ 2004-08-05 12:00:00 68,096 ----a-w c:\windows\system32\dllcache\adsmsext.dll
+ 2004-08-05 12:00:00 263,680 ----a-w c:\windows\system32\dllcache\adsnt.dll
+ 2004-08-03 22:54:22 4,255 ----a-w c:\windows\system32\dllcache\adv01nt5.dll
+ 2004-08-03 22:54:22 3,967 ----a-w c:\windows\system32\dllcache\adv02nt5.dll
+ 2004-08-03 22:54:22 3,615 ----a-w c:\windows\system32\dllcache\adv05nt5.dll
+ 2004-08-03 22:54:22 3,647 ----a-w c:\windows\system32\dllcache\adv07nt5.dll
+ 2004-08-03 22:54:22 3,135 ----a-w c:\windows\system32\dllcache\adv08nt5.dll
+ 2004-08-03 22:54:22 3,711 ----a-w c:\windows\system32\dllcache\adv09nt5.dll
+ 2004-08-03 22:54:22 3,775 ----a-w c:\windows\system32\dllcache\adv11nt5.dll
- 2008-03-01 12:58:06 124,928 ----a-w c:\windows\system32\dllcache\advpack.dll
+ 2008-08-26 08:11:45 124,928 ----a-w c:\windows\system32\dllcache\advpack.dll
+ 2008-08-14 09:51:43 138,368 ----a-w c:\windows\system32\dllcache\afd.sys
+ 2004-08-05 12:00:00 24,064 ----a-w c:\windows\system32\dllcache\agentanm.dll
+ 2004-08-05 12:00:00 214,016 ----a-w c:\windows\system32\dllcache\agentctl.dll
+ 2004-08-05 12:00:00 49,152 ----a-w c:\windows\system32\dllcache\agentmpx.dll
+ 2004-08-05 12:00:00 24,064 ----a-w c:\windows\system32\dllcache\agentpsh.dll
+ 2004-08-05 12:00:00 44,032 ----a-w c:\windows\system32\dllcache\agentsr.dll
+ 2004-08-03 21:07:42 42,368 ----a-w c:\windows\system32\dllcache\agp440.sys
+ 2004-08-03 21:07:44 44,928 ----a-w c:\windows\system32\dllcache\agpcpq.sys
+ 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0401.dll
+ 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0404.dll
+ 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0405.dll
+ 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0406.dll
+ 2004-08-05 12:00:00 21,504 ----a-w c:\windows\system32\dllcache\agt0407.dll
+ 2004-08-05 12:00:00 22,016 ----a-w c:\windows\system32\dllcache\agt0408.dll
+ 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0409.dll
+ 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt040b.dll
+ 2004-08-05 12:00:00 21,504 ----a-w c:\windows\system32\dllcache\agt040c.dll
+ 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt040d.dll
+ 2004-08-05 12:00:00 19,968 ----a-w c:\windows\system32\dllcache\agt040e.dll
+ 2004-08-05 12:00:00 20,992 ----a-w c:\windows\system32\dllcache\agt0410.dll
+ 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0411.dll
+ 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0412.dll
+ 2004-08-05 12:00:00 20,992 ----a-w c:\windows\system32\dllcache\agt0413.dll
+ 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0414.dll
+ 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0415.dll
+ 2004-08-05 12:00:00 20,480 ----a-w c:\windows\system32\dllcache\agt0416.dll
+ 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0419.dll
+ 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt041d.dll
+ 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt041f.dll
+ 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0804.dll
+ 2004-08-05 12:00:00 20,992 ----a-w c:\windows\system32\dllcache\agt0816.dll
+ 2004-08-05 12:00:00 20,480 ----a-w c:\windows\system32\dllcache\agt0c0a.dll
+ 2004-08-05 12:00:00 24,064 ----a-w c:\windows\system32\dllcache\agtintl.dll
+ 2001-08-17 19:52:02 12,800 ----a-w c:\windows\system32\dllcache\aha154x.sys
+ 2004-08-05 12:00:00 98,304 ----a-w c:\windows\system32\dllcache\ahui.exe
+ 2001-08-17 20:07:36 55,168 ----a-w c:\windows\system32\dllcache\aic78u2.sys
+ 2001-08-17 20:07:38 56,960 ----a-w c:\windows\system32\dllcache\aic78xx.sys
+ 2004-08-05 12:00:00 44,544 ----a-w c:\windows\system32\dllcache\alg.exe
+ 2001-08-17 18:11:18 27,678 ----a-w c:\windows\system32\dllcache\ali5261.sys
+ 2001-08-17 19:49:02 26,624 ----a-w c:\windows\system32\dllcache\alifir.sys
+ 2001-08-17 19:51:56 5,248 ----a-w c:\windows\system32\dllcache\aliide.sys
+ 2004-08-03 21:07:42 42,752 ----a-w c:\windows\system32\dllcache\alim1541.sys
+ 2004-08-05 12:00:00 17,408 ----a-w c:\windows\system32\dllcache\alrsvc.dll
+ 2001-08-17 18:11:20 16,969 ----a-w c:\windows\system32\dllcache\amb8002.sys
+ 2004-08-03 21:07:44 43,008 ----a-w c:\windows\system32\dllcache\amdagp.sys
+ 2004-08-05 12:00:00 41,216 ----a-w c:\windows\system32\dllcache\amdk6.sys
+ 2004-08-05 12:00:00 41,600 ----a-w c:\windows\system32\dllcache\amdk7.sys
+ 2001-08-17 19:52:04 12,032 ----a-w c:\windows\system32\dllcache\amsint.sys
+ 2004-08-05 12:00:00 70,656 ----a-w c:\windows\system32\dllcache\amstream.dll
+ 2004-08-03 20:31:20 36,224 ----a-w c:\windows\system32\dllcache\an983.sys
+ 2004-08-05 12:00:00 9,037 ----a-w c:\windows\system32\dllcache\ansi.sys
+ 2004-08-05 12:00:00 102,912 ----a-w c:\windows\system32\dllcache\apcups.dll
+ 2001-08-17 19:47:22 6,272 ----a-w c:\windows\system32\dllcache\apmbatt.sys
+ 2004-08-05 12:00:00 12,642 ----a-w c:\windows\system32\dllcache\append.exe
+ 2004-08-05 12:00:00 334,336 ----a-w c:\windows\system32\dllcache\aqueue.dll
+ 2004-08-05 12:00:00 19,968 ----a-w c:\windows\system32\dllcache\arp.exe
+ 2004-08-05 12:00:00 60,800 ----a-w c:\windows\system32\dllcache\arp1394.sys
+ 2001-08-17 19:52:00 26,496 ----a-w c:\windows\system32\dllcache\asc.sys
+ 2001-08-17 19:52:04 22,400 ----a-w c:\windows\system32\dllcache\asc3350p.sys
+ 2001-08-17 19:51:58 14,848 ----a-w c:\windows\system32\dllcache\asc3550.sys
+ 2001-08-17 18:12:34 97,354 ----a-w c:\windows\system32\dllcache\aspndis3.sys
+ 2004-08-05 12:00:00 65,024 ----a-w c:\windows\system32\dllcache\asycfilt.dll
+ 2004-08-05 12:00:00 14,336 ----a-w c:\windows\system32\dllcache\asyncmac.sys
+ 2004-08-05 12:00:00 25,088 ----a-w c:\windows\system32\dllcache\at.exe
+ 2004-08-03 20:59:44 95,360 ----a-w c:\windows\system32\dllcache\atapi.sys
+ 2001-08-23 15:46:44 96,128 ----a-w c:\windows\system32\dllcache\ati.dll
+ 2001-08-23 14:59:32 77,824 ----a-w c:\windows\system32\dllcache\ati.sys
+ 2004-08-03 20:29:30 56,623 ----a-w c:\windows\system32\dllcache\ati1btxx.sys
+ 2004-08-03 20:29:30 11,615 ----a-w c:\windows\system32\dllcache\ati1mdxx.sys
+ 2004-08-03 20:29:30 12,047 ----a-w c:\windows\system32\dllcache\ati1pdxx.sys
+ 2004-08-03 20:29:32 30,671 ----a-w c:\windows\system32\dllcache\ati1raxx.sys
+ 2004-08-03 20:29:32 63,663 ----a-w c:\windows\system32\dllcache\ati1rvxx.sys
+ 2004-08-03 20:29:32 26,367 ----a-w c:\windows\system32\dllcache\ati1snxx.sys
+ 2004-08-03 20:29:32 21,343 ----a-w c:\windows\system32\dllcache\ati1ttxx.sys
+ 2004-08-03 20:29:32 36,463 ----a-w c:\windows\system32\dllcache\ati1tuxx.sys
+ 2004-08-03 20:29:32 29,455 ----a-w c:\windows\system32\dllcache\ati1xbxx.sys
+ 2004-08-03 20:29:32 34,735 ----a-w c:\windows\system32\dllcache\ati1xsxx.sys
+ 2004-08-03 22:54:22 229,376 ----a-w c:\windows\system32\dllcache\ati2cqag.dll
+ 2004-08-03 22:54:22 377,984 ----a-w c:\windows\system32\dllcache\ati2dvaa.dll
+ 2004-08-03 22:54:22 201,728 ----a-w c:\windows\system32\dllcache\ati2dvag.dll
+ 2004-08-03 22:38:42 327,168 ----a-w c:\windows\system32\dllcache\ati2mtaa.sys
+ 2004-08-03 22:38:44 701,440 ----a-w c:\windows\system32\dllcache\ati2mtag.sys
+ 2004-08-03 22:54:22 870,784 ----a-w c:\windows\system32\dllcache\ati3d1ag.dll
+ 2004-08-03 22:54:22 1,888,992 ----a-w c:\windows\system32\dllcache\ati3duag.dll
+ 2001-08-17 18:49:04 46,464 ----a-w c:\windows\system32\dllcache\atibt829.sys
+ 2001-08-23 15:46:44 382,592 ----a-w c:\windows\system32\dllcache\atidrab.dll
+ 2001-08-23 15:46:44 137,216 ----a-w c:\windows\system32\dllcache\atidrae.dll
+ 2001-08-23 15:46:44 268,160 ----a-w c:\windows\system32\dllcache\atidvai.dll
+ 2001-08-23 15:47:26 37,376 ----a-w c:\windows\system32\dllcache\atievxx.exe
+ 2001-08-23 14:59:36 289,920 ----a-w c:\windows\system32\dllcache\atimpab.sys
+ 2001-08-23 14:59:36 75,392 ----a-w c:\windows\system32\dllcache\atimpae.sys
+ 2001-08-23 14:59:38 281,728 ----a-w c:\windows\system32\dllcache\atimtai.sys
+ 2004-08-03 20:29:28 57,856 ----a-w c:\windows\system32\dllcache\atinbtxx.sys
+ 2004-08-03 20:29:30 13,824 ----a-w c:\windows\system32\dllcache\atinmdxx.sys
+ 2004-08-03 20:29:30 14,336 ----a-w c:\wind
0
Malcom911 Messages postés 849 Statut Membre 44 > fredjibb Messages postés 230 Statut Membre
 
va ici ---> https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr

fait un scan en ligne (il va te le trouvé) et une fois que tu as le chemin du virus tu n'as plus qu'à le supprimer
0
fredjibb Messages postés 230 Statut Membre 1 > Malcom911 Messages postés 849 Statut Membre
 
je l'ai fait mais il ne trouve rien du tout
0
Malcom911 Messages postés 849 Statut Membre 44 > fredjibb Messages postés 230 Statut Membre
 
essaye cela-la alors ---> https://www.bitdefender.com/toolbox/
0
Réponse 9 / 17
fredjibb Messages postés 230 Statut Membre 1
 
même s'il a été supprimé je trouve quemon pc n'a pas un comportement normal il rame et de plus je n'arrive plus à supprimer des fichiers temporaires du dossier temp de windows
le prefetch ne se vide plus non plus
enfin bref mon pc allait mieux avant....
qu'est ce que je peux faire????
0
Réponse 10 / 17
noctambule28 Messages postés 33382 Date d'inscription   Statut Webmaster Dernière intervention   2 858
 
En attendant le reste

Relance Toolbar-S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.

NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
0
fredjibb Messages postés 230 Statut Membre 1
 
ok j'ai pris l'option 2 dans le logiciel voici le rapport que tu m'as demandé
encore merci de ton aide et de ton temps pour répondre

-----------\\ ToolBar S&D 1.2.5 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Turion(tm) 64 X2 Mobile Technology TL-50 )
BIOS : Insyde Software MobilePRO BIOS Version 4.20.10
USER : akira ( Administrator )
BOOT : Normal boot
Antivirus : Bitdefender Antivirus 8.0 (Activated)
Firewall : Bitdefender Firewall 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:85 Go (Free:50 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
F:\ (USB)

"C:\ToolBar SD" ( MAJ : 20-11-2008|20:25 )
Option : [2] ( 26/11/2008|14:15 )

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ Extensions

(akira) - {4AB21F99-91C5-4a9d-813E-425841874FB1} => bloodfire-1.0.1-fx
(akira) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\windows\\system32\\blank.htm"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\windows\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - 25/11/2008|12:02 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 26/11/2008|14:17 - Option : [2]

-----------\\ Fin du rapport a 14:17:38,04
0
Réponse 11 / 17
noctambule28 Messages postés 33382 Date d'inscription   Statut Webmaster Dernière intervention   2 858
 
Je t'avais aussi demandé un rapport diaghelp et de poster le rapport complet de combofix!

Tu peux le faire stp
0
fredjibb Messages postés 230 Statut Membre 1
 
voila ci joint le rapport de diag help
merci de ton aide
DiagHelp version v1.4 - http://www.malekal.com
excute le 27/11/2008 à 9:19:03,71


Liste des derniers fichies modifies/crees dans windir\system32 et prefetch
C:\WINDOWS\prefetch\CMD.EXE-034B0549.pf -->27/11/2008 09:18:50
C:\WINDOWS\prefetch\CHCP.COM-17EDBDC9.pf -->27/11/2008 09:18:49
C:\WINDOWS\prefetch\OPERA.EXE-3B75DA17.pf -->27/11/2008 09:16:31
C:\WINDOWS\prefetch\SECCENTER.EXE-31DA92EB.pf -->27/11/2008 09:13:00
C:\WINDOWS\prefetch\DRWTSN32.EXE-01DDCF15.pf -->27/11/2008 09:12:21
C:\WINDOWS\prefetch\WMIPRVSE.EXE-0D449B4F.pf -->27/11/2008 09:11:16
C:\WINDOWS\prefetch\HELPSVC.EXE-1C192440.pf -->27/11/2008 09:11:03
C:\WINDOWS\prefetch\MCDCHECK.EXE-07FA1232.pf -->27/11/2008 09:00:06
C:\WINDOWS\prefetch\WSWITCH.EXE-0A23C308.pf -->27/11/2008 09:00:01
C:\WINDOWS\prefetch\PBCARNOT.EXE-34461DF3.pf -->27/11/2008 09:00:00

C:\WINDOWS\System32\drivers\mrxsmb.sys -->24/10/2008 12:10:42
C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->09/09/2008 23:04:02
C:\WINDOWS\System32\drivers\mbam.sys -->09/09/2008 23:03:56
C:\WINDOWS\System32\drivers\srv.sys -->28/08/2008 11:04:17
C:\WINDOWS\System32\drivers\afd.sys -->14/08/2008 10:51:43
C:\WINDOWS\System32\drivers\tcpip.sys -->20/06/2008 11:45:13
C:\WINDOWS\System32\drivers\tcpip6.sys -->20/06/2008 10:52:06

C:\WINDOWS\System32\bdod.bin -->27/11/2008 08:59:18
C:\WINDOWS\System32\nvapps.xml -->27/11/2008 08:44:40
C:\WINDOWS\System32\wpa.dbl -->27/11/2008 08:44:35
C:\WINDOWS\System32\tmp.txt -->23/11/2008 22:47:47
C:\WINDOWS\System32\tmp.reg -->23/11/2008 22:47:47
C:\WINDOWS\System32\PerfStringBackup.TMP -->23/11/2008 20:47:37
C:\WINDOWS\System32\PerfStringBackup.INI -->23/11/2008 20:47:37
C:\WINDOWS\System32\perfh00C.dat -->23/11/2008 20:47:37
C:\WINDOWS\System32\perfh009.dat -->23/11/2008 20:47:37
C:\WINDOWS\System32\perfc00C.dat -->23/11/2008 20:47:37
C:\WINDOWS\System32\perfc009.dat -->23/11/2008 20:47:37
C:\WINDOWS\System32\MRT.exe -->04/11/2008 01:10:25
C:\WINDOWS\System32\FNTCACHE.DAT -->31/10/2008 06:59:12
C:\WINDOWS\System32\TUKernel.exe -->30/10/2008 09:36:35
C:\WINDOWS\System32\wuweb.dll -->16/10/2008 14:13:40
C:\WINDOWS\System32\wuaueng.dll -->16/10/2008 14:13:40
C:\WINDOWS\System32\wucltui.dll -->16/10/2008 14:12:22
C:\WINDOWS\System32\wuaucpl.cpl -->16/10/2008 14:12:20
C:\WINDOWS\System32\wuapi.dll -->16/10/2008 14:12:20
C:\WINDOWS\System32\wups2.dll -->16/10/2008 14:09:44
C:\WINDOWS\System32\wucltui.dll.mui -->16/10/2008 14:09:44
C:\WINDOWS\System32\wuauclt.exe -->16/10/2008 14:09:44
C:\WINDOWS\System32\cdm.dll -->16/10/2008 14:09:44
C:\WINDOWS\System32\wups.dll -->16/10/2008 14:08:58
C:\WINDOWS\System32\wuapi.dll.mui -->16/10/2008 14:08:06

C:\WINDOWS\WindowsUpdate.log -->27/11/2008 08:34:28
C:\WINDOWS\0.log -->27/11/2008 08:30:11
C:\WINDOWS\wiaservc.log -->27/11/2008 08:28:46
C:\WINDOWS\wiadebug.log -->27/11/2008 08:28:46
C:\WINDOWS\bootstat.dat -->27/11/2008 08:28:42
C:\WINDOWS\SchedLgU.Txt -->27/11/2008 01:08:15
C:\WINDOWS\bdagent.INI -->27/11/2008 01:07:17
C:\WINDOWS\NeroDigital.ini -->26/11/2008 14:37:36
C:\WINDOWS\system.ini -->24/11/2008 07:17:46
C:\WINDOWS\ZZZZZZZZ.ZZZ -->23/11/2008 20:58:02
C:\WINDOWS\ZZZZZZZ.ZZZ -->22/11/2008 07:15:00
C:\WINDOWS\QTFont.qfn -->20/11/2008 12:23:44
C:\WINDOWS\QTFont.for -->07/11/2008 09:58:55
C:\WINDOWS\win.ini -->16/10/2008 09:50:55
C:\WINDOWS\ModemLog_Bluetooth DUN Modem.txt -->26/06/2008 23:06:47

winlogon.exe
Verified: Signed
svchost.exe
Verified: Signed
ws2_32.dll
Verified: Signed
user32.dll
Verified: Signed
tcpip.sys
Verified: Signed
ndis.sys
Verified: Signed
null.sys
Verified: Signed


ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com

------------------------------------------------------------------------------
explorer.exe pid: 3600
Command line: C:\WINDOWS\Explorer.EXE

Base Size Version Path
0x44080000 0xd0000 7.00.6000.16735 C:\WINDOWS\system32\WININET.dll
0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll
0x43e00000 0x45000 7.00.6000.16735 C:\WINDOWS\system32\iertutil.dll
0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\comctl32.dll
0x00ac0000 0x1c000 11.00.0000.1217 C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcInj.dll
0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll
0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL
0x7d200000 0x2be000 3.01.4000.4039 C:\WINDOWS\system32\msi.dll
0x44360000 0x5cd000 7.00.6000.16757 C:\WINDOWS\system32\ieframe.dll
0x44160000 0x127000 7.00.6000.16735 C:\WINDOWS\system32\urlmon.dll
0x442b0000 0x3c000 7.00.6000.16735 C:\WINDOWS\system32\webcheck.dll
0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll
0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll
0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll
0x10000000 0x4000 C:\Program Files\Unlocker\UnlockerHook.dll
0x00330000 0x6000 6.03.0002.0062 C:\DOCUME~1\akira\LOCALS~1\Temp\IadHide5.dll
0x00320000 0x7000 1.00.0000.0001 C:\PROGRA~1\Wanadoo\Inactivity.dll
0x00f90000 0x1c000 7.00.0000.0000 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll
0x01580000 0xd000 7.00.0009.0050 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
0x7c340000 0x56000 7.10.3052.0004 C:\WINDOWS\system32\MSVCR71.dll
0x01790000 0x39000 1.00.0011.0029 C:\Program Files\BitComet\tools\BitCometBHO.dll
0x325c0000 0x12000 11.00.5510.0000 C:\Program Files\Microsoft Office\OFFICE11\msohev.dll

ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com

------------------------------------------------------------------------------
winlogon.exe pid: 1464
Command line: winlogon.exe

Base Size Version Path
0x01000000 0x81000 \??\C:\WINDOWS\system32\winlogon.exe
0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\COMCTL32.dll
0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll
0x20000000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x01220000 0x3b000 1.07.0018.0005 C:\WINDOWS\system32\WgaLogon.dll
0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll


Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est 8082-51E7

Répertoire de C:\WINDOWS\system32

05/08/2004 13:00 6 144 csrss.exe
1 fichier(s) 6 144 octets
0 Rép(s) 53 905 784 832 octets libres

