Besoin d'aide pour éradiquer virus

Résolu
fredjibb Messages postés 230 Statut Membre -  
fredjibb Messages postés 230 Statut Membre -
Bonjour,
j'espere que quelqu'un pourra m'aider à localiser et nettoyer un virus de mon pc
je ne sais plus comment faire pour recuperer toutes les fonctions que j'avais merci d'avance
Configuration: Windows XP
Opera 9.62

17 réponses

Résumé de la discussion

Localisation et nettoyage d'un virus sur Windows XP soulèvent une demande d'aide visant à récupérer les fonctions perdues et à comprendre les symptômes d'infection et les impacts système. Plusieurs outils de détection et de suppression sont recommandés, notamment OTMoveIt3, ComboFix et DiagHelp, accompagnés de rapports détaillés et de procédures pas à pas pour nettoyer les éléments malveillants. D'autres conseils portent sur l'usage de CCleaner, RegSeeker et une défragmentation hors outil Windows, ainsi que la gestion du démarrage via msconfig pour limiter les programmes au démarrage. En cas de rapport ou de log, il peut être utile de partager l'ensemble des résultats, les chemins d'exécution et les modifications récentes afin d'identifier rapidement les éléments à corriger et à surveiller.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. noctambule28 Messages postés 25275 Date d'inscription   Statut Membre Dernière intervention   2 875
     
    Salut

    Bien que le fait d'avoir fait combofix n'apparaissait pas nécessaire pour l'instant ( c'est un logiciel à manier avec précaution) ce qui serait bien , c'est que tu postes le rapport en entier malgré tout

    Fait edition, selectionné tout
    edition copier

    et viens ici coller , la methode du defilement ne fonctionne pas toujours avec les tres long rapports

    Et comme pour l'instant il n'y a rien de flagrant , je vais te faire executer des logiciels de recherche , ils ne font que lire , eux, alors que combofix travaille des son utilisation, et ce n'est pas forcement recommander

    Pour un ongle incarné , il n'y a prescription d'une emputation d'office ;)
    ==========================

    Donc rapport combo en entier

    et
    Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
    https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2

    * Lance l'installation du programme en exécutant le fichier téléchargé.
    * Double-clique maintenant sur le raccourci de Toolbar-S&D.
    * Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
    * Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
    * Poste le rapport généré. (C:\TB.txt)

    et ça
    * Télécharge DiagHelp.zip sur ton bureau
    http://www.malekal.com/download/DiagHelp.zip
    * Ne double-clique pas dessus !! Fais un clic droit sur le fichier et extraire tout
    * Un nouveau dossier chercher va être créé DiagHelp
    * Ouvre le et double-clic sur go.cmd (le .cmd peut ne pas apparaître)
    * Une fenêtre va s'ouvrir, choisis l'option 1
    * L'analyse va commencer, ceci peut durer quelques minutes, laisse faire et appuie sur une touche quand on te le demande.

    ATTENTION : pendant l'analyse, après le rapport catchme, il te sera demandé d'appuyer sur une touche afin de poursuivre le scan, suis bien les instructions à l'écran !

    - A la fin de l'analyse, il peut-être (pas obligatoire) demandé de redemander l'ordinateur... Une fois l'ordinateur redémarré le rapport va apparaître sur le bloc-note.

    Ce dernier se trouve sur C:resultat.txt

    - Copie/colle le contenu du bloc-note qui s'ouvre, pour cela :
    -- Dans le bloc-note, cliquez sur le menu Edition / Selectionner tout
    -- A nouveau menu Edition / copier
    -- Dans un nouveau message ici, faire un clic droit / coller

    ======================================================

    Tuto : http://www.malekal.com/DiagHelp/DiagHelp.php

    http://www.malekal.com/DiagHelp/

    http://www.malekal.com/DiagHelp/DiagHelp_helper.php

    @+

    1
    1. fredjibb Messages postés 230 Statut Membre 1
       
      merci de l'interet que tu portes à m'apporter des reponses à mon problème
      je te remercie pour ton aide et pour tes conseils
      ci joint le rapport du premier logiciel

      -----------\\ ToolBar S&D 1.2.5 XP/Vista

      Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
      X86-based PC ( Multiprocessor Free : AMD Turion(tm) 64 X2 Mobile Technology TL-50 )
      BIOS : Insyde Software MobilePRO BIOS Version 4.20.10
      USER : akira ( Administrator )
      BOOT : Normal boot
      Antivirus : Bitdefender Antivirus 8.0 (Activated)
      Firewall : Bitdefender Firewall 8.0 (Activated)
      C:\ (Local Disk) - NTFS - Total:85 Go (Free:50 Go)
      D:\ (CD or DVD)
      E:\ (CD or DVD)
      F:\ (USB)

      "C:\ToolBar SD" ( MAJ : 20-11-2008|20:25 )
      Option : [1] ( 25/11/2008|12:00 )

      -----------\\ Recherche de Fichiers / Dossiers ...


      -----------\\ Extensions

      (akira) - {4AB21F99-91C5-4a9d-813E-425841874FB1} => bloodfire-1.0.1-fx
      (akira) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar


      -----------\\ [..\Internet Explorer\Main]

      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
      "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
      "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
      "Local Page"="C:\\windows\\system32\\blank.htm"
      "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

      [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
      "Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
      "Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
      "Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
      "Local Page"="C:\\windows\\system32\\blank.htm"
      "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"


      --------------------\\ Recherche d'autres infections


      Aucune autre infection trouvée !


      1 - "C:\ToolBar SD\TB_1.txt" - 25/11/2008|12:02 - Option : [1]

      -----------\\ Fin du rapport a 12:02:38,90
      0
  2. noctambule28 Messages postés 25275 Date d'inscription   Statut Membre Dernière intervention   2 875
     
    OTMoveIt3 (de OldTimer)
    Télécharger OTMoveIt3 via un clic droit sur le lien ci-dessous:
    http://oldtimer.geekstogo.com/OTMoveIt3.exe
    Enregistrer le fichier sur le Bureau.

    Ouvrir une fenêtre du Bloc-notes, via Démarrer---->Exécuter, taper notepad puis cliquer sur OK
    Sélectionner toutes les lignesen gras ci-dessous, puis appuyer simultanément sur les touches Ctrl et C


    :Files
    c:\windows\ZZZZZZZZ.ZZZ


    Retourner dans la fenêtre du Bloc-notes, faire un clic droit dans la fenêtre et choisir Coller
    Vérifier (dans le menu Format) que "Retour automatique à ligne" n'est pas actif (pas coché).
    Enregistrer le fichier sous le nom OTfichiers.txt
    Fermer le Bloc-notes.

    Lance OTMoveIt3 (de OldTimer)
    Faire un double clic sur OTMoveIt3.exe pour lancer l'outil.
    Ouvrir le fichier OTfichiers.txt dans le Bloc-notes.
    En sélectionner toutes les lignes puis appuyer simultanément sur les touches Ctrl et C

    Retourner dans la fenêtre de OTMoveIt3, faire un clic droit dans la fenêtre située sur la gauche nommée "Paste Instructions for Items to be Moved"
    et choisir Coller.

    Cliquer sur le bouton MoveIt!:
    Attendre la fin du travail de l'outil puis fermer OTMoveIt3.
    Note: Un redémarrage est parfois nécessaire. S'il est demandé, cliquer sur Oui/Yes

    Résultats
    Envoye en réponse:
    *- le rapport de OTMoveIt3 (contenu du fichier Lecteur\_OTMoveIt\MovedFiles\********_******.log - les *** sont des chiffres représentant la date [moisjourannée] et l'heure)
    1
    1. fredjibb Messages postés 230 Statut Membre 1
       
      voici le rapport ot move it
      je t'envoie le rapport de mbam quand il sera fini
      encore merci
      ========== FILES ==========
      c:\windows\ZZZZZZZZ.ZZZ moved successfully.

      OTMoveIt3 by OldTimer - Version 1.0.7.1 log created on 11292008_075228
      0
    2. fredjibb Messages postés 230 Statut Membre 1
       
      voici le rapport de MBAM qui a détecté un élément nuisible...
      merci encore pour ton temps et ton aide
      Malwarebytes' Anti-Malware 1.30
      Version de la base de données: 1433
      Windows 5.1.2600 Service Pack 2

      2008-11-29 11:14:06
      mbam-log-2008-11-29 (11-14-06).txt

      Type de recherche: Examen complet (C:\|D:\|E:\|F:\|)
      Eléments examinés: 134972
      Temps écoulé: 1 hour(s), 4 minute(s), 58 second(s)

      Processus mémoire infecté(s): 0
      Module(s) mémoire infecté(s): 0
      Clé(s) du Registre infectée(s): 1
      Valeur(s) du Registre infectée(s): 0
      Elément(s) de données du Registre infecté(s): 0
      Dossier(s) infecté(s): 0
      Fichier(s) infecté(s): 0

      Processus mémoire infecté(s):
      (Aucun élément nuisible détecté)

      Module(s) mémoire infecté(s):
      (Aucun élément nuisible détecté)

      Clé(s) du Registre infectée(s):
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b69a9db4-d0a1-4722-b56b-f20757a29cdf} (Adware.Agent) -> Quarantined and deleted successfully.

      Valeur(s) du Registre infectée(s):
      (Aucun élément nuisible détecté)

      Elément(s) de données du Registre infecté(s):
      (Aucun élément nuisible détecté)

      Dossier(s) infecté(s):
      (Aucun élément nuisible détecté)

      Fichier(s) infecté(s):
      (Aucun élément nuisible détecté)
      0
  3. noctambule28 Messages postés 25275 Date d'inscription   Statut Membre Dernière intervention   2 875
     
    Salut
    Ca n'a pas l'air mal tout ça

    Supprime combofix et toolbar S&D, si tu en avais besoin une autre fois il faudrait retélécharger.

    Quelques conseils pour la suite:

    Des nettoyages frequents avec ccleaner ( ça vire les temporare, ça evite l'engorgement du pc)
    Le nettoyage du registre avec regseeker
    tuto:https://www.zebulon.fr/dossiers/tutoriaux/53-regseeker.html

    Une defragmentation de ton disque dur avec un outils autre que le defragmenteur Winndows qui est inéfficace
    Avec jkdefrag par exemple

    Il y aurait aussi la possibilité d'accelerer le demarrage en coupant l'activation de certains programmes au boot.
    Tu tapes dans excuter: msconfig, dans l'onglet demarrrage, tu laisse coché les element de windows\sytem32 et ton antivirus ainsi que spybot, mais tu peux décocher le reste.
    1
    1. fredjibb Messages postés 230 Statut Membre 1
       
      ok en tout cas merci pourtes conseils avisés merci pour ton dévouement et ton aide
      je pense que mon probleme est résolu
      merci et peut etre à bientot
      0
  4. archet9
     
    bonsoir....

    Commence par poster un rapport HijackThis stp,
    >Télécharge HiJackThis : http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis
    - Lance le programme, puis sélectionne < do a system scan and save a logfile >
    - Enregistre le rapport sur ton bureau.
    Et envoie, par copier/coller, ton log Hijackthis sur le forum,

    A+

    Tuto : si problème : http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. fredjibb Messages postés 230 Statut Membre 1
     
    ok voici le rapport hi jack this merci de votre aide...
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:09:09, on 23/11/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
    c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    C:\WINDOWS\system32\lxctcoms.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
    C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    c:\APPS\Powercinema\Kernel\TV\CLSched.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
    C:\APPS\Powercinema\PCMService.exe
    C:\Program Files\Lexmark 5400 Series\lxctmon.exe
    C:\Program Files\Lexmark 5400 Series\ezprint.exe
    C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\QuickTime\QTTask.exe
    C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
    C:\APPS\SMP\SmpSys.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
    C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
    C:\PROGRA~1\Wanadoo\ComComp.exe
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Opera\opera.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\HiJackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=6&key=OEM2
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
    O2 - BHO: BitComet Helper - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - (no file)
    O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [PCMService] "c:\APPS\Powercinema\PCMService.exe"
    O4 - HKLM\..\Run: [lxctmon.exe] "C:\Program Files\Lexmark 5400 Series\lxctmon.exe"
    O4 - HKLM\..\Run: [Lexmark 5400 Series Fax Server] "C:\Program Files\Lexmark 5400 Series\fm3032.exe" /s
    O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 5400 Series\ezprint.exe"
    O4 - HKLM\..\Run: [LXCTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Packard Bell Data Secure] C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
    O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x08da -f video -m logitech -d 10.5.1.2023 (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x08da -f video -m logitech -d 10.5.1.2023 (User 'Default user')
    O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
    O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
    O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\Skype4COM.dll
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
    O23 - Service: CyberLink Media Library Service - Cyberlink - c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: lxct_device - - C:\WINDOWS\system32\lxctcoms.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
    O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
    0
  7. fredjibb Messages postés 230 Statut Membre 1
     
    qu'est ce que je dois faire maintenant?
    merci d'avance
    0
  8. fredjibb Messages postés 230 Statut Membre 1
     
    personne pour m'aider???
    0
    1. T911
       
      Démarre ton pc en mode sans échec avec prise en charge du reseau
      Choisi le mode ADMINISTRATEUR
      Démarre Internet Explorer ou Firefox
      Télécharge COMBOFIX à cet adresse https://forospyware.com
      Exécute le fichier et redémarre en mode sans échec avec prise en charge du réseau encore une fois
      Démarre Internet Explorer ou Firefox
      Télécharge ROGUEFIX à cet adresse http://www.internetinspiration.co.uk/downloads/roguefix_2.224.bat
      Exécute le fichier et laisse le redémarrer en mode normal.

      J'espère que ça corrigera ton problème.


      T911
      0
  9. fredjibb Messages postés 230 Statut Membre 1
     
    impossible de telecharger roguefix car c'est un fichier.dat c'est un fichier text en fait
    0
    1. fredjibb Messages postés 230 Statut Membre 1
       
      voici le rapport de combofix merci à ceux qui prendront le temps d'y jeter un coup d'oeil...
      ComboFix 08-11-23.01 - akira 2008-11-24 7:12:21.2 - NTFSx86
      Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.421 [GMT 1:00]
      Lancé depuis: c:\documents and settings\akira\Bureau\ComboFix.exe
      .

      ((((((((((((((((((((((((((((( Fichiers créés du 2008-10-24 au 2008-11-24 ))))))))))))))))))))))))))))))))))))
      .

      2008-11-24 00:32 . 2008-11-24 00:32 <REP> d-------- c:\documents and settings\akira\Application Data\Bitdefender
      2008-11-24 00:31 . 2008-11-24 00:33 <REP> d-------- c:\documents and settings\All Users\Application Data\BitDefender
      2008-11-23 20:47 . 2008-11-23 20:47 1,041,210 --a------ c:\windows\system32\PerfStringBackup.TMP
      2008-11-23 20:47 . 2008-11-23 20:58 512 --a------ c:\windows\ZZZZZZZZ.ZZZ
      2008-11-23 20:32 . 2007-09-05 23:22 289,144 --a------ c:\windows\system32\VCCLSID.exe
      2008-11-23 20:32 . 2006-04-27 16:49 288,417 --a------ c:\windows\system32\SrchSTS.exe
      2008-11-23 20:32 . 2008-10-01 14:51 87,552 --a------ c:\windows\system32\VACFix.exe
      2008-11-23 20:32 . 2008-10-10 07:58 82,944 --a------ c:\windows\system32\o4Patch.exe
      2008-11-23 20:32 . 2008-05-18 20:40 82,944 --a------ c:\windows\system32\IEDFix.exe
      2008-11-23 20:32 . 2008-10-10 07:58 82,944 --a------ c:\windows\system32\IEDFix.C.exe
      2008-11-23 20:32 . 2008-08-18 11:19 82,432 --a------ c:\windows\system32\404Fix.exe
      2008-11-23 20:32 . 2003-06-05 20:13 53,248 --a------ c:\windows\system32\Process.exe
      2008-11-23 20:32 . 2004-07-31 17:50 51,200 --a------ c:\windows\system32\dumphive.exe
      2008-11-23 20:32 . 2007-10-03 23:36 25,600 --a------ c:\windows\system32\WS2Fix.exe
      2008-11-23 20:04 . 2008-11-23 23:30 <REP> d-------- c:\program files\FindyKill
      2008-11-22 06:59 . 2008-11-22 07:15 1,536 --a------ c:\windows\ZZZZZZZ.ZZZ
      2008-11-12 01:15 . 2008-11-12 01:15 <REP> d-------- c:\program files\MSXML 4.0
      2008-11-07 09:58 . 2008-11-20 12:23 54,156 --ah----- c:\windows\QTFont.qfn
      2008-11-07 09:58 . 2008-11-07 09:58 1,409 --a------ c:\windows\QTFont.for
      2008-11-02 21:04 . 2008-11-02 21:04 <REP> d-------- c:\program files\BitDefender
      2008-11-02 21:03 . 2008-11-24 00:32 <REP> d-------- c:\program files\Fichiers communs\BitDefender

      .
      (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2008-11-24 06:17 81,984 ----a-w c:\windows\system32\bdod.bin
      2008-11-24 06:10 --------- d-----w c:\program files\Wanadoo
      2008-11-24 05:39 --------- d-----w c:\program files\Lx_cats
      2008-11-24 05:38 --------- d-----w c:\program files\Packard Bell Data Secure
      2008-11-23 23:36 --------- d-----w c:\program files\Spybot - Search & Destroy
      2008-11-23 23:19 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
      2008-11-23 21:47 5,310 ----a-w c:\windows\system32\tmp.reg
      2008-11-23 20:21 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
      2008-11-12 11:14 5,632 --sha-w c:\program files\Thumbs.db
      2008-11-06 10:37 --------- d-----w c:\program files\Opera
      2008-10-30 08:36 2,284,544 ----a-w c:\windows\system32\TUKernel.exe
      2008-10-24 11:10 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys
      2008-10-24 11:10 453,632 ----a-w c:\windows\system32\dllcache\mrxsmb.sys
      2008-10-23 09:48 --------- d-----w c:\program files\eMule
      2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll
      2008-10-16 13:13 202,776 ----a-w c:\windows\system32\dllcache\wuweb.dll
      2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
      2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\dllcache\wuaueng.dll
      2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
      2008-10-16 13:12 561,688 ----a-w c:\windows\system32\dllcache\wuapi.dll
      2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
      2008-10-16 13:12 323,608 ----a-w c:\windows\system32\dllcache\wucltui.dll
      2008-10-16 13:09 92,696 ----a-w c:\windows\system32\dllcache\cdm.dll
      2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
      2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
      2008-10-16 13:09 51,224 ----a-w c:\windows\system32\dllcache\wuauclt.exe
      2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
      2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
      2008-10-16 13:08 34,328 ----a-w c:\windows\system32\dllcache\wups.dll
      2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll
      2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll
      2008-10-15 16:59 332,800 ----a-w c:\windows\system32\dllcache\netapi32.dll
      2008-10-03 17:12 6,066,176 ----a-w c:\windows\system32\dllcache\ieframe.dll
      2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
      2008-09-24 18:44 --------- d-----w c:\program files\Apple Software Update
      2008-09-15 15:39 1,846,144 ----a-w c:\windows\system32\win32k.sys
      2008-09-15 15:39 1,846,144 ----a-w c:\windows\system32\dllcache\win32k.sys
      2008-09-04 16:45 1,106,944 ----a-w c:\windows\system32\msxml3.dll
      2008-09-04 16:45 1,106,944 ----a-w c:\windows\system32\dllcache\msxml3.dll
      2008-08-28 10:04 333,056 ----a-w c:\windows\system32\dllcache\srv.sys
      2008-08-27 09:11 3,593,216 ----a-w c:\windows\system32\dllcache\mshtml.dll
      2008-08-25 08:39 70,656 ----a-w c:\windows\system32\dllcache\ie4uinit.exe
      2008-08-25 08:38 13,824 ----a-w c:\windows\system32\dllcache\ieudinit.exe
      2007-10-25 05:03 47,360 ----a-w c:\documents and settings\akira\Application Data\pcouffin.sys
      .