Contenu de Downloaded Program Files
Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est 8082-51E7

Répertoire de C:\WINDOWS\Downloaded Program Files

22/07/2008 21:05 <REP> .
22/07/2008 21:05 <REP> ..
30/06/2008 09:39 128 256 as2stubie.dll
27/06/2008 15:47 289 as2stubie.inf
07/12/2004 16:07 32 bdcore.dll
25/05/2006 00:21 118 784 bdupd.dll
16/08/2004 17:08 65 desktop.ini
25/07/2002 17:13 24 576 dwusplay.dll
25/07/2002 17:13 196 608 dwusplay.exe
25/05/2006 00:21 53 248 ipsupd.dll
27/07/2004 15:48 323 584 isusweb.dll
16/03/2005 11:34 7 407 lang.ini
18/07/2007 12:49 12 592 libcomm.dll
07/12/2004 16:07 32 libfn.dll
14/03/2005 13:38 126 live.ini
20/01/2000 15:25 1 162 Microsoft XML Parser for Java.osd
01/06/2006 01:57 1 331 oscan8.inf
01/06/2006 01:54 471 040 oscan8.ocx
31/05/2006 03:15 10 oscan81.ocx_x
14/03/2005 13:58 7 073 scanoptions.tsi
09/11/2006 14:36 5 019 swflash.inf
19 fichier(s) 1 351 234 octets

Total des fichiers listés :
19 fichier(s) 1 351 234 octets
2 Rép(s) 53 905 784 832 octets libres

Recherche de rootkit! (Merci S!Ri)

Recherche d'infections connues

Export des clefs sensibles..


Liste des fichiers en exception sur le pare-feu XP SP2

"%ProgramFiles%\\AOL 9.0\\aol.exe"="%ProgramFiles%\\AOL 9.0\\aol.exe:*:Enabled:AOL"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\lxctcoms.exe"="C:\\WINDOWS\\system32\\lxctcoms.exe:*:Enabled:Lexmark Communications System"
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"="C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe:*:Enabled:EasyShare"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"="C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"="C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL 9.0"
"C:\\APPS\\skype\\phone\\Skype.exe"="C:\\APPS\\skype\\phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"="C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe:*:Enabled:MySpaceIM"

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL 9.0"

Export de la clef SharedTaskScheduler

[SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"



exports des policies
REGEDIT4

[system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"HideLegacyLogonScripts"=dword:00000000
"HideLogoffScripts"=dword:00000000
"RunLogonScriptSync"=dword:00000001
"RunStartupScriptSync"=dword:00000000
"HideStartupScripts"=dword:00000000
"DisableRegistryTools"=dword:00000000



Export des clefs sensibles..
Rechercher adresses sensibles dans le fichier HOSTS...
127.0.0.1 www.activexupdate.com
127.0.0.1 activexupdate.com
127.0.0.1 www.antispywareupdates.net
127.0.0.1 antispywareupdates.net
127.0.0.1 www.aviupdate.com
127.0.0.1 aviupdate.com
127.0.0.1 www.avpcheckupdate.com
127.0.0.1 avpcheckupdate.com
127.0.0.1 client.exeupdate.com
127.0.0.1 www.eupdatepage.com
127.0.0.1 eupdatepage.com
127.0.0.1 www.exeupdate.com
127.0.0.1 exeupdate.com
127.0.0.1 www.flwupdate.com
127.0.0.1 flwupdate.com
127.0.0.1 www.hotwinupdates.com
127.0.0.1 hotwinupdates.com
127.0.0.1 www.lavasoftupdate.com
127.0.0.1 lavasoftupdate.com
127.0.0.1 www.malwarewipeupdate.com
127.0.0.1 malwarewipeupdate.com
127.0.0.1 www.movupdate.com
127.0.0.1 movupdate.com
127.0.0.1 www.mpegupdate.com
127.0.0.1 mpegupdate.com
127.0.0.1 www.msupdate.net
127.0.0.1 msupdate.net
127.0.0.1 www.msupdater.net
127.0.0.1 msupdater.net
127.0.0.1 www.necessaryupdates.com
127.0.0.1 necessaryupdates.com
127.0.0.1 newupdates.lzio.com
127.0.0.1 www.plupdate.com
127.0.0.1 plupdate.com
127.0.0.1 redirect.msupdate.net
127.0.0.1 www.registryupdate.org
127.0.0.1 registryupdate.org
127.0.0.1 search.keyword.exeupdate.com
127.0.0.1 www.securityupdatesite.com
127.0.0.1 securityupdatesite.com
127.0.0.1 settings.updatemysettings.com
127.0.0.1 www.spyaxeupdate.com
127.0.0.1 spyaxeupdate.com
127.0.0.1 www.spyfalconupdate.com
127.0.0.1 spyfalconupdate.com
127.0.0.1 www.systemupdates.net
127.0.0.1 systemupdates.net
127.0.0.1 trial.updates.winsoftware.com
127.0.0.1 update.680180.net
127.0.0.1 update.shareaza.com
127.0.0.1 www.updatemysettings.com
127.0.0.1 updatemysettings.com
127.0.0.1 updates.spywarequake.com
127.0.0.1 www.updatesantivirus.com
127.0.0.1 updatesantivirus.com
127.0.0.1 www.urgentsystemupdate.biz
127.0.0.1 urgentsystemupdate.biz
127.0.0.1 www.urgentsystemupdate.com
127.0.0.1 urgentsystemupdate.com
127.0.0.1 windupdates.com
127.0.0.1 www.xp-vista-update.net
127.0.0.1 xp-vista-update.net
127.0.0.1 www.pandaantivirus-2007.com
127.0.0.1 pandaantivirus-2007.com
127.0.0.1 www.pandadownload-now.com
127.0.0.1 pandadownload-now.com
127.0.0.1 www.panda-hq.com
127.0.0.1 panda-hq.com
catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-27 09:19:46
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden services: 0
hidden files: 0


KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

Process list by traversal of KiWaitListHead

4 - System
140 - RTHDCPL.exe
232 - SynTPLpr.exe
236 - vsserv.exe
268 - USBDeviceServic
348 - SynTPEnh.exe
352 - xcommsvr.exe
384 - svchost.exe
520 - livesrv.exe
668 - svchost.exe
768 - CLSched.exe
808 - BTNtService.exe
892 - LVPrcSrv.exe
964 - AOLacsd.exe
1028 - Watch.exe
1036 - mDNSResponder.e
1096 - CLCapSvc.exe
1128 - CLMLServer.exe
1228 - LVComSer.exe
1264 - VCDDaemon.exe
1272 - lxctcoms.exe
1292 - PCMService.exe
1304 - nvsvc32.exe
1308 - ALERTM~1.EXE
1344 - QuickCam10.exe
1440 - csrss.exe
1464 - winlogon.exe
1508 - services.exe
1520 - lsass.exe
1692 - svchost.exe
1740 - svchost.exe
1764 - DetectorApp.exe
1800 - bdagent.exe
1936 - svchost.exe
1980 - svchost.exe
2036 - svchost.exe
2088 - lxctmon.exe
2216 - ezprint.exe
2280 - QTTask.exe
2284 - ComComp.exe
2392 - Kodak Software
2396 - Communications_
2492 - TaskBarIcon.exe
2544 - UnlockerAssista
2648 - svchost.exe
2732 - alg.exe
2780 - ctfmon.exe
3004 - PBDataSecure.ex
3160 - EasyShare.exe
3184 - cmd.exe
3212 - GestionnaireInt
3408 - Toaster.exe
3420 - Inactivity.exe
3448 - PollingModule.e
3600 - explorer.exe
3984 - COCIManager.exe

Total number of processes = 56
NOTE: Under WinXP, this will not show all processes.

KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

Driver/Module list by traversal of PsLoadedModuleList

804D7000 - \WINDOWS\system32\TUKERNEL.EXE
80722000 - \WINDOWS\system32\hal.dll
F7987000 - \WINDOWS\system32\KDCOM.DLL
F7897000 - \WINDOWS\system32\BOOTVID.dll
F7437000 - ACPI.sys
F7989000 - \WINDOWS\system32\DRIVERS\WMILIB.SYS
F7426000 - pci.sys
F7487000 - isapnp.sys
F789B000 - compbatt.sys
F789F000 - \WINDOWS\system32\DRIVERS\BATTC.SYS
F7A4F000 - pciide.sys
F7707000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
F798B000 - aliide.sys
F798D000 - intelide.sys
F798F000 - toside.sys
F7991000 - viaide.sys
F7993000 - cmdide.sys
F7497000 - MountMgr.sys
F7407000 - ftdisk.sys
F770F000 - PartMgr.sys
F78A3000 - ACPIEC.sys
F7A50000 - \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
F7717000 - pavboot.sys
F771F000 - sfsync02.sys
F74A7000 - VolSnap.sys
F7727000 - VClone.sys
F73EF000 - \WINDOWS\system32\DRIVERS\SCSIPORT.SYS
F78A7000 - cpqarray.sys
F73D7000 - atapi.sys
F78AB000 - aha154x.sys
F772F000 - sparrow.sys
F78AF000 - symc810.sys
F74B7000 - aic78xx.sys
F78B3000 - dac960nt.sys
F74C7000 - ql10wnt.sys
F78B7000 - amsint.sys
F7737000 - asc.sys
F78BB000 - asc3550.sys
F773F000 - mraid35x.sys
F7747000 - i2omp.sys
F78BF000 - ini910u.sys
F74D7000 - ql1240.sys
F74E7000 - aic78u2.sys
F774F000 - symc8xx.sys
F7757000 - sym_hi.sys
F775F000 - sym_u3.sys
F7767000 - ABP480N5.SYS
F776F000 - asc3350p.sys
F7995000 - cd20xrnt.sys
F74F7000 - ultra.sys
F73BE000 - adpu160m.sys
F7777000 - dpti2o.sys
F7507000 - ql1080.sys
F7517000 - ql1280.sys
F7527000 - ql12160.sys
F777F000 - perc2.sys
F7997000 - perc2hib.sys
F7787000 - hpn.sys
F78C3000 - cbidf2k.sys
F7392000 - dac2w2k.sys
F7537000 - disk.sys
F7547000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
F7372000 - fltMgr.sys
F7360000 - sr.sys
F7557000 - PxHelp20.sys
F7349000 - KSecDD.sys
F7336000 - WudfPf.sys
F72A9000 - Ntfs.sys
F727C000 - NDIS.sys
F78C7000 - vbtenum.sys
F7567000 - sisagp.sys
F7577000 - viaagp.sys
F778F000 - sfhlp02.sys
F7587000 - sfdrv01.sys
F7261000 - Mup.sys
F7797000 - BTHidMgr.sys
F7597000 - alim1541.sys
F75A7000 - amdagp.sys
F75B7000 - agp440.sys
F75C7000 - agpCPQ.sys
F7617000 - \SystemRoot\system32\DRIVERS\AmdK8.sys
F7175000 - \SystemRoot\system32\DRIVERS\CmBatt.sys
F63A3000 - \SystemRoot\system32\DRIVERS\nv4_mini.sys
F638F000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
F7627000 - \SystemRoot\system32\DRIVERS\i8042prt.sys
F689C000 - \SystemRoot\system32\DRIVERS\kbdclass.sys
F6360000 - \SystemRoot\system32\DRIVERS\SynTP.sys
F79C3000 - \SystemRoot\system32\DRIVERS\USBD.SYS
F6894000 - \SystemRoot\system32\DRIVERS\mouclass.sys
F715D000 - \SystemRoot\system32\DRIVERS\nvsmu.sys
F688C000 - \SystemRoot\system32\DRIVERS\usbohci.sys
F633D000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS
F6884000 - \SystemRoot\system32\DRIVERS\usbehci.sys
F7637000 - \SystemRoot\system32\DRIVERS\imapi.sys
F79C5000 - \SystemRoot\System32\Drivers\ElbyDelay.sys
F7647000 - \SystemRoot\system32\DRIVERS\cdrom.sys
F7657000 - \SystemRoot\system32\DRIVERS\redbook.sys
F631A000 - \SystemRoot\system32\DRIVERS\ks.sys
F62F5000 - \SystemRoot\system32\DRIVERS\HDAudBus.sys
F7155000 - \SystemRoot\system32\DRIVERS\nvnetbus.sys
F62AA000 - \SystemRoot\system32\DRIVERS\NVNRM.SYS
F6273000 - \SystemRoot\system32\DRIVERS\NVSNPU.SYS
F7667000 - \SystemRoot\System32\Drivers\VcommMgr.sys
F687C000 - \SystemRoot\system32\DRIVERS\blueletaudio.sys
F6251000 - \SystemRoot\system32\DRIVERS\portcls.sys
F7687000 - \SystemRoot\system32\DRIVERS\drmk.sys
F6874000 - \SystemRoot\system32\DRIVERS\BlueletSCOAudio.sys
F7A52000 - \SystemRoot\system32\DRIVERS\audstub.sys
F79C7000 - \SystemRoot\System32\Drivers\RootMdm.sys
F686C000 - \SystemRoot\System32\Drivers\Modem.SYS
F76F7000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys
F7151000 - \SystemRoot\system32\DRIVERS\ndistapi.sys
F61F0000 - \SystemRoot\system32\DRIVERS\ndiswan.sys
F7251000 - \SystemRoot\system32\DRIVERS\raspppoe.sys
F7241000 - \SystemRoot\system32\DRIVERS\raspptp.sys
F6864000 - \SystemRoot\system32\DRIVERS\TDI.SYS
F61DF000 - \SystemRoot\system32\DRIVERS\psched.sys
F7231000 - \SystemRoot\system32\DRIVERS\msgpc.sys
F685C000 - \SystemRoot\system32\DRIVERS\ptilink.sys
F6854000 - \SystemRoot\system32\DRIVERS\raspti.sys
F7807000 - \SystemRoot\system32\DRIVERS\wanatw4.sys
F7145000 - \SystemRoot\system32\DRIVERS\btnetdrv.sys
F780F000 - \SystemRoot\system32\DRIVERS\VComm.sys
F7141000 - \SystemRoot\system32\DRIVERS\serenum.sys
F7211000 - \SystemRoot\system32\DRIVERS\termdd.sys
F61CB000 - \SystemRoot\system32\DRIVERS\bdfndisf.sys
F79C9000 - \SystemRoot\system32\DRIVERS\swenum.sys
F6197000 - \SystemRoot\system32\DRIVERS\update.sys
F7135000 - \SystemRoot\system32\DRIVERS\mssmbios.sys
F7201000 - \SystemRoot\system32\DRIVERS\NVENETFD.sys
F71F1000 - \SystemRoot\System32\Drivers\NDProxy.SYS
F71D1000 - \SystemRoot\system32\DRIVERS\usbhub.sys
F3C90000 - \SystemRoot\system32\drivers\RtkHDAud.sys
F79D7000 - \SystemRoot\System32\Drivers\i2omgmt.SYS
F781F000 - \SystemRoot\system32\DRIVERS\usbccgp.sys
F79D9000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS
F7BDE000 - \SystemRoot\System32\Drivers\Null.SYS
F79DB000 - \SystemRoot\System32\Drivers\Beep.SYS
F782F000 - \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
F7837000 - \SystemRoot\System32\drivers\vga.sys
F79DD000 - \SystemRoot\System32\Drivers\mnmdd.SYS
F79E1000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys
F784F000 - \SystemRoot\System32\Drivers\Msfs.SYS
F7857000 - \SystemRoot\System32\Drivers\Npfs.SYS
F617F000 - \SystemRoot\system32\DRIVERS\rasacd.sys
F3C18000 - \SystemRoot\system32\DRIVERS\ipsec.sys
F3BC0000 - \SystemRoot\system32\DRIVERS\tcpip.sys
F3B9B000 - \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys
F3B7A000 - \SystemRoot\system32\DRIVERS\ipnat.sys
F3B52000 - \SystemRoot\system32\DRIVERS\netbt.sys
F75F7000 - \SystemRoot\system32\DRIVERS\wanarp.sys
F3B30000 - \SystemRoot\System32\drivers\afd.sys
F6A5D000 - \SystemRoot\system32\DRIVERS\netbios.sys
F3850000 - \SystemRoot\System32\drivers\truecrypt.sys
F6A3D000 - \SystemRoot\system32\drivers\LVUSBSta.sys
F3719000 - \SystemRoot\system32\DRIVERS\LV302V32.SYS
F79E3000 - \SystemRoot\system32\DRIVERS\lv302af.sys
F6A2D000 - \SystemRoot\system32\drivers\usbaudio.sys
F36EE000 - \SystemRoot\system32\DRIVERS\rdbss.sys
F367F000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys
F6A1D000 - \SystemRoot\System32\Drivers\Fips.SYS
F35CF000 - \SystemRoot\system32\DRIVERS\rt73.sys
F717D000 - \SystemRoot\system32\DRIVERS\usbscan.sys
F786F000 - \SystemRoot\system32\DRIVERS\usbprint.sys
F7877000 - \SystemRoot\system32\DRIVERS\USBSTOR.SYS
F7171000 - \SystemRoot\system32\DRIVERS\hidusb.sys
F76E7000 - \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
F69ED000 - \SystemRoot\System32\Drivers\Cdfs.SYS
F3517000 - \SystemRoot\System32\Drivers\dump_atapi.sys
F79CF000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS
BF800000 - \SystemRoot\System32\win32k.sys
F3623000 - \SystemRoot\System32\drivers\Dxapi.sys
F366F000 - \SystemRoot\System32\watchdog.sys
BF9C3000 - \SystemRoot\System32\drivers\dxg.sys
F7B65000 - \SystemRoot\System32\drivers\dxgthk.sys
BF9D5000 - \SystemRoot\System32\nv4_disp.dll
BAD70000 - \SystemRoot\system32\DRIVERS\ndisuio.sys
B9B04000 - \SystemRoot\system32\DRIVERS\mrxdav.sys
F7A1D000 - \SystemRoot\System32\Drivers\ASCTRM.SYS
F7A23000 - \SystemRoot\System32\Drivers\ElbyCDIO.sys
B91AB000 - \SystemRoot\System32\Drivers\HTTP.sys
F785F000 - \SystemRoot\system32\DRIVERS\Ip6Fw.sys
B914B000 - \SystemRoot\system32\DRIVERS\tcpip6.sys
B90F9000 - \SystemRoot\system32\DRIVERS\srv.sys
B901C000 - \SystemRoot\system32\drivers\wdmaud.sys
BA388000 - \SystemRoot\system32\drivers\sysaudio.sys
F77E7000 - \SystemRoot\system32\DRIVERS\LVPr2Mon.sys
B8C5A000 - \??\C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys
B8A4F000 - \SystemRoot\system32\drivers\bdfsfltr.sys
B81C6000 - \??\C:\WINDOWS\system32\PCANDIS5.SYS
B804F000 - \SystemRoot\System32\Drivers\Fastfat.SYS
F7B24000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys

Total number of drivers = 192

Liste des programmes installes

Adobe Flash Player 9 ActiveX
Adobe Flash Player Plugin
Adobe Photoshop CS2 Portable Par Le Nettoyeur
Adobe Reader 7.1.0 - Français
Archiveur WinRAR
Barre d'outils Outlook de Windows Live (Windows Live Toolbar)
BitComet 0.79
BitDefender Internet Security 2008
Bloqueur de fenêtres pop-up (Windows Live Toolbar)
Bluesoleil2.7.0.8 VoIP Release 070930
Bonjour
Bonjour
CardRd81
CCleaner (remove only)
CCScore
Codeur Windows Media Série 9
Correctif pour Windows Internet Explorer 7 (KB947864)
CR2
DIGIPILLS Miniphoto
Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)
eMule
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESShelp
ESSini
ESSPCD
ESSPDock
ESSSONIC
ESSTOOLS
essvatgt
essvcpt
Extension de Windows Live Toolbar (Windows Live Toolbar)
FindyKill
Galerie de photos Windows Live
Gestionnaire Internet
HijackThis 2.0.2
HLPPDOCK
Java(TM) SE Development Kit 6
Java(TM) SE Runtime Environment 6
Java(TM) SE Runtime Environment 6 Update 1
kgcbase
KSU
Lecteur Windows Media 11
Les Simpson - Le film Screen Saver
Lexmark 5400 Series
Lexmark Barre d'outils
livebox
LiveUpdate 1.80 (Symantec Corporation)
Logiciel Kodak EasyShare
Logitech Audio Echo Cancellation Component
Logitech QuickCam
Logitech Video Enumerator
Macromedia Shockwave Player
Malwarebytes' Anti-Malware
MediaCoder 0.6.0
Menus intelligents (Windows Live Toolbar)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 French Language Pack
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Language Pack - FRA
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft User-Mode Driver Framework Feature Pack 1.0
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA
Mozilla Firefox (2.0.0.11)
MSN
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MVision
MySpaceIM
Navigateur Orange
Navilog1 Version 2.0.5
Nero 6 Ultra Edition
neroxml
Notifier
NVIDIA Drivers
OfotoXMI
OneCare Advisor (Windows Live Toolbar)
Opera 9.62
OTtBP
OTtBPSDK
Packard Bell Data Secure
Panda ActiveScan 2.0
Photoshop CS2
Programme de gestion Camera de Logitech®
QuickTime
Readiris Pro 8
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
SFR
SHASTA
SKIN0001
SKINXSDK
Sonic Express Labeler
Sonic MyDVD LE
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
staticcr
TrueCrypt
TuneUp Utilities 2007
Unlocker 1.8.7
VCRedistSetup
VirtualCloneDrive
VPRINTOL
WD Diagnostics
WebFldrs XP
Winamp
Windows Imaging Component
Windows Internet Explorer 7
Windows Live installer
Windows Live Messenger
Windows Live Toolbar
Windows Live Toolbar
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
WIRELESS
Yahoo! Install Manager



Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est 8082-51E7

Répertoire de C:\Program Files

24/11/2008 12:31 <REP> .
24/11/2008 12:31 <REP> ..
15/09/2007 18:59 <REP> Abbyy FineReader 6.0 Sprint
28/01/2007 14:53 <REP> Adobe
27/12/2007 10:54 <REP> Ahead
01/07/2008 20:39 <REP> AOL 9.0
24/09/2008 19:44 <REP> Apple Software Update
09/07/2007 05:34 <REP> BitComet
02/11/2008 21:04 <REP> BitDefender
11/09/2008 13:31 <REP> Bonjour
09/07/2007 05:34 <REP> CCleaner
24/08/2006 22:56 <REP> CyberLink
28/10/2007 17:30 <REP> Elaborate Bytes
23/10/2008 10:48 <REP> eMule
24/11/2008 07:15 <REP> Fichiers communs
23/11/2008 23:30 <REP> FindyKill
12/12/2007 12:35 <REP> Google
31/07/2007 11:01 <REP> Grisoft
09/07/2007 05:34 <REP> IncrediMail
15/10/2008 22:07 <REP> Internet Explorer
30/03/2008 12:54 <REP> IVT Corporation
29/05/2008 00:29 <REP> Java
22/11/2007 09:18 <REP> Kodak
24/08/2006 22:41 <REP> Learn2.com
09/07/2007 05:34 <REP> Lexmark 5400 Series
26/11/2006 14:37 <REP> Lexmark Toolbar
15/06/2007 05:13 <REP> Logitech
27/11/2008 08:44 <REP> Lx_cats
23/11/2008 21:21 <REP> Malwarebytes' Anti-Malware
05/11/2007 21:14 <REP> MediaCoder
17/08/2008 02:25 <REP> Messenger
09/05/2007 02:04 <REP> Microsoft CAPICOM 2.1.0.2
16/08/2004 17:11 <REP> microsoft frontpage
21/01/2007 13:11 <REP> Microsoft Office
14/11/2007 06:26 <REP> Microsoft SQL Server Compact Edition
21/01/2007 13:10 <REP> Microsoft.NET
09/07/2007 05:33 <REP> Miniphoto
09/07/2007 05:34 <REP> Movie Maker
24/11/2008 06:56 <REP> Mozilla Firefox
23/12/2006 12:22 <REP> MSN
16/08/2004 17:03 <REP> MSN Gaming Zone
12/11/2008 01:15 <REP> MSXML 4.0
31/05/2007 16:03 <REP> MySpace
06/06/2008 08:46 <REP> Navilog1
09/07/2007 05:34 <REP> NetMeeting
09/07/2007 05:34 <REP> Online Services
06/11/2008 11:37 <REP> Opera
09/07/2007 05:34 <REP> Outlook Express
27/11/2008 08:45 <REP> Packard Bell Data Secure
15/05/2008 20:35 <REP> Panda Security
22/11/2007 09:18 <REP> QuickTime
25/10/2007 06:06 <REP> Readiris Pro 8
24/08/2006 22:40 <REP> Real
24/08/2006 22:29 <REP> Realtek
07/02/2007 20:30 <REP> SAGEM
22/12/2006 12:12 <REP> Securitoo
09/07/2007 05:34 <REP> Services en ligne
09/07/2007 05:34 <REP> ShowTime
28/10/2007 17:29 <REP> SlySoft
24/08/2006 22:43 <REP> Sonic
24/11/2008 00:36 <REP> Spybot - Search & Destroy
06/06/2008 10:39 <REP> Symantec
06/06/2008 13:20 <REP> SymNetDrv
24/08/2006 22:17 <REP> Synaptics
12/09/2008 10:44 <REP> TeaTimer (Spybot - Search & Destroy)
21/02/2008 10:11 <REP> TrueCrypt
09/07/2007 05:34 <REP> TuneUp Utilities 2007
24/08/2006 22:54 <REP> Ulead Systems
24/11/2008 12:32 <REP> Unlocker
27/11/2008 08:45 <REP> Wanadoo
11/12/2007 18:58 <REP> Western Digital Technologies
03/03/2008 07:23 <REP> Winamp
27/02/2008 20:09 <REP> Windows Live
01/12/2007 06:24 <REP> Windows Live Toolbar
24/08/2006 22:53 <REP> Windows Media Components
25/10/2007 06:06 <REP> Windows Media Connect 2
09/07/2007 05:34 <REP> Windows Media Player
09/07/2007 05:34 <REP> Windows NT
29/03/2008 06:41 <REP> WinRAR
16/08/2004 17:11 <REP> xerox
0 fichier(s) 0 octets
80 Rép(s) 53 893 861 376 octets libres
Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est 8082-51E7

Répertoire de C:\Program Files\fichiers communs

24/11/2008 07:15 <REP> .
24/11/2008 07:15 <REP> ..
22/06/2008 23:02 <REP> Adobe
27/12/2007 10:54 <REP> Ahead
09/07/2007 05:34 <REP> AOL
09/07/2007 05:34 <REP> aolshare
24/11/2008 00:32 <REP> BitDefender
25/11/2006 17:45 <REP> Borland Shared
30/11/2006 20:07 <REP> Ciel
09/07/2007 05:34 <REP> DESIGNER
30/11/2006 20:07 <REP> InstallShield
24/08/2006 22:34 <REP> Java
22/12/2006 23:55 <REP> Kodak
09/07/2007 05:33 <REP> LogiShrd
11/03/2007 21:23 <REP> Logitech
06/09/2008 15:47 <REP> Microsoft Shared
16/08/2004 17:06 <REP> MSSoap
14/04/2007 20:04 <REP> NSV
24/08/2006 22:40 <REP> Nullsoft
16/08/2004 16:57 <REP> ODBC
24/08/2006 22:40 <REP> Real
09/11/2007 07:23 <REP> Services
09/07/2007 05:34 <REP> Sonic Shared
16/08/2004 16:56 <REP> SpeechEngines
09/07/2007 05:34 <REP> SureThing Shared
06/06/2008 13:09 <REP> Symantec Shared
09/07/2007 05:34 <REP> System
10/06/2007 20:46 <REP> TiVo Shared
06/06/2008 07:07 <REP> Ulead Systems
05/12/2007 09:47 <REP> Wise Installation Wizard
0 fichier(s) 0 octets
30 Rép(s) 53 893 857 280 octets libres
Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est 8082-51E7

Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders

06/09/2008 15:47 <REP> .
06/09/2008 15:47 <REP> ..
09/07/2007 05:34 <REP> 1033
06/09/2008 15:47 <REP> 1036
20/09/2005 11:33 1 293 008 MSONSEXT.DLL
22/03/2007 18:29 39 256 MSOSV.DLL
03/06/1999 11:09 122 937 MSOWS409.DLL
07/03/2001 06:00 127 033 MSOWS40c.DLL
11/07/2003 02:25 80 448 PKMWS.DLL
5 fichier(s) 1 662 682 octets
4 Rép(s) 53 893 857 280 octets libres




c:\Documents and Settings\akira\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr709_fr_FR.exe
c:\Documents and Settings\akira\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr710_fr_FR.exe
c:\Documents and Settings\akira\Application Data\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\ARPPRODUCTICON.exe
c:\Documents and Settings\akira\Application Data\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\Uninstall_WD_Diagnos_0AB76F69E7614CFAB9B0A1906B4E9E4B.exe
c:\Documents and Settings\akira\Application Data\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\WinDlg.exe_0AB76F69E7614CFAB9B0A1906B4E9E4B_3.exe
c:\Documents and Settings\akira\Application Data\Microsoft\Installer\{35725FBC-A136-4A46-9F29-091759D9BB93}\ARPPRODUCTICON.exe
c:\Documents and Settings\akira\Application Data\Microsoft\Installer\{BEF726DD-4037-4214-8C6A-E625C02D2870}\ARPPRODUCTICON.exe
c:\Documents and Settings\akira\Application Data\Microsoft\Installer\{EA516024-D84D-41F1-814F-83175A6188F2}\ARPPRODUCTICON.exe
c:\Documents and Settings\akira\Application Data\MSNInstaller\msnauins.exe
c:\Documents and Settings\akira\Application Data\MySpace\IM\Install\MSIMClientSetup.1.0.739.0-static-fr.exe
c:\Documents and Settings\akira\Bureau\ComboFix.exe
c:\Documents and Settings\akira\Bureau\FindyKill.exe
c:\Documents and Settings\akira\Bureau\ToolBarSD.exe
c:\Documents and Settings\akira\Bureau\unlocker1.8.7.exe
c:\Documents and Settings\akira\Bureau\DiagHelp\catchme.exe
c:\Documents and Settings\akira\Bureau\DiagHelp\diff.exe
c:\Documents and Settings\akira\Bureau\DiagHelp\dumphive.exe
c:\Documents and Settings\akira\Bureau\DiagHelp\FilesInfoCmd.exe
c:\Documents and Settings\akira\Bureau\DiagHelp\find2.exe
c:\Documents and Settings\akira\Bureau\DiagHelp\Fport.exe
c:\Documents and Settings\akira\Bureau\DiagHelp\grep.exe
c:\Documents and Settings\akira\Bureau\DiagHelp\gzip.exe
c:\Documents and Settings\akira\Bureau\DiagHelp\KProcCheck.exe
c:\Documents and Settings\akira\Bureau\DiagHelp\LFiles.exe
c:\Documents and Settings\akira\Bureau\DiagHelp\LISTDLLS.exe
c:\Documents and Settings\akira\Bureau\DiagHelp\md5sums.exe
c:\Documents and Settings\akira\Bureau\DiagHelp\pslist.exe
c:\Documents and Settings\akira\Bureau\DiagHelp\sigcheck.exe
c:\Documents and Settings\akira\Bureau\DiagHelp\streams.exe
c:\Documents and Settings\akira\Bureau\DiagHelp\swreg.exe
c:\Documents and Settings\akira\Bureau\DiagHelp\tar.exe
c:\Documents and Settings\akira\Bureau\HostsXpert\HostsXpert.exe
c:\Documents and Settings\akira\Mes documents\Mes fichiers reçus\Opera_962_int_Setup.exe
c:\Documents and Settings\akira\Mes documents\Mes fichiers reçus\easy cleaner\EasyClea.exe
c:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Internet Security 7.0.0.119\French\setup.exe
c:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_140011_59c95\Setup.exe
c:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_1e0010_26288\Setup.exe
c:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\bonjour\BonjourSetup.exe
c:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\CCS\CCSStop.exe
c:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\ESS\bindbins\bindbins.exe
c:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\KDEVICES\CR2\cr_stop.exe
c:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\Ksu\ksustop.exe
c:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\Notifier\message.exe
c:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
c:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\ExItem2702_symnet$20consumer_5.0.2_english\Message.exe
c:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\ExItem2702_symnet$20consumer_5.0.2_english\setup.exe
c:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\ExItem5197_signatures$20ids$20de$20norton$20internet$20security_1.0_french\SNDWarn.exe
c:\Documents and Settings\All Users\Application Data\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe
c:\Documents and Settings\akira\Application Data\Microsoft\IdentityCRL\PROD\ppcrlconfig.dll
c:\Documents and Settings\akira\Application Data\Microsoft\IdentityCRL\Production\ppcrlconfig.dll
c:\Documents and Settings\All Users\Application Data\Grisoft\AVG Anti-Spyware 7.5\Downloads\help.dll
c:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_140011_59c95\EasyShrx.Dll
c:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_1e0010_26288\EasyShrx.Dll
c:\Documents and Settings\All Users\Application Data\Logishrd\LQCVFX\Filters\MMSEF.dll
c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll
c:\Documents and Settings\All Users\Application Data\Microsoft\USMT\iconlib.dll
c:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\ExItem2702_symnet$20consumer_5.0.2_english\SymStore.dll
c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll

****** Fin du rapport DiagHelp
Veuillez svp envoyer le fichier C:\upload_moi_731403450238.tar.gz a l'adresse http://upload.malekal.com
0
fredjibb Messages postés 230 Statut Membre 1
 
et voici le rapport complet de combofix encore merci
ComboFix 08-11-26.05 - akira 2008-11-27 10:24:30.3 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.390 [GMT 1:00]
Lancé depuis: C:\Documents and Settings\akira\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé
* Resident AV is active

.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_poof


((((((((((((((((((((((((((((( Fichiers créés du 2008-10-27 au 2008-11-27 ))))))))))))))))))))))))))))))))))))
.

2008-11-27 09:20 . 2008-11-27 09:20 11,697,695 --a------ C:\upload_moi_731403450238.tar.gz
2008-11-25 11:59 . 2008-11-26 14:17 <REP> d-------- C:\ToolBar SD
2008-11-24 12:31 . 2008-11-24 12:32 <REP> d-------- C:\Program Files\Unlocker
2008-11-24 00:32 . 2008-11-24 00:32 <REP> d-------- C:\Documents and Settings\akira\Application Data\Bitdefender
2008-11-24 00:31 . 2008-11-24 00:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-11-23 20:47 . 2008-11-23 20:47 1,041,210 --a------ C:\WINDOWS\system32\PerfStringBackup.TMP
2008-11-23 20:47 . 2008-11-23 20:58 512 --a------ C:\WINDOWS\ZZZZZZZZ.ZZZ
2008-11-23 20:32 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-11-23 20:32 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-11-23 20:32 . 2008-10-01 14:51 87,552 --a------ C:\WINDOWS\system32\VACFix.exe
2008-11-23 20:32 . 2008-10-10 07:58 82,944 --a------ C:\WINDOWS\system32\o4Patch.exe
2008-11-23 20:32 . 2008-10-10 07:58 82,944 --a------ C:\WINDOWS\system32\IEDFix.C.exe
2008-11-23 20:32 . 2008-08-18 11:19 82,432 --a------ C:\WINDOWS\system32\404Fix.exe
2008-11-23 20:32 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-11-23 20:32 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-11-23 20:32 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-11-23 20:04 . 2008-11-23 23:30 <REP> d-------- C:\Program Files\FindyKill
2008-11-22 06:59 . 2008-11-22 07:15 1,536 --a------ C:\WINDOWS\ZZZZZZZ.ZZZ
2008-11-12 01:15 . 2008-11-12 01:15 <REP> d-------- C:\Program Files\MSXML 4.0
2008-11-07 09:58 . 2008-11-20 12:23 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-11-07 09:58 . 2008-11-07 09:58 1,409 --a------ C:\WINDOWS\QTFont.for
2008-11-02 21:04 . 2008-11-02 21:04 <REP> d-------- C:\Program Files\BitDefender
2008-11-02 21:03 . 2008-11-24 00:32 <REP> d-------- C:\Program Files\Fichiers communs\BitDefender

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-27 09:42 --------- d-----w C:\Program Files\Wanadoo
2008-11-27 09:41 --------- d-----w C:\Program Files\Packard Bell Data Secure
2008-11-27 09:41 --------- d-----w C:\Program Files\Lx_cats
2008-11-23 23:36 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-11-23 23:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-11-23 20:21 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-11-12 11:14 5,632 --sha-w C:\Program Files\Thumbs.db
2008-11-06 10:37 --------- d-----w C:\Program Files\Opera
2008-10-24 11:10 453,632 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
2008-10-23 09:48 --------- d-----w C:\Program Files\eMule
2007-10-25 05:03 47,360 ----a-w C:\Documents and Settings\akira\Application Data\pcouffin.sys
.

((((((((((((((((((((((((((((( snapshot_2008-11-24_ 7.18.22,50 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-10-20 19:02:28 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
- 2008-11-24 06:17:40 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
+ 2008-11-27 09:39:18 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 14:50 122880]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360]
"Packard Bell Data Secure"="C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe" [2006-06-20 14:15 2361856]
"SmpcSys"="C:\APPS\SMP\SmpSys.exe" [2005-11-17 08:51 975360]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2004-09-07 12:55 1871872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DetectorApp"="C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe" [2005-10-20 05:15 102400]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 15:50 221184]
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-07-27 15:50 81920]
"PCMService"="c:\APPS\Powercinema\PCMService.exe" [2006-02-23 11:08 147456]
"lxctmon.exe"="C:\Program Files\Lexmark 5400 Series\lxctmon.exe" [2006-06-20 14:37 286720]
"Lexmark 5400 Series Fax Server"="C:\Program Files\Lexmark 5400 Series\fm3032.exe" [2006-07-11 00:30 294912]
"EzPrint"="C:\Program Files\Lexmark 5400 Series\ezprint.exe" [2006-06-07 04:05 98304]
"LXCTCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll" [2006-06-07 13:09 106496]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 14:49 20480]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55 32768]
"VirtualCloneDrive"="C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2005-04-12 16:27 45056]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 13:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 13:00 455168]
"LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-05-17 09:52 505368]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" [2007-05-17 09:53 780312]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 05:24 286720]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 02:43 83608]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [2007-10-09 16:46 61440]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2008-11-24 07:09 368640]
"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [2008-05-02 05:15 15872]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 13:00 208952]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2005-03-10 17:44 98394]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-03-10 17:43 688218]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-04-27 09:48 7561216]
"SkyTel"="SkyTel.EXE" [2006-05-16 17:04 2879488 C:\WINDOWS\SkyTel.exe]
"Raccourci vers la page des propriétés de High Definition Audio"="HDAShCut.exe" [2005-01-07 16:07 61952 C:\WINDOWS\system32\HdAShCut.exe]
"nwiz"="nwiz.exe" [2006-04-27 09:48 1519616 C:\WINDOWS\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-01 15:48 16208384 C:\WINDOWS\RTHDCPL.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360]
"MySpaceIM"="C:\Program Files\MySpace\IM\MySpaceIM.exe" [2007-12-07 08:33 8720384]
"Symantec NetDriver Warning"="C:\PROGRA~1\SYMNET~1\SNDWarn.exe" [2004-10-29 07:52 218232]
"ALUAlert"="C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe" [2002-08-19 15:07 54888]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WUAppSetup"="C:\Program Files\Fichiers communs\logishrd\WUApp32.exe" [2007-05-10 05:44 441120]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Kodak software updater.lnk - C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe [2004-02-13 14:12:08 16423]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 02:38:16 29696]
Logiciel Kodak EasyShare.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2006-06-07 06:26:28 180224]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="C:\\Documents and Settings\\All Users\\Application Data\\TuneUp Software\\TuneUp Utilities\\WinStyler\\tu_logonui.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm
"msacm.ulmp3acm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\ulmp3acm.acm
"msacm.mpegacm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\mpegacm.acm

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
"MySpaceIM"=C:\Program Files\MySpace\IM\MySpaceIM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%ProgramFiles%\\AOL 9.0\\aol.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\WINDOWS\\system32\\lxctcoms.exe"=
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\AOL 9.0\\waol.exe"=
"C:\\APPS\\skype\\phone\\Skype.exe"=
"C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"16110:TCP"= 16110:TCP:BitComet 16110 TCP
"16110:UDP"= 16110:UDP:BitComet 16110 UDP
"47555:TCP"= 47555:TCP:emule tcp
"52365:UDP"= 52365:UDP:emule udp

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R0 pavboot;pavboot;C:\WINDOWS\system32\drivers\pavboot.sys [2008-07-22 21:07:09 28544]
R2 Start BT in service;Start BT in service;C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [2007-09-30 08:16:38 51816]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2008-06-02 16:16:08 86792]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys [2008-07-22 12:57:07 38528]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenu du dossier 'Tâches planifiées'

2008-11-27 C:\WINDOWS\Tasks\Extension de garantie.job
- C:\APPS\SMP\PBCARNOT.EXE [2005-11-09 12:55]

2008-11-27 C:\WINDOWS\Tasks\Master CD_DVD Creator.job
- C:\Apps\SMP\MCDCHECK.EXE [2005-11-08 14:26]

2008-11-27 C:\WINDOWS\Tasks\Symantec NetDetect.job
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE [2002-08-19 15:07]

2008-11-27 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20]
.
.
------- Examen supplémentaire -------
.
FireFox -: Profile - C:\Documents and Settings\akira\Application Data\Mozilla\Firefox\Profiles\23m51jfc.default\
.
0
Réponse 12 / 17
noctambule28 Messages postés 33382 Date d'inscription   Statut Webmaster Dernière intervention   2 858
 
Ok, c'est cool

je regarde ça et je te dis ce qu'il reste à faire
0
fredjibb Messages postés 230 Statut Membre 1
 
merci en fait pour être franc je n'y comprends pas grand chose...
loin d'être un expert comme toi!!!
0
Réponse 13 / 17
noctambule28 Messages postés 33382 Date d'inscription   Statut Webmaster Dernière intervention   2 858
 
* Ouvre le bloc notes. Copie colle ce qui est en gras dedans :

File::
C:\WINDOWS\ZZZZZZZ.ZZZ
C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
Registry::

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Symantec NetDriver Warning"="-"
"ALUAlert"="-"
[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

* Sauvegarde cela comme fichier texte nommé CFScript, sur le bureau.
* Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe

* Une fenêtre bleue va apparaître: au message qui apparaît (Type 1 to continue, or 2 to abort) , tape 1 puis valide.
* Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal ! Ne touche à rien tant que le scan n'est pas terminé.
* Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
* Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt

0
fredjibb Messages postés 230 Statut Membre 1
 
voici le rapport combofix après avoir fait ce que tu m'as dit...en fait deuis que j'ai ce fichier zzzzz..zzzz dans mon temp de windows mon ordi rame
merci de ton aide
ComboFix 08-11-26.05 - akira 2008-11-27 13:29:36.4 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.393 [GMT 1:00]
Lancé depuis: C:\Documents and Settings\akira\Bureau\ComboFix.exe
Commutateurs utilisés :: C:\Documents and Settings\akira\Bureau\CFSCRIPT.txt
* Un nouveau point de restauration a été créé
* Resident AV is active


FILE ::
C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
C:\WINDOWS\ZZZZZZZ.ZZZ
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
C:\WINDOWS\ZZZZZZZ.ZZZ

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_poof


((((((((((((((((((((((((((((( Fichiers créés du 2008-10-27 au 2008-11-27 ))))))))))))))))))))))))))))))))))))
.

2008-11-27 09:20 . 2008-11-27 09:20 11,697,695 --a------ C:\upload_moi_731403450238.tar.gz
2008-11-25 11:59 . 2008-11-26 14:17 <REP> d-------- C:\ToolBar SD
2008-11-24 12:31 . 2008-11-24 12:32 <REP> d-------- C:\Program Files\Unlocker
2008-11-24 00:32 . 2008-11-24 00:32 <REP> d-------- C:\Documents and Settings\akira\Application Data\Bitdefender
2008-11-24 00:31 . 2008-11-24 00:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-11-23 20:47 . 2008-11-23 20:47 1,041,210 --a------ C:\WINDOWS\system32\PerfStringBackup.TMP
2008-11-23 20:47 . 2008-11-23 20:58 512 --a------ C:\WINDOWS\ZZZZZZZZ.ZZZ
2008-11-23 20:32 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-11-23 20:32 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-11-23 20:32 . 2008-10-01 14:51 87,552 --a------ C:\WINDOWS\system32\VACFix.exe
2008-11-23 20:32 . 2008-10-10 07:58 82,944 --a------ C:\WINDOWS\system32\o4Patch.exe
2008-11-23 20:32 . 2008-10-10 07:58 82,944 --a------ C:\WINDOWS\system32\IEDFix.C.exe
2008-11-23 20:32 . 2008-08-18 11:19 82,432 --a------ C:\WINDOWS\system32\404Fix.exe
2008-11-23 20:32 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-11-23 20:32 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-11-23 20:32 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-11-23 20:04 . 2008-11-23 23:30 <REP> d-------- C:\Program Files\FindyKill
2008-11-12 01:15 . 2008-11-12 01:15 <REP> d-------- C:\Program Files\MSXML 4.0
2008-11-07 09:58 . 2008-11-20 12:23 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-11-07 09:58 . 2008-11-07 09:58 1,409 --a------ C:\WINDOWS\QTFont.for
2008-11-02 21:04 . 2008-11-02 21:04 <REP> d-------- C:\Program Files\BitDefender
2008-11-02 21:03 . 2008-11-24 00:32 <REP> d-------- C:\Program Files\Fichiers communs\BitDefender

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-27 11:10 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
2008-11-27 09:42 --------- d-----w C:\Program Files\Wanadoo
2008-11-27 09:41 --------- d-----w C:\Program Files\Packard Bell Data Secure
2008-11-27 09:41 --------- d-----w C:\Program Files\Lx_cats
2008-11-23 23:36 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-11-23 23:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-11-23 21:47 5,310 ----a-w C:\WINDOWS\system32\tmp.reg
2008-11-23 20:21 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-11-12 11:14 5,632 --sha-w C:\Program Files\Thumbs.db
2008-11-06 10:37 --------- d-----w C:\Program Files\Opera
2008-10-30 08:36 2,284,544 ----a-w C:\WINDOWS\system32\TUKernel.exe
2008-10-24 11:10 453,632 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
2008-10-24 11:10 453,632 ----a-w C:\WINDOWS\system32\dllcache\mrxsmb.sys
2008-10-23 09:48 --------- d-----w C:\Program Files\eMule
2008-10-16 13:13 202,776 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-10-16 13:13 202,776 ----a-w C:\WINDOWS\system32\dllcache\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-10-16 13:13 1,809,944 ----a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-10-16 13:12 561,688 ----a-w C:\WINDOWS\system32\dllcache\wuapi.dll
2008-10-16 13:12 323,608 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-10-16 13:12 323,608 ----a-w C:\WINDOWS\system32\dllcache\wucltui.dll
2008-10-16 13:09 92,696 ----a-w C:\WINDOWS\system32\dllcache\cdm.dll
2008-10-16 13:09 92,696 ----a-w C:\WINDOWS\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-10-16 13:09 51,224 ----a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w C:\WINDOWS\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w C:\WINDOWS\system32\wups.dll
2008-10-16 13:08 34,328 ----a-w C:\WINDOWS\system32\dllcache\wups.dll
2008-10-16 13:06 268,648 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-10-16 13:06 208,744 ----a-w C:\WINDOWS\system32\muweb.dll
2008-10-15 16:59 332,800 ----a-w C:\WINDOWS\system32\dllcache\netapi32.dll
2008-10-03 17:12 6,066,176 ----a-w C:\WINDOWS\system32\dllcache\ieframe.dll
2008-09-30 15:43 1,286,152 ----a-w C:\WINDOWS\system32\msxml4.dll
2008-09-15 15:39 1,846,144 ----a-w C:\WINDOWS\system32\win32k.sys
2008-09-15 15:39 1,846,144 ----a-w C:\WINDOWS\system32\dllcache\win32k.sys
2008-09-04 16:45 1,106,944 ----a-w C:\WINDOWS\system32\msxml3.dll
2008-09-04 16:45 1,106,944 ----a-w C:\WINDOWS\system32\dllcache\msxml3.dll
2008-08-28 10:04 333,056 ----a-w C:\WINDOWS\system32\dllcache\srv.sys
2008-08-27 09:11 3,593,216 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-10-25 05:03 47,360 ----a-w C:\Documents and Settings\akira\Application Data\pcouffin.sys
.

((((((((((((((((((((((((((((( snapshot_2008-11-24_ 7.18.22,50 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-10-20 19:02:28 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 14:50 122880]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360]
"Packard Bell Data Secure"="C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe" [2006-06-20 14:15 2361856]
"SmpcSys"="C:\APPS\SMP\SmpSys.exe" [2005-11-17 08:51 975360]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2004-09-07 12:55 1871872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DetectorApp"="C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe" [2005-10-20 05:15 102400]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 15:50 221184]
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-07-27 15:50 81920]
"PCMService"="c:\APPS\Powercinema\PCMService.exe" [2006-02-23 11:08 147456]
"lxctmon.exe"="C:\Program Files\Lexmark 5400 Series\lxctmon.exe" [2006-06-20 14:37 286720]
"Lexmark 5400 Series Fax Server"="C:\Program Files\Lexmark 5400 Series\fm3032.exe" [2006-07-11 00:30 294912]
"EzPrint"="C:\Program Files\Lexmark 5400 Series\ezprint.exe" [2006-06-07 04:05 98304]
"LXCTCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll" [2006-06-07 13:09 106496]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 14:49 20480]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55 32768]
"VirtualCloneDrive"="C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2005-04-12 16:27 45056]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 13:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 13:00 455168]
"LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-05-17 09:52 505368]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" [2007-05-17 09:53 780312]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 05:24 286720]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 02:43 83608]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [2007-10-09 16:46 61440]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2008-11-24 07:09 368640]
"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [2008-05-02 05:15 15872]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 13:00 208952]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2005-03-10 17:44 98394]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-03-10 17:43 688218]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-04-27 09:48 7561216]
"SkyTel"="SkyTel.EXE" [2006-05-16 17:04 2879488 C:\WINDOWS\SkyTel.exe]
"Raccourci vers la page des propriétés de High Definition Audio"="HDAShCut.exe" [2005-01-07 16:07 61952 C:\WINDOWS\system32\HdAShCut.exe]
"nwiz"="nwiz.exe" [2006-04-27 09:48 1519616 C:\WINDOWS\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-01 15:48 16208384 C:\WINDOWS\RTHDCPL.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Symantec NetDriver Warning"="-" [X]
"ALUAlert"="-" [X]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360]
"MySpaceIM"="C:\Program Files\MySpace\IM\MySpaceIM.exe" [2007-12-07 08:33 8720384]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WUAppSetup"="C:\Program Files\Fichiers communs\logishrd\WUApp32.exe" [2007-05-10 05:44 441120]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Kodak software updater.lnk - C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe [2004-02-13 14:12:08 16423]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 02:38:16 29696]
Logiciel Kodak EasyShare.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2006-06-07 06:26:28 180224]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="C:\\Documents and Settings\\All Users\\Application Data\\TuneUp Software\\TuneUp Utilities\\WinStyler\\tu_logonui.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm
"msacm.ulmp3acm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\ulmp3acm.acm
"msacm.mpegacm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\mpegacm.acm

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
"MySpaceIM"=C:\Program Files\MySpace\IM\MySpaceIM.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%ProgramFiles%\\AOL 9.0\\aol.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\WINDOWS\\system32\\lxctcoms.exe"=
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\AOL 9.0\\waol.exe"=
"C:\\APPS\\skype\\phone\\Skype.exe"=
"C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"16110:TCP"= 16110:TCP:BitComet 16110 TCP
"16110:UDP"= 16110:UDP:BitComet 16110 UDP
"47555:TCP"= 47555:TCP:emule tcp
"52365:UDP"= 52365:UDP:emule udp

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R0 pavboot;pavboot;C:\WINDOWS\system32\drivers\pavboot.sys [2008-07-22 21:07:09 28544]
R2 Start BT in service;Start BT in service;C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [2007-09-30 08:16:38 51816]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2008-06-02 16:16:08 86792]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys [2008-07-22 12:57:07 38528]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenu du dossier 'Tâches planifiées'

2008-11-27 C:\WINDOWS\Tasks\Extension de garantie.job
- C:\APPS\SMP\PBCARNOT.EXE [2005-11-09 12:55]

2008-11-27 C:\WINDOWS\Tasks\Master CD_DVD Creator.job
- C:\Apps\SMP\MCDCHECK.EXE [2005-11-08 14:26]

2008-11-27 C:\WINDOWS\Tasks\Symantec NetDetect.job
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE []

2008-11-27 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20]
.
0
Réponse 14 / 17
noctambule28 Messages postés 33382 Date d'inscription   Statut Webmaster Dernière intervention   2 858
 
Salut

Tu peux me dire ou tu en es par rapport au début ?
0
fredjibb Messages postés 230 Statut Membre 1
 
ça va déja mieux mais j'ai toujours des applications qui merdent
mon antivirus se désactive siouvent j'ai des fichiers temporaires impossibles à supprimer enfin bref c'est pas encore tout à fait ça...
0
Réponse 15 / 17
noctambule28 Messages postés 33382 Date d'inscription   Statut Webmaster Dernière intervention   2 858
 
ok, Va falloir fouiller un peu

Pour l'antivirus, je te conseillerais de le desisnstaller et de rinstaller
et ceci aussi
Télécharge ici :

http://images.malwareremoval.com/random/RSIT.exe

random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.