      ((((((((((((((((((((((((((((( snapshot@2008-06-06_ 8.29.38,15 )))))))))))))))))))))))))))))))))))))))))
      .
      + 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB938464\spmsg.dll
      + 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB938464\spuninst.exe
      + 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB938464\update\spcustom.dll
      + 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB938464\update\update.exe
      + 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB938464\update\updspapi.dll
      + 2008-05-02 13:33:12 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP2QFE\msgsc.dll
      + 2008-05-02 14:01:52 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP3GDR\msgsc.dll
      + 2008-05-02 13:44:40 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP3QFE\msgsc.dll
      + 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB946648\spmsg.dll
      + 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB946648\spuninst.exe
      + 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB946648\update\spcustom.dll
      + 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB946648\update\update.exe
      + 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB946648\update\updspapi.dll
      + 2008-04-23 07:19:26 124,928 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\advpack.dll
      + 2008-04-23 07:19:26 347,136 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\dxtmsft.dll
      + 2008-04-23 07:19:26 214,528 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\dxtrans.dll
      + 2008-04-23 07:19:26 132,608 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\extmgr.dll
      + 2008-04-23 07:19:26 63,488 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\icardie.dll
      + 2008-04-22 08:02:19 70,656 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ie4uinit.exe
      + 2008-04-23 07:19:26 153,088 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieakeng.dll
      + 2008-04-23 07:19:26 230,400 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieaksie.dll
      + 2008-04-20 05:07:38 161,792 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieakui.dll
      + 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dat
      + 2008-04-23 07:19:26 383,488 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dll
      + 2008-04-23 07:19:26 388,608 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iedkcs32.dll
      + 2008-04-23 07:19:26 6,068,224 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieframe.dll
      + 2008-04-23 07:19:26 44,544 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iernonce.dll
      + 2008-04-23 07:19:26 267,776 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iertutil.dll
      + 2008-04-22 08:02:19 13,824 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieudinit.exe
      + 2008-04-22 08:02:46 625,664 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iexplore.exe
      + 2008-04-23 07:19:26 27,648 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\jsproxy.dll
      + 2008-04-23 07:19:27 459,264 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\msfeeds.dll
      + 2008-04-23 07:19:27 52,224 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\msfeedsbs.dll
      + 2008-04-23 07:19:27 3,593,728 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtml.dll
      + 2008-04-23 07:19:27 478,208 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtmled.dll
      + 2008-04-23 07:19:27 193,024 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\msrating.dll
      + 2008-04-23 07:19:27 671,232 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mstime.dll
      + 2008-04-23 07:19:27 102,912 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\occache.dll
      + 2008-04-23 07:19:27 44,544 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\pngfilt.dll
      + 2008-04-23 07:19:27 105,984 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\url.dll
      + 2008-04-23 07:19:27 1,162,752 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\urlmon.dll
      + 2008-04-23 07:19:27 233,472 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\webcheck.dll
      + 2008-04-23 07:19:27 827,392 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
      + 2007-03-06 01:34:33 15,072 ----a-w c:\windows\$hf_mig$\KB950759-IE7\spmsg.dll
      + 2007-03-06 01:34:38 216,800 ----a-w c:\windows\$hf_mig$\KB950759-IE7\spuninst.exe
      + 2007-03-06 01:34:31 22,752 ----a-w c:\windows\$hf_mig$\KB950759-IE7\update\spcustom.dll
      + 2007-03-06 01:34:56 727,776 ----a-w c:\windows\$hf_mig$\KB950759-IE7\update\update.exe
      + 2007-03-06 01:35:48 394,976 ----a-w c:\windows\$hf_mig$\KB950759-IE7\update\updspapi.dll
      + 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB950760\spmsg.dll
      + 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB950760\spuninst.exe
      + 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB950760\update\spcustom.dll
      + 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB950760\update\update.exe
      + 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB950760\update\updspapi.dll
      + 2008-05-08 12:14:51 203,008 ----a-w c:\windows\$hf_mig$\KB950762\SP2QFE\rmcast.sys
      + 2008-05-08 14:02:52 203,136 ----a-w c:\windows\$hf_mig$\KB950762\SP3GDR\rmcast.sys
      + 2008-05-08 13:58:17 203,136 ----a-w c:\windows\$hf_mig$\KB950762\SP3QFE\rmcast.sys
      + 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB950762\spmsg.dll
      + 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB950762\spuninst.exe
      + 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB950762\update\spcustom.dll
      + 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB950762\update\update.exe
      + 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB950762\update\updspapi.dll
      + 2008-07-07 20:18:27 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
      + 2008-07-07 20:28:20 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
      + 2008-07-07 20:24:11 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
      + 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB950974\spmsg.dll
      + 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB950974\spuninst.exe
      + 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB950974\update\spcustom.dll
      + 2007-11-30 12:39:26 767,352 ----a-w c:\windows\$hf_mig$\KB950974\update\update.exe
      + 2007-11-30 12:39:29 406,392 ----a-w c:\windows\$hf_mig$\KB950974\update\updspapi.dll
      + 2008-04-11 18:40:33 683,520 ----a-w c:\windows\$hf_mig$\KB951066\SP2QFE\inetcomm.dll
      + 2008-04-11 19:05:22 691,712 ----a-w c:\windows\$hf_mig$\KB951066\SP3GDR\inetcomm.dll
      + 2008-04-11 22:23:04 691,712 ----a-w c:\windows\$hf_mig$\KB951066\SP3QFE\inetcomm.dll
      + 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB951066\spmsg.dll
      + 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB951066\spuninst.exe
      + 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB951066\update\spcustom.dll
      + 2007-12-03 15:25:43 767,352 ----a-w c:\windows\$hf_mig$\KB951066\update\update.exe
      + 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB951066\update\updspapi.dll
      + 2008-07-14 11:03:00 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP2QFE\tzchange.exe
      + 2008-07-11 12:42:28 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP3GDR\tzchange.exe
      + 2008-07-11 12:51:51 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP3QFE\tzchange.exe
      + 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB951072-v2\spmsg.dll
      + 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB951072-v2\spuninst.exe
      + 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\spcustom.dll
      + 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\update.exe
      + 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\updspapi.dll
      + 2008-06-14 18:03:13 272,768 ----a-w c:\windows\$hf_mig$\KB951376-v2\SP2QFE\bthport.sys
      + 2008-06-14 17:33:37 272,768 ----a-w c:\windows\$hf_mig$\KB951376-v2\SP3GDR\bthport.sys
      + 2008-06-14 17:40:19 272,768 ----a-w c:\windows\$hf_mig$\KB951376-v2\SP3QFE\bthport.sys
      + 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB951376-v2\spmsg.dll
      + 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB951376-v2\spuninst.exe
      + 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB951376-v2\update\spcustom.dll
      + 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB951376-v2\update\update.exe
      + 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB951376-v2\update\updspapi.dll
      + 2008-04-14 16:17:04 272,768 ----a-w c:\windows\$hf_mig$\KB951376\SP2QFE\bthport.sys
      + 2008-04-14 15:59:30 272,768 ----a-w c:\windows\$hf_mig$\KB951376\SP3GDR\bthport.sys
      + 2008-04-14 16:22:05 272,768 ----a-w c:\windows\$hf_mig$\KB951376\SP3QFE\bthport.sys
      + 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB951376\spmsg.dll
      + 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB951376\spuninst.exe
      + 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB951376\update\spcustom.dll
      + 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB951376\update\update.exe
      + 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB951376\update\updspapi.dll
      + 2008-05-07 04:55:47 1,294,336 ----a-w c:\windows\$hf_mig$\KB951698\SP2QFE\quartz.dll
      + 2008-05-07 05:11:24 1,294,336 ----a-w c:\windows\$hf_mig$\KB951698\SP3GDR\quartz.dll
      + 2008-05-07 05:04:59 1,294,336 ----a-w c:\windows\$hf_mig$\KB951698\SP3QFE\quartz.dll
      + 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB951698\spmsg.dll
      + 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB951698\spuninst.exe
      + 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB951698\update\spcustom.dll
      + 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB951698\update\update.exe
      + 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB951698\update\updspapi.dll
      + 2006-08-16 12:13:24 100,352 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\6to4svc.dll
      + 2008-06-20 10:44:08 138,368 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\afd.sys
      + 2008-06-20 17:37:01 147,968 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\dnsapi.dll
      + 2008-06-20 17:37:01 247,808 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll
      + 2008-06-20 10:44:42 360,960 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
      + 2008-06-20 09:32:39 225,920 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip6.sys
      + 2008-06-20 11:40:08 138,496 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\afd.sys
      + 2008-06-20 17:47:22 147,968 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\dnsapi.dll
      + 2008-06-20 17:47:22 247,808 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
      + 2008-06-20 11:51:12 361,600 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
      + 2008-06-20 11:08:27 225,856 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip6.sys
      + 2008-06-20 11:48:03 138,496 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\afd.sys
      + 2008-06-20 17:44:02 147,968 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\dnsapi.dll
      + 2008-06-20 17:44:02 247,808 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
      + 2008-06-20 11:59:02 361,600 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
      + 2008-06-20 11:16:44 225,856 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip6.sys
      + 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB951748\spmsg.dll
      + 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB951748\spuninst.exe
      + 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB951748\update\spcustom.dll
      + 2007-11-30 12:39:26 767,352 ----a-w c:\windows\$hf_mig$\KB951748\update\update.exe
      + 2007-11-30 12:39:29 406,392 ----a-w c:\windows\$hf_mig$\KB951748\update\updspapi.dll
      + 2008-05-01 15:04:51 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP2QFE\msadce.dll
      + 2008-05-01 14:36:26 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP3GDR\msadce.dll
      + 2008-05-01 14:39:23 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP3QFE\msadce.dll
      + 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB952287\spmsg.dll
      + 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB952287\spuninst.exe
      + 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB952287\update\spcustom.dll
      + 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB952287\update\update.exe
      + 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB952287\update\updspapi.dll
      + 2008-06-24 16:30:27 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP2QFE\mscms.dll
      + 2008-06-24 16:44:02 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP3GDR\mscms.dll
      + 2008-06-24 16:53:52 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP3QFE\mscms.dll
      + 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB952954\spmsg.dll
      + 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB952954\spuninst.exe
      + 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB952954\update\spcustom.dll
      + 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB952954\update\update.exe
      + 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB952954\update\updspapi.dll
      + 2008-06-23 15:40:01 124,928 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\advpack.dll
      + 2008-06-23 15:40:01 347,136 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\dxtmsft.dll
      + 2008-06-23 15:40:01 214,528 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\dxtrans.dll
      + 2008-06-23 15:40:01 132,608 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\extmgr.dll
      + 2008-06-23 15:40:01 63,488 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\icardie.dll
      + 2008-06-23 08:23:18 70,656 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ie4uinit.exe
      + 2008-06-23 15:40:01 153,088 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieakeng.dll
      + 2008-06-23 15:40:01 230,400 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieaksie.dll
      + 2008-06-21 05:23:53 161,792 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieakui.dll
      + 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieapfltr.dat
      + 2008-06-23 15:40:02 383,488 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieapfltr.dll
      + 2008-06-23 15:40:02 388,608 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iedkcs32.dll
      + 2008-06-23 15:40:04 6,068,736 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieframe.dll
      + 2008-06-23 15:40:04 44,544 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iernonce.dll
      + 2008-06-23 15:40:04 267,776 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iertutil.dll
      + 2008-06-23 08:23:18 13,824 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieudinit.exe
      + 2008-06-23 08:23:52 625,664 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iexplore.exe
      + 2008-06-23 15:40:05 27,648 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\jsproxy.dll
      + 2008-06-23 15:40:05 459,264 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msfeeds.dll
      + 2008-06-23 15:40:05 52,224 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msfeedsbs.dll
      + 2008-06-23 15:40:07 3,594,240 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtml.dll
      + 2008-06-23 15:40:07 477,696 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtmled.dll
      + 2008-06-23 15:40:07 193,024 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msrating.dll
      + 2008-06-23 15:40:07 671,232 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mstime.dll
      + 2008-06-23 15:40:07 102,912 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\occache.dll
      + 2008-06-23 15:40:07 44,544 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\pngfilt.dll
      + 2008-06-23 15:40:07 105,984 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\url.dll
      + 2008-06-23 15:40:08 1,162,752 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\urlmon.dll
      + 2008-06-23 15:40:08 233,472 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\webcheck.dll
      + 2008-06-23 15:40:08 827,904 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
      + 2007-03-06 01:34:33 15,072 ----a-w c:\windows\$hf_mig$\KB953838-IE7\spmsg.dll
      + 2007-03-06 01:34:38 216,800 ----a-w c:\windows\$hf_mig$\KB953838-IE7\spuninst.exe
      + 2007-03-06 01:34:31 22,752 ----a-w c:\windows\$hf_mig$\KB953838-IE7\update\spcustom.dll
      + 2007-03-06 01:34:56 727,776 ----a-w c:\windows\$hf_mig$\KB953838-IE7\update\update.exe
      + 2007-03-06 01:35:48 394,976 ----a-w c:\windows\$hf_mig$\KB953838-IE7\update\updspapi.dll
      + 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB953839\spmsg.dll
      + 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB953839\spuninst.exe
      + 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB953839\update\spcustom.dll
      + 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB953839\update\update.exe
      + 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB953839\update\updspapi.dll
      + 2008-09-15 15:14:42 1,847,040 ----a-w c:\windows\$hf_mig$\KB954211\SP2QFE\win32k.sys
      + 2008-09-15 15:26:07 1,846,528 ----a-w c:\windows\$hf_mig$\KB954211\SP3GDR\win32k.sys
      + 2008-09-15 15:20:39 1,847,040 ----a-w c:\windows\$hf_mig$\KB954211\SP3QFE\win32k.sys
      + 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB954211\spmsg.dll
      + 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB954211\spuninst.exe
      + 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB954211\update\spcustom.dll
      + 2008-07-09 07:40:26 767,352 ----a-w c:\windows\$hf_mig$\KB954211\update\update.exe
      + 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB954211\update\updspapi.dll
      + 2008-08-26 09:10:25 124,928 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\advpack.dll
      + 2008-08-26 09:10:25 347,136 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\dxtmsft.dll
      + 2008-08-26 09:10:25 214,528 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\dxtrans.dll
      + 2008-08-26 09:10:25 132,608 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\extmgr.dll
      + 2008-08-26 09:10:25 63,488 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\icardie.dll
      + 2008-08-25 08:43:21 70,656 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ie4uinit.exe
      + 2008-08-26 09:10:26 153,088 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieakeng.dll
      + 2008-08-26 09:10:26 230,400 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieaksie.dll
      + 2008-08-23 05:54:50 161,792 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieakui.dll
      + 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieapfltr.dat
      + 2008-08-26 09:10:26 380,928 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieapfltr.dll
      + 2008-08-26 09:10:26 388,608 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iedkcs32.dll
      + 2008-10-03 16:22:30 6,068,224 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieframe.dll
      + 2008-08-26 09:10:27 44,544 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iernonce.dll
      + 2008-08-26 09:10:27 267,776 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iertutil.dll
      + 2008-08-25 08:43:21 13,824 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieudinit.exe
      + 2008-08-23 05:56:16 635,848 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iexplore.exe
      + 2008-08-26 09:10:27 27,648 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\jsproxy.dll
      + 2008-08-26 09:10:27 459,264 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msfeeds.dll
      + 2008-08-26 09:10:27 52,224 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msfeedsbs.dll
      + 2008-08-26 09:10:28 3,594,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtml.dll
      + 2008-08-26 09:10:28 477,696 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtmled.dll
      + 2008-08-26 09:10:28 193,024 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msrating.dll
      + 2008-08-26 09:10:29 671,232 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mstime.dll
      + 2008-08-26 09:10:29 102,912 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\occache.dll
      + 2008-08-26 09:10:29 44,544 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\pngfilt.dll
      + 2008-08-26 09:10:29 105,984 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\url.dll
      + 2008-08-26 09:10:29 1,162,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\urlmon.dll
      + 2008-08-26 09:10:29 233,472 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\webcheck.dll
      + 2008-08-26 09:10:29 827,904 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
      + 2007-03-06 01:34:33 15,072 ----a-w c:\windows\$hf_mig$\KB956390-IE7\spmsg.dll
      + 2007-03-06 01:34:38 216,800 ----a-w c:\windows\$hf_mig$\KB956390-IE7\spuninst.exe
      + 2007-03-06 01:34:31 22,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\update\spcustom.dll
      + 2007-03-06 01:34:56 727,776 ----a-w c:\windows\$hf_mig$\KB956390-IE7\update\update.exe
      + 2007-03-06 01:35:48 394,976 ----a-w c:\windows\$hf_mig$\KB956390-IE7\update\updspapi.dll
      + 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB956391\spmsg.dll
      + 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB956391\spuninst.exe
      + 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB956391\update\spcustom.dll
      + 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB956391\update\update.exe
      + 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB956391\update\updspapi.dll
      + 2008-08-14 09:48:52 138,368 ----a-w c:\windows\$hf_mig$\KB956803\SP2QFE\afd.sys
      + 2008-08-14 10:04:36 138,496 ----a-w c:\windows\$hf_mig$\KB956803\SP3GDR\afd.sys
      + 2008-08-14 10:34:26 138,496 ----a-w c:\windows\$hf_mig$\KB956803\SP3QFE\afd.sys
      + 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB956803\spmsg.dll
      + 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB956803\spuninst.exe
      + 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB956803\update\spcustom.dll
      + 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB956803\update\update.exe
      + 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB956803\update\updspapi.dll
      + 2008-08-14 13:23:44 2,147,328 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlmp.exe
      + 2008-08-14 13:23:49 2,068,096 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe
      + 2008-08-14 13:23:44 2,025,984 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrpamp.exe
      + 2008-08-14 13:23:49 2,191,232 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe
      + 2008-08-14 13:55:54 2,147,328 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlmp.exe
      + 2008-08-14 17:26:00 2,068,096 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
      + 2008-08-14 13:55:47 2,025,984 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrpamp.exe
      + 2008-08-14 17:26:02 2,191,232 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
      + 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB956841\spmsg.dll
      + 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB956841\spuninst.exe
      + 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB956841\update\spcustom.dll
      + 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB956841\update\update.exe
      + 2008-07-09 07:40:35 406,392 ----a-w c:\windows\$hf_mig$\KB956841\update\updspapi.dll
      + 2008-08-28 10:35:33 333,056 ----a-w c:\windows\$hf_mig$\KB957095\SP2QFE\srv.sys
      + 2008-09-08 10:41:42 333,824 ----a-w c:\windows\$hf_mig$\KB957095\SP3GDR\srv.sys
      + 2008-09-08 11:37:19 333,824 ----a-w c:\windows\$hf_mig$\KB957095\SP3QFE\srv.sys
      + 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB957095\spmsg.dll
      + 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB957095\spuninst.exe
      + 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB957095\update\spcustom.dll
      + 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB957095\update\update.exe
      + 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB957095\update\updspapi.dll
      - 2007-01-22 00:35:14 88,776 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath.Xml\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.Xml.dll
      + 2008-09-06 14:49:01 91,488 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath.Xml\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.Xml.dll
      - 2007-01-22 00:35:13 101,064 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.dll
      + 2008-09-06 14:48:59 103,776 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.dll
      - 2007-01-21 12:11:51 64,088 ----a-w c:\windows\assembly\GAC\Microsoft.Vbe.Interop\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
      + 2008-09-06 14:47:15 66,936 ----a-w c:\windows\assembly\GAC\Microsoft.Vbe.Interop\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
      - 2007-01-21 12:11:51 223,800 ----a-w c:\windows\assembly\GAC\office\11.0.0.0__71e9bce111e9429c\OFFICE.DLL
      + 2008-09-06 14:47:04 226,656 ----a-w c:\windows\assembly\GAC\office\11.0.0.0__71e9bce111e9429c\OFFICE.DLL
      - 2008-05-21 10:56:08 124,208 ----a-w c:\windows\Downloaded Program Files\as2stubie.dll
      + 2008-06-30 08:39:58 128,256 ----a-w c:\windows\Downloaded Program Files\as2stubie.dll
      + 2008-06-14 17:59:52 272,768 ------w c:\windows\Driver Cache\i386\bthport.sys
      - 2006-05-05 09:41:45 453,120 ----a-w c:\windows\Driver Cache\i386\mrxsmb.sys
      + 2008-10-24 11:10:42 453,632 ----a-w c:\windows\Driver Cache\i386\mrxsmb.sys
      - 2007-02-28 16:08:15 2,139,648 ----a-w c:\windows\Driver Cache\i386\ntkrnlmp.exe
      + 2008-08-14 13:39:07 2,144,768 ----a-w c:\windows\Driver Cache\i386\ntkrnlmp.exe
      - 2007-02-28 16:08:25 2,061,440 ----a-w c:\windows\Driver Cache\i386\ntkrnlpa.exe
      + 2008-08-14 13:39:12 2,065,024 ----a-w c:\windows\Driver Cache\i386\ntkrnlpa.exe
      - 2007-02-28 16:08:11 2,019,328 ----a-w c:\windows\Driver Cache\i386\ntkrpamp.exe
      + 2008-08-14 13:39:03 2,022,912 ----a-w c:\windows\Driver Cache\i386\ntkrpamp.exe
      - 2007-02-28 16:08:21 2,184,192 ----a-w c:\windows\Driver Cache\i386\ntoskrnl.exe
      + 2008-08-14 13:39:11 2,188,032 ----a-w c:\windows\Driver Cache\i386\ntoskrnl.exe
      - 2005-10-20 18:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE
      + 2005-10-20 19:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE
      + 2008-03-01 12:58:06 124,928 -c----w c:\windows\ie7updates\KB950759-IE7\advpack.dll
      + 2008-03-01 12:58:06 347,136 -c----w c:\windows\ie7updates\KB950759-IE7\dxtmsft.dll
      + 2008-03-01 12:58:06 214,528 -c----w c:\windows\ie7updates\KB950759-IE7\dxtrans.dll
      + 2008-03-01 12:58:06 133,120 -c----w c:\windows\ie7updates\KB950759-IE7\extmgr.dll
      + 2008-03-01 12:58:06 63,488 -c----w c:\windows\ie7updates\KB950759-IE7\icardie.dll
      + 2008-02-29 08:56:41 70,656 -c----w c:\windows\ie7updates\KB950759-IE7\ie4uinit.exe
      + 2008-03-01 12:58:06 153,088 -c----w c:\windows\ie7updates\KB950759-IE7\ieakeng.dll
      + 2008-03-01 12:58:06 230,400 -c----w c:\windows\ie7updates\KB950759-IE7\ieaksie.dll
      + 2008-02-15 05:44:25 161,792 -c----w c:\windows\ie7updates\KB950759-IE7\ieakui.dll
      + 2008-03-01 12:58:07 383,488 -c----w c:\windows\ie7updates\KB950759-IE7\ieapfltr.dll
      + 2008-03-01 12:58:07 384,512 -c----w c:\windows\ie7updates\KB950759-IE7\iedkcs32.dll
      + 2008-03-01 12:58:08 6,066,176 -c----w c:\windows\ie7updates\KB950759-IE7\ieframe.dll
      + 2008-03-01 12:58:08 44,544 -c----w c:\windows\ie7updates\KB950759-IE7\iernonce.dll
      + 2008-03-01 12:58:08 267,776 -c----w c:\windows\ie7updates\KB950759-IE7\iertutil.dll
      + 2008-02-22 10:00:51 13,824 -c----w c:\windows\ie7updates\KB950759-IE7\ieudinit.exe
      + 2008-02-29 08:57:05 625,664 -c----w c:\windows\ie7updates\KB950759-IE7\iexplore.exe
      + 2008-03-01 12:58:08 27,648 -c----w c:\windows\ie7updates\KB950759-IE7\jsproxy.dll
      + 2008-03-01 12:58:08 459,264 -c----w c:\windows\ie7updates\KB950759-IE7\msfeeds.dll
      + 2008-03-01 12:58:08 52,224 -c----w c:\windows\ie7updates\KB950759-IE7\msfeedsbs.dll
      + 2008-03-01 16:28:10 3,591,680 -c----w c:\windows\ie7updates\KB950759-IE7\mshtml.dll
      + 2008-03-01 12:58:09 478,208 -c----w c:\windows\ie7updates\KB950759-IE7\mshtmled.dll
      + 2008-03-01 12:58:10 193,024 -c----w c:\windows\ie7updates\KB950759-IE7\msrating.dll
      + 2008-03-01 12:58:10 671,232 -c----w c:\windows\ie7updates\KB950759-IE7\mstime.dll
      + 2008-03-01 12:58:10 102,912 -c----w c:\windows\ie7updates\KB950759-IE7\occache.dll
      + 2008-03-01 12:58:10 44,544 -c----w c:\windows\ie7updates\KB950759-IE7\pngfilt.dll
      + 2007-03-06 01:34:38 216,800 -c----w c:\windows\ie7updates\KB950759-IE7\spuninst\spuninst.exe
      + 2007-03-06 01:35:48 394,976 -c----w c:\windows\ie7updates\KB950759-IE7\spuninst\updspapi.dll
      + 2008-03-01 12:58:10 105,984 -c----w c:\windows\ie7updates\KB950759-IE7\url.dll
      + 2008-03-01 12:58:10 1,159,680 -c----w c:\windows\ie7updates\KB950759-IE7\urlmon.dll
      + 2008-03-01 12:58:11 233,472 -c----w c:\windows\ie7updates\KB950759-IE7\webcheck.dll
      + 2008-03-01 12:58:11 826,368 -c----w c:\windows\ie7updates\KB950759-IE7\wininet.dll
      + 2008-04-23 04:16:39 124,928 -c----w c:\windows\ie7updates\KB953838-IE7\advpack.dll
      + 2008-04-23 04:16:39 347,136 -c----w c:\windows\ie7updates\KB953838-IE7\dxtmsft.dll
      + 2008-04-23 04:16:39 214,528 -c----w c:\windows\ie7updates\KB953838-IE7\dxtrans.dll
      + 2008-04-23 04:16:39 133,120 -c----w c:\windows\ie7updates\KB953838-IE7\extmgr.dll
      + 2008-04-23 04:16:39 63,488 -c----w c:\windows\ie7updates\KB953838-IE7\icardie.dll
      + 2008-04-22 07:41:08 70,656 -c----w c:\windows\ie7updates\KB953838-IE7\ie4uinit.exe
      + 2008-04-23 04:16:39 153,088 -c----w c:\windows\ie7updates\KB953838-IE7\ieakeng.dll
      + 2008-04-23 04:16:39 230,400 -c----w c:\windows\ie7updates\KB953838-IE7\ieaksie.dll
      + 2008-04-20 05:07:51 161,792 -c----w c:\windows\ie7updates\KB953838-IE7\ieakui.dll
      + 2008-04-23 04:16:39 383,488 -c----w c:\windows\ie7updates\KB953838-IE7\ieapfltr.dll
      + 2008-04-23 04:16:39 384,512 -c----w c:\windows\ie7updates\KB953838-IE7\iedkcs32.dll
      + 2008-04-23 04:16:39 6,066,176 -c----w c:\windows\ie7updates\KB953838-IE7\ieframe.dll
      + 2008-04-23 04:16:39 44,544 -c----w c:\windows\ie7updates\KB953838-IE7\iernonce.dll
      + 2008-04-23 04:16:39 267,776 -c----w c:\windows\ie7updates\KB953838-IE7\iertutil.dll
      + 2008-04-22 07:39:58 13,824 -c----w c:\windows\ie7updates\KB953838-IE7\ieudinit.exe
      + 2008-04-22 07:41:30 625,664 -c----w c:\windows\ie7updates\KB953838-IE7\iexplore.exe
      + 2008-04-23 04:16:40 27,648 -c----w c:\windows\ie7updates\KB953838-IE7\jsproxy.dll
      + 2008-04-23 04:16:40 459,264 -c----w c:\windows\ie7updates\KB953838-IE7\msfeeds.dll
      + 2008-04-23 04:16:40 52,224 -c----w c:\windows\ie7updates\KB953838-IE7\msfeedsbs.dll
      + 2008-04-23 20:16:42 3,591,680 -c----w c:\windows\ie7updates\KB953838-IE7\mshtml.dll
      + 2008-04-23 04:16:40 478,208 -c----w c:\windows\ie7updates\KB953838-IE7\mshtmled.dll
      + 2008-04-23 04:16:40 193,024 -c----w c:\windows\ie7updates\KB953838-IE7\msrating.dll
      + 2008-04-23 04:16:40 671,232 -c----w c:\windows\ie7updates\KB953838-IE7\mstime.dll
      + 2008-04-23 04:16:40 102,912 -c----w c:\windows\ie7updates\KB953838-IE7\occache.dll
      + 2008-04-23 04:16:40 44,544 -c----w c:\windows\ie7updates\KB953838-IE7\pngfilt.dll
      + 2007-03-06 01:34:38 216,800 -c----w c:\windows\ie7updates\KB953838-IE7\spuninst\spuninst.exe
      + 2007-03-06 01:35:48 394,976 -c----w c:\windows\ie7updates\KB953838-IE7\spuninst\updspapi.dll
      + 2008-04-23 04:16:40 105,984 -c----w c:\windows\ie7updates\KB953838-IE7\url.dll
      + 2008-04-23 04:16:40 1,159,680 -c----w c:\windows\ie7updates\KB953838-IE7\urlmon.dll
      + 2008-04-23 04:16:40 233,472 -c----w c:\windows\ie7updates\KB953838-IE7\webcheck.dll
      + 2008-04-23 04:16:40 826,368 -c----w c:\windows\ie7updates\KB953838-IE7\wininet.dll
      + 2008-06-23 16:28:17 124,928 -c----w c:\windows\ie7updates\KB956390-IE7\advpack.dll
      + 2008-06-23 16:28:17 347,136 -c----w c:\windows\ie7updates\KB956390-IE7\dxtmsft.dll
      + 2008-06-23 16:28:17 214,528 -c----w c:\windows\ie7updates\KB956390-IE7\dxtrans.dll
      + 2008-06-23 16:28:17 133,120 -c----w c:\windows\ie7updates\KB956390-IE7\extmgr.dll
      + 2008-06-23 16:28:17 63,488 -c----w c:\windows\ie7updates\KB956390-IE7\icardie.dll
      + 2008-06-23 09:21:30 70,656 -c----w c:\windows\ie7updates\KB956390-IE7\ie4uinit.exe
      + 2008-06-23 16:28:18 153,088 -c----w c:\windows\ie7updates\KB956390-IE7\ieakeng.dll
      + 2008-06-23 16:28:18 230,400 -c----w c:\windows\ie7updates\KB956390-IE7\ieaksie.dll
      + 2008-06-21 05:23:54 161,792 -c----w c:\windows\ie7updates\KB956390-IE7\ieakui.dll
      + 2008-06-23 16:28:18 383,488 -c----w c:\windows\ie7updates\KB956390-IE7\ieapfltr.dll
      + 2008-06-23 16:28:18 384,512 -c----w c:\windows\ie7updates\KB956390-IE7\iedkcs32.dll
      + 2008-06-23 16:28:19 6,066,176 -c----w c:\windows\ie7updates\KB956390-IE7\ieframe.dll
      + 2008-06-23 16:28:19 44,544 -c----w c:\windows\ie7updates\KB956390-IE7\iernonce.dll
      + 2008-06-23 16:28:20 267,776 -c----w c:\windows\ie7updates\KB956390-IE7\iertutil.dll
      + 2008-06-23 09:20:26 13,824 -c----w c:\windows\ie7updates\KB956390-IE7\ieudinit.exe
      + 2008-06-23 09:21:49 625,664 -c----w c:\windows\ie7updates\KB956390-IE7\iexplore.exe
      + 2008-06-23 16:28:20 27,648 -c----w c:\windows\ie7updates\KB956390-IE7\jsproxy.dll
      + 2008-06-23 16:28:20 459,264 -c----w c:\windows\ie7updates\KB956390-IE7\msfeeds.dll
      + 2008-06-23 16:28:20 52,224 -c----w c:\windows\ie7updates\KB956390-IE7\msfeedsbs.dll
      + 2008-06-24 08:28:24 3,592,192 -c----w c:\windows\ie7updates\KB956390-IE7\mshtml.dll
      + 2008-06-23 16:28:22 477,696 -c----w c:\windows\ie7updates\KB956390-IE7\mshtmled.dll
      + 2008-06-23 16:28:22 193,024 -c----w c:\windows\ie7updates\KB956390-IE7\msrating.dll
      + 2008-06-23 16:28:22 671,232 -c----w c:\windows\ie7updates\KB956390-IE7\mstime.dll
      + 2008-06-23 16:28:22 102,912 -c----w c:\windows\ie7updates\KB956390-IE7\occache.dll
      + 2008-06-23 16:28:22 44,544 -c----w c:\windows\ie7updates\KB956390-IE7\pngfilt.dll
      + 2007-03-06 01:34:38 216,800 -c----w c:\windows\ie7updates\KB956390-IE7\spuninst\spuninst.exe
      + 2007-03-06 01:35:48 394,976 -c----w c:\windows\ie7updates\KB956390-IE7\spuninst\updspapi.dll
      + 2008-06-23 16:28:22 105,984 -c----w c:\windows\ie7updates\KB956390-IE7\url.dll
      + 2008-06-23 16:28:23 1,159,680 -c----w c:\windows\ie7updates\KB956390-IE7\urlmon.dll
      + 2008-06-23 16:28:23 233,472 -c----w c:\windows\ie7updates\KB956390-IE7\webcheck.dll
      + 2008-06-23 16:28:23 826,368 -c----w c:\windows\ie7updates\KB956390-IE7\wininet.dll
      + 2003-07-15 05:57:34 38,968 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\AUTHZAX.DLL
      + 2003-07-15 05:53:06 94,768 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\AW.DLL
      + 2003-07-15 05:56:54 14,904 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\DSITF.DLL
      + 2003-07-15 05:57:14 98,360 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\DSSM.EXE
      + 2003-07-15 05:41:44 13,368 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\FINDER.EXE
      + 2003-07-15 05:40:12 179,768 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\FPERSON.DLL
      + 2003-07-15 05:45:14 58,944 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\INLAUNCH.DLL
      + 2003-06-19 00:31:10 252,928 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MDIINK.DLL
      + 2003-07-15 05:51:44 87,104 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSENCODE.DLL
      + 2003-07-15 05:52:52 17,464 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSMH.DLL
      + 2003-07-14 21:57:16 120,888 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOAUTH.DLL
      + 2003-07-15 05:52:52 27,704 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSODCW.DLL
      + 2003-07-15 05:52:56 55,360 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOHTMED.EXE
      + 2003-07-11 09:15:48 1,292,872 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSONSEXT.DLL
      + 2003-07-15 10:18:52 376,888 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSORUN.DLL
      + 2003-07-14 21:52:54 28,224 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOSTYLE.DLL
      + 2003-07-15 05:52:52 35,896 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOSV.DLL
      + 2003-07-15 05:53:20 39,488 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOSVFBR.DLL
      + 2003-07-15 05:46:16 42,040 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOXEV.DLL
      + 2003-07-15 05:45:12 55,360 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOXMLED.EXE
      + 2003-07-15 05:45:12 39,488 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOXMLMF.DLL
      + 2003-06-19 00:31:50 16,384 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSPGIMME.DLL
      + 2003-06-19 23:05:50 364,648 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSPVIEW.EXE
      + 2003-07-15 05:52:58 41,528 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSSH.DLL
      + 2003-07-15 06:00:54 145,984 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSWEBCAP.DLL
      + 2003-07-15 05:57:10 56,888 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\NAME.DLL
      + 2003-07-15 05:56:52 13,888 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\NPOFFICE.DLL
      + 2007-01-21 12:11:51 223,800 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\OFFICE.DLL
      + 2003-07-15 10:14:26 242,240 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\OISGRAPH.DLL
      + 2003-07-15 06:05:24 1,054,264 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\OMFC.DLL
      + 2003-07-15 05:44:34 102,968 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\OUTLCTL.DLL
      + 2003-07-15 05:43:16 49,208 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\OUTLWAB.DLL
      + 2003-07-15 10:18:44 93,752 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\PP7X32.DLL
      + 2003-07-15 05:40:16 51,256 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\PUBTRAP.DLL
      + 2003-05-09 04:54:00 77,824 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\REFEDIT.DLL
      + 2003-07-15 05:57:08 40,512 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\REFIEBAR.DLL
      + 2003-07-21 18:46:38 390,712 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\RTFHTML.DLL
      + 2003-07-15 05:44:16 66,616 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\SENDTO.DLL
      + 2003-07-14 21:57:08 58,944 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\SEQCHK10.DLL
      + 2003-07-15 05:53:14 11,848 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\SMARTTAGINSTALL.EXE
      + 2007-01-21 12:11:51 64,088 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\VBIDEPIA.DLL
      + 2007-04-19 12:09:30 167,256 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.8173\IETAG.DLL
      + 2005-02-03 16:59:22 346,840 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.8173\METCONV.DLL
      + 2005-05-03 23:06:28 465,640 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.8173\MSDMENG.DLL
      + 2005-05-03 23:06:32 1,411,816 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.8173\MSDMINE.DLL
      + 2005-05-03 23:06:26 199,408 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.8173\MSMDUN80.DLL
      + 2008-11-23 22:39:46 22,486 ----a-r c:\windows\Installer\{31E5AE86-4F07-4433-B27F-7FCD341A6655}\register_icon.exe
      + 2008-11-12 00:15:18 32,768 ----a-r c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
      - 2008-05-14 01:03:00 593,920 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\accicons.exe
      + 2008-11-12 00:17:35 593,920 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\accicons.exe
      - 2008-05-14 01:03:00 12,288 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\cagicon.exe
      + 2008-11-12 00:17:35 12,288 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\cagicon.exe
      - 2008-05-14 01:03:00 86,016 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\inficon.exe
      + 2008-11-12 00:17:35 86,016 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\inficon.exe
      - 2008-05-14 01:03:00 135,168 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\misc.exe
      + 2008-11-12 00:17:35 135,168 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\misc.exe
      - 2008-05-14 01:03:00 11,264 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\mspicons.exe
      + 2008-11-12 00:17:35 11,264 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\mspicons.exe
      - 2008-05-14 01:03:00 27,136 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\oisicon.exe
      + 2008-11-12 00:17:35 27,136 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\oisicon.exe
      - 2008-05-14 01:03:00 4,096 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe
      + 2008-11-12 00:17:35 4,096 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe
      - 2008-05-14 01:03:00 794,624 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\outicon.exe
      + 2008-11-12 00:17:35 794,624 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\outicon.exe
      - 2008-05-14 01:03:00 249,856 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pptico.exe
      + 2008-11-12 00:17:35 249,856 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pptico.exe
      - 2008-05-14 01:03:00 61,440 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pubs.exe
      + 2008-11-12 00:17:35 61,440 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pubs.exe
      - 2008-05-14 01:03:01 23,040 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\unbndico.exe
      + 2008-11-12 00:17:35 23,040 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\unbndico.exe
      - 2008-05-14 01:03:00 286,720 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe
      + 2008-11-12 00:17:35 286,720 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe
      - 2008-05-14 01:03:00 409,600 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe
      + 2008-11-12 00:17:35 409,600 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe
      - 2008-02-27 19:09:20 123,008 ----a-r c:\windows\Installer\{A70FA218-6598-4AC9-813D-63597C5DD068}\WLXPhotoGalleryIcon.exe
      + 2008-08-17 01:25:18 123,008 ----a-r c:\windows\Installer\{A70FA218-6598-4AC9-813D-63597C5DD068}\WLXPhotoGalleryIcon.exe
      + 2008-06-22 22:03:01 25,214 ----a-r c:\windows\Installer\{AC76BA86-7AD7-1036-7B44-A71000000002}\SC_Reader.exe
      + 2008-11-23 23:33:26 61,440 ----a-r c:\windows\Installer\{BF7D87C5-CFC3-40C5-A367-24586EEBB8CA}\helpicon.exe
      + 2008-11-23 23:33:26 32,768 ----a-r c:\windows\Installer\{BF7D87C5-CFC3-40C5-A367-24586EEBB8CA}\maintenance_icon.exe
      + 2008-11-23 23:33:26 22,486 ----a-r c:\windows\Installer\{BF7D87C5-CFC3-40C5-A367-24586EEBB8CA}\register_icon.exe
      + 2008-11-23 23:33:26 57,344 ----a-r c:\windows\Installer\{BF7D87C5-CFC3-40C5-A367-24586EEBB8CA}\texticon.exe
      - 2000-08-31 06:00:00 28,160 ----a-w c:\windows\Nircmd.exe
      + 2000-08-31 07:00:00 28,672 ----a-w c:\windows\Nircmd.exe
      + 2008-10-29 10:55:26 958,464 ----a-w c:\windows\Resources\Themes\Chivalry\Shell\NormalColor\shellstyle.dll
      + 2008-10-30 08:32:18 756,736 ----a-w c:\windows\Resources\Themes\Crimson\Shell\NormalColor\shellstyle.dll
      - 2000-08-31 06:00:00 161,792 ----a-w c:\windows\swreg.exe
      + 2000-08-31 07:00:00 161,792 ----a-w c:\windows\swreg.exe
      - 2008-03-01 12:58:06 124,928 ----a-w c:\windows\system32\advpack.dll
      + 2008-08-26 08:11:45 124,928 ----a-w c:\windows\system32\advpack.dll
      + 2004-08-03 21:10:08 53,248 ----a-w c:\windows\system32\dllcache\1394bus.sys
      + 2001-08-17 20:06:48 11,264 ----a-w c:\windows\system32\dllcache\1394vdbg.sys
      + 2001-08-17 19:28:00 762,780 ----a-w c:\windows\system32\dllcache\3cwmcru.sys
      + 2001-08-23 15:46:44 689,216 ----a-w c:\windows\system32\dllcache\3dfxvs.dll
      + 2001-08-17 18:48:32 148,352 ----a-w c:\windows\system32\dllcache\3dfxvsm.sys
      + 2004-08-03 21:00:04 12,288 ----a-w c:\windows\system32\dllcache\4mmdat.sys
      + 2004-08-03 21:10:12 48,128 ----a-w c:\windows\system32\dllcache\61883.sys
      + 2001-08-23 15:46:44 38,400 ----a-w c:\windows\system32\dllcache\8514a.dll
      + 2001-08-23 15:46:58 98,304 ----a-w c:\windows\system32\dllcache\a3d.dll
      + 2001-08-23 15:46:58 462,848 ----a-w c:\windows\system32\dllcache\a3dapi.dll
      + 2004-08-05 12:00:00 26,624 ----a-w c:\windows\system32\dllcache\aaaamon.dll
      + 2001-08-17 19:52:00 23,552 ----a-w c:\windows\system32\dllcache\abp480n5.sys
      + 2004-08-03 20:32:22 231,552 ----a-w c:\windows\system32\dllcache\ac97ali.sys
      + 2001-08-17 18:20:04 96,256 ----a-w c:\windows\system32\dllcache\ac97intc.sys
      + 2001-08-17 18:20:16 297,728 ----a-w c:\windows\system32\dllcache\ac97sis.sys
      + 2004-08-03 20:32:32 84,480 ----a-w c:\windows\system32\dllcache\ac97via.sys
      + 2004-08-05 12:00:00 72,192 ----a-w c:\windows\system32\dllcache\acctres.dll
      + 2004-08-05 12:00:00 189,952 ----a-w c:\windows\system32\dllcache\accwiz.exe
      + 2001-08-23 15:46:58 61,952 ----a-w c:\windows\system32\dllcache\acerscad.dll
      + 2004-08-05 12:00:00 450,048 ----a-w c:\windows\system32\dllcache\aclayers.dll
      + 2004-08-05 12:00:00 135,680 ----a-w c:\windows\system32\dllcache\acledit.dll
      + 2004-08-05 12:00:00 137,728 ----a-w c:\windows\system32\dllcache\aclua.dll
      + 2004-08-05 12:00:00 119,296 ----a-w c:\windows\system32\dllcache\aclui.dll
      + 2004-08-05 12:00:00 188,672 ----a-w c:\windows\system32\dllcache\acpi.sys
      + 2004-08-05 12:00:00 12,032 ----a-w c:\windows\system32\dllcache\acpiec.sys
      + 2004-08-05 12:00:00 244,736 ----a-w c:\windows\system32\dllcache\acspecfc.dll
      + 2004-08-05 12:00:00 4,096 ----a-w c:\windows\system32\dllcache\actmovie.exe
      + 2004-08-05 12:00:00 101,888 ----a-w c:\windows\system32\dllcache\actxprxy.dll
      + 2004-08-05 12:00:00 116,224 ----a-w c:\windows\system32\dllcache\acxtrnal.dll
      + 2001-08-17 19:53:02 7,424 ----a-w c:\windows\system32\dllcache\adicvls.sys
      + 2001-08-17 18:11:18 20,160 ----a-w c:\windows\system32\dllcache\adm8511.sys
      + 2001-08-17 18:19:10 584,448 ----a-w c:\windows\system32\dllcache\adm8810.sys
      + 2001-08-17 18:19:14 553,984 ----a-w c:\windows\system32\dllcache\adm8820.sys
      + 2001-08-17 18:19:14 747,392 ----a-w c:\windows\system32\dllcache\adm8830.sys
      + 2003-03-24 13:52:04 20,540 ----a-w c:\windows\system32\dllcache\admin.dll
      + 2003-03-24 13:52:04 16,439 ----a-w c:\windows\system32\dllcache\admin.exe
      + 2004-08-03 20:32:24 10,880 ----a-w c:\windows\system32\dllcache\admjoy.sys
      + 2004-08-05 12:00:00 26,112 ----a-w c:\windows\system32\dllcache\adptif.dll
      + 2001-08-17 18:11:16 46,112 ----a-w c:\windows\system32\dllcache\adptsf50.sys
      + 2001-08-17 20:07:32 101,888 ----a-w c:\windows\system32\dllcache\adpu160m.sys
      + 2004-08-05 12:00:00 175,616 ----a-w c:\windows\system32\dllcache\adsldp.dll
      + 2004-08-05 12:00:00 68,096 ----a-w c:\windows\system32\dllcache\adsmsext.dll
      + 2004-08-05 12:00:00 263,680 ----a-w c:\windows\system32\dllcache\adsnt.dll
      + 2004-08-03 22:54:22 4,255 ----a-w c:\windows\system32\dllcache\adv01nt5.dll
      + 2004-08-03 22:54:22 3,967 ----a-w c:\windows\system32\dllcache\adv02nt5.dll
      + 2004-08-03 22:54:22 3,615 ----a-w c:\windows\system32\dllcache\adv05nt5.dll
      + 2004-08-03 22:54:22 3,647 ----a-w c:\windows\system32\dllcache\adv07nt5.dll
      + 2004-08-03 22:54:22 3,135 ----a-w c:\windows\system32\dllcache\adv08nt5.dll
      + 2004-08-03 22:54:22 3,711 ----a-w c:\windows\system32\dllcache\adv09nt5.dll
      + 2004-08-03 22:54:22 3,775 ----a-w c:\windows\system32\dllcache\adv11nt5.dll
      - 2008-03-01 12:58:06 124,928 ----a-w c:\windows\system32\dllcache\advpack.dll
      + 2008-08-26 08:11:45 124,928 ----a-w c:\windows\system32\dllcache\advpack.dll
      + 2008-08-14 09:51:43 138,368 ----a-w c:\windows\system32\dllcache\afd.sys
      + 2004-08-05 12:00:00 24,064 ----a-w c:\windows\system32\dllcache\agentanm.dll
      + 2004-08-05 12:00:00 214,016 ----a-w c:\windows\system32\dllcache\agentctl.dll
      + 2004-08-05 12:00:00 49,152 ----a-w c:\windows\system32\dllcache\agentmpx.dll
      + 2004-08-05 12:00:00 24,064 ----a-w c:\windows\system32\dllcache\agentpsh.dll
      + 2004-08-05 12:00:00 44,032 ----a-w c:\windows\system32\dllcache\agentsr.dll
      + 2004-08-03 21:07:42 42,368 ----a-w c:\windows\system32\dllcache\agp440.sys
      + 2004-08-03 21:07:44 44,928 ----a-w c:\windows\system32\dllcache\agpcpq.sys
      + 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0401.dll
      + 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0404.dll
      + 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0405.dll
      + 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0406.dll
      + 2004-08-05 12:00:00 21,504 ----a-w c:\windows\system32\dllcache\agt0407.dll
      + 2004-08-05 12:00:00 22,016 ----a-w c:\windows\system32\dllcache\agt0408.dll
      + 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0409.dll
      + 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt040b.dll
      + 2004-08-05 12:00:00 21,504 ----a-w c:\windows\system32\dllcache\agt040c.dll
      + 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt040d.dll
      + 2004-08-05 12:00:00 19,968 ----a-w c:\windows\system32\dllcache\agt040e.dll
      + 2004-08-05 12:00:00 20,992 ----a-w c:\windows\system32\dllcache\agt0410.dll
      + 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0411.dll
      + 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0412.dll
      + 2004-08-05 12:00:00 20,992 ----a-w c:\windows\system32\dllcache\agt0413.dll
      + 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0414.dll
      + 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0415.dll
      + 2004-08-05 12:00:00 20,480 ----a-w c:\windows\system32\dllcache\agt0416.dll
      + 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0419.dll
      + 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt041d.dll
      + 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt041f.dll
      + 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0804.dll
      + 2004-08-05 12:00:00 20,992 ----a-w c:\windows\system32\dllcache\agt0816.dll
      + 2004-08-05 12:00:00 20,480 ----a-w c:\windows\system32\dllcache\agt0c0a.dll
      + 2004-08-05 12:00:00 24,064 ----a-w c:\windows\system32\dllcache\agtintl.dll
      + 2001-08-17 19:52:02 12,800 ----a-w c:\windows\system32\dllcache\aha154x.sys
      + 2004-08-05 12:00:00 98,304 ----a-w c:\windows\system32\dllcache\ahui.exe
      + 2001-08-17 20:07:36 55,168 ----a-w c:\windows\system32\dllcache\aic78u2.sys
      + 2001-08-17 20:07:38 56,960 ----a-w c:\windows\system32\dllcache\aic78xx.sys
      + 2004-08-05 12:00:00 44,544 ----a-w c:\windows\system32\dllcache\alg.exe
      + 2001-08-17 18:11:18 27,678 ----a-w c:\windows\system32\dllcache\ali5261.sys
      + 2001-08-17 19:49:02 26,624 ----a-w c:\windows\system32\dllcache\alifir.sys
      + 2001-08-17 19:51:56 5,248 ----a-w c:\windows\system32\dllcache\aliide.sys
      + 2004-08-03 21:07:42 42,752 ----a-w c:\windows\system32\dllcache\alim1541.sys
      + 2004-08-05 12:00:00 17,408 ----a-w c:\windows\system32\dllcache\alrsvc.dll
      + 2001-08-17 18:11:20 16,969 ----a-w c:\windows\system32\dllcache\amb8002.sys
      + 2004-08-03 21:07:44 43,008 ----a-w c:\windows\system32\dllcache\amdagp.sys
      + 2004-08-05 12:00:00 41,216 ----a-w c:\windows\system32\dllcache\amdk6.sys
      + 2004-08-05 12:00:00 41,600 ----a-w c:\windows\system32\dllcache\amdk7.sys
      + 2001-08-17 19:52:04 12,032 ----a-w c:\windows\system32\dllcache\amsint.sys
      + 2004-08-05 12:00:00 70,656 ----a-w c:\windows\system32\dllcache\amstream.dll
      + 2004-08-03 20:31:20 36,224 ----a-w c:\windows\system32\dllcache\an983.sys
      + 2004-08-05 12:00:00 9,037 ----a-w c:\windows\system32\dllcache\ansi.sys
      + 2004-08-05 12:00:00 102,912 ----a-w c:\windows\system32\dllcache\apcups.dll
      + 2001-08-17 19:47:22 6,272 ----a-w c:\windows\system32\dllcache\apmbatt.sys
      + 2004-08-05 12:00:00 12,642 ----a-w c:\windows\system32\dllcache\append.exe
      + 2004-08-05 12:00:00 334,336 ----a-w c:\windows\system32\dllcache\aqueue.dll
      + 2004-08-05 12:00:00 19,968 ----a-w c:\windows\system32\dllcache\arp.exe
      + 2004-08-05 12:00:00 60,800 ----a-w c:\windows\system32\dllcache\arp1394.sys
      + 2001-08-17 19:52:00 26,496 ----a-w c:\windows\system32\dllcache\asc.sys
      + 2001-08-17 19:52:04 22,400 ----a-w c:\windows\system32\dllcache\asc3350p.sys
      + 2001-08-17 19:51:58 14,848 ----a-w c:\windows\system32\dllcache\asc3550.sys
      + 2001-08-17 18:12:34 97,354 ----a-w c:\windows\system32\dllcache\aspndis3.sys
      + 2004-08-05 12:00:00 65,024 ----a-w c:\windows\system32\dllcache\asycfilt.dll
      + 2004-08-05 12:00:00 14,336 ----a-w c:\windows\system32\dllcache\asyncmac.sys
      + 2004-08-05 12:00:00 25,088 ----a-w c:\windows\system32\dllcache\at.exe
      + 2004-08-03 20:59:44 95,360 ----a-w c:\windows\system32\dllcache\atapi.sys
      + 2001-08-23 15:46:44 96,128 ----a-w c:\windows\system32\dllcache\ati.dll
      + 2001-08-23 14:59:32 77,824 ----a-w c:\windows\system32\dllcache\ati.sys
      + 2004-08-03 20:29:30 56,623 ----a-w c:\windows\system32\dllcache\ati1btxx.sys
      + 2004-08-03 20:29:30 11,615 ----a-w c:\windows\system32\dllcache\ati1mdxx.sys
      + 2004-08-03 20:29:30 12,047 ----a-w c:\windows\system32\dllcache\ati1pdxx.sys
      + 2004-08-03 20:29:32 30,671 ----a-w c:\windows\system32\dllcache\ati1raxx.sys
      + 2004-08-03 20:29:32 63,663 ----a-w c:\windows\system32\dllcache\ati1rvxx.sys
      + 2004-08-03 20:29:32 26,367 ----a-w c:\windows\system32\dllcache\ati1snxx.sys
      + 2004-08-03 20:29:32 21,343 ----a-w c:\windows\system32\dllcache\ati1ttxx.sys
      + 2004-08-03 20:29:32 36,463 ----a-w c:\windows\system32\dllcache\ati1tuxx.sys
      + 2004-08-03 20:29:32 29,455 ----a-w c:\windows\system32\dllcache\ati1xbxx.sys
      + 2004-08-03 20:29:32 34,735 ----a-w c:\windows\system32\dllcache\ati1xsxx.sys
      + 2004-08-03 22:54:22 229,376 ----a-w c:\windows\system32\dllcache\ati2cqag.dll
      + 2004-08-03 22:54:22 377,984 ----a-w c:\windows\system32\dllcache\ati2dvaa.dll
      + 2004-08-03 22:54:22 201,728 ----a-w c:\windows\system32\dllcache\ati2dvag.dll
      + 2004-08-03 22:38:42 327,168 ----a-w c:\windows\system32\dllcache\ati2mtaa.sys
      + 2004-08-03 22:38:44 701,440 ----a-w c:\windows\system32\dllcache\ati2mtag.sys
      + 2004-08-03 22:54:22 870,784 ----a-w c:\windows\system32\dllcache\ati3d1ag.dll
      + 2004-08-03 22:54:22 1,888,992 ----a-w c:\windows\system32\dllcache\ati3duag.dll
      + 2001-08-17 18:49:04 46,464 ----a-w c:\windows\system32\dllcache\atibt829.sys
      + 2001-08-23 15:46:44 382,592 ----a-w c:\windows\system32\dllcache\atidrab.dll
      + 2001-08-23 15:46:44 137,216 ----a-w c:\windows\system32\dllcache\atidrae.dll
      + 2001-08-23 15:46:44 268,160 ----a-w c:\windows\system32\dllcache\atidvai.dll
      + 2001-08-23 15:47:26 37,376 ----a-w c:\windows\system32\dllcache\atievxx.exe
      + 2001-08-23 14:59:36 289,920 ----a-w c:\windows\system32\dllcache\atimpab.sys
      + 2001-08-23 14:59:36 75,392 ----a-w c:\windows\system32\dllcache\atimpae.sys
      + 2001-08-23 14:59:38 281,728 ----a-w c:\windows\system32\dllcache\atimtai.sys
      + 2004-08-03 20:29:28 57,856 ----a-w c:\windows\system32\dllcache\atinbtxx.sys
      + 2004-08-03 20:29:30 13,824 ----a-w c:\windows\system32\dllcache\atinmdxx.sys
      + 2004-08-03 20:29:30 14,336 ----a-w c:\wind
      0
    2. fredjibb Messages postés 230 Statut Membre 1
       
      voici le rapport de combofix merci à ceux qui prendront le temps d'y jeter un coup d'oeil...
      ComboFix 08-11-23.01 - akira 2008-11-24 7:12:21.2 - NTFSx86
      Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.421 [GMT 1:00]
      Lancé depuis: c:\documents and settings\akira\Bureau\ComboFix.exe
      .

      ((((((((((((((((((((((((((((( Fichiers créés du 2008-10-24 au 2008-11-24 ))))))))))))))))))))))))))))))))))))
      .

      2008-11-24 00:32 . 2008-11-24 00:32 <REP> d-------- c:\documents and settings\akira\Application Data\Bitdefender
      2008-11-24 00:31 . 2008-11-24 00:33 <REP> d-------- c:\documents and settings\All Users\Application Data\BitDefender
      2008-11-23 20:47 . 2008-11-23 20:47 1,041,210 --a------ c:\windows\system32\PerfStringBackup.TMP
      2008-11-23 20:47 . 2008-11-23 20:58 512 --a------ c:\windows\ZZZZZZZZ.ZZZ
      2008-11-23 20:32 . 2007-09-05 23:22 289,144 --a------ c:\windows\system32\VCCLSID.exe
      2008-11-23 20:32 . 2006-04-27 16:49 288,417 --a------ c:\windows\system32\SrchSTS.exe
      2008-11-23 20:32 . 2008-10-01 14:51 87,552 --a------ c:\windows\system32\VACFix.exe
      2008-11-23 20:32 . 2008-10-10 07:58 82,944 --a------ c:\windows\system32\o4Patch.exe
      2008-11-23 20:32 . 2008-05-18 20:40 82,944 --a------ c:\windows\system32\IEDFix.exe
      2008-11-23 20:32 . 2008-10-10 07:58 82,944 --a------ c:\windows\system32\IEDFix.C.exe
      2008-11-23 20:32 . 2008-08-18 11:19 82,432 --a------ c:\windows\system32\404Fix.exe
      2008-11-23 20:32 . 2003-06-05 20:13 53,248 --a------ c:\windows\system32\Process.exe
      2008-11-23 20:32 . 2004-07-31 17:50 51,200 --a------ c:\windows\system32\dumphive.exe
      2008-11-23 20:32 . 2007-10-03 23:36 25,600 --a------ c:\windows\system32\WS2Fix.exe
      2008-11-23 20:04 . 2008-11-23 23:30 <REP> d-------- c:\program files\FindyKill
      2008-11-22 06:59 . 2008-11-22 07:15 1,536 --a------ c:\windows\ZZZZZZZ.ZZZ
      2008-11-12 01:15 . 2008-11-12 01:15 <REP> d-------- c:\program files\MSXML 4.0
      2008-11-07 09:58 . 2008-11-20 12:23 54,156 --ah----- c:\windows\QTFont.qfn
      2008-11-07 09:58 . 2008-11-07 09:58 1,409 --a------ c:\windows\QTFont.for
      2008-11-02 21:04 . 2008-11-02 21:04 <REP> d-------- c:\program files\BitDefender
      2008-11-02 21:03 . 2008-11-24 00:32 <REP> d-------- c:\program files\Fichiers communs\BitDefender

      .
      (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2008-11-24 06:17 81,984 ----a-w c:\windows\system32\bdod.bin
      2008-11-24 06:10 --------- d-----w c:\program files\Wanadoo
      2008-11-24 05:39 --------- d-----w c:\program files\Lx_cats
      2008-11-24 05:38 --------- d-----w c:\program files\Packard Bell Data Secure
      2008-11-23 23:36 --------- d-----w c:\program files\Spybot - Search & Destroy
      2008-11-23 23:19 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
      2008-11-23 21:47 5,310 ----a-w c:\windows\system32\tmp.reg
      2008-11-23 20:21 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
      2008-11-12 11:14 5,632 --sha-w c:\program files\Thumbs.db
      2008-11-06 10:37 --------- d-----w c:\program files\Opera
      2008-10-30 08:36 2,284,544 ----a-w c:\windows\system32\TUKernel.exe
      2008-10-24 11:10 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys
      2008-10-24 11:10 453,632 ----a-w c:\windows\system32\dllcache\mrxsmb.sys
      2008-10-23 09:48 --------- d-----w c:\program files\eMule
      2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll
      2008-10-16 13:13 202,776 ----a-w c:\windows\system32\dllcache\wuweb.dll
      2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
      2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\dllcache\wuaueng.dll
      2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
      2008-10-16 13:12 561,688 ----a-w c:\windows\system32\dllcache\wuapi.dll
      2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
      2008-10-16 13:12 323,608 ----a-w c:\windows\system32\dllcache\wucltui.dll
      2008-10-16 13:09 92,696 ----a-w c:\windows\system32\dllcache\cdm.dll
      2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
      2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
      2008-10-16 13:09 51,224 ----a-w c:\windows\system32\dllcache\wuauclt.exe
      2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
      2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
      2008-10-16 13:08 34,328 ----a-w c:\windows\system32\dllcache\wups.dll
      2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll
      2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll
      2008-10-15 16:59 332,800 ----a-w c:\windows\system32\dllcache\netapi32.dll
      2008-10-03 17:12 6,066,176 ----a-w c:\windows\system32\dllcache\ieframe.dll
      2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
      2008-09-24 18:44 --------- d-----w c:\program files\Apple Software Update
      2008-09-15 15:39 1,846,144 ----a-w c:\windows\system32\win32k.sys
      2008-09-15 15:39 1,846,144 ----a-w c:\windows\system32\dllcache\win32k.sys
      2008-09-04 16:45 1,106,944 ----a-w c:\windows\system32\msxml3.dll
      2008-09-04 16:45 1,106,944 ----a-w c:\windows\system32\dllcache\msxml3.dll
      2008-08-28 10:04 333,056 ----a-w c:\windows\system32\dllcache\srv.sys
      2008-08-27 09:11 3,593,216 ----a-w c:\windows\system32\dllcache\mshtml.dll
      2008-08-25 08:39 70,656 ----a-w c:\windows\system32\dllcache\ie4uinit.exe
      2008-08-25 08:38 13,824 ----a-w c:\windows\system32\dllcache\ieudinit.exe
      2007-10-25 05:03 47,360 ----a-w c:\documents and settings\akira\Application Data\pcouffin.sys
      .

      ((((((((((((((((((((((((((((( snapshot@2008-06-06_ 8.29.38,15 )))))))))))))))))))))))))))))))))))))))))
      .
      + 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB938464\spmsg.dll
      + 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB938464\spuninst.exe
      + 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB938464\update\spcustom.dll
      + 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB938464\update\update.exe
      + 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB938464\update\updspapi.dll
      + 2008-05-02 13:33:12 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP2QFE\msgsc.dll
      + 2008-05-02 14:01:52 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP3GDR\msgsc.dll
      + 2008-05-02 13:44:40 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP3QFE\msgsc.dll
      + 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB946648\spmsg.dll
      + 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB946648\spuninst.exe
      + 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB946648\update\spcustom.dll
      + 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB946648\update\update.exe
      + 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB946648\update\updspapi.dll
      + 2008-04-23 07:19:26 124,928 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\advpack.dll
      + 2008-04-23 07:19:26 347,136 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\dxtmsft.dll
      + 2008-04-23 07:19:26 214,528 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\dxtrans.dll
      + 2008-04-23 07:19:26 132,608 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\extmgr.dll
      + 2008-04-23 07:19:26 63,488 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\icardie.dll
      + 2008-04-22 08:02:19 70,656 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ie4uinit.exe
      + 2008-04-23 07:19:26 153,088 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieakeng.dll
      + 2008-04-23 07:19:26 230,400 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieaksie.dll
      + 2008-04-20 05:07:38 161,792 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieakui.dll
      + 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dat
      + 2008-04-23 07:19:26 383,488 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dll
      + 2008-04-23 07:19:26 388,608 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iedkcs32.dll
      + 2008-04-23 07:19:26 6,068,224 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieframe.dll
      + 2008-04-23 07:19:26 44,544 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iernonce.dll
      + 2008-04-23 07:19:26 267,776 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iertutil.dll
      + 2008-04-22 08:02:19 13,824 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieudinit.exe
      + 2008-04-22 08:02:46 625,664 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iexplore.exe
      + 2008-04-23 07:19:26 27,648 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\jsproxy.dll
      + 2008-04-23 07:19:27 459,264 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\msfeeds.dll
      + 2008-04-23 07:19:27 52,224 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\msfeedsbs.dll
      + 2008-04-23 07:19:27 3,593,728 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtml.dll
      + 2008-04-23 07:19:27 478,208 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtmled.dll
      + 2008-04-23 07:19:27 193,024 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\msrating.dll
      + 2008-04-23 07:19:27 671,232 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mstime.dll
      + 2008-04-23 07:19:27 102,912 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\occache.dll
      + 2008-04-23 07:19:27 44,544 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\pngfilt.dll
      + 2008-04-23 07:19:27 105,984 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\url.dll
      + 2008-04-23 07:19:27 1,162,752 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\urlmon.dll
      + 2008-04-23 07:19:27 233,472 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\webcheck.dll
      + 2008-04-23 07:19:27 827,392 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
      + 2007-03-06 01:34:33 15,072 ----a-w c:\windows\$hf_mig$\KB950759-IE7\spmsg.dll
      + 2007-03-06 01:34:38 216,800 ----a-w c:\windows\$hf_mig$\KB950759-IE7\spuninst.exe
      + 2007-03-06 01:34:31 22,752 ----a-w c:\windows\$hf_mig$\KB950759-IE7\update\spcustom.dll
      + 2007-03-06 01:34:56 727,776 ----a-w c:\windows\$hf_mig$\KB950759-IE7\update\update.exe
      + 2007-03-06 01:35:48 394,976 ----a-w c:\windows\$hf_mig$\KB950759-IE7\update\updspapi.dll
      + 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB950760\spmsg.dll
      + 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB950760\spuninst.exe
      + 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB950760\update\spcustom.dll
      + 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB950760\update\update.exe
      + 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB950760\update\updspapi.dll
      + 2008-05-08 12:14:51 203,008 ----a-w c:\windows\$hf_mig$\KB950762\SP2QFE\rmcast.sys
      + 2008-05-08 14:02:52 203,136 ----a-w c:\windows\$hf_mig$\KB950762\SP3GDR\rmcast.sys
      + 2008-05-08 13:58:17 203,136 ----a-w c:\windows\$hf_mig$\KB950762\SP3QFE\rmcast.sys
      + 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB950762\spmsg.dll
      + 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB950762\spuninst.exe
      + 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB950762\update\spcustom.dll
      + 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB950762\update\update.exe
      + 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB950762\update\updspapi.dll
      + 2008-07-07 20:18:27 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
      + 2008-07-07 20:28:20 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
      + 2008-07-07 20:24:11 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
      + 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB950974\spmsg.dll
      + 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB950974\spuninst.exe
      + 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB950974\update\spcustom.dll
      + 2007-11-30 12:39:26 767,352 ----a-w c:\windows\$hf_mig$\KB950974\update\update.exe
      + 2007-11-30 12:39:29 406,392 ----a-w c:\windows\$hf_mig$\KB950974\update\updspapi.dll
      + 2008-04-11 18:40:33 683,520 ----a-w c:\windows\$hf_mig$\KB951066\SP2QFE\inetcomm.dll
      + 2008-04-11 19:05:22 691,712 ----a-w c:\windows\$hf_mig$\KB951066\SP3GDR\inetcomm.dll
      + 2008-04-11 22:23:04 691,712 ----a-w c:\windows\$hf_mig$\KB951066\SP3QFE\inetcomm.dll
      + 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB951066\spmsg.dll
      + 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB951066\spuninst.exe
      + 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB951066\update\spcustom.dll
      + 2007-12-03 15:25:43 767,352 ----a-w c:\windows\$hf_mig$\KB951066\update\update.exe
      + 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB951066\update\updspapi.dll
      + 2008-07-14 11:03:00 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP2QFE\tzchange.exe
      + 2008-07-11 12:42:28 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP3GDR\tzchange.exe
      + 2008-07-11 12:51:51 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP3QFE\tzchange.exe
      + 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB951072-v2\spmsg.dll
      + 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB951072-v2\spuninst.exe
      + 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\spcustom.dll
      + 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\update.exe
      + 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\updspapi.dll
      + 2008-06-14 18:03:13 272,768 ----a-w c:\windows\$hf_mig$\KB951376-v2\SP2QFE\bthport.sys
      + 2008-06-14 17:33:37 272,768 ----a-w c:\windows\$hf_mig$\KB951376-v2\SP3GDR\bthport.sys
      + 2008-06-14 17:40:19 272,768 ----a-w c:\windows\$hf_mig$\KB951376-v2\SP3QFE\bthport.sys
      + 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB951376-v2\spmsg.dll
      + 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB951376-v2\spuninst.exe
      + 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB951376-v2\update\spcustom.dll
      + 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB951376-v2\update\update.exe
      + 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB951376-v2\update\updspapi.dll
      + 2008-04-14 16:17:04 272,768 ----a-w c:\windows\$hf_mig$\KB951376\SP2QFE\bthport.sys
      + 2008-04-14 15:59:30 272,768 ----a-w c:\windows\$hf_mig$\KB951376\SP3GDR\bthport.sys
      + 2008-04-14 16:22:05 272,768 ----a-w c:\windows\$hf_mig$\KB951376\SP3QFE\bthport.sys
      + 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB951376\spmsg.dll
      + 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB951376\spuninst.exe
      + 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB951376\update\spcustom.dll
      + 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB951376\update\update.exe
      + 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB951376\update\updspapi.dll
      + 2008-05-07 04:55:47 1,294,336 ----a-w c:\windows\$hf_mig$\KB951698\SP2QFE\quartz.dll
      + 2008-05-07 05:11:24 1,294,336 ----a-w c:\windows\$hf_mig$\KB951698\SP3GDR\quartz.dll
      + 2008-05-07 05:04:59 1,294,336 ----a-w c:\windows\$hf_mig$\KB951698\SP3QFE\quartz.dll
      + 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB951698\spmsg.dll
      + 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB951698\spuninst.exe
      + 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB951698\update\spcustom.dll
      + 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB951698\update\update.exe
      + 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB951698\update\updspapi.dll
      + 2006-08-16 12:13:24 100,352 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\6to4svc.dll
      + 2008-06-20 10:44:08 138,368 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\afd.sys
      + 2008-06-20 17:37:01 147,968 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\dnsapi.dll
      + 2008-06-20 17:37:01 247,808 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll
      + 2008-06-20 10:44:42 360,960 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
      + 2008-06-20 09:32:39 225,920 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip6.sys
      + 2008-06-20 11:40:08 138,496 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\afd.sys
      + 2008-06-20 17:47:22 147,968 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\dnsapi.dll
      + 2008-06-20 17:47:22 247,808 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
      + 2008-06-20 11:51:12 361,600 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
      + 2008-06-20 11:08:27 225,856 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip6.sys
      + 2008-06-20 11:48:03 138,496 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\afd.sys
      + 2008-06-20 17:44:02 147,968 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\dnsapi.dll
      + 2008-06-20 17:44:02 247,808 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
      + 2008-06-20 11:59:02 361,600 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
      + 2008-06-20 11:16:44 225,856 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip6.sys
      + 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB951748\spmsg.dll
      + 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB951748\spuninst.exe
      + 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB951748\update\spcustom.dll
      + 2007-11-30 12:39:26 767,352 ----a-w c:\windows\$hf_mig$\KB951748\update\update.exe
      + 2007-11-30 12:39:29 406,392 ----a-w c:\windows\$hf_mig$\KB951748\update\updspapi.dll
      + 2008-05-01 15:04:51 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP2QFE\msadce.dll
      + 2008-05-01 14:36:26 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP3GDR\msadce.dll
      + 2008-05-01 14:39:23 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP3QFE\msadce.dll
      + 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB952287\spmsg.dll
      + 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB952287\spuninst.exe
      + 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB952287\update\spcustom.dll
      + 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB952287\update\update.exe
      + 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB952287\update\updspapi.dll
      + 2008-06-24 16:30:27 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP2QFE\mscms.dll
      + 2008-06-24 16:44:02 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP3GDR\mscms.dll
      + 2008-06-24 16:53:52 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP3QFE\mscms.dll
      + 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB952954\spmsg.dll
      + 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB952954\spuninst.exe
      + 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB952954\update\spcustom.dll
      + 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB952954\update\update.exe
      + 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB952954\update\updspapi.dll
      + 2008-06-23 15:40:01 124,928 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\advpack.dll
      + 2008-06-23 15:40:01 347,136 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\dxtmsft.dll
      + 2008-06-23 15:40:01 214,528 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\dxtrans.dll
      + 2008-06-23 15:40:01 132,608 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\extmgr.dll
      + 2008-06-23 15:40:01 63,488 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\icardie.dll
      + 2008-06-23 08:23:18 70,656 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ie4uinit.exe
      + 2008-06-23 15:40:01 153,088 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieakeng.dll
      + 2008-06-23 15:40:01 230,400 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieaksie.dll
      + 2008-06-21 05:23:53 161,792 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieakui.dll
      + 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieapfltr.dat
      + 2008-06-23 15:40:02 383,488 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieapfltr.dll
      + 2008-06-23 15:40:02 388,608 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iedkcs32.dll
      + 2008-06-23 15:40:04 6,068,736 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieframe.dll
      + 2008-06-23 15:40:04 44,544 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iernonce.dll
      + 2008-06-23 15:40:04 267,776 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iertutil.dll
      + 2008-06-23 08:23:18 13,824 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieudinit.exe
      + 2008-06-23 08:23:52 625,664 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iexplore.exe
      + 2008-06-23 15:40:05 27,648 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\jsproxy.dll
      + 2008-06-23 15:40:05 459,264 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msfeeds.dll
      + 2008-06-23 15:40:05 52,224 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msfeedsbs.dll
      + 2008-06-23 15:40:07 3,594,240 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtml.dll
      + 2008-06-23 15:40:07 477,696 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtmled.dll
      + 2008-06-23 15:40:07 193,024 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msrating.dll
      + 2008-06-23 15:40:07 671,232 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mstime.dll
      + 2008-06-23 15:40:07 102,912 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\occache.dll
      + 2008-06-23 15:40:07 44,544 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\pngfilt.dll
      + 2008-06-23 15:40:07 105,984 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\url.dll
      + 2008-06-23 15:40:08 1,162,752 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\urlmon.dll
      + 2008-06-23 15:40:08 233,472 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\webcheck.dll
      + 2008-06-23 15:40:08 827,904 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
      + 2007-03-06 01:34:33 15,072 ----a-w c:\windows\$hf_mig$\KB953838-IE7\spmsg.dll
      + 2007-03-06 01:34:38 216,800 ----a-w c:\windows\$hf_mig$\KB953838-IE7\spuninst.exe
      + 2007-03-06 01:34:31 22,752 ----a-w c:\windows\$hf_mig$\KB953838-IE7\update\spcustom.dll
      + 2007-03-06 01:34:56 727,776 ----a-w c:\windows\$hf_mig$\KB953838-IE7\update\update.exe
      + 2007-03-06 01:35:48 394,976 ----a-w c:\windows\$hf_mig$\KB953838-IE7\update\updspapi.dll
      + 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB953839\spmsg.dll
      + 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB953839\spuninst.exe
      + 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB953839\update\spcustom.dll
      + 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB953839\update\update.exe
      + 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB953839\update\updspapi.dll
      + 2008-09-15 15:14:42 1,847,040 ----a-w c:\windows\$hf_mig$\KB954211\SP2QFE\win32k.sys
      + 2008-09-15 15:26:07 1,846,528 ----a-w c:\windows\$hf_mig$\KB954211\SP3GDR\win32k.sys
      + 2008-09-15 15:20:39 1,847,040 ----a-w c:\windows\$hf_mig$\KB954211\SP3QFE\win32k.sys
      + 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB954211\spmsg.dll
      + 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB954211\spuninst.exe
      + 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB954211\update\spcustom.dll
      + 2008-07-09 07:40:26 767,352 ----a-w c:\windows\$hf_mig$\KB954211\update\update.exe
      + 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB954211\update\updspapi.dll
      + 2008-08-26 09:10:25 124,928 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\advpack.dll
      + 2008-08-26 09:10:25 347,136 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\dxtmsft.dll
      + 2008-08-26 09:10:25 214,528 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\dxtrans.dll
      + 2008-08-26 09:10:25 132,608 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\extmgr.dll
      + 2008-08-26 09:10:25 63,488 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\icardie.dll
      + 2008-08-25 08:43:21 70,656 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ie4uinit.exe
      + 2008-08-26 09:10:26 153,088 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieakeng.dll
      + 2008-08-26 09:10:26 230,400 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieaksie.dll
      + 2008-08-23 05:54:50 161,792 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieakui.dll
      + 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieapfltr.dat
      + 2008-08-26 09:10:26 380,928 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieapfltr.dll
      + 2008-08-26 09:10:26 388,608 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iedkcs32.dll
      + 2008-10-03 16:22:30 6,068,224 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieframe.dll
      + 2008-08-26 09:10:27 44,544 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iernonce.dll
      + 2008-08-26 09:10:27 267,776 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iertutil.dll
      + 2008-08-25 08:43:21 13,824 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieudinit.exe
      + 2008-08-23 05:56:16 635,848 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iexplore.exe
      + 2008-08-26 09:10:27 27,648 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\jsproxy.dll
      + 2008-08-26 09:10:27 459,264 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msfeeds.dll
      + 2008-08-26 09:10:27 52,224 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msfeedsbs.dll
      + 2008-08-26 09:10:28 3,594,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtml.dll
      + 2008-08-26 09:10:28 477,696 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtmled.dll
      + 2008-08-26 09:10:28 193,024 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msrating.dll
      + 2008-08-26 09:10:29 671,232 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mstime.dll
      + 2008-08-26 09:10:29 102,912 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\occache.dll
      + 2008-08-26 09:10:29 44,544 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\pngfilt.dll
      + 2008-08-26 09:10:29 105,984 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\url.dll
      + 2008-08-26 09:10:29 1,162,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\urlmon.dll
      + 2008-08-26 09:10:29 233,472 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\webcheck.dll
      + 2008-08-26 09:10:29 827,904 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
      + 2007-03-06 01:34:33 15,072 ----a-w c:\windows\$hf_mig$\KB956390-IE7\spmsg.dll
      + 2007-03-06 01:34:38 216,800 ----a-w c:\windows\$hf_mig$\KB956390-IE7\spuninst.exe
      + 2007-03-06 01:34:31 22,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\update\spcustom.dll
      + 2007-03-06 01:34:56 727,776 ----a-w c:\windows\$hf_mig$\KB956390-IE7\update\update.exe
      + 2007-03-06 01:35:48 394,976 ----a-w c:\windows\$hf_mig$\KB956390-IE7\update\updspapi.dll
      + 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB956391\spmsg.dll
      + 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB956391\spuninst.exe
      + 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB956391\update\spcustom.dll
      + 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB956391\update\update.exe
      + 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB956391\update\updspapi.dll
      + 2008-08-14 09:48:52 138,368 ----a-w c:\windows\$hf_mig$\KB956803\SP2QFE\afd.sys
      + 2008-08-14 10:04:36 138,496 ----a-w c:\windows\$hf_mig$\KB956803\SP3GDR\afd.sys
      + 2008-08-14 10:34:26 138,496 ----a-w c:\windows\$hf_mig$\KB956803\SP3QFE\afd.sys
      + 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB956803\spmsg.dll
      + 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB956803\spuninst.exe
      + 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB956803\update\spcustom.dll
      + 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB956803\update\update.exe
      + 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB956803\update\updspapi.dll
      + 2008-08-14 13:23:44 2,147,328 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlmp.exe
      + 2008-08-14 13:23:49 2,068,096 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe
      + 2008-08-14 13:23:44 2,025,984 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrpamp.exe
      + 2008-08-14 13:23:49 2,191,232 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe
      + 2008-08-14 13:55:54 2,147,328 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlmp.exe
      + 2008-08-14 17:26:00 2,068,096 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
      + 2008-08-14 13:55:47 2,025,984 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrpamp.exe
      + 2008-08-14 17:26:02 2,191,232 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
      + 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB956841\spmsg.dll
      + 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB956841\spuninst.exe
      + 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB956841\update\spcustom.dll
      + 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB956841\update\update.exe
      + 2008-07-09 07:40:35 406,392 ----a-w c:\windows\$hf_mig$\KB956841\update\updspapi.dll
      + 2008-08-28 10:35:33 333,056 ----a-w c:\windows\$hf_mig$\KB957095\SP2QFE\srv.sys
      + 2008-09-08 10:41:42 333,824 ----a-w c:\windows\$hf_mig$\KB957095\SP3GDR\srv.sys
      + 2008-09-08 11:37:19 333,824 ----a-w c:\windows\$hf_mig$\KB957095\SP3QFE\srv.sys
      + 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB957095\spmsg.dll
      + 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB957095\spuninst.exe
      + 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB957095\update\spcustom.dll
      + 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB957095\update\update.exe
      + 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB957095\update\updspapi.dll
      - 2007-01-22 00:35:14 88,776 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath.Xml\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.Xml.dll
      + 2008-09-06 14:49:01 91,488 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath.Xml\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.Xml.dll
      - 2007-01-22 00:35:13 101,064 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.dll
      + 2008-09-06 14:48:59 103,776 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.dll
      - 2007-01-21 12:11:51 64,088 ----a-w c:\windows\assembly\GAC\Microsoft.Vbe.Interop\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
      + 2008-09-06 14:47:15 66,936 ----a-w c:\windows\assembly\GAC\Microsoft.Vbe.Interop\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
      - 2007-01-21 12:11:51 223,800 ----a-w c:\windows\assembly\GAC\office\11.0.0.0__71e9bce111e9429c\OFFICE.DLL
      + 2008-09-06 14:47:04 226,656 ----a-w c:\windows\assembly\GAC\office\11.0.0.0__71e9bce111e9429c\OFFICE.DLL
      - 2008-05-21 10:56:08 124,208 ----a-w c:\windows\Downloaded Program Files\as2stubie.dll
      + 2008-06-30 08:39:58 128,256 ----a-w c:\windows\Downloaded Program Files\as2stubie.dll
      + 2008-06-14 17:59:52 272,768 ------w c:\windows\Driver Cache\i386\bthport.sys
      - 2006-05-05 09:41:45 453,120 ----a-w c:\windows\Driver Cache\i386\mrxsmb.sys
      + 2008-10-24 11:10:42 453,632 ----a-w c:\windows\Driver Cache\i386\mrxsmb.sys
      - 2007-02-28 16:08:15 2,139,648 ----a-w c:\windows\Driver Cache\i386\ntkrnlmp.exe
      + 2008-08-14 13:39:07 2,144,768 ----a-w c:\windows\Driver Cache\i386\ntkrnlmp.exe
      - 2007-02-28 16:08:25 2,061,440 ----a-w c:\windows\Driver Cache\i386\ntkrnlpa.exe
      + 2008-08-14 13:39:12 2,065,024 ----a-w c:\windows\Driver Cache\i386\ntkrnlpa.exe
      - 2007-02-28 16:08:11 2,019,328 ----a-w c:\windows\Driver Cache\i386\ntkrpamp.exe
      + 2008-08-14 13:39:03 2,022,912 ----a-w c:\windows\Driver Cache\i386\ntkrpamp.exe
      - 2007-02-28 16:08:21 2,184,192 ----a-w c:\windows\Driver Cache\i386\ntoskrnl.exe
      + 2008-08-14 13:39:11 2,188,032 ----a-w c:\windows\Driver Cache\i386\ntoskrnl.exe
      - 2005-10-20 18:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE
      + 2005-10-20 19:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE
      + 2008-03-01 12:58:06 124,928 -c----w c:\windows\ie7updates\KB950759-IE7\advpack.dll
      + 2008-03-01 12:58:06 347,136 -c----w c:\windows\ie7updates\KB950759-IE7\dxtmsft.dll
      + 2008-03-01 12:58:06 214,528 -c----w c:\windows\ie7updates\KB950759-IE7\dxtrans.dll
      + 2008-03-01 12:58:06 133,120 -c----w c:\windows\ie7updates\KB950759-IE7\extmgr.dll
      + 2008-03-01 12:58:06 63,488 -c----w c:\windows\ie7updates\KB950759-IE7\icardie.dll
      + 2008-02-29 08:56:41 70,656 -c----w c:\windows\ie7updates\KB950759-IE7\ie4uinit.exe
      + 2008-03-01 12:58:06 153,088 -c----w c:\windows\ie7updates\KB950759-IE7\ieakeng.dll
      + 2008-03-01 12:58:06 230,400 -c----w c:\windows\ie7updates\KB950759-IE7\ieaksie.dll
      + 2008-02-15 05:44:25 161,792 -c----w c:\windows\ie7updates\KB950759-IE7\ieakui.dll
      + 2008-03-01 12:58:07 383,488 -c----w c:\windows\ie7updates\KB950759-IE7\ieapfltr.dll
      + 2008-03-01 12:58:07 384,512 -c----w c:\windows\ie7updates\KB950759-IE7\iedkcs32.dll
      + 2008-03-01 12:58:08 6,066,176 -c----w c:\windows\ie7updates\KB950759-IE7\ieframe.dll
      + 2008-03-01 12:58:08 44,544 -c----w c:\windows\ie7updates\KB950759-IE7\iernonce.dll
      + 2008-03-01 12:58:08 267,776 -c----w c:\windows\ie7updates\KB950759-IE7\iertutil.dll
      + 2008-02-22 10:00:51 13,824 -c----w c:\windows\ie7updates\KB950759-IE7\ieudinit.exe
      + 2008-02-29 08:57:05 625,664 -c----w c:\windows\ie7updates\KB950759-IE7\iexplore.exe
      + 2008-03-01 12:58:08 27,648 -c----w c:\windows\ie7updates\KB950759-IE7\jsproxy.dll
      + 2008-03-01 12:58:08 459,264 -c----w c:\windows\ie7updates\KB950759-IE7\msfeeds.dll
      + 2008-03-01 12:58:08 52,224 -c----w c:\windows\ie7updates\KB950759-IE7\msfeedsbs.dll
      + 2008-03-01 16:28:10 3,591,680 -c----w c:\windows\ie7updates\KB950759-IE7\mshtml.dll
      + 2008-03-01 12:58:09 478,208 -c----w c:\windows\ie7updates\KB950759-IE7\mshtmled.dll
      + 2008-03-01 12:58:10 193,024 -c----w c:\windows\ie7updates\KB950759-IE7\msrating.dll
      + 2008-03-01 12:58:10 671,232 -c----w c:\windows\ie7updates\KB950759-IE7\mstime.dll
      + 2008-03-01 12:58:10 102,912 -c----w c:\windows\ie7updates\KB950759-IE7\occache.dll
      + 2008-03-01 12:58:10 44,544 -c----w c:\windows\ie7updates\KB950759-IE7\pngfilt.dll
      + 2007-03-06 01:34:38 216,800 -c----w c:\windows\ie7updates\KB950759-IE7\spuninst\spuninst.exe
      + 2007-03-06 01:35:48 394,976 -c----w c:\windows\ie7updates\KB950759-IE7\spuninst\updspapi.dll
      + 2008-03-01 12:58:10 105,984 -c----w c:\windows\ie7updates\KB950759-IE7\url.dll
      + 2008-03-01 12:58:10 1,159,680 -c----w c:\windows\ie7updates\KB950759-IE7\urlmon.dll
      + 2008-03-01 12:58:11 233,472 -c----w c:\windows\ie7updates\KB950759-IE7\webcheck.dll
      + 2008-03-01 12:58:11 826,368 -c----w c:\windows\ie7updates\KB950759-IE7\wininet.dll
      + 2008-04-23 04:16:39 124,928 -c----w c:\windows\ie7updates\KB953838-IE7\advpack.dll
      + 2008-04-23 04:16:39 347,136 -c----w c:\windows\ie7updates\KB953838-IE7\dxtmsft.dll
      + 2008-04-23 04:16:39 214,528 -c----w c:\windows\ie7updates\KB953838-IE7\dxtrans.dll
      + 2008-04-23 04:16:39 133,120 -c----w c:\windows\ie7updates\KB953838-IE7\extmgr.dll
      + 2008-04-23 04:16:39 63,488 -c----w c:\windows\ie7updates\KB953838-IE7\icardie.dll
      + 2008-04-22 07:41:08 70,656 -c----w c:\windows\ie7updates\KB953838-IE7\ie4uinit.exe
      + 2008-04-23 04:16:39 153,088 -c----w c:\windows\ie7updates\KB953838-IE7\ieakeng.dll
      + 2008-04-23 04:16:39 230,400 -c----w c:\windows\ie7updates\KB953838-IE7\ieaksie.dll
      + 2008-04-20 05:07:51 161,792 -c----w c:\windows\ie7updates\KB953838-IE7\ieakui.dll
      + 2008-04-23 04:16:39 383,488 -c----w c:\windows\ie7updates\KB953838-IE7\ieapfltr.dll
      + 2008-04-23 04:16:39 384,512 -c----w c:\windows\ie7updates\KB953838-IE7\iedkcs32.dll
      + 2008-04-23 04:16:39 6,066,176 -c----w c:\windows\ie7updates\KB953838-IE7\ieframe.dll
      + 2008-04-23 04:16:39 44,544 -c----w c:\windows\ie7updates\KB953838-IE7\iernonce.dll
      + 2008-04-23 04:16:39 267,776 -c----w c:\windows\ie7updates\KB953838-IE7\iertutil.dll
      + 2008-04-22 07:39:58 13,824 -c----w c:\windows\ie7updates\KB953838-IE7\ieudinit.exe
      + 2008-04-22 07:41:30 625,664 -c----w c:\windows\ie7updates\KB953838-IE7\iexplore.exe
      + 2008-04-23 04:16:40 27,648 -c----w c:\windows\ie7updates\KB953838-IE7\jsproxy.dll
      + 2008-04-23 04:16:40 459,264 -c----w c:\windows\ie7updates\KB953838-IE7\msfeeds.dll
      + 2008-04-23 04:16:40 52,224 -c----w c:\windows\ie7updates\KB953838-IE7\msfeedsbs.dll
      + 2008-04-23 20:16:42 3,591,680 -c----w c:\windows\ie7updates\KB953838-IE7\mshtml.dll
      + 2008-04-23 04:16:40 478,208 -c----w c:\windows\ie7updates\KB953838-IE7\mshtmled.dll
      + 2008-04-23 04:16:40 193,024 -c----w c:\windows\ie7updates\KB953838-IE7\msrating.dll
      + 2008-04-23 04:16:40 671,232 -c----w c:\windows\ie7updates\KB953838-IE7\mstime.dll
      + 2008-04-23 04:16:40 102,912 -c----w c:\windows\ie7updates\KB953838-IE7\occache.dll
      + 2008-04-23 04:16:40 44,544 -c----w c:\windows\ie7updates\KB953838-IE7\pngfilt.dll
      + 2007-03-06 01:34:38 216,800 -c----w c:\windows\ie7updates\KB953838-IE7\spuninst\spuninst.exe
      + 2007-03-06 01:35:48 394,976 -c----w c:\windows\ie7updates\KB953838-IE7\spuninst\updspapi.dll
      + 2008-04-23 04:16:40 105,984 -c----w c:\windows\ie7updates\KB953838-IE7\url.dll
      + 2008-04-23 04:16:40 1,159,680 -c----w c:\windows\ie7updates\KB953838-IE7\urlmon.dll
      + 2008-04-23 04:16:40 233,472 -c----w c:\windows\ie7updates\KB953838-IE7\webcheck.dll
      + 2008-04-23 04:16:40 826,368 -c----w c:\windows\ie7updates\KB953838-IE7\wininet.dll
      + 2008-06-23 16:28:17 124,928 -c----w c:\windows\ie7updates\KB956390-IE7\advpack.dll
      + 2008-06-23 16:28:17 347,136 -c----w c:\windows\ie7updates\KB956390-IE7\dxtmsft.dll
      + 2008-06-23 16:28:17 214,528 -c----w c:\windows\ie7updates\KB956390-IE7\dxtrans.dll
      + 2008-06-23 16:28:17 133,120 -c----w c:\windows\ie7updates\KB956390-IE7\extmgr.dll
      + 2008-06-23 16:28:17 63,488 -c----w c:\windows\ie7updates\KB956390-IE7\icardie.dll
      + 2008-06-23 09:21:30 70,656 -c----w c:\windows\ie7updates\KB956390-IE7\ie4uinit.exe
      + 2008-06-23 16:28:18 153,088 -c----w c:\windows\ie7updates\KB956390-IE7\ieakeng.dll
      + 2008-06-23 16:28:18 230,400 -c----w c:\windows\ie7updates\KB956390-IE7\ieaksie.dll
      + 2008-06-21 05:23:54 161,792 -c----w c:\windows\ie7updates\KB956390-IE7\ieakui.dll
      + 2008-06-23 16:28:18 383,488 -c----w c:\windows\ie7updates\KB956390-IE7\ieapfltr.dll
      + 2008-06-23 16:28:18 384,512 -c----w c:\windows\ie7updates\KB956390-IE7\iedkcs32.dll
      + 2008-06-23 16:28:19 6,066,176 -c----w c:\windows\ie7updates\KB956390-IE7\ieframe.dll
      + 2008-06-23 16:28:19 44,544 -c----w c:\windows\ie7updates\KB956390-IE7\iernonce.dll
      + 2008-06-23 16:28:20 267,776 -c----w c:\windows\ie7updates\KB956390-IE7\iertutil.dll
      + 2008-06-23 09:20:26 13,824 -c----w c:\windows\ie7updates\KB956390-IE7\ieudinit.exe
      + 2008-06-23 09:21:49 625,664 -c----w c:\windows\ie7updates\KB956390-IE7\iexplore.exe
      + 2008-06-23 16:28:20 27,648 -c----w c:\windows\ie7updates\KB956390-IE7\jsproxy.dll
      + 2008-06-23 16:28:20 459,264 -c----w c:\windows\ie7updates\KB956390-IE7\msfeeds.dll
      + 2008-06-23 16:28:20 52,224 -c----w c:\windows\ie7updates\KB956390-IE7\msfeedsbs.dll
      + 2008-06-24 08:28:24 3,592,192 -c----w c:\windows\ie7updates\KB956390-IE7\mshtml.dll
      + 2008-06-23 16:28:22 477,696 -c----w c:\windows\ie7updates\KB956390-IE7\mshtmled.dll
      + 2008-06-23 16:28:22 193,024 -c----w c:\windows\ie7updates\KB956390-IE7\msrating.dll
      + 2008-06-23 16:28:22 671,232 -c----w c:\windows\ie7updates\KB956390-IE7\mstime.dll
      + 2008-06-23 16:28:22 102,912 -c----w c:\windows\ie7updates\KB956390-IE7\occache.dll
      + 2008-06-23 16:28:22 44,544 -c----w c:\windows\ie7updates\KB956390-IE7\pngfilt.dll
      + 2007-03-06 01:34:38 216,800 -c----w c:\windows\ie7updates\KB956390-IE7\spuninst\spuninst.exe
      + 2007-03-06 01:35:48 394,976 -c----w c:\windows\ie7updates\KB956390-IE7\spuninst\updspapi.dll
      + 2008-06-23 16:28:22 105,984 -c----w c:\windows\ie7updates\KB956390-IE7\url.dll
      + 2008-06-23 16:28:23 1,159,680 -c----w c:\windows\ie7updates\KB956390-IE7\urlmon.dll
      + 2008-06-23 16:28:23 233,472 -c----w c:\windows\ie7updates\KB956390-IE7\webcheck.dll
      + 2008-06-23 16:28:23 826,368 -c----w c:\windows\ie7updates\KB956390-IE7\wininet.dll
      + 2003-07-15 05:57:34 38,968 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\AUTHZAX.DLL
      + 2003-07-15 05:53:06 94,768 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\AW.DLL
      + 2003-07-15 05:56:54 14,904 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\DSITF.DLL
      + 2003-07-15 05:57:14 98,360 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\DSSM.EXE
      + 2003-07-15 05:41:44 13,368 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\FINDER.EXE
      + 2003-07-15 05:40:12 179,768 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\FPERSON.DLL
      + 2003-07-15 05:45:14 58,944 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\INLAUNCH.DLL
      + 2003-06-19 00:31:10 252,928 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MDIINK.DLL
      + 2003-07-15 05:51:44 87,104 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSENCODE.DLL
      + 2003-07-15 05:52:52 17,464 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSMH.DLL
      + 2003-07-14 21:57:16 120,888 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOAUTH.DLL
      + 2003-07-15 05:52:52 27,704 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSODCW.DLL
      + 2003-07-15 05:52:56 55,360 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOHTMED.EXE
      + 2003-07-11 09:15:48 1,292,872 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSONSEXT.DLL
      + 2003-07-15 10:18:52 376,888 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSORUN.DLL
      + 2003-07-14 21:52:54 28,224 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOSTYLE.DLL
      + 2003-07-15 05:52:52 35,896 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOSV.DLL
      + 2003-07-15 05:53:20 39,488 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOSVFBR.DLL
      + 2003-07-15 05:46:16 42,040 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOXEV.DLL
      + 2003-07-15 05:45:12 55,360 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOXMLED.EXE
      + 2003-07-15 05:45:12 39,488 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSOXMLMF.DLL
      + 2003-06-19 00:31:50 16,384 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSPGIMME.DLL
      + 2003-06-19 23:05:50 364,648 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSPVIEW.EXE
      + 2003-07-15 05:52:58 41,528 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSSH.DLL
      + 2003-07-15 06:00:54 145,984 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\MSWEBCAP.DLL
      + 2003-07-15 05:57:10 56,888 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\NAME.DLL
      + 2003-07-15 05:56:52 13,888 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\NPOFFICE.DLL
      + 2007-01-21 12:11:51 223,800 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\OFFICE.DLL
      + 2003-07-15 10:14:26 242,240 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\OISGRAPH.DLL
      + 2003-07-15 06:05:24 1,054,264 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\OMFC.DLL
      + 2003-07-15 05:44:34 102,968 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\OUTLCTL.DLL
      + 2003-07-15 05:43:16 49,208 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\OUTLWAB.DLL
      + 2003-07-15 10:18:44 93,752 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\PP7X32.DLL
      + 2003-07-15 05:40:16 51,256 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\PUBTRAP.DLL
      + 2003-05-09 04:54:00 77,824 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\REFEDIT.DLL
      + 2003-07-15 05:57:08 40,512 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\REFIEBAR.DLL
      + 2003-07-21 18:46:38 390,712 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\RTFHTML.DLL
      + 2003-07-15 05:44:16 66,616 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\SENDTO.DLL
      + 2003-07-14 21:57:08 58,944 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\SEQCHK10.DLL
      + 2003-07-15 05:53:14 11,848 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\SMARTTAGINSTALL.EXE
      + 2007-01-21 12:11:51 64,088 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.5614\VBIDEPIA.DLL
      + 2007-04-19 12:09:30 167,256 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.8173\IETAG.DLL
      + 2005-02-03 16:59:22 346,840 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.8173\METCONV.DLL
      + 2005-05-03 23:06:28 465,640 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.8173\MSDMENG.DLL
      + 2005-05-03 23:06:32 1,411,816 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.8173\MSDMINE.DLL
      + 2005-05-03 23:06:26 199,408 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.8173\MSMDUN80.DLL
      + 2008-11-23 22:39:46 22,486 ----a-r c:\windows\Installer\{31E5AE86-4F07-4433-B27F-7FCD341A6655}\register_icon.exe
      + 2008-11-12 00:15:18 32,768 ----a-r c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
      - 2008-05-14 01:03:00 593,920 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\accicons.exe
      + 2008-11-12 00:17:35 593,920 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\accicons.exe
      - 2008-05-14 01:03:00 12,288 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\cagicon.exe
      + 2008-11-12 00:17:35 12,288 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\cagicon.exe
      - 2008-05-14 01:03:00 86,016 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\inficon.exe
      + 2008-11-12 00:17:35 86,016 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\inficon.exe
      - 2008-05-14 01:03:00 135,168 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\misc.exe
      + 2008-11-12 00:17:35 135,168 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\misc.exe
      - 2008-05-14 01:03:00 11,264 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\mspicons.exe
      + 2008-11-12 00:17:35 11,264 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\mspicons.exe
      - 2008-05-14 01:03:00 27,136 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\oisicon.exe
      + 2008-11-12 00:17:35 27,136 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\oisicon.exe
      - 2008-05-14 01:03:00 4,096 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe
      + 2008-11-12 00:17:35 4,096 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe
      - 2008-05-14 01:03:00 794,624 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\outicon.exe
      + 2008-11-12 00:17:35 794,624 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\outicon.exe
      - 2008-05-14 01:03:00 249,856 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pptico.exe
      + 2008-11-12 00:17:35 249,856 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pptico.exe
      - 2008-05-14 01:03:00 61,440 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pubs.exe
      + 2008-11-12 00:17:35 61,440 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pubs.exe
      - 2008-05-14 01:03:01 23,040 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\unbndico.exe
      + 2008-11-12 00:17:35 23,040 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\unbndico.exe
      - 2008-05-14 01:03:00 286,720 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe
      + 2008-11-12 00:17:35 286,720 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe
      - 2008-05-14 01:03:00 409,600 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe
      + 2008-11-12 00:17:35 409,600 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe
      - 2008-02-27 19:09:20 123,008 ----a-r c:\windows\Installer\{A70FA218-6598-4AC9-813D-63597C5DD068}\WLXPhotoGalleryIcon.exe
      + 2008-08-17 01:25:18 123,008 ----a-r c:\windows\Installer\{A70FA218-6598-4AC9-813D-63597C5DD068}\WLXPhotoGalleryIcon.exe
      + 2008-06-22 22:03:01 25,214 ----a-r c:\windows\Installer\{AC76BA86-7AD7-1036-7B44-A71000000002}\SC_Reader.exe
      + 2008-11-23 23:33:26 61,440 ----a-r c:\windows\Installer\{BF7D87C5-CFC3-40C5-A367-24586EEBB8CA}\helpicon.exe
      + 2008-11-23 23:33:26 32,768 ----a-r c:\windows\Installer\{BF7D87C5-CFC3-40C5-A367-24586EEBB8CA}\maintenance_icon.exe
      + 2008-11-23 23:33:26 22,486 ----a-r c:\windows\Installer\{BF7D87C5-CFC3-40C5-A367-24586EEBB8CA}\register_icon.exe
      + 2008-11-23 23:33:26 57,344 ----a-r c:\windows\Installer\{BF7D87C5-CFC3-40C5-A367-24586EEBB8CA}\texticon.exe
      - 2000-08-31 06:00:00 28,160 ----a-w c:\windows\Nircmd.exe
      + 2000-08-31 07:00:00 28,672 ----a-w c:\windows\Nircmd.exe
      + 2008-10-29 10:55:26 958,464 ----a-w c:\windows\Resources\Themes\Chivalry\Shell\NormalColor\shellstyle.dll
      + 2008-10-30 08:32:18 756,736 ----a-w c:\windows\Resources\Themes\Crimson\Shell\NormalColor\shellstyle.dll
      - 2000-08-31 06:00:00 161,792 ----a-w c:\windows\swreg.exe
      + 2000-08-31 07:00:00 161,792 ----a-w c:\windows\swreg.exe
      - 2008-03-01 12:58:06 124,928 ----a-w c:\windows\system32\advpack.dll
      + 2008-08-26 08:11:45 124,928 ----a-w c:\windows\system32\advpack.dll
      + 2004-08-03 21:10:08 53,248 ----a-w c:\windows\system32\dllcache\1394bus.sys
      + 2001-08-17 20:06:48 11,264 ----a-w c:\windows\system32\dllcache\1394vdbg.sys
      + 2001-08-17 19:28:00 762,780 ----a-w c:\windows\system32\dllcache\3cwmcru.sys
      + 2001-08-23 15:46:44 689,216 ----a-w c:\windows\system32\dllcache\3dfxvs.dll
      + 2001-08-17 18:48:32 148,352 ----a-w c:\windows\system32\dllcache\3dfxvsm.sys
      + 2004-08-03 21:00:04 12,288 ----a-w c:\windows\system32\dllcache\4mmdat.sys
      + 2004-08-03 21:10:12 48,128 ----a-w c:\windows\system32\dllcache\61883.sys
      + 2001-08-23 15:46:44 38,400 ----a-w c:\windows\system32\dllcache\8514a.dll
      + 2001-08-23 15:46:58 98,304 ----a-w c:\windows\system32\dllcache\a3d.dll
      + 2001-08-23 15:46:58 462,848 ----a-w c:\windows\system32\dllcache\a3dapi.dll
      + 2004-08-05 12:00:00 26,624 ----a-w c:\windows\system32\dllcache\aaaamon.dll
      + 2001-08-17 19:52:00 23,552 ----a-w c:\windows\system32\dllcache\abp480n5.sys
      + 2004-08-03 20:32:22 231,552 ----a-w c:\windows\system32\dllcache\ac97ali.sys
      + 2001-08-17 18:20:04 96,256 ----a-w c:\windows\system32\dllcache\ac97intc.sys
      + 2001-08-17 18:20:16 297,728 ----a-w c:\windows\system32\dllcache\ac97sis.sys
      + 2004-08-03 20:32:32 84,480 ----a-w c:\windows\system32\dllcache\ac97via.sys
      + 2004-08-05 12:00:00 72,192 ----a-w c:\windows\system32\dllcache\acctres.dll
      + 2004-08-05 12:00:00 189,952 ----a-w c:\windows\system32\dllcache\accwiz.exe
      + 2001-08-23 15:46:58 61,952 ----a-w c:\windows\system32\dllcache\acerscad.dll
      + 2004-08-05 12:00:00 450,048 ----a-w c:\windows\system32\dllcache\aclayers.dll
      + 2004-08-05 12:00:00 135,680 ----a-w c:\windows\system32\dllcache\acledit.dll
      + 2004-08-05 12:00:00 137,728 ----a-w c:\windows\system32\dllcache\aclua.dll
      + 2004-08-05 12:00:00 119,296 ----a-w c:\windows\system32\dllcache\aclui.dll
      + 2004-08-05 12:00:00 188,672 ----a-w c:\windows\system32\dllcache\acpi.sys
      + 2004-08-05 12:00:00 12,032 ----a-w c:\windows\system32\dllcache\acpiec.sys
      + 2004-08-05 12:00:00 244,736 ----a-w c:\windows\system32\dllcache\acspecfc.dll
      + 2004-08-05 12:00:00 4,096 ----a-w c:\windows\system32\dllcache\actmovie.exe
      + 2004-08-05 12:00:00 101,888 ----a-w c:\windows\system32\dllcache\actxprxy.dll
      + 2004-08-05 12:00:00 116,224 ----a-w c:\windows\system32\dllcache\acxtrnal.dll
      + 2001-08-17 19:53:02 7,424 ----a-w c:\windows\system32\dllcache\adicvls.sys
      + 2001-08-17 18:11:18 20,160 ----a-w c:\windows\system32\dllcache\adm8511.sys
      + 2001-08-17 18:19:10 584,448 ----a-w c:\windows\system32\dllcache\adm8810.sys
      + 2001-08-17 18:19:14 553,984 ----a-w c:\windows\system32\dllcache\adm8820.sys
      + 2001-08-17 18:19:14 747,392 ----a-w c:\windows\system32\dllcache\adm8830.sys
      + 2003-03-24 13:52:04 20,540 ----a-w c:\windows\system32\dllcache\admin.dll
      + 2003-03-24 13:52:04 16,439 ----a-w c:\windows\system32\dllcache\admin.exe
      + 2004-08-03 20:32:24 10,880 ----a-w c:\windows\system32\dllcache\admjoy.sys
      + 2004-08-05 12:00:00 26,112 ----a-w c:\windows\system32\dllcache\adptif.dll
      + 2001-08-17 18:11:16 46,112 ----a-w c:\windows\system32\dllcache\adptsf50.sys
      + 2001-08-17 20:07:32 101,888 ----a-w c:\windows\system32\dllcache\adpu160m.sys
      + 2004-08-05 12:00:00 175,616 ----a-w c:\windows\system32\dllcache\adsldp.dll
      + 2004-08-05 12:00:00 68,096 ----a-w c:\windows\system32\dllcache\adsmsext.dll
      + 2004-08-05 12:00:00 263,680 ----a-w c:\windows\system32\dllcache\adsnt.dll
      + 2004-08-03 22:54:22 4,255 ----a-w c:\windows\system32\dllcache\adv01nt5.dll
      + 2004-08-03 22:54:22 3,967 ----a-w c:\windows\system32\dllcache\adv02nt5.dll
      + 2004-08-03 22:54:22 3,615 ----a-w c:\windows\system32\dllcache\adv05nt5.dll
      + 2004-08-03 22:54:22 3,647 ----a-w c:\windows\system32\dllcache\adv07nt5.dll
      + 2004-08-03 22:54:22 3,135 ----a-w c:\windows\system32\dllcache\adv08nt5.dll
      + 2004-08-03 22:54:22 3,711 ----a-w c:\windows\system32\dllcache\adv09nt5.dll
      + 2004-08-03 22:54:22 3,775 ----a-w c:\windows\system32\dllcache\adv11nt5.dll
      - 2008-03-01 12:58:06 124,928 ----a-w c:\windows\system32\dllcache\advpack.dll
      + 2008-08-26 08:11:45 124,928 ----a-w c:\windows\system32\dllcache\advpack.dll
      + 2008-08-14 09:51:43 138,368 ----a-w c:\windows\system32\dllcache\afd.sys
      + 2004-08-05 12:00:00 24,064 ----a-w c:\windows\system32\dllcache\agentanm.dll
      + 2004-08-05 12:00:00 214,016 ----a-w c:\windows\system32\dllcache\agentctl.dll
      + 2004-08-05 12:00:00 49,152 ----a-w c:\windows\system32\dllcache\agentmpx.dll
      + 2004-08-05 12:00:00 24,064 ----a-w c:\windows\system32\dllcache\agentpsh.dll
      + 2004-08-05 12:00:00 44,032 ----a-w c:\windows\system32\dllcache\agentsr.dll
      + 2004-08-03 21:07:42 42,368 ----a-w c:\windows\system32\dllcache\agp440.sys
      + 2004-08-03 21:07:44 44,928 ----a-w c:\windows\system32\dllcache\agpcpq.sys
      + 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0401.dll
      + 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0404.dll
      + 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0405.dll
      + 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0406.dll
      + 2004-08-05 12:00:00 21,504 ----a-w c:\windows\system32\dllcache\agt0407.dll
      + 2004-08-05 12:00:00 22,016 ----a-w c:\windows\system32\dllcache\agt0408.dll
      + 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0409.dll
      + 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt040b.dll
      + 2004-08-05 12:00:00 21,504 ----a-w c:\windows\system32\dllcache\agt040c.dll
      + 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt040d.dll
      + 2004-08-05 12:00:00 19,968 ----a-w c:\windows\system32\dllcache\agt040e.dll
      + 2004-08-05 12:00:00 20,992 ----a-w c:\windows\system32\dllcache\agt0410.dll
      + 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0411.dll
      + 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0412.dll
      + 2004-08-05 12:00:00 20,992 ----a-w c:\windows\system32\dllcache\agt0413.dll
      + 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0414.dll
      + 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0415.dll
      + 2004-08-05 12:00:00 20,480 ----a-w c:\windows\system32\dllcache\agt0416.dll
      + 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0419.dll
      + 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt041d.dll
      + 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt041f.dll
      + 2004-08-05 12:00:00 19,456 ----a-w c:\windows\system32\dllcache\agt0804.dll
      + 2004-08-05 12:00:00 20,992 ----a-w c:\windows\system32\dllcache\agt0816.dll
      + 2004-08-05 12:00:00 20,480 ----a-w c:\windows\system32\dllcache\agt0c0a.dll
      + 2004-08-05 12:00:00 24,064 ----a-w c:\windows\system32\dllcache\agtintl.dll
      + 2001-08-17 19:52:02 12,800 ----a-w c:\windows\system32\dllcache\aha154x.sys
      + 2004-08-05 12:00:00 98,304 ----a-w c:\windows\system32\dllcache\ahui.exe
      + 2001-08-17 20:07:36 55,168 ----a-w c:\windows\system32\dllcache\aic78u2.sys
      + 2001-08-17 20:07:38 56,960 ----a-w c:\windows\system32\dllcache\aic78xx.sys
      + 2004-08-05 12:00:00 44,544 ----a-w c:\windows\system32\dllcache\alg.exe
      + 2001-08-17 18:11:18 27,678 ----a-w c:\windows\system32\dllcache\ali5261.sys
      + 2001-08-17 19:49:02 26,624 ----a-w c:\windows\system32\dllcache\alifir.sys
      + 2001-08-17 19:51:56 5,248 ----a-w c:\windows\system32\dllcache\aliide.sys
      + 2004-08-03 21:07:42 42,752 ----a-w c:\windows\system32\dllcache\alim1541.sys
      + 2004-08-05 12:00:00 17,408 ----a-w c:\windows\system32\dllcache\alrsvc.dll
      + 2001-08-17 18:11:20 16,969 ----a-w c:\windows\system32\dllcache\amb8002.sys
      + 2004-08-03 21:07:44 43,008 ----a-w c:\windows\system32\dllcache\amdagp.sys
      + 2004-08-05 12:00:00 41,216 ----a-w c:\windows\system32\dllcache\amdk6.sys
      + 2004-08-05 12:00:00 41,600 ----a-w c:\windows\system32\dllcache\amdk7.sys
      + 2001-08-17 19:52:04 12,032 ----a-w c:\windows\system32\dllcache\amsint.sys
      + 2004-08-05 12:00:00 70,656 ----a-w c:\windows\system32\dllcache\amstream.dll
      + 2004-08-03 20:31:20 36,224 ----a-w c:\windows\system32\dllcache\an983.sys
      + 2004-08-05 12:00:00 9,037 ----a-w c:\windows\system32\dllcache\ansi.sys
      + 2004-08-05 12:00:00 102,912 ----a-w c:\windows\system32\dllcache\apcups.dll
      + 2001-08-17 19:47:22 6,272 ----a-w c:\windows\system32\dllcache\apmbatt.sys
      + 2004-08-05 12:00:00 12,642 ----a-w c:\windows\system32\dllcache\append.exe
      + 2004-08-05 12:00:00 334,336 ----a-w c:\windows\system32\dllcache\aqueue.dll
      + 2004-08-05 12:00:00 19,968 ----a-w c:\windows\system32\dllcache\arp.exe
      + 2004-08-05 12:00:00 60,800 ----a-w c:\windows\system32\dllcache\arp1394.sys
      + 2001-08-17 19:52:00 26,496 ----a-w c:\windows\system32\dllcache\asc.sys
      + 2001-08-17 19:52:04 22,400 ----a-w c:\windows\system32\dllcache\asc3350p.sys
      + 2001-08-17 19:51:58 14,848 ----a-w c:\windows\system32\dllcache\asc3550.sys
      + 2001-08-17 18:12:34 97,354 ----a-w c:\windows\system32\dllcache\aspndis3.sys
      + 2004-08-05 12:00:00 65,024 ----a-w c:\windows\system32\dllcache\asycfilt.dll
      + 2004-08-05 12:00:00 14,336 ----a-w c:\windows\system32\dllcache\asyncmac.sys
      + 2004-08-05 12:00:00 25,088 ----a-w c:\windows\system32\dllcache\at.exe
      + 2004-08-03 20:59:44 95,360 ----a-w c:\windows\system32\dllcache\atapi.sys
      + 2001-08-23 15:46:44 96,128 ----a-w c:\windows\system32\dllcache\ati.dll
      + 2001-08-23 14:59:32 77,824 ----a-w c:\windows\system32\dllcache\ati.sys
      + 2004-08-03 20:29:30 56,623 ----a-w c:\windows\system32\dllcache\ati1btxx.sys
      + 2004-08-03 20:29:30 11,615 ----a-w c:\windows\system32\dllcache\ati1mdxx.sys
      + 2004-08-03 20:29:30 12,047 ----a-w c:\windows\system32\dllcache\ati1pdxx.sys
      + 2004-08-03 20:29:32 30,671 ----a-w c:\windows\system32\dllcache\ati1raxx.sys
      + 2004-08-03 20:29:32 63,663 ----a-w c:\windows\system32\dllcache\ati1rvxx.sys
      + 2004-08-03 20:29:32 26,367 ----a-w c:\windows\system32\dllcache\ati1snxx.sys
      + 2004-08-03 20:29:32 21,343 ----a-w c:\windows\system32\dllcache\ati1ttxx.sys
      + 2004-08-03 20:29:32 36,463 ----a-w c:\windows\system32\dllcache\ati1tuxx.sys
      + 2004-08-03 20:29:32 29,455 ----a-w c:\windows\system32\dllcache\ati1xbxx.sys
      + 2004-08-03 20:29:32 34,735 ----a-w c:\windows\system32\dllcache\ati1xsxx.sys
      + 2004-08-03 22:54:22 229,376 ----a-w c:\windows\system32\dllcache\ati2cqag.dll
      + 2004-08-03 22:54:22 377,984 ----a-w c:\windows\system32\dllcache\ati2dvaa.dll
      + 2004-08-03 22:54:22 201,728 ----a-w c:\windows\system32\dllcache\ati2dvag.dll
      + 2004-08-03 22:38:42 327,168 ----a-w c:\windows\system32\dllcache\ati2mtaa.sys
      + 2004-08-03 22:38:44 701,440 ----a-w c:\windows\system32\dllcache\ati2mtag.sys
      + 2004-08-03 22:54:22 870,784 ----a-w c:\windows\system32\dllcache\ati3d1ag.dll
      + 2004-08-03 22:54:22 1,888,992 ----a-w c:\windows\system32\dllcache\ati3duag.dll
      + 2001-08-17 18:49:04 46,464 ----a-w c:\windows\system32\dllcache\atibt829.sys
      + 2001-08-23 15:46:44 382,592 ----a-w c:\windows\system32\dllcache\atidrab.dll
      + 2001-08-23 15:46:44 137,216 ----a-w c:\windows\system32\dllcache\atidrae.dll
      + 2001-08-23 15:46:44 268,160 ----a-w c:\windows\system32\dllcache\atidvai.dll
      + 2001-08-23 15:47:26 37,376 ----a-w c:\windows\system32\dllcache\atievxx.exe
      + 2001-08-23 14:59:36 289,920 ----a-w c:\windows\system32\dllcache\atimpab.sys
      + 2001-08-23 14:59:36 75,392 ----a-w c:\windows\system32\dllcache\atimpae.sys
      + 2001-08-23 14:59:38 281,728 ----a-w c:\windows\system32\dllcache\atimtai.sys
      + 2004-08-03 20:29:28 57,856 ----a-w c:\windows\system32\dllcache\atinbtxx.sys
      + 2004-08-03 20:29:30 13,824 ----a-w c:\windows\system32\dllcache\atinmdxx.sys
      + 2004-08-03 20:29:30 14,336 ----a-w c:\wind
      0
    3. Malcom911 Messages postés 849 Statut Membre 44 > fredjibb Messages postés 230 Statut Membre
       
      va ici ---> https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr

      fait un scan en ligne (il va te le trouvé) et une fois que tu as le chemin du virus tu n'as plus qu'à le supprimer
      0
    4. fredjibb Messages postés 230 Statut Membre 1 > Malcom911 Messages postés 849 Statut Membre
       
      je l'ai fait mais il ne trouve rien du tout
      0
  10. fredjibb Messages postés 230 Statut Membre 1
     
    même s'il a été supprimé je trouve quemon pc n'a pas un comportement normal il rame et de plus je n'arrive plus à supprimer des fichiers temporaires du dossier temp de windows
    le prefetch ne se vide plus non plus
    enfin bref mon pc allait mieux avant....
    qu'est ce que je peux faire????
    0
  11. noctambule28 Messages postés 25275 Date d'inscription   Statut Membre Dernière intervention   2 875
     
    En attendant le reste

    Relance Toolbar-S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
    ! Ne ferme pas la fenêtre lors de la suppression !
    Un rapport sera généré, poste son contenu ici.

    NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
    Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
    Tape explorer puis valide.
    0
    1. fredjibb Messages postés 230 Statut Membre 1
       
      ok j'ai pris l'option 2 dans le logiciel voici le rapport que tu m'as demandé
      encore merci de ton aide et de ton temps pour répondre

      -----------\\ ToolBar S&D 1.2.5 XP/Vista

      Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
      X86-based PC ( Multiprocessor Free : AMD Turion(tm) 64 X2 Mobile Technology TL-50 )
      BIOS : Insyde Software MobilePRO BIOS Version 4.20.10
      USER : akira ( Administrator )
      BOOT : Normal boot
      Antivirus : Bitdefender Antivirus 8.0 (Activated)
      Firewall : Bitdefender Firewall 8.0 (Activated)
      C:\ (Local Disk) - NTFS - Total:85 Go (Free:50 Go)
      D:\ (CD or DVD)
      E:\ (CD or DVD)
      F:\ (USB)

      "C:\ToolBar SD" ( MAJ : 20-11-2008|20:25 )
      Option : [2] ( 26/11/2008|14:15 )

      -----------\\ Recherche de Fichiers / Dossiers ...


      -----------\\ Extensions

      (akira) - {4AB21F99-91C5-4a9d-813E-425841874FB1} => bloodfire-1.0.1-fx
      (akira) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar


      -----------\\ [..\Internet Explorer\Main]

      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
      "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
      "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
      "Local Page"="C:\\windows\\system32\\blank.htm"
      "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

      [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
      "Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
      "Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
      "Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
      "Local Page"="C:\\windows\\system32\\blank.htm"
      "Start Page"="https://www.msn.com/fr-fr/"


      --------------------\\ Recherche d'autres infections


      Aucune autre infection trouvée !


      1 - "C:\ToolBar SD\TB_1.txt" - 25/11/2008|12:02 - Option : [1]
      2 - "C:\ToolBar SD\TB_2.txt" - 26/11/2008|14:17 - Option : [2]

      -----------\\ Fin du rapport a 14:17:38,04
      0
  12. noctambule28 Messages postés 25275 Date d'inscription   Statut Membre Dernière intervention   2 875
     
    Je t'avais aussi demandé un rapport diaghelp et de poster le rapport complet de combofix!

    Tu peux le faire stp
    0
    1. fredjibb Messages postés 230 Statut Membre 1
       
      voila ci joint le rapport de diag help
      merci de ton aide
      DiagHelp version v1.4 - http://www.malekal.com
      excute le 27/11/2008 à 9:19:03,71


      Liste des derniers fichies modifies/crees dans windir\system32 et prefetch
      C:\WINDOWS\prefetch\CMD.EXE-034B0549.pf -->27/11/2008 09:18:50
      C:\WINDOWS\prefetch\CHCP.COM-17EDBDC9.pf -->27/11/2008 09:18:49
      C:\WINDOWS\prefetch\OPERA.EXE-3B75DA17.pf -->27/11/2008 09:16:31
      C:\WINDOWS\prefetch\SECCENTER.EXE-31DA92EB.pf -->27/11/2008 09:13:00
      C:\WINDOWS\prefetch\DRWTSN32.EXE-01DDCF15.pf -->27/11/2008 09:12:21
      C:\WINDOWS\prefetch\WMIPRVSE.EXE-0D449B4F.pf -->27/11/2008 09:11:16
      C:\WINDOWS\prefetch\HELPSVC.EXE-1C192440.pf -->27/11/2008 09:11:03
      C:\WINDOWS\prefetch\MCDCHECK.EXE-07FA1232.pf -->27/11/2008 09:00:06
      C:\WINDOWS\prefetch\WSWITCH.EXE-0A23C308.pf -->27/11/2008 09:00:01
      C:\WINDOWS\prefetch\PBCARNOT.EXE-34461DF3.pf -->27/11/2008 09:00:00

      C:\WINDOWS\System32\drivers\mrxsmb.sys -->24/10/2008 12:10:42
      C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->09/09/2008 23:04:02
      C:\WINDOWS\System32\drivers\mbam.sys -->09/09/2008 23:03:56
      C:\WINDOWS\System32\drivers\srv.sys -->28/08/2008 11:04:17
      C:\WINDOWS\System32\drivers\afd.sys -->14/08/2008 10:51:43
      C:\WINDOWS\System32\drivers\tcpip.sys -->20/06/2008 11:45:13
      C:\WINDOWS\System32\drivers\tcpip6.sys -->20/06/2008 10:52:06

      C:\WINDOWS\System32\bdod.bin -->27/11/2008 08:59:18
      C:\WINDOWS\System32\nvapps.xml -->27/11/2008 08:44:40
      C:\WINDOWS\System32\wpa.dbl -->27/11/2008 08:44:35
      C:\WINDOWS\System32\tmp.txt -->23/11/2008 22:47:47
      C:\WINDOWS\System32\tmp.reg -->23/11/2008 22:47:47
      C:\WINDOWS\System32\PerfStringBackup.TMP -->23/11/2008 20:47:37
      C:\WINDOWS\System32\PerfStringBackup.INI -->23/11/2008 20:47:37
      C:\WINDOWS\System32\perfh00C.dat -->23/11/2008 20:47:37
      C:\WINDOWS\System32\perfh009.dat -->23/11/2008 20:47:37
      C:\WINDOWS\System32\perfc00C.dat -->23/11/2008 20:47:37
      C:\WINDOWS\System32\perfc009.dat -->23/11/2008 20:47:37
      C:\WINDOWS\System32\MRT.exe -->04/11/2008 01:10:25
      C:\WINDOWS\System32\FNTCACHE.DAT -->31/10/2008 06:59:12
      C:\WINDOWS\System32\TUKernel.exe -->30/10/2008 09:36:35
      C:\WINDOWS\System32\wuweb.dll -->16/10/2008 14:13:40
      C:\WINDOWS\System32\wuaueng.dll -->16/10/2008 14:13:40
      C:\WINDOWS\System32\wucltui.dll -->16/10/2008 14:12:22
      C:\WINDOWS\System32\wuaucpl.cpl -->16/10/2008 14:12:20
      C:\WINDOWS\System32\wuapi.dll -->16/10/2008 14:12:20
      C:\WINDOWS\System32\wups2.dll -->16/10/2008 14:09:44
      C:\WINDOWS\System32\wucltui.dll.mui -->16/10/2008 14:09:44
      C:\WINDOWS\System32\wuauclt.exe -->16/10/2008 14:09:44
      C:\WINDOWS\System32\cdm.dll -->16/10/2008 14:09:44
      C:\WINDOWS\System32\wups.dll -->16/10/2008 14:08:58
      C:\WINDOWS\System32\wuapi.dll.mui -->16/10/2008 14:08:06

      C:\WINDOWS\WindowsUpdate.log -->27/11/2008 08:34:28
      C:\WINDOWS\0.log -->27/11/2008 08:30:11
      C:\WINDOWS\wiaservc.log -->27/11/2008 08:28:46
      C:\WINDOWS\wiadebug.log -->27/11/2008 08:28:46
      C:\WINDOWS\bootstat.dat -->27/11/2008 08:28:42
      C:\WINDOWS\SchedLgU.Txt -->27/11/2008 01:08:15
      C:\WINDOWS\bdagent.INI -->27/11/2008 01:07:17
      C:\WINDOWS\NeroDigital.ini -->26/11/2008 14:37:36
      C:\WINDOWS\system.ini -->24/11/2008 07:17:46
      C:\WINDOWS\ZZZZZZZZ.ZZZ -->23/11/2008 20:58:02
      C:\WINDOWS\ZZZZZZZ.ZZZ -->22/11/2008 07:15:00
      C:\WINDOWS\QTFont.qfn -->20/11/2008 12:23:44
      C:\WINDOWS\QTFont.for -->07/11/2008 09:58:55
      C:\WINDOWS\win.ini -->16/10/2008 09:50:55
      C:\WINDOWS\ModemLog_Bluetooth DUN Modem.txt -->26/06/2008 23:06:47

      winlogon.exe
      Verified: Signed
      svchost.exe
      Verified: Signed
      ws2_32.dll
      Verified: Signed
      user32.dll
      Verified: Signed
      tcpip.sys
      Verified: Signed
      ndis.sys
      Verified: Signed
      null.sys
      Verified: Signed


      ListDLLs v2.25 - DLL lister for Win9x/NT
      Copyright (C) 1997-2004 Mark Russinovich
      Sysinternals - www.sysinternals.com

      ------------------------------------------------------------------------------
      explorer.exe pid: 3600
      Command line: C:\WINDOWS\Explorer.EXE

      Base Size Version Path
      0x44080000 0xd0000 7.00.6000.16735 C:\WINDOWS\system32\WININET.dll
      0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll
      0x43e00000 0x45000 7.00.6000.16735 C:\WINDOWS\system32\iertutil.dll
      0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\comctl32.dll
      0x00ac0000 0x1c000 11.00.0000.1217 C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcInj.dll
      0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL
      0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll
      0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL
      0x7d200000 0x2be000 3.01.4000.4039 C:\WINDOWS\system32\msi.dll
      0x44360000 0x5cd000 7.00.6000.16757 C:\WINDOWS\system32\ieframe.dll
      0x44160000 0x127000 7.00.6000.16735 C:\WINDOWS\system32\urlmon.dll
      0x442b0000 0x3c000 7.00.6000.16735 C:\WINDOWS\system32\webcheck.dll
      0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll
      0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll
      0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll
      0x10000000 0x4000 C:\Program Files\Unlocker\UnlockerHook.dll
      0x00330000 0x6000 6.03.0002.0062 C:\DOCUME~1\akira\LOCALS~1\Temp\IadHide5.dll
      0x00320000 0x7000 1.00.0000.0001 C:\PROGRA~1\Wanadoo\Inactivity.dll
      0x00f90000 0x1c000 7.00.0000.0000 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll
      0x01580000 0xd000 7.00.0009.0050 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      0x7c340000 0x56000 7.10.3052.0004 C:\WINDOWS\system32\MSVCR71.dll
      0x01790000 0x39000 1.00.0011.0029 C:\Program Files\BitComet\tools\BitCometBHO.dll
      0x325c0000 0x12000 11.00.5510.0000 C:\Program Files\Microsoft Office\OFFICE11\msohev.dll

      ListDLLs v2.25 - DLL lister for Win9x/NT
      Copyright (C) 1997-2004 Mark Russinovich
      Sysinternals - www.sysinternals.com

      ------------------------------------------------------------------------------
      winlogon.exe pid: 1464
      Command line: winlogon.exe

      Base Size Version Path
      0x01000000 0x81000 \??\C:\WINDOWS\system32\winlogon.exe
      0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\COMCTL32.dll
      0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll
      0x20000000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
      0x01220000 0x3b000 1.07.0018.0005 C:\WINDOWS\system32\WgaLogon.dll
      0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL
      0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll


      Le volume dans le lecteur C s'appelle HDD
      Le numéro de série du volume est 8082-51E7

      Répertoire de C:\WINDOWS\system32

      05/08/2004 13:00 6 144 csrss.exe
      1 fichier(s) 6 144 octets
      0 Rép(s) 53 905 784 832 octets libres

      Contenu de Downloaded Program Files
      Le volume dans le lecteur C s'appelle HDD
      Le numéro de série du volume est 8082-51E7

      Répertoire de C:\WINDOWS\Downloaded Program Files

      22/07/2008 21:05 <REP> .
      22/07/2008 21:05 <REP> ..
      30/06/2008 09:39 128 256 as2stubie.dll
      27/06/2008 15:47 289 as2stubie.inf
      07/12/2004 16:07 32 bdcore.dll
      25/05/2006 00:21 118 784 bdupd.dll
      16/08/2004 17:08 65 desktop.ini
      25/07/2002 17:13 24 576 dwusplay.dll
      25/07/2002 17:13 196 608 dwusplay.exe
      25/05/2006 00:21 53 248 ipsupd.dll
      27/07/2004 15:48 323 584 isusweb.dll
      16/03/2005 11:34 7 407 lang.ini
      18/07/2007 12:49 12 592 libcomm.dll
      07/12/2004 16:07 32 libfn.dll
      14/03/2005 13:38 126 live.ini
      20/01/2000 15:25 1 162 Microsoft XML Parser for Java.osd
      01/06/2006 01:57 1 331 oscan8.inf
      01/06/2006 01:54 471 040 oscan8.ocx
      31/05/2006 03:15 10 oscan81.ocx_x
      14/03/2005 13:58 7 073 scanoptions.tsi
      09/11/2006 14:36 5 019 swflash.inf
      19 fichier(s) 1 351 234 octets

      Total des fichiers listés :
      19 fichier(s) 1 351 234 octets
      2 Rép(s) 53 905 784 832 octets libres

      Recherche de rootkit! (Merci S!Ri)

      Recherche d'infections connues

      Export des clefs sensibles..


      Liste des fichiers en exception sur le pare-feu XP SP2

      "%ProgramFiles%\\AOL 9.0\\aol.exe"="%ProgramFiles%\\AOL 9.0\\aol.exe:*:Enabled:AOL"
      "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
      "C:\\WINDOWS\\system32\\lxctcoms.exe"="C:\\WINDOWS\\system32\\lxctcoms.exe:*:Enabled:Lexmark Communications System"
      "C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"="C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe:*:Enabled:EasyShare"
      "C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
      "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
      "C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"="C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater"
      "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
      "C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"="C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe:*:Enabled:BlueSoleil"
      "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
      "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
      "C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL 9.0"
      "C:\\APPS\\skype\\phone\\Skype.exe"="C:\\APPS\\skype\\phone\\Skype.exe:*:Enabled:Skype"
      "C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"="C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe:*:Enabled:MySpaceIM"

      "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
      "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
      "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
      "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
      "C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL 9.0"

      Export de la clef SharedTaskScheduler

      [SharedTaskScheduler]
      "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
      "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"



      exports des policies
      REGEDIT4

      [system]
      "dontdisplaylastusername"=dword:00000000
      "legalnoticecaption"=""
      "legalnoticetext"=""
      "shutdownwithoutlogon"=dword:00000001
      "undockwithoutlogon"=dword:00000001
      "HideLegacyLogonScripts"=dword:00000000
      "HideLogoffScripts"=dword:00000000
      "RunLogonScriptSync"=dword:00000001
      "RunStartupScriptSync"=dword:00000000
      "HideStartupScripts"=dword:00000000
      "DisableRegistryTools"=dword:00000000



      Export des clefs sensibles..
      Rechercher adresses sensibles dans le fichier HOSTS...
      127.0.0.1 www.activexupdate.com
      127.0.0.1 activexupdate.com
      127.0.0.1 www.antispywareupdates.net
      127.0.0.1 antispywareupdates.net
      127.0.0.1 www.aviupdate.com
      127.0.0.1 aviupdate.com
      127.0.0.1 www.avpcheckupdate.com
      127.0.0.1 avpcheckupdate.com
      127.0.0.1 client.exeupdate.com
      127.0.0.1 www.eupdatepage.com
      127.0.0.1 eupdatepage.com
      127.0.0.1 www.exeupdate.com
      127.0.0.1 exeupdate.com
      127.0.0.1 www.flwupdate.com
      127.0.0.1 flwupdate.com
      127.0.0.1 www.hotwinupdates.com
      127.0.0.1 hotwinupdates.com
      127.0.0.1 www.lavasoftupdate.com
      127.0.0.1 lavasoftupdate.com
      127.0.0.1 www.malwarewipeupdate.com
      127.0.0.1 malwarewipeupdate.com
      127.0.0.1 www.movupdate.com
      127.0.0.1 movupdate.com
      127.0.0.1 www.mpegupdate.com
      127.0.0.1 mpegupdate.com
      127.0.0.1 www.msupdate.net
      127.0.0.1 msupdate.net
      127.0.0.1 www.msupdater.net
      127.0.0.1 msupdater.net
      127.0.0.1 www.necessaryupdates.com
      127.0.0.1 necessaryupdates.com
      127.0.0.1 newupdates.lzio.com
      127.0.0.1 www.plupdate.com
      127.0.0.1 plupdate.com
      127.0.0.1 redirect.msupdate.net
      127.0.0.1 www.registryupdate.org
      127.0.0.1 registryupdate.org
      127.0.0.1 search.keyword.exeupdate.com
      127.0.0.1 www.securityupdatesite.com
      127.0.0.1 securityupdatesite.com
      127.0.0.1 settings.updatemysettings.com
      127.0.0.1 www.spyaxeupdate.com
      127.0.0.1 spyaxeupdate.com
      127.0.0.1 www.spyfalconupdate.com
      127.0.0.1 spyfalconupdate.com
      127.0.0.1 www.systemupdates.net
      127.0.0.1 systemupdates.net
      127.0.0.1 trial.updates.winsoftware.com
      127.0.0.1 update.680180.net
      127.0.0.1 update.shareaza.com
      127.0.0.1 www.updatemysettings.com
      127.0.0.1 updatemysettings.com
      127.0.0.1 updates.spywarequake.com
      127.0.0.1 www.updatesantivirus.com
      127.0.0.1 updatesantivirus.com
      127.0.0.1 www.urgentsystemupdate.biz
      127.0.0.1 urgentsystemupdate.biz
      127.0.0.1 www.urgentsystemupdate.com
      127.0.0.1 urgentsystemupdate.com
      127.0.0.1 windupdates.com
      127.0.0.1 www.xp-vista-update.net
      127.0.0.1 xp-vista-update.net
      127.0.0.1 www.pandaantivirus-2007.com
      127.0.0.1 pandaantivirus-2007.com
      127.0.0.1 www.pandadownload-now.com
      127.0.0.1 pandadownload-now.com
      127.0.0.1 www.panda-hq.com
      127.0.0.1 panda-hq.com
      catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2008-11-27 09:19:46
      Windows 5.1.2600 Service Pack 2 NTFS

      scanning hidden services & system hive ...

      scanning hidden registry entries ...

      scanning hidden files ...

      scan completed successfully
      hidden services: 0
      hidden files: 0


      KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

      Process list by traversal of KiWaitListHead

      4 - System
      140 - RTHDCPL.exe
      232 - SynTPLpr.exe
      236 - vsserv.exe
      268 - USBDeviceServic
      348 - SynTPEnh.exe
      352 - xcommsvr.exe
      384 - svchost.exe
      520 - livesrv.exe
      668 - svchost.exe
      768 - CLSched.exe
      808 - BTNtService.exe
      892 - LVPrcSrv.exe
      964 - AOLacsd.exe
      1028 - Watch.exe
      1036 - mDNSResponder.e
      1096 - CLCapSvc.exe
      1128 - CLMLServer.exe
      1228 - LVComSer.exe
      1264 - VCDDaemon.exe
      1272 - lxctcoms.exe
      1292 - PCMService.exe
      1304 - nvsvc32.exe
      1308 - ALERTM~1.EXE
      1344 - QuickCam10.exe
      1440 - csrss.exe
      1464 - winlogon.exe
      1508 - services.exe
      1520 - lsass.exe
      1692 - svchost.exe
      1740 - svchost.exe
      1764 - DetectorApp.exe
      1800 - bdagent.exe
      1936 - svchost.exe
      1980 - svchost.exe
      2036 - svchost.exe
      2088 - lxctmon.exe
      2216 - ezprint.exe
      2280 - QTTask.exe
      2284 - ComComp.exe
      2392 - Kodak Software
      2396 - Communications_
      2492 - TaskBarIcon.exe
      2544 - UnlockerAssista
      2648 - svchost.exe
      2732 - alg.exe
      2780 - ctfmon.exe
      3004 - PBDataSecure.ex
      3160 - EasyShare.exe
      3184 - cmd.exe
      3212 - GestionnaireInt
      3408 - Toaster.exe
      3420 - Inactivity.exe
      3448 - PollingModule.e
      3600 - explorer.exe
      3984 - COCIManager.exe

      Total number of processes = 56
      NOTE: Under WinXP, this will not show all processes.

      KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

      Driver/Module list by traversal of PsLoadedModuleList

      804D7000 - \WINDOWS\system32\TUKERNEL.EXE
      80722000 - \WINDOWS\system32\hal.dll
      F7987000 - \WINDOWS\system32\KDCOM.DLL
      F7897000 - \WINDOWS\system32\BOOTVID.dll
      F7437000 - ACPI.sys
      F7989000 - \WINDOWS\system32\DRIVERS\WMILIB.SYS
      F7426000 - pci.sys
      F7487000 - isapnp.sys
      F789B000 - compbatt.sys
      F789F000 - \WINDOWS\system32\DRIVERS\BATTC.SYS
      F7A4F000 - pciide.sys
      F7707000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
      F798B000 - aliide.sys
      F798D000 - intelide.sys
      F798F000 - toside.sys
      F7991000 - viaide.sys
      F7993000 - cmdide.sys
      F7497000 - MountMgr.sys
      F7407000 - ftdisk.sys
      F770F000 - PartMgr.sys
      F78A3000 - ACPIEC.sys
      F7A50000 - \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
      F7717000 - pavboot.sys
      F771F000 - sfsync02.sys
      F74A7000 - VolSnap.sys
      F7727000 - VClone.sys
      F73EF000 - \WINDOWS\system32\DRIVERS\SCSIPORT.SYS
      F78A7000 - cpqarray.sys
      F73D7000 - atapi.sys
      F78AB000 - aha154x.sys
      F772F000 - sparrow.sys
      F78AF000 - symc810.sys
      F74B7000 - aic78xx.sys
      F78B3000 - dac960nt.sys
      F74C7000 - ql10wnt.sys
      F78B7000 - amsint.sys
      F7737000 - asc.sys
      F78BB000 - asc3550.sys
      F773F000 - mraid35x.sys
      F7747000 - i2omp.sys
      F78BF000 - ini910u.sys
      F74D7000 - ql1240.sys
      F74E7000 - aic78u2.sys
      F774F000 - symc8xx.sys
      F7757000 - sym_hi.sys
      F775F000 - sym_u3.sys
      F7767000 - ABP480N5.SYS
      F776F000 - asc3350p.sys
      F7995000 - cd20xrnt.sys
      F74F7000 - ultra.sys
      F73BE000 - adpu160m.sys
      F7777000 - dpti2o.sys
      F7507000 - ql1080.sys
      F7517000 - ql1280.sys
      F7527000 - ql12160.sys
      F777F000 - perc2.sys
      F7997000 - perc2hib.sys
      F7787000 - hpn.sys
      F78C3000 - cbidf2k.sys
      F7392000 - dac2w2k.sys
      F7537000 - disk.sys
      F7547000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
      F7372000 - fltMgr.sys
      F7360000 - sr.sys
      F7557000 - PxHelp20.sys
      F7349000 - KSecDD.sys
      F7336000 - WudfPf.sys
      F72A9000 - Ntfs.sys
      F727C000 - NDIS.sys
      F78C7000 - vbtenum.sys
      F7567000 - sisagp.sys
      F7577000 - viaagp.sys
      F778F000 - sfhlp02.sys
      F7587000 - sfdrv01.sys
      F7261000 - Mup.sys
      F7797000 - BTHidMgr.sys
      F7597000 - alim1541.sys
      F75A7000 - amdagp.sys
      F75B7000 - agp440.sys
      F75C7000 - agpCPQ.sys
      F7617000 - \SystemRoot\system32\DRIVERS\AmdK8.sys
      F7175000 - \SystemRoot\system32\DRIVERS\CmBatt.sys
      F63A3000 - \SystemRoot\system32\DRIVERS\nv4_mini.sys
      F638F000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
      F7627000 - \SystemRoot\system32\DRIVERS\i8042prt.sys
      F689C000 - \SystemRoot\system32\DRIVERS\kbdclass.sys
      F6360000 - \SystemRoot\system32\DRIVERS\SynTP.sys
      F79C3000 - \SystemRoot\system32\DRIVERS\USBD.SYS
      F6894000 - \SystemRoot\system32\DRIVERS\mouclass.sys
      F715D000 - \SystemRoot\system32\DRIVERS\nvsmu.sys
      F688C000 - \SystemRoot\system32\DRIVERS\usbohci.sys
      F633D000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS
      F6884000 - \SystemRoot\system32\DRIVERS\usbehci.sys
      F7637000 - \SystemRoot\system32\DRIVERS\imapi.sys
      F79C5000 - \SystemRoot\System32\Drivers\ElbyDelay.sys
      F7647000 - \SystemRoot\system32\DRIVERS\cdrom.sys
      F7657000 - \SystemRoot\system32\DRIVERS\redbook.sys
      F631A000 - \SystemRoot\system32\DRIVERS\ks.sys
      F62F5000 - \SystemRoot\system32\DRIVERS\HDAudBus.sys
      F7155000 - \SystemRoot\system32\DRIVERS\nvnetbus.sys
      F62AA000 - \SystemRoot\system32\DRIVERS\NVNRM.SYS
      F6273000 - \SystemRoot\system32\DRIVERS\NVSNPU.SYS
      F7667000 - \SystemRoot\System32\Drivers\VcommMgr.sys
      F687C000 - \SystemRoot\system32\DRIVERS\blueletaudio.sys
      F6251000 - \SystemRoot\system32\DRIVERS\portcls.sys
      F7687000 - \SystemRoot\system32\DRIVERS\drmk.sys
      F6874000 - \SystemRoot\system32\DRIVERS\BlueletSCOAudio.sys
      F7A52000 - \SystemRoot\system32\DRIVERS\audstub.sys
      F79C7000 - \SystemRoot\System32\Drivers\RootMdm.sys
      F686C000 - \SystemRoot\System32\Drivers\Modem.SYS
      F76F7000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys
      F7151000 - \SystemRoot\system32\DRIVERS\ndistapi.sys
      F61F0000 - \SystemRoot\system32\DRIVERS\ndiswan.sys
      F7251000 - \SystemRoot\system32\DRIVERS\raspppoe.sys
      F7241000 - \SystemRoot\system32\DRIVERS\raspptp.sys
      F6864000 - \SystemRoot\system32\DRIVERS\TDI.SYS
      F61DF000 - \SystemRoot\system32\DRIVERS\psched.sys
      F7231000 - \SystemRoot\system32\DRIVERS\msgpc.sys
      F685C000 - \SystemRoot\system32\DRIVERS\ptilink.sys
      F6854000 - \SystemRoot\system32\DRIVERS\raspti.sys
      F7807000 - \SystemRoot\system32\DRIVERS\wanatw4.sys
      F7145000 - \SystemRoot\system32\DRIVERS\btnetdrv.sys
      F780F000 - \SystemRoot\system32\DRIVERS\VComm.sys
      F7141000 - \SystemRoot\system32\DRIVERS\serenum.sys
      F7211000 - \SystemRoot\system32\DRIVERS\termdd.sys
      F61CB000 - \SystemRoot\system32\DRIVERS\bdfndisf.sys
      F79C9000 - \SystemRoot\system32\DRIVERS\swenum.sys
      F6197000 - \SystemRoot\system32\DRIVERS\update.sys
      F7135000 - \SystemRoot\system32\DRIVERS\mssmbios.sys
      F7201000 - \SystemRoot\system32\DRIVERS\NVENETFD.sys
      F71F1000 - \SystemRoot\System32\Drivers\NDProxy.SYS
      F71D1000 - \SystemRoot\system32\DRIVERS\usbhub.sys
      F3C90000 - \SystemRoot\system32\drivers\RtkHDAud.sys
      F79D7000 - \SystemRoot\System32\Drivers\i2omgmt.SYS
      F781F000 - \SystemRoot\system32\DRIVERS\usbccgp.sys
      F79D9000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS
      F7BDE000 - \SystemRoot\System32\Drivers\Null.SYS
      F79DB000 - \SystemRoot\System32\Drivers\Beep.SYS
      F782F000 - \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
      F7837000 - \SystemRoot\System32\drivers\vga.sys
      F79DD000 - \SystemRoot\System32\Drivers\mnmdd.SYS
      F79E1000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys
      F784F000 - \SystemRoot\System32\Drivers\Msfs.SYS
      F7857000 - \SystemRoot\System32\Drivers\Npfs.SYS
      F617F000 - \SystemRoot\system32\DRIVERS\rasacd.sys
      F3C18000 - \SystemRoot\system32\DRIVERS\ipsec.sys
      F3BC0000 - \SystemRoot\system32\DRIVERS\tcpip.sys
      F3B9B000 - \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys
      F3B7A000 - \SystemRoot\system32\DRIVERS\ipnat.sys
      F3B52000 - \SystemRoot\system32\DRIVERS\netbt.sys
      F75F7000 - \SystemRoot\system32\DRIVERS\wanarp.sys
      F3B30000 - \SystemRoot\System32\drivers\afd.sys
      F6A5D000 - \SystemRoot\system32\DRIVERS\netbios.sys
      F3850000 - \SystemRoot\System32\drivers\truecrypt.sys
      F6A3D000 - \SystemRoot\system32\drivers\LVUSBSta.sys
      F3719000 - \SystemRoot\system32\DRIVERS\LV302V32.SYS
      F79E3000 - \SystemRoot\system32\DRIVERS\lv302af.sys
      F6A2D000 - \SystemRoot\system32\drivers\usbaudio.sys
      F36EE000 - \SystemRoot\system32\DRIVERS\rdbss.sys
      F367F000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys
      F6A1D000 - \SystemRoot\System32\Drivers\Fips.SYS
      F35CF000 - \SystemRoot\system32\DRIVERS\rt73.sys
      F717D000 - \SystemRoot\system32\DRIVERS\usbscan.sys
      F786F000 - \SystemRoot\system32\DRIVERS\usbprint.sys
      F7877000 - \SystemRoot\system32\DRIVERS\USBSTOR.SYS
      F7171000 - \SystemRoot\system32\DRIVERS\hidusb.sys
      F76E7000 - \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
      F69ED000 - \SystemRoot\System32\Drivers\Cdfs.SYS
      F3517000 - \SystemRoot\System32\Drivers\dump_atapi.sys
      F79CF000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS
      BF800000 - \SystemRoot\System32\win32k.sys
      F3623000 - \SystemRoot\System32\drivers\Dxapi.sys
      F366F000 - \SystemRoot\System32\watchdog.sys
      BF9C3000 - \SystemRoot\System32\drivers\dxg.sys
      F7B65000 - \SystemRoot\System32\drivers\dxgthk.sys
      BF9D5000 - \SystemRoot\System32\nv4_disp.dll
      BAD70000 - \SystemRoot\system32\DRIVERS\ndisuio.sys
      B9B04000 - \SystemRoot\system32\DRIVERS\mrxdav.sys
      F7A1D000 - \SystemRoot\System32\Drivers\ASCTRM.SYS
      F7A23000 - \SystemRoot\System32\Drivers\ElbyCDIO.sys
      B91AB000 - \SystemRoot\System32\Drivers\HTTP.sys
      F785F000 - \SystemRoot\system32\DRIVERS\Ip6Fw.sys
      B914B000 - \SystemRoot\system32\DRIVERS\tcpip6.sys
      B90F9000 - \SystemRoot\system32\DRIVERS\srv.sys
      B901C000 - \SystemRoot\system32\drivers\wdmaud.sys
      BA388000 - \SystemRoot\system32\drivers\sysaudio.sys
      F77E7000 - \SystemRoot\system32\DRIVERS\LVPr2Mon.sys
      B8C5A000 - \??\C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys
      B8A4F000 - \SystemRoot\system32\drivers\bdfsfltr.sys
      B81C6000 - \??\C:\WINDOWS\system32\PCANDIS5.SYS
      B804F000 - \SystemRoot\System32\Drivers\Fastfat.SYS
      F7B24000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys

      Total number of drivers = 192

      Liste des programmes installes

      Adobe Flash Player 9 ActiveX
      Adobe Flash Player Plugin
      Adobe Photoshop CS2 Portable Par Le Nettoyeur
      Adobe Reader 7.1.0 - Français
      Archiveur WinRAR
      Barre d'outils Outlook de Windows Live (Windows Live Toolbar)
      BitComet 0.79
      BitDefender Internet Security 2008
      Bloqueur de fenêtres pop-up (Windows Live Toolbar)
      Bluesoleil2.7.0.8 VoIP Release 070930
      Bonjour
      Bonjour
      CardRd81
      CCleaner (remove only)
      CCScore
      Codeur Windows Media Série 9
      Correctif pour Windows Internet Explorer 7 (KB947864)
      CR2
      DIGIPILLS Miniphoto
      Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)
      eMule
      ESSBrwr
      ESSCDBK
      ESScore
      ESSgui
      ESShelp
      ESSini
      ESSPCD
      ESSPDock
      ESSSONIC
      ESSTOOLS
      essvatgt
      essvcpt
      Extension de Windows Live Toolbar (Windows Live Toolbar)
      FindyKill
      Galerie de photos Windows Live
      Gestionnaire Internet
      HijackThis 2.0.2
      HLPPDOCK
      Java(TM) SE Development Kit 6
      Java(TM) SE Runtime Environment 6
      Java(TM) SE Runtime Environment 6 Update 1
      kgcbase
      KSU
      Lecteur Windows Media 11
      Les Simpson - Le film Screen Saver
      Lexmark 5400 Series
      Lexmark Barre d'outils
      livebox
      LiveUpdate 1.80 (Symantec Corporation)
      Logiciel Kodak EasyShare
      Logitech Audio Echo Cancellation Component
      Logitech QuickCam
      Logitech Video Enumerator
      Macromedia Shockwave Player
      Malwarebytes' Anti-Malware
      MediaCoder 0.6.0
      Menus intelligents (Windows Live Toolbar)
      Microsoft .NET Framework 1.1
      Microsoft .NET Framework 1.1
      Microsoft .NET Framework 1.1 French Language Pack
      Microsoft .NET Framework 1.1 Hotfix (KB928366)
      Microsoft .NET Framework 2.0 Language Pack - FRA
      Microsoft .NET Framework 2.0 Service Pack 1
      Microsoft Compression Client Pack 1.0 for Windows XP
      Microsoft Internationalized Domain Names Mitigation APIs
      Microsoft National Language Support Downlevel APIs
      Microsoft Office Professional Edition 2003
      Microsoft SQL Server 2005 Compact Edition [ENU]
      Microsoft User-Mode Driver Framework Feature Pack 1.0
      Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)
      Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)
      Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)
      Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)
      Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)
      Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)
      Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)
      Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)
      Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)
      Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)
      Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)
      Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)
      Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA
      Mozilla Firefox (2.0.0.11)
      MSN
      MSXML 4.0 SP2 (KB927978)
      MSXML 4.0 SP2 (KB936181)
      MSXML 4.0 SP2 (KB954430)
      MVision
      MySpaceIM
      Navigateur Orange
      Navilog1 Version 2.0.5
      Nero 6 Ultra Edition
      neroxml
      Notifier
      NVIDIA Drivers
      OfotoXMI
      OneCare Advisor (Windows Live Toolbar)
      Opera 9.62
      OTtBP
      OTtBPSDK
      Packard Bell Data Secure
      Panda ActiveScan 2.0
      Photoshop CS2
      Programme de gestion Camera de Logitech®
      QuickTime
      Readiris Pro 8
      Security Update for CAPICOM (KB931906)
      Security Update for CAPICOM (KB931906)
      SFR
      SHASTA
      SKIN0001
      SKINXSDK
      Sonic Express Labeler
      Sonic MyDVD LE
      Sonic RecordNow Audio
      Sonic RecordNow Copy
      Sonic RecordNow Data
      Sonic Update Manager
      staticcr
      TrueCrypt
      TuneUp Utilities 2007
      Unlocker 1.8.7
      VCRedistSetup
      VirtualCloneDrive
      VPRINTOL
      WD Diagnostics
      WebFldrs XP
      Winamp
      Windows Imaging Component
      Windows Internet Explorer 7
      Windows Live installer
      Windows Live Messenger
      Windows Live Toolbar
      Windows Live Toolbar
      Windows Media Format 11 runtime
      Windows Media Format 11 runtime
      Windows Media Player 11
      WIRELESS
      Yahoo! Install Manager



      Le volume dans le lecteur C s'appelle HDD
      Le numéro de série du volume est 8082-51E7

      Répertoire de C:\Program Files

      24/11/2008 12:31 <REP> .
      24/11/2008 12:31 <REP> ..
      15/09/2007 18:59 <REP> Abbyy FineReader 6.0 Sprint
      28/01/2007 14:53 <REP> Adobe
      27/12/2007 10:54 <REP> Ahead
      01/07/2008 20:39 <REP> AOL 9.0
      24/09/2008 19:44 <REP> Apple Software Update
      09/07/2007 05:34 <REP> BitComet
      02/11/2008 21:04 <REP> BitDefender
      11/09/2008 13:31 <REP> Bonjour
      09/07/2007 05:34 <REP> CCleaner
      24/08/2006 22:56 <REP> CyberLink
      28/10/2007 17:30 <REP> Elaborate Bytes
      23/10/2008 10:48 <REP> eMule
      24/11/2008 07:15 <REP> Fichiers communs
      23/11/2008 23:30 <REP> FindyKill
      12/12/2007 12:35 <REP> Google
      31/07/2007 11:01 <REP> Grisoft
      09/07/2007 05:34 <REP> IncrediMail
      15/10/2008 22:07 <REP> Internet Explorer
      30/03/2008 12:54 <REP> IVT Corporation
      29/05/2008 00:29 <REP> Java
      22/11/2007 09:18 <REP> Kodak
      24/08/2006 22:41 <REP> Learn2.com
      09/07/2007 05:34 <REP> Lexmark 5400 Series
      26/11/2006 14:37 <REP> Lexmark Toolbar
      15/06/2007 05:13 <REP> Logitech
      27/11/2008 08:44 <REP> Lx_cats
      23/11/2008 21:21 <REP> Malwarebytes' Anti-Malware
      05/11/2007 21:14 <REP> MediaCoder
      17/08/2008 02:25 <REP> Messenger
      09/05/2007 02:04 <REP> Microsoft CAPICOM 2.1.0.2
      16/08/2004 17:11 <REP> microsoft frontpage
      21/01/2007 13:11 <REP> Microsoft Office
      14/11/2007 06:26 <REP> Microsoft SQL Server Compact Edition
      21/01/2007 13:10 <REP> Microsoft.NET
      09/07/2007 05:33 <REP> Miniphoto
      09/07/2007 05:34 <REP> Movie Maker
      24/11/2008 06:56 <REP> Mozilla Firefox
      23/12/2006 12:22 <REP> MSN
      16/08/2004 17:03 <REP> MSN Gaming Zone
      12/11/2008 01:15 <REP> MSXML 4.0
      31/05/2007 16:03 <REP> MySpace
      06/06/2008 08:46 <REP> Navilog1
      09/07/2007 05:34 <REP> NetMeeting
      09/07/2007 05:34 <REP> Online Services
      06/11/2008 11:37 <REP> Opera
      09/07/2007 05:34 <REP> Outlook Express
      27/11/2008 08:45 <REP> Packard Bell Data Secure
      15/05/2008 20:35 <REP> Panda Security
      22/11/2007 09:18 <REP> QuickTime
      25/10/2007 06:06 <REP> Readiris Pro 8
      24/08/2006 22:40 <REP> Real
      24/08/2006 22:29 <REP> Realtek
      07/02/2007 20:30 <REP> SAGEM
      22/12/2006 12:12 <REP> Securitoo
      09/07/2007 05:34 <REP> Services en ligne
      09/07/2007 05:34 <REP> ShowTime
      28/10/2007 17:29 <REP> SlySoft
      24/08/2006 22:43 <REP> Sonic
      24/11/2008 00:36 <REP> Spybot - Search & Destroy
      06/06/2008 10:39 <REP> Symantec
      06/06/2008 13:20 <REP> SymNetDrv
      24/08/2006 22:17 <REP> Synaptics
      12/09/2008 10:44 <REP> TeaTimer (Spybot - Search & Destroy)
      21/02/2008 10:11 <REP> TrueCrypt
      09/07/2007 05:34 <REP> TuneUp Utilities 2007
      24/08/2006 22:54 <REP> Ulead Systems
      24/11/2008 12:32 <REP> Unlocker
      27/11/2008 08:45 <REP> Wanadoo
      11/12/2007 18:58 <REP> Western Digital Technologies
      03/03/2008 07:23 <REP> Winamp
      27/02/2008 20:09 <REP> Windows Live
      01/12/2007 06:24 <REP> Windows Live Toolbar
      24/08/2006 22:53 <REP> Windows Media Components
      25/10/2007 06:06 <REP> Windows Media Connect 2
      09/07/2007 05:34 <REP> Windows Media Player
      09/07/2007 05:34 <REP> Windows NT
      29/03/2008 06:41 <REP> WinRAR
      16/08/2004 17:11 <REP> xerox
      0 fichier(s) 0 octets
      80 Rép(s) 53 893 861 376 octets libres
      Le volume dans le lecteur C s'appelle HDD
      Le numéro de série du volume est 8082-51E7

      Répertoire de C:\Program Files\fichiers communs

      24/11/2008 07:15 <REP> .
      24/11/2008 07:15 <REP> ..
      22/06/2008 23:02 <REP> Adobe
      27/12/2007 10:54 <REP> Ahead
      09/07/2007 05:34 <REP> AOL
      09/07/2007 05:34 <REP> aolshare
      24/11/2008 00:32 <REP> BitDefender
      25/11/2006 17:45 <REP> Borland Shared
      30/11/2006 20:07 <REP> Ciel
      09/07/2007 05:34 <REP> DESIGNER
      30/11/2006 20:07 <REP> InstallShield
      24/08/2006 22:34 <REP> Java
      22/12/2006 23:55 <REP> Kodak
      09/07/2007 05:33 <REP> LogiShrd
      11/03/2007 21:23 <REP> Logitech
      06/09/2008 15:47 <REP> Microsoft Shared
      16/08/2004 17:06 <REP> MSSoap
      14/04/2007 20:04 <REP> NSV
      24/08/2006 22:40 <REP> Nullsoft
      16/08/2004 16:57 <REP> ODBC
      24/08/2006 22:40 <REP> Real
      09/11/2007 07:23 <REP> Services
      09/07/2007 05:34 <REP> Sonic Shared
      16/08/2004 16:56 <REP> SpeechEngines
      09/07/2007 05:34 <REP> SureThing Shared
      06/06/2008 13:09 <REP> Symantec Shared
      09/07/2007 05:34 <REP> System
      10/06/2007 20:46 <REP> TiVo Shared
      06/06/2008 07:07 <REP> Ulead Systems
      05/12/2007 09:47 <REP> Wise Installation Wizard
      0 fichier(s) 0 octets
      30 Rép(s) 53 893 857 280 octets libres
      Le volume dans le lecteur C s'appelle HDD
      Le numéro de série du volume est 8082-51E7

      Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders

      06/09/2008 15:47 <REP> .
      06/09/2008 15:47 <REP> ..
      09/07/2007 05:34 <REP> 1033
      06/09/2008 15:47 <REP> 1036
      20/09/2005 11:33 1 293 008 MSONSEXT.DLL
      22/03/2007 18:29 39 256 MSOSV.DLL
      03/06/1999 11:09 122 937 MSOWS409.DLL
      07/03/2001 06:00 127 033 MSOWS40c.DLL
      11/07/2003 02:25 80 448 PKMWS.DLL
      5 fichier(s) 1 662 682 octets
      4 Rép(s) 53 893 857 280 octets libres




      c:\Documents and Settings\akira\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr709_fr_FR.exe
      c:\Documents and Settings\akira\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr710_fr_FR.exe
      c:\Documents and Settings\akira\Application Data\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\ARPPRODUCTICON.exe
      c:\Documents and Settings\akira\Application Data\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\Uninstall_WD_Diagnos_0AB76F69E7614CFAB9B0A1906B4E9E4B.exe
      c:\Documents and Settings\akira\Application Data\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\WinDlg.exe_0AB76F69E7614CFAB9B0A1906B4E9E4B_3.exe
      c:\Documents and Settings\akira\Application Data\Microsoft\Installer\{35725FBC-A136-4A46-9F29-091759D9BB93}\ARPPRODUCTICON.exe
      c:\Documents and Settings\akira\Application Data\Microsoft\Installer\{BEF726DD-4037-4214-8C6A-E625C02D2870}\ARPPRODUCTICON.exe
      c:\Documents and Settings\akira\Application Data\Microsoft\Installer\{EA516024-D84D-41F1-814F-83175A6188F2}\ARPPRODUCTICON.exe
      c:\Documents and Settings\akira\Application Data\MSNInstaller\msnauins.exe
      c:\Documents and Settings\akira\Application Data\MySpace\IM\Install\MSIMClientSetup.1.0.739.0-static-fr.exe
      c:\Documents and Settings\akira\Bureau\ComboFix.exe
      c:\Documents and Settings\akira\Bureau\FindyKill.exe
      c:\Documents and Settings\akira\Bureau\ToolBarSD.exe
      c:\Documents and Settings\akira\Bureau\unlocker1.8.7.exe
      c:\Documents and Settings\akira\Bureau\DiagHelp\catchme.exe
      c:\Documents and Settings\akira\Bureau\DiagHelp\diff.exe
      c:\Documents and Settings\akira\Bureau\DiagHelp\dumphive.exe
      c:\Documents and Settings\akira\Bureau\DiagHelp\FilesInfoCmd.exe
      c:\Documents and Settings\akira\Bureau\DiagHelp\find2.exe
      c:\Documents and Settings\akira\Bureau\DiagHelp\Fport.exe
      c:\Documents and Settings\akira\Bureau\DiagHelp\grep.exe
      c:\Documents and Settings\akira\Bureau\DiagHelp\gzip.exe
      c:\Documents and Settings\akira\Bureau\DiagHelp\KProcCheck.exe
      c:\Documents and Settings\akira\Bureau\DiagHelp\LFiles.exe
      c:\Documents and Settings\akira\Bureau\DiagHelp\LISTDLLS.exe
      c:\Documents and Settings\akira\Bureau\DiagHelp\md5sums.exe
      c:\Documents and Settings\akira\Bureau\DiagHelp\pslist.exe
      c:\Documents and Settings\akira\Bureau\DiagHelp\sigcheck.exe
      c:\Documents and Settings\akira\Bureau\DiagHelp\streams.exe
      c:\Documents and Settings\akira\Bureau\DiagHelp\swreg.exe
      c:\Documents and Settings\akira\Bureau\DiagHelp\tar.exe
      c:\Documents and Settings\akira\Bureau\HostsXpert\HostsXpert.exe
      c:\Documents and Settings\akira\Mes documents\Mes fichiers reçus\Opera_962_int_Setup.exe
      c:\Documents and Settings\akira\Mes documents\Mes fichiers reçus\easy cleaner\EasyClea.exe
      c:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Internet Security 7.0.0.119\French\setup.exe
      c:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_140011_59c95\Setup.exe
      c:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_1e0010_26288\Setup.exe
      c:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\bonjour\BonjourSetup.exe
      c:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\CCS\CCSStop.exe
      c:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\ESS\bindbins\bindbins.exe
      c:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\KDEVICES\CR2\cr_stop.exe
      c:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\Ksu\ksustop.exe
      c:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\Notifier\message.exe
      c:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
      c:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\ExItem2702_symnet$20consumer_5.0.2_english\Message.exe
      c:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\ExItem2702_symnet$20consumer_5.0.2_english\setup.exe
      c:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\ExItem5197_signatures$20ids$20de$20norton$20internet$20security_1.0_french\SNDWarn.exe
      c:\Documents and Settings\All Users\Application Data\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe
      c:\Documents and Settings\akira\Application Data\Microsoft\IdentityCRL\PROD\ppcrlconfig.dll
      c:\Documents and Settings\akira\Application Data\Microsoft\IdentityCRL\Production\ppcrlconfig.dll
      c:\Documents and Settings\All Users\Application Data\Grisoft\AVG Anti-Spyware 7.5\Downloads\help.dll
      c:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_140011_59c95\EasyShrx.Dll
      c:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_1e0010_26288\EasyShrx.Dll
      c:\Documents and Settings\All Users\Application Data\Logishrd\LQCVFX\Filters\MMSEF.dll
      c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll
      c:\Documents and Settings\All Users\Application Data\Microsoft\USMT\iconlib.dll
      c:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\ExItem2702_symnet$20consumer_5.0.2_english\SymStore.dll
      c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll

      ****** Fin du rapport DiagHelp
      Veuillez svp envoyer le fichier C:\upload_moi_731403450238.tar.gz a l'adresse http://upload.malekal.com
      0
    2. fredjibb Messages postés 230 Statut Membre 1
       
      et voici le rapport complet de combofix encore merci
      ComboFix 08-11-26.05 - akira 2008-11-27 10:24:30.3 - NTFSx86
      Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.390 [GMT 1:00]
      Lancé depuis: C:\Documents and Settings\akira\Bureau\ComboFix.exe
      * Un nouveau point de restauration a été créé
      * Resident AV is active

      .

      (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
      .

      .
      ((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
      .

      -------\Service_poof


      ((((((((((((((((((((((((((((( Fichiers créés du 2008-10-27 au 2008-11-27 ))))))))))))))))))))))))))))))))))))
      .

      2008-11-27 09:20 . 2008-11-27 09:20 11,697,695 --a------ C:\upload_moi_731403450238.tar.gz
      2008-11-25 11:59 . 2008-11-26 14:17 <REP> d-------- C:\ToolBar SD
      2008-11-24 12:31 . 2008-11-24 12:32 <REP> d-------- C:\Program Files\Unlocker
      2008-11-24 00:32 . 2008-11-24 00:32 <REP> d-------- C:\Documents and Settings\akira\Application Data\Bitdefender
      2008-11-24 00:31 . 2008-11-24 00:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
      2008-11-23 20:47 . 2008-11-23 20:47 1,041,210 --a------ C:\WINDOWS\system32\PerfStringBackup.TMP
      2008-11-23 20:47 . 2008-11-23 20:58 512 --a------ C:\WINDOWS\ZZZZZZZZ.ZZZ
      2008-11-23 20:32 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
      2008-11-23 20:32 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
      2008-11-23 20:32 . 2008-10-01 14:51 87,552 --a------ C:\WINDOWS\system32\VACFix.exe
      2008-11-23 20:32 . 2008-10-10 07:58 82,944 --a------ C:\WINDOWS\system32\o4Patch.exe
      2008-11-23 20:32 . 2008-10-10 07:58 82,944 --a------ C:\WINDOWS\system32\IEDFix.C.exe
      2008-11-23 20:32 . 2008-08-18 11:19 82,432 --a------ C:\WINDOWS\system32\404Fix.exe
      2008-11-23 20:32 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
      2008-11-23 20:32 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
      2008-11-23 20:32 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
      2008-11-23 20:04 . 2008-11-23 23:30 <REP> d-------- C:\Program Files\FindyKill
      2008-11-22 06:59 . 2008-11-22 07:15 1,536 --a------ C:\WINDOWS\ZZZZZZZ.ZZZ
      2008-11-12 01:15 . 2008-11-12 01:15 <REP> d-------- C:\Program Files\MSXML 4.0
      2008-11-07 09:58 . 2008-11-20 12:23 54,156 --ah----- C:\WINDOWS\QTFont.qfn
      2008-11-07 09:58 . 2008-11-07 09:58 1,409 --a------ C:\WINDOWS\QTFont.for
      2008-11-02 21:04 . 2008-11-02 21:04 <REP> d-------- C:\Program Files\BitDefender
      2008-11-02 21:03 . 2008-11-24 00:32 <REP> d-------- C:\Program Files\Fichiers communs\BitDefender

      .
      (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2008-11-27 09:42 --------- d-----w C:\Program Files\Wanadoo
      2008-11-27 09:41 --------- d-----w C:\Program Files\Packard Bell Data Secure
      2008-11-27 09:41 --------- d-----w C:\Program Files\Lx_cats
      2008-11-23 23:36 --------- d-----w C:\Program Files\Spybot - Search & Destroy
      2008-11-23 23:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
      2008-11-23 20:21 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
      2008-11-12 11:14 5,632 --sha-w C:\Program Files\Thumbs.db
      2008-11-06 10:37 --------- d-----w C:\Program Files\Opera
      2008-10-24 11:10 453,632 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
      2008-10-23 09:48 --------- d-----w C:\Program Files\eMule
      2007-10-25 05:03 47,360 ----a-w C:\Documents and Settings\akira\Application Data\pcouffin.sys
      .

      ((((((((((((((((((((((((((((( snapshot_2008-11-24_ 7.18.22,50 )))))))))))))))))))))))))))))))))))))))))
      .
      + 2005-10-20 19:02:28 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
      - 2008-11-24 06:17:40 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
      + 2008-11-27 09:39:18 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
      .
      ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
      REGEDIT4

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 14:50 122880]
      "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360]
      "Packard Bell Data Secure"="C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe" [2006-06-20 14:15 2361856]
      "SmpcSys"="C:\APPS\SMP\SmpSys.exe" [2005-11-17 08:51 975360]
      "NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2004-09-07 12:55 1871872]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "DetectorApp"="C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe" [2005-10-20 05:15 102400]
      "ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 15:50 221184]
      "ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-07-27 15:50 81920]
      "PCMService"="c:\APPS\Powercinema\PCMService.exe" [2006-02-23 11:08 147456]
      "lxctmon.exe"="C:\Program Files\Lexmark 5400 Series\lxctmon.exe" [2006-06-20 14:37 286720]
      "Lexmark 5400 Series Fax Server"="C:\Program Files\Lexmark 5400 Series\fm3032.exe" [2006-07-11 00:30 294912]
      "EzPrint"="C:\Program Files\Lexmark 5400 Series\ezprint.exe" [2006-06-07 04:05 98304]
      "LXCTCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll" [2006-06-07 13:09 106496]
      "WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 14:49 20480]
      "WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55 32768]
      "VirtualCloneDrive"="C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2005-04-12 16:27 45056]
      "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 13:00 455168]
      "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 13:00 455168]
      "LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-05-17 09:52 505368]
      "LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" [2007-05-17 09:53 780312]
      "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 05:24 286720]
      "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
      "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 02:43 83608]
      "BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [2007-10-09 16:46 61440]
      "BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2008-11-24 07:09 368640]
      "UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [2008-05-02 05:15 15872]
      "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 13:00 208952]
      "SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2005-03-10 17:44 98394]
      "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-03-10 17:43 688218]
      "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-04-27 09:48 7561216]
      "SkyTel"="SkyTel.EXE" [2006-05-16 17:04 2879488 C:\WINDOWS\SkyTel.exe]
      "Raccourci vers la page des propriétés de High Definition Audio"="HDAShCut.exe" [2005-01-07 16:07 61952 C:\WINDOWS\system32\HdAShCut.exe]
      "nwiz"="nwiz.exe" [2006-04-27 09:48 1519616 C:\WINDOWS\system32\nwiz.exe]
      "RTHDCPL"="RTHDCPL.EXE" [2006-06-01 15:48 16208384 C:\WINDOWS\RTHDCPL.exe]

      [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
      "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360]
      "MySpaceIM"="C:\Program Files\MySpace\IM\MySpaceIM.exe" [2007-12-07 08:33 8720384]
      "Symantec NetDriver Warning"="C:\PROGRA~1\SYMNET~1\SNDWarn.exe" [2004-10-29 07:52 218232]
      "ALUAlert"="C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe" [2002-08-19 15:07 54888]

      [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
      "WUAppSetup"="C:\Program Files\Fichiers communs\logishrd\WUApp32.exe" [2007-05-10 05:44 441120]

      C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
      Kodak software updater.lnk - C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe [2004-02-13 14:12:08 16423]
      Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 02:38:16 29696]
      Logiciel Kodak EasyShare.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2006-06-07 06:26:28 180224]

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
      "UIHost"="C:\\Documents and Settings\\All Users\\Application Data\\TuneUp Software\\TuneUp Utilities\\WinStyler\\tu_logonui.exe"

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
      "msacm.dvacm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm
      "msacm.ulmp3acm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\ulmp3acm.acm
      "msacm.mpegacm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\mpegacm.acm

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
      "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
      "MySpaceIM"=C:\Program Files\MySpace\IM\MySpaceIM.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
      "DisableMonitoring"=dword:00000001

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
      "EnableFirewall"= 0 (0x0)

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
      "%ProgramFiles%\\AOL 9.0\\aol.exe"=
      "%windir%\\system32\\sessmgr.exe"=
      "C:\\WINDOWS\\system32\\lxctcoms.exe"=
      "C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
      "C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
      "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
      "C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
      "C:\\Program Files\\eMule\\emule.exe"=
      "C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
      "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
      "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
      "C:\\Program Files\\AOL 9.0\\waol.exe"=
      "C:\\APPS\\skype\\phone\\Skype.exe"=
      "C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"=

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
      "16110:TCP"= 16110:TCP:BitComet 16110 TCP
      "16110:UDP"= 16110:UDP:BitComet 16110 UDP
      "47555:TCP"= 47555:TCP:emule tcp
      "52365:UDP"= 52365:UDP:emule udp

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
      "AllowInboundEchoRequest"= 1 (0x1)

      R0 pavboot;pavboot;C:\WINDOWS\system32\drivers\pavboot.sys [2008-07-22 21:07:09 28544]
      R2 Start BT in service;Start BT in service;C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [2007-09-30 08:16:38 51816]
      R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2008-06-02 16:16:08 86792]
      S3 MBAMSwissArmy;MBAMSwissArmy;\??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys [2008-07-22 12:57:07 38528]

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
      bdx REG_MULTI_SZ scan

      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
      UxTuneUp
      .
      Contenu du dossier 'Tâches planifiées'

      2008-11-27 C:\WINDOWS\Tasks\Extension de garantie.job
      - C:\APPS\SMP\PBCARNOT.EXE [2005-11-09 12:55]

      2008-11-27 C:\WINDOWS\Tasks\Master CD_DVD Creator.job
      - C:\Apps\SMP\MCDCHECK.EXE [2005-11-08 14:26]

      2008-11-27 C:\WINDOWS\Tasks\Symantec NetDetect.job
      - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE [2002-08-19 15:07]

      2008-11-27 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
      - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20]
      .
      .
      ------- Examen supplémentaire -------
      .
      FireFox -: Profile - C:\Documents and Settings\akira\Application Data\Mozilla\Firefox\Profiles\23m51jfc.default\
      .
      0
  13. noctambule28 Messages postés 25275 Date d'inscription   Statut Membre Dernière intervention   2 875
     
    Ok, c'est cool

    je regarde ça et je te dis ce qu'il reste à faire
    0
    1. fredjibb Messages postés 230 Statut Membre 1
       
      merci en fait pour être franc je n'y comprends pas grand chose...
      loin d'être un expert comme toi!!!
      0
  14. noctambule28 Messages postés 25275 Date d'inscription   Statut Membre Dernière intervention   2 875
     
    * Ouvre le bloc notes. Copie colle ce qui est en gras dedans :

    File::
    C:\WINDOWS\ZZZZZZZ.ZZZ
    C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
    Registry::

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "Symantec NetDriver Warning"="-"
    "ALUAlert"="-"
    [-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]


    * Sauvegarde cela comme fichier texte nommé CFScript, sur le bureau.
    * Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe

    * Une fenêtre bleue va apparaître: au message qui apparaît (Type 1 to continue, or 2 to abort) , tape 1 puis valide.
    * Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal ! Ne touche à rien tant que le scan n'est pas terminé.
    * Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
    * Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt

    0
    1. fredjibb Messages postés 230 Statut Membre 1
       
      voici le rapport combofix après avoir fait ce que tu m'as dit...en fait deuis que j'ai ce fichier zzzzz..zzzz dans mon temp de windows mon ordi rame
      merci de ton aide
      ComboFix 08-11-26.05 - akira 2008-11-27 13:29:36.4 - NTFSx86
      Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.393 [GMT 1:00]
      Lancé depuis: C:\Documents and Settings\akira\Bureau\ComboFix.exe
      Commutateurs utilisés :: C:\Documents and Settings\akira\Bureau\CFSCRIPT.txt
      * Un nouveau point de restauration a été créé
      * Resident AV is active


      FILE ::
      C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
      C:\WINDOWS\ZZZZZZZ.ZZZ
      .

      (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
      .

      C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
      C:\WINDOWS\ZZZZZZZ.ZZZ

      .
      ((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
      .

      -------\Service_poof


      ((((((((((((((((((((((((((((( Fichiers créés du 2008-10-27 au 2008-11-27 ))))))))))))))))))))))))))))))))))))
      .

      2008-11-27 09:20 . 2008-11-27 09:20 11,697,695 --a------ C:\upload_moi_731403450238.tar.gz
      2008-11-25 11:59 . 2008-11-26 14:17 <REP> d-------- C:\ToolBar SD
      2008-11-24 12:31 . 2008-11-24 12:32 <REP> d-------- C:\Program Files\Unlocker
      2008-11-24 00:32 . 2008-11-24 00:32 <REP> d-------- C:\Documents and Settings\akira\Application Data\Bitdefender
      2008-11-24 00:31 . 2008-11-24 00:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
      2008-11-23 20:47 . 2008-11-23 20:47 1,041,210 --a------ C:\WINDOWS\system32\PerfStringBackup.TMP
      2008-11-23 20:47 . 2008-11-23 20:58 512 --a------ C:\WINDOWS\ZZZZZZZZ.ZZZ
      2008-11-23 20:32 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
      2008-11-23 20:32 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
      2008-11-23 20:32 . 2008-10-01 14:51 87,552 --a------ C:\WINDOWS\system32\VACFix.exe
      2008-11-23 20:32 . 2008-10-10 07:58 82,944 --a------ C:\WINDOWS\system32\o4Patch.exe
      2008-11-23 20:32 . 2008-10-10 07:58 82,944 --a------ C:\WINDOWS\system32\IEDFix.C.exe
      2008-11-23 20:32 . 2008-08-18 11:19 82,432 --a------ C:\WINDOWS\system32\404Fix.exe
      2008-11-23 20:32 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
      2008-11-23 20:32 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
      2008-11-23 20:32 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
      2008-11-23 20:04 . 2008-11-23 23:30 <REP> d-------- C:\Program Files\FindyKill
      2008-11-12 01:15 . 2008-11-12 01:15 <REP> d-------- C:\Program Files\MSXML 4.0
      2008-11-07 09:58 . 2008-11-20 12:23 54,156 --ah----- C:\WINDOWS\QTFont.qfn
      2008-11-07 09:58 . 2008-11-07 09:58 1,409 --a------ C:\WINDOWS\QTFont.for
      2008-11-02 21:04 . 2008-11-02 21:04 <REP> d-------- C:\Program Files\BitDefender
      2008-11-02 21:03 . 2008-11-24 00:32 <REP> d-------- C:\Program Files\Fichiers communs\BitDefender

      .
      (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2008-11-27 11:10 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
      2008-11-27 09:42 --------- d-----w C:\Program Files\Wanadoo
      2008-11-27 09:41 --------- d-----w C:\Program Files\Packard Bell Data Secure
      2008-11-27 09:41 --------- d-----w C:\Program Files\Lx_cats
      2008-11-23 23:36 --------- d-----w C:\Program Files\Spybot - Search & Destroy
      2008-11-23 23:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
      2008-11-23 21:47 5,310 ----a-w C:\WINDOWS\system32\tmp.reg
      2008-11-23 20:21 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
      2008-11-12 11:14 5,632 --sha-w C:\Program Files\Thumbs.db
      2008-11-06 10:37 --------- d-----w C:\Program Files\Opera
      2008-10-30 08:36 2,284,544 ----a-w C:\WINDOWS\system32\TUKernel.exe
      2008-10-24 11:10 453,632 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
      2008-10-24 11:10 453,632 ----a-w C:\WINDOWS\system32\dllcache\mrxsmb.sys
      2008-10-23 09:48 --------- d-----w C:\Program Files\eMule
      2008-10-16 13:13 202,776 ----a-w C:\WINDOWS\system32\wuweb.dll
      2008-10-16 13:13 202,776 ----a-w C:\WINDOWS\system32\dllcache\wuweb.dll
      2008-10-16 13:13 1,809,944 ----a-w C:\WINDOWS\system32\wuaueng.dll
      2008-10-16 13:13 1,809,944 ----a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
      2008-10-16 13:12 561,688 ----a-w C:\WINDOWS\system32\wuapi.dll
      2008-10-16 13:12 561,688 ----a-w C:\WINDOWS\system32\dllcache\wuapi.dll
      2008-10-16 13:12 323,608 ----a-w C:\WINDOWS\system32\wucltui.dll
      2008-10-16 13:12 323,608 ----a-w C:\WINDOWS\system32\dllcache\wucltui.dll
      2008-10-16 13:09 92,696 ----a-w C:\WINDOWS\system32\dllcache\cdm.dll
      2008-10-16 13:09 92,696 ----a-w C:\WINDOWS\system32\cdm.dll
      2008-10-16 13:09 51,224 ----a-w C:\WINDOWS\system32\wuauclt.exe
      2008-10-16 13:09 51,224 ----a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
      2008-10-16 13:09 43,544 ----a-w C:\WINDOWS\system32\wups2.dll
      2008-10-16 13:08 34,328 ----a-w C:\WINDOWS\system32\wups.dll
      2008-10-16 13:08 34,328 ----a-w C:\WINDOWS\system32\dllcache\wups.dll
      2008-10-16 13:06 268,648 ----a-w C:\WINDOWS\system32\mucltui.dll
      2008-10-16 13:06 208,744 ----a-w C:\WINDOWS\system32\muweb.dll
      2008-10-15 16:59 332,800 ----a-w C:\WINDOWS\system32\dllcache\netapi32.dll
      2008-10-03 17:12 6,066,176 ----a-w C:\WINDOWS\system32\dllcache\ieframe.dll
      2008-09-30 15:43 1,286,152 ----a-w C:\WINDOWS\system32\msxml4.dll
      2008-09-15 15:39 1,846,144 ----a-w C:\WINDOWS\system32\win32k.sys
      2008-09-15 15:39 1,846,144 ----a-w C:\WINDOWS\system32\dllcache\win32k.sys
      2008-09-04 16:45 1,106,944 ----a-w C:\WINDOWS\system32\msxml3.dll
      2008-09-04 16:45 1,106,944 ----a-w C:\WINDOWS\system32\dllcache\msxml3.dll
      2008-08-28 10:04 333,056 ----a-w C:\WINDOWS\system32\dllcache\srv.sys
      2008-08-27 09:11 3,593,216 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
      2007-10-25 05:03 47,360 ----a-w C:\Documents and Settings\akira\Application Data\pcouffin.sys
      .

      ((((((((((((((((((((((((((((( snapshot_2008-11-24_ 7.18.22,50 )))))))))))))))))))))))))))))))))))))))))
      .
      + 2005-10-20 19:02:28 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
      .
      ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
      REGEDIT4

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 14:50 122880]
      "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360]
      "Packard Bell Data Secure"="C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe" [2006-06-20 14:15 2361856]
      "SmpcSys"="C:\APPS\SMP\SmpSys.exe" [2005-11-17 08:51 975360]
      "NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2004-09-07 12:55 1871872]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "DetectorApp"="C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe" [2005-10-20 05:15 102400]
      "ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 15:50 221184]
      "ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-07-27 15:50 81920]
      "PCMService"="c:\APPS\Powercinema\PCMService.exe" [2006-02-23 11:08 147456]
      "lxctmon.exe"="C:\Program Files\Lexmark 5400 Series\lxctmon.exe" [2006-06-20 14:37 286720]
      "Lexmark 5400 Series Fax Server"="C:\Program Files\Lexmark 5400 Series\fm3032.exe" [2006-07-11 00:30 294912]
      "EzPrint"="C:\Program Files\Lexmark 5400 Series\ezprint.exe" [2006-06-07 04:05 98304]
      "LXCTCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll" [2006-06-07 13:09 106496]
      "WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 14:49 20480]
      "WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55 32768]
      "VirtualCloneDrive"="C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2005-04-12 16:27 45056]
      "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 13:00 455168]
      "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 13:00 455168]
      "LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-05-17 09:52 505368]
      "LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" [2007-05-17 09:53 780312]
      "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 05:24 286720]
      "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
      "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 02:43 83608]
      "BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [2007-10-09 16:46 61440]
      "BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2008-11-24 07:09 368640]
      "UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [2008-05-02 05:15 15872]
      "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 13:00 208952]
      "SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2005-03-10 17:44 98394]
      "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-03-10 17:43 688218]
      "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-04-27 09:48 7561216]
      "SkyTel"="SkyTel.EXE" [2006-05-16 17:04 2879488 C:\WINDOWS\SkyTel.exe]
      "Raccourci vers la page des propriétés de High Definition Audio"="HDAShCut.exe" [2005-01-07 16:07 61952 C:\WINDOWS\system32\HdAShCut.exe]
      "nwiz"="nwiz.exe" [2006-04-27 09:48 1519616 C:\WINDOWS\system32\nwiz.exe]
      "RTHDCPL"="RTHDCPL.EXE" [2006-06-01 15:48 16208384 C:\WINDOWS\RTHDCPL.exe]

      [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
      "Symantec NetDriver Warning"="-" [X]
      "ALUAlert"="-" [X]
      "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360]
      "MySpaceIM"="C:\Program Files\MySpace\IM\MySpaceIM.exe" [2007-12-07 08:33 8720384]

      [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
      "WUAppSetup"="C:\Program Files\Fichiers communs\logishrd\WUApp32.exe" [2007-05-10 05:44 441120]

      C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
      Kodak software updater.lnk - C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe [2004-02-13 14:12:08 16423]
      Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 02:38:16 29696]
      Logiciel Kodak EasyShare.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2006-06-07 06:26:28 180224]

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
      "UIHost"="C:\\Documents and Settings\\All Users\\Application Data\\TuneUp Software\\TuneUp Utilities\\WinStyler\\tu_logonui.exe"

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
      "msacm.dvacm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm
      "msacm.ulmp3acm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\ulmp3acm.acm
      "msacm.mpegacm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\mpegacm.acm

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
      "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
      "MySpaceIM"=C:\Program Files\MySpace\IM\MySpaceIM.exe

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
      "EnableFirewall"= 0 (0x0)

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
      "%ProgramFiles%\\AOL 9.0\\aol.exe"=
      "%windir%\\system32\\sessmgr.exe"=
      "C:\\WINDOWS\\system32\\lxctcoms.exe"=
      "C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
      "C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
      "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
      "C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
      "C:\\Program Files\\eMule\\emule.exe"=
      "C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
      "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
      "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
      "C:\\Program Files\\AOL 9.0\\waol.exe"=
      "C:\\APPS\\skype\\phone\\Skype.exe"=
      "C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"=

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
      "16110:TCP"= 16110:TCP:BitComet 16110 TCP
      "16110:UDP"= 16110:UDP:BitComet 16110 UDP
      "47555:TCP"= 47555:TCP:emule tcp
      "52365:UDP"= 52365:UDP:emule udp

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
      "AllowInboundEchoRequest"= 1 (0x1)

      R0 pavboot;pavboot;C:\WINDOWS\system32\drivers\pavboot.sys [2008-07-22 21:07:09 28544]
      R2 Start BT in service;Start BT in service;C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [2007-09-30 08:16:38 51816]
      R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2008-06-02 16:16:08 86792]
      S3 MBAMSwissArmy;MBAMSwissArmy;\??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys [2008-07-22 12:57:07 38528]

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
      bdx REG_MULTI_SZ scan

      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
      UxTuneUp
      .
      Contenu du dossier 'Tâches planifiées'

      2008-11-27 C:\WINDOWS\Tasks\Extension de garantie.job
      - C:\APPS\SMP\PBCARNOT.EXE [2005-11-09 12:55]

      2008-11-27 C:\WINDOWS\Tasks\Master CD_DVD Creator.job
      - C:\Apps\SMP\MCDCHECK.EXE [2005-11-08 14:26]

      2008-11-27 C:\WINDOWS\Tasks\Symantec NetDetect.job
      - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE []

      2008-11-27 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
      - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20]
      .
      0
  15. noctambule28 Messages postés 25275 Date d'inscription   Statut Membre Dernière intervention   2 875
     
    Salut

    Tu peux me dire ou tu en es par rapport au début ?
    0
    1. fredjibb Messages postés 230 Statut Membre 1
       
      ça va déja mieux mais j'ai toujours des applications qui merdent
      mon antivirus se désactive siouvent j'ai des fichiers temporaires impossibles à supprimer enfin bref c'est pas encore tout à fait ça...
      0
  16. noctambule28 Messages postés 25275 Date d'inscription   Statut Membre Dernière intervention   2 875
     
    ok, Va falloir fouiller un peu

    Pour l'antivirus, je te conseillerais de le desisnstaller et de rinstaller
    et ceci aussi
    Télécharge ici :

    http://images.malwareremoval.com/random/RSIT.exe

    random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

    Double-clique sur RSIT.exe afin de lancer RSIT.

    Clique Continue à l'écran Disclaimer.

    Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

    Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

    Poste le contenu de log.txt (<<qui sera affiché)
    ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

    NB : Les rapports sont sauvegardés dans le dossier C:\rsit
    0
    1. fredjibb Messages postés 230 Statut Membre 1
       
      mon antivirus je viens jusrte de le réinstaller puisqu'il ne faisait plus les mises à jour...
      cijoint le rapport log.txt
      Logfile of random's system information tool 1.04 (written by random/random)
      Run by akira at 2008-11-27 21:14:10
      Microsoft Windows XP Édition familiale Service Pack 2
      System drive C: has 51 GB (59%) free of 87 GB
      Total RAM: 895 MB (43% free)

      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 21:14, on 2008-11-27
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16735)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
      C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
      C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
      C:\Program Files\Bonjour\mDNSResponder.exe
      c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
      c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
      C:\WINDOWS\System32\FTRTSVC.exe
      C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
      C:\WINDOWS\system32\lxctcoms.exe
      C:\WINDOWS\system32\nvsvc32.exe
      C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
      C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
      C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
      C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
      C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
      c:\APPS\Powercinema\Kernel\TV\CLSched.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
      C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
      C:\APPS\Powercinema\PCMService.exe
      C:\Program Files\Lexmark 5400 Series\lxctmon.exe
      C:\Program Files\Lexmark 5400 Series\ezprint.exe
      C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
      C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
      C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
      C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
      C:\Program Files\QuickTime\QTTask.exe
      C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
      C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
      C:\Program Files\Unlocker\UnlockerAssistant.exe
      C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\WINDOWS\RTHDCPL.EXE
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
      C:\APPS\SMP\SmpSys.exe
      C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
      C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
      C:\PROGRA~1\Wanadoo\ComComp.exe
      C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
      C:\PROGRA~1\Wanadoo\Toaster.exe
      C:\PROGRA~1\Wanadoo\Inactivity.exe
      C:\PROGRA~1\Wanadoo\PollingModule.exe
      C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
      C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
      C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
      C:\WINDOWS\System32\svchost.exe
      C:\PROGRA~1\Wanadoo\Watch.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Opera\opera.exe
      C:\Program Files\Windows Live\Messenger\msnmsgr.exe
      C:\Program Files\Windows Live\Messenger\usnsvc.exe
      C:\Program Files\TrueCrypt\TrueCrypt.exe
      C:\Documents and Settings\akira\Bureau\RSIT.exe
      C:\HiJackThis\akira.exe

      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=6&key=OEM2
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
      R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
      O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
      O2 - BHO: BitComet Helper - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
      O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
      O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - (no file)
      O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
      O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
      O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
      O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
      O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
      O4 - HKLM\..\Run: [PCMService] "c:\APPS\Powercinema\PCMService.exe"
      O4 - HKLM\..\Run: [lxctmon.exe] "C:\Program Files\Lexmark 5400 Series\lxctmon.exe"
      O4 - HKLM\..\Run: [Lexmark 5400 Series Fax Server] "C:\Program Files\Lexmark 5400 Series\fm3032.exe" /s
      O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 5400 Series\ezprint.exe"
      O4 - HKLM\..\Run: [LXCTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16
      O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
      O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
      O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
      O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
      O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
      O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
      O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
      O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
      O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
      O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
      O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
      O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
      O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
      O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
      O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
      O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [Packard Bell Data Secure] C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
      O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
      O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
      O4 - HKUS\S-1-5-18\..\Run: [Symantec NetDriver Warning] - (User 'SYSTEM')
      O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] - (User 'SYSTEM')
      O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x08da -f video -m logitech -d 10.5.1.2023 (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x08da -f video -m logitech -d 10.5.1.2023 (User 'Default user')
      O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
      O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
      O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
      O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
      O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
      O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
      O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
      O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
      O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
      O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
      O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
      O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
      O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
      O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
      O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
      O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\Skype4COM.dll
      O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
      O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
      O23 - Service: Service Bonjour (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
      O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
      O23 - Service: CyberLink Media Library Service - Cyberlink - c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
      O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
      O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
      O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
      O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
      O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
      O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
      O23 - Service: lxct_device - - C:\WINDOWS\system32\lxctcoms.exe
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
      O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
      O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
      O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
      O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
      0
  17. noctambule28 Messages postés 25275 Date d'inscription   Statut Membre Dernière intervention   2 875
     
    re,
    Télécharge Ccleaner (n'installe pas la barre d'outil Yahoo):

    http://www.commentcamarche.net/telecharger/telechargement 168 ccleaner

    -> L´installer.

    -> Une fois installé et lancé :

    Dans la colonne de gauche, click sur :

    ->"erreurs" :

    Coches toutes les cases dans les propriétés du nettoyeur de l´onglet "windows" et "applications", puis click en bas sur "chercher des erreurs" une fois terminé, clic sur "reparer les erreurs", tu auras un message pour sauvegarder ta base de registre, tu click "oui" puis tu recommence jusqu'à ce qu'il ne trouve plus rien.

    ps : les sauvegardes que tu auras faites, pourront etre supprimées ulterieurement si tout va bien.

    ->"nettoyeur"

    quitte ton navigateur avant de le lancer, décoche la derniere case (Avancé si elle est cochée) puis click sur "lancer le nettoyage" qunand il aura terminé le scan click en bas a droite sur "lancer le nettoyage" et accepte par oui.

    -> Tutoriel en image :

    https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
    ==================================================

    1) Imprime ces instructions ou mets les dans un fichier texte sur ton bureau)car il faudra fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.

    2) Télécharge Malwarebytes' Anti-Malware (MBAM) et enregistre le sur ton Bureau à partir de ce lien :

    https://www.malwarebytes.com/

    3) A la fin du téléchargement, ferme toutes les fenêtres et programmes, y compris celui-ci.

    4) Double-clique sur l'icône Download_mbam-setup.exe sur ton bureau pour démarrer le programme d'installation.

    5) Pendant l'installation, suis les indications (en particulier le choix de la langue et l'autorisation d'accession à Internet). N'apporte aucune modification aux réglages par défaut et, en fin d'installation, vérifie que les options Update Malwarebytes' Anti-Malware et Launch Malwarebytes' Anti-Malware sont cochées.

    6) MBAM démarrera automatiquement et enverra un message demandant à mettre à jour le programme avant de lancer une analyse. Comme MBAM se met automatiquement à jour en fin d'installation, clique sur OK pour fermer la boîte de dialogue. La fenêtre principale de MBAM s'affiche :

    7) Dans l'onglet analyse, vérifie que "Exécuter un examen rapide" est coché et clique sur le bouton Rechercher pour démarrer l'analyse.

    8) MBAM analyse ton ordinateur. L'analyse peut prendre un certain temps. Il suffit de vérifier de temps en temps son avancement.

    9) A la fin de l'analyse, un message s'affiche indiquant la fin de l'analyse. Clique sur OK pour poursuivre.

    10) Si des malwares ont été détectés, leur liste s'affiche.
    En cliquant sur Suppression (?) , MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.

    11) MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Ferme le Bloc-notes. (Le rapport peut être retrouvé sous l'onglet Rapports/logs)

    12) Ferme MBAM en cliquant sur Quitter.

    13) Poste le rapport dans ta réponse
    0
  18. noctambule28 Messages postés 25275 Date d'inscription   Statut Membre Dernière intervention   2 875
     
    Salut
    Ouvre ce lien pour scanner ton PC avec un BitDefender en ligne (uniquement sous Internet Explorer) :

    https://www.bitdefender.com/toolbox/

    Utilisation :
    Cliquer sur "J'accepte" puis accepter également l'ActiveX bloqué par la barre anti-popup du SP2 qui clignotera en haut et l'installer.
    Ensuite, cliquer sur "Cliquez ici pour scanner".
    Patienter jusqu'à la fin du scan qui peut durer assez longtemps...

    Copier/coller le rapport entier sur le forum.

    Tutoriel en images ici : http://pageperso.aol.fr/rginformatique/mapage/defender.htm (merci à Balltrap34 pour cette réalisation)
    [Recoche] la case « Masquer les fichiers protégés du système d'exploitation (recommandé) »

    Relance Hijackthis et copie/colle un nouveau rapport sur le forum.

    Et dis moi ou en sont tes problèmes s’il t’en reste.
    0
    1. fredjibb Messages postés 230 Statut Membre 1
       
      excuse moi je n'etais pas à la maison depuis un moment
      voici le rapport bit defender
      Fichier journal de BitDefender
      Produit : BitDefender Internet Security 2008
      Version : BitDefender UIScanner V.11
      Date du journal : 10:26:22 12/12/2008
      Chemin du journal : C:\Documents and Settings\All Users\Application Data\BitDefender\Desktop\Profiles\Logs\deep_scan\1229073982_1_02.xml

      Analyse des chemins :Chemin0000: C:\
      Chemin0001: H:\


      Options d’analyse :Analyse contre les virus : Oui
      Détecter les adwares : Oui
      Analyse contre les spywares : Oui
      Analyse des applications : Oui
      Détecter les numéroteurs : Oui
      Analyse contre les Rootkits : Oui


      Options de sélection de cible :Analyse les clés du registre : Oui
      Analyse des cookies : Oui
      Analyser le secteur de boot : Oui
      Analyse des processus mémoire : Oui
      Analyser les archives : Oui
      Analyser les fichiers enpaquetés : Oui
      Analyser les emails : Oui
      Analyser tous les fichiers : Oui
      Analyse heuristique : Oui
      Extensions analysées :
      Extensions exclues :


      Traitement cibleAction par défaut pour les objets infectés : Désinfecter
      Action par défaut pour les objets suspects : Aucun
      Action par défaut pour les objets camouflés : Aucun


      Résumé de l'analyseNombre de signatures de virus : 2345062
      Plugins archives : 45
      Plug-ins messagerie : 6
      Plugins d'analyse : 13
      Plugins archives : 45
      Plug-ins système : 5
      Plug-ins décompression : 7


      Résumé de l'analyse généraleEléments analysés : 373967
      Eléments infectés : 0
      Eléments suspects : 0
      Eléments résolus : 0
      Virus individuels trouvés : 0
      Répertoires analysés : 8554
      Secteur de boot analysés : 3
      Archives analysés : 8796
      Erreurs I/O : 27
      Temps d'analyse : 00:02:36:22
      Fichiers par seconde : 39


      Résumé des processus analysésAnalysé(s) : 69
      Infecté(s) : 0


      Résumé des clés de registre analyséesAnalysé(s) : 1168
      Infecté(s) : 0


      Résumé des cookies analysésAnalysé(s) : 0
      Infecté(s) : 0


      Problèmes non résolus :Nom de l'objet Nom de la menace Etat final


      Problèmes résolusNom de l'objet Nom de la menace Etat final


      Objets non scannés :Nom de l'objet Raison Etat final
      C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FraudXPAntivirus.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
      C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FraudXPAntivirus.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
      C:\Program Files\Adobe\Acrobat 7.0\Setup Files\Rdrbig710\FRA\Data1.cab=]WebSearchENU.pdf Protégé par mot de passe Aucune action possible
      C:\Program Files\Adobe\Acrobat 7.0\Setup Files\Rdrbig710\FRA\Data1.cab=]RdrMsgFRA.pdf Protégé par mot de passe Aucune action possible
      C:\Program Files\Adobe\Acrobat 7.0\Setup Files\Rdrbig710\FRA\Data1.cab=]RdrMsgENU.pdf Protégé par mot de passe Aucune action possible
      C:\Program Files\Adobe\Acrobat 7.0\Setup Files\Rdrbig710\FRA\Data1.cab=]RdrMsgSplash.pdf Protégé par mot de passe Aucune action possible
      0
    2. fredjibb Messages postés 230 Statut Membre 1
       
      et voici un nouveau log hi jack this
      j'ai beaucoup moins de problemes
      mon antivirus reste desormais activé
      et je rame deja moins
      merci pour ton aide précieuse
      vois tu encore des choses à faire???
      je felicite les gens comme toi qui sont expert en informatique et qui aident les autres franchement chapeau!!!!
      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 10:58, on 2008-12-12
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16762)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
      C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
      C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
      C:\Program Files\Bonjour\mDNSResponder.exe
      c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
      c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
      C:\WINDOWS\System32\FTRTSVC.exe
      C:\Program Files\Java\jre6\bin\jqs.exe
      C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
      C:\WINDOWS\system32\lxctcoms.exe
      C:\WINDOWS\system32\nvsvc32.exe
      C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
      C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
      C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
      C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
      C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
      c:\APPS\Powercinema\Kernel\TV\CLSched.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
      C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
      C:\APPS\Powercinema\PCMService.exe
      C:\Program Files\Lexmark 5400 Series\lxctmon.exe
      C:\Program Files\Lexmark 5400 Series\ezprint.exe
      C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
      C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
      C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
      C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
      C:\Program Files\QuickTime\QTTask.exe
      C:\Program Files\Java\jre6\bin\jusched.exe
      C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
      C:\Program Files\Unlocker\UnlockerAssistant.exe
      C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\WINDOWS\RTHDCPL.EXE
      C:\Program Files\Real\RealPlayer\RealPlay.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
      C:\APPS\SMP\SmpSys.exe
      C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
      C:\PROGRA~1\Wanadoo\ComComp.exe
      C:\PROGRA~1\Wanadoo\Toaster.exe
      C:\PROGRA~1\Wanadoo\Inactivity.exe
      C:\PROGRA~1\Wanadoo\PollingModule.exe
      C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
      C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
      C:\WINDOWS\system32\wbem\wmiapsrv.exe
      C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
      C:\WINDOWS\System32\svchost.exe
      C:\PROGRA~1\Wanadoo\Watch.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Windows Live\Messenger\msnmsgr.exe
      C:\Program Files\Windows Live\Messenger\usnsvc.exe
      C:\Program Files\Opera\opera.exe
      C:\HiJackThis\akira.exe

      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=6&key=OEM2
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
      R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
      O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
      O2 - BHO: BitComet Helper - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll
      O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
      O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
      O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
      O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
      O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - (no file)
      O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
      O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
      O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
      O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
      O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
      O4 - HKLM\..\Run: [PCMService] "c:\APPS\Powercinema\PCMService.exe"
      O4 - HKLM\..\Run: [lxctmon.exe] "C:\Program Files\Lexmark 5400 Series\lxctmon.exe"
      O4 - HKLM\..\Run: [Lexmark 5400 Series Fax Server] "C:\Program Files\Lexmark 5400 Series\fm3032.exe" /s
      O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 5400 Series\ezprint.exe"
      O4 - HKLM\..\Run: [LXCTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16
      O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
      O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
      O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
      O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
      O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
      O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
      O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
      O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
      O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
      O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
      O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
      O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
      O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
      O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
      O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
      O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
      O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [Packard Bell Data Secure] C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
      O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
      O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
      O4 - HKUS\S-1-5-18\..\Run: [Symantec NetDriver Warning] - (User 'SYSTEM')
      O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] - (User 'SYSTEM')
      O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x08da -f video -m logitech -d 10.5.1.2023 (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x08da -f video -m logitech -d 10.5.1.2023 (User 'Default user')
      O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
      O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
      O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
      O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
      O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
      O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
      O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
      O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
      O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
      O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
      O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
      O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
      O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\Skype4COM.dll
      O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
      O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
      O23 - Service: Service Bonjour (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
      O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
      O23 - Service: CyberLink Media Library Service - Cyberlink - c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
      O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
      O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
      O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
      O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
      O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
      O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
      O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
      O23 - Service: lxct_device - - C:\WINDOWS\system32\lxctcoms.exe
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
      O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
      O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
      O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
      O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
      0