Clique Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

NB : Les rapports sont sauvegardés dans le dossier C:\rsit
0
fredjibb Messages postés 230 Statut Membre 1
 
mon antivirus je viens jusrte de le réinstaller puisqu'il ne faisait plus les mises à jour...
cijoint le rapport log.txt
Logfile of random's system information tool 1.04 (written by random/random)
Run by akira at 2008-11-27 21:14:10
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 51 GB (59%) free of 87 GB
Total RAM: 895 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:14, on 2008-11-27
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\lxctcoms.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\APPS\Powercinema\PCMService.exe
C:\Program Files\Lexmark 5400 Series\lxctmon.exe
C:\Program Files\Lexmark 5400 Series\ezprint.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
C:\APPS\SMP\SmpSys.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\TrueCrypt\TrueCrypt.exe
C:\Documents and Settings\akira\Bureau\RSIT.exe
C:\HiJackThis\akira.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=6&key=OEM2
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: BitComet Helper - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - (no file)
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [PCMService] "c:\APPS\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [lxctmon.exe] "C:\Program Files\Lexmark 5400 Series\lxctmon.exe"
O4 - HKLM\..\Run: [Lexmark 5400 Series Fax Server] "C:\Program Files\Lexmark 5400 Series\fm3032.exe" /s
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 5400 Series\ezprint.exe"
O4 - HKLM\..\Run: [LXCTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Packard Bell Data Secure] C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Symantec NetDriver Warning] - (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] - (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x08da -f video -m logitech -d 10.5.1.2023 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x08da -f video -m logitech -d 10.5.1.2023 (User 'Default user')
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\Skype4COM.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: lxct_device - - C:\WINDOWS\system32\lxctcoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
0
Réponse 16 / 17
noctambule28 Messages postés 33382 Date d'inscription   Statut Webmaster Dernière intervention   2 858
 
re,
Télécharge Ccleaner (n'installe pas la barre d'outil Yahoo):

http://www.commentcamarche.net/telecharger/telechargement 168 ccleaner

-> L´installer.

-> Une fois installé et lancé :

Dans la colonne de gauche, click sur :

->"erreurs" :

Coches toutes les cases dans les propriétés du nettoyeur de l´onglet "windows" et "applications", puis click en bas sur "chercher des erreurs" une fois terminé, clic sur "reparer les erreurs", tu auras un message pour sauvegarder ta base de registre, tu click "oui" puis tu recommence jusqu'à ce qu'il ne trouve plus rien.

ps : les sauvegardes que tu auras faites, pourront etre supprimées ulterieurement si tout va bien.

->"nettoyeur"

quitte ton navigateur avant de le lancer, décoche la derniere case (Avancé si elle est cochée) puis click sur "lancer le nettoyage" qunand il aura terminé le scan click en bas a droite sur "lancer le nettoyage" et accepte par oui.

-> Tutoriel en image :

https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
==================================================

1) Imprime ces instructions ou mets les dans un fichier texte sur ton bureau)car il faudra fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.

2) Télécharge Malwarebytes' Anti-Malware (MBAM) et enregistre le sur ton Bureau à partir de ce lien :

https://www.malwarebytes.com/

3) A la fin du téléchargement, ferme toutes les fenêtres et programmes, y compris celui-ci.

4) Double-clique sur l'icône Download_mbam-setup.exe sur ton bureau pour démarrer le programme d'installation.

5) Pendant l'installation, suis les indications (en particulier le choix de la langue et l'autorisation d'accession à Internet). N'apporte aucune modification aux réglages par défaut et, en fin d'installation, vérifie que les options Update Malwarebytes' Anti-Malware et Launch Malwarebytes' Anti-Malware sont cochées.

6) MBAM démarrera automatiquement et enverra un message demandant à mettre à jour le programme avant de lancer une analyse. Comme MBAM se met automatiquement à jour en fin d'installation, clique sur OK pour fermer la boîte de dialogue. La fenêtre principale de MBAM s'affiche :

7) Dans l'onglet analyse, vérifie que "Exécuter un examen rapide" est coché et clique sur le bouton Rechercher pour démarrer l'analyse.

8) MBAM analyse ton ordinateur. L'analyse peut prendre un certain temps. Il suffit de vérifier de temps en temps son avancement.

9) A la fin de l'analyse, un message s'affiche indiquant la fin de l'analyse. Clique sur OK pour poursuivre.

10) Si des malwares ont été détectés, leur liste s'affiche.
En cliquant sur Suppression (?) , MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.

11) MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Ferme le Bloc-notes. (Le rapport peut être retrouvé sous l'onglet Rapports/logs)

12) Ferme MBAM en cliquant sur Quitter.

13) Poste le rapport dans ta réponse
0
Réponse 17 / 17
noctambule28 Messages postés 33382 Date d'inscription   Statut Webmaster Dernière intervention   2 858
 
Salut
Ouvre ce lien pour scanner ton PC avec un BitDefender en ligne (uniquement sous Internet Explorer) :

https://www.bitdefender.com/toolbox/

Utilisation :
Cliquer sur "J'accepte" puis accepter également l'ActiveX bloqué par la barre anti-popup du SP2 qui clignotera en haut et l'installer.
Ensuite, cliquer sur "Cliquez ici pour scanner".
Patienter jusqu'à la fin du scan qui peut durer assez longtemps...

Copier/coller le rapport entier sur le forum.

Tutoriel en images ici : http://pageperso.aol.fr/rginformatique/mapage/defender.htm (merci à Balltrap34 pour cette réalisation)
[Recoche] la case « Masquer les fichiers protégés du système d'exploitation (recommandé) »

Relance Hijackthis et copie/colle un nouveau rapport sur le forum.

Et dis moi ou en sont tes problèmes s’il t’en reste.
0
fredjibb Messages postés 230 Statut Membre 1
 
excuse moi je n'etais pas à la maison depuis un moment
voici le rapport bit defender
Fichier journal de BitDefender
Produit : BitDefender Internet Security 2008
Version : BitDefender UIScanner V.11
Date du journal : 10:26:22 12/12/2008
Chemin du journal : C:\Documents and Settings\All Users\Application Data\BitDefender\Desktop\Profiles\Logs\deep_scan\1229073982_1_02.xml

Analyse des chemins :Chemin0000: C:\
Chemin0001: H:\


Options d’analyse :Analyse contre les virus : Oui
Détecter les adwares : Oui
Analyse contre les spywares : Oui
Analyse des applications : Oui
Détecter les numéroteurs : Oui
Analyse contre les Rootkits : Oui


Options de sélection de cible :Analyse les clés du registre : Oui
Analyse des cookies : Oui
Analyser le secteur de boot : Oui
Analyse des processus mémoire : Oui
Analyser les archives : Oui
Analyser les fichiers enpaquetés : Oui
Analyser les emails : Oui
Analyser tous les fichiers : Oui
Analyse heuristique : Oui
Extensions analysées :
Extensions exclues :


Traitement cibleAction par défaut pour les objets infectés : Désinfecter
Action par défaut pour les objets suspects : Aucun
Action par défaut pour les objets camouflés : Aucun


Résumé de l'analyseNombre de signatures de virus : 2345062
Plugins archives : 45
Plug-ins messagerie : 6
Plugins d'analyse : 13
Plugins archives : 45
Plug-ins système : 5
Plug-ins décompression : 7


Résumé de l'analyse généraleEléments analysés : 373967
Eléments infectés : 0
Eléments suspects : 0
Eléments résolus : 0
Virus individuels trouvés : 0
Répertoires analysés : 8554
Secteur de boot analysés : 3
Archives analysés : 8796
Erreurs I/O : 27
Temps d'analyse : 00:02:36:22
Fichiers par seconde : 39


Résumé des processus analysésAnalysé(s) : 69
Infecté(s) : 0


Résumé des clés de registre analyséesAnalysé(s) : 1168
Infecté(s) : 0


Résumé des cookies analysésAnalysé(s) : 0
Infecté(s) : 0


Problèmes non résolus :Nom de l'objet Nom de la menace Etat final


Problèmes résolusNom de l'objet Nom de la menace Etat final


Objets non scannés :Nom de l'objet Raison Etat final
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FraudXPAntivirus.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FraudXPAntivirus.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Program Files\Adobe\Acrobat 7.0\Setup Files\Rdrbig710\FRA\Data1.cab=]WebSearchENU.pdf Protégé par mot de passe Aucune action possible
C:\Program Files\Adobe\Acrobat 7.0\Setup Files\Rdrbig710\FRA\Data1.cab=]RdrMsgFRA.pdf Protégé par mot de passe Aucune action possible
C:\Program Files\Adobe\Acrobat 7.0\Setup Files\Rdrbig710\FRA\Data1.cab=]RdrMsgENU.pdf Protégé par mot de passe Aucune action possible
C:\Program Files\Adobe\Acrobat 7.0\Setup Files\Rdrbig710\FRA\Data1.cab=]RdrMsgSplash.pdf Protégé par mot de passe Aucune action possible
0
fredjibb Messages postés 230 Statut Membre 1
 
et voici un nouveau log hi jack this
j'ai beaucoup moins de problemes
mon antivirus reste desormais activé
et je rame deja moins
merci pour ton aide précieuse
vois tu encore des choses à faire???
je felicite les gens comme toi qui sont expert en informatique et qui aident les autres franchement chapeau!!!!
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:58, on 2008-12-12
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\lxctcoms.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\APPS\Powercinema\PCMService.exe
C:\Program Files\Lexmark 5400 Series\lxctmon.exe
C:\Program Files\Lexmark 5400 Series\ezprint.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
C:\APPS\SMP\SmpSys.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Opera\opera.exe
C:\HiJackThis\akira.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=6&key=OEM2
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: BitComet Helper - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - (no file)
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [PCMService] "c:\APPS\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [lxctmon.exe] "C:\Program Files\Lexmark 5400 Series\lxctmon.exe"
O4 - HKLM\..\Run: [Lexmark 5400 Series Fax Server] "C:\Program Files\Lexmark 5400 Series\fm3032.exe" /s
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 5400 Series\ezprint.exe"
O4 - HKLM\..\Run: [LXCTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Packard Bell Data Secure] C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Symantec NetDriver Warning] - (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] - (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x08da -f video -m logitech -d 10.5.1.2023 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x08da -f video -m logitech -d 10.5.1.2023 (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\Skype4COM.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: lxct_device - - C:\WINDOWS\system32\lxctcoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
virus Artemis!
mabiche37 -
Malekal_morte- -

14 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses