godefroyy

d charles bjour oui ca fait longtemps car l acces internet n est pas tout le temps evident!! je t envoie le rapport hijackthis mais je t avouerais que mon ordinatuer mais beaucoup de temps a demarrer et que mon lecteur cd ne fonctionne pas donc pour le premier problemes j ai booté du mieux possible Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:08:48, on 23/10/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.emjysoft.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.files-ftp.com/~unicorni/phpBB2/index.php R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.emjysoft.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://www.touslesdrivers.com/fichiers/har...on.cab?version= O17 - HKLM\System\CCS\Services\Tcpip\..\{684B960E-6B18-4259-B8BD-0CD02BDBCDBD}: NameServer = 172.16.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{684B960E-6B18-4259-B8BD-0CD02BDBCDBD}: NameServer = 172.16.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{684B960E-6B18-4259-B8BD-0CD02BDBCDBD}: NameServer = 172.16.1.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{684B960E-6B18-4259-B8BD-0CD02BDBCDBD}: NameServer = 172.16.1.1 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe -- End of file - 4451 bytes tiens moi au courant merci

hello la page que tu m as envoye ne fonctionne pas actuellement mon pc rame enormement (au demarage et lors de l utilisation de la musique ...) ca peut etre rien a voir ms que de problemes bye

dsl ms j ai pas system3256205C6.dll

Voici le rapport de combofix: ComboFix 07-09-14.2 - "God" 2007-10-01 9:03:32.4 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.184 [GMT 2:00] Command switches used :: D:\Mes documents\CFScriptOO.txt * Created a new restore point FILE:: C:\qwere.exe C:\WINDOWS\system32\mvwqn.dll C:\WINDOWS\system3256205C6.dll . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\mvwqn.dll . ((((((((((((((((((((((((( Files Created from 2007-09-01 to 2007-10-01 ))))))))))))))))))))))))))))))) . 2007-09-28 23:06 <REP> d--h----- C:\WINDOWS\$hf_mig$ 2007-09-27 17:54 3,377 --a------ C:\WINDOWS\msnchk.exe 2007-09-17 19:28 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat 2007-09-17 19:26 <REP> d-------- C:\WINDOWS\Internet Logs 2007-09-17 19:09 <REP> d-------- C:\Program Files\Avira 2007-09-14 16:44 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-09-14 13:09 <REP> d-------- C:\Program Files\Trend Micro 2007-09-14 11:05 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira 2007-09-14 11:00 <REP> dr------- C:\DOCUME~1\ADMINI~1\Menu D‚marrer 2007-09-14 11:00 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage r‚seau 2007-09-14 11:00 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage d'impression 2007-09-14 11:00 <REP> d--h----- C:\DOCUME~1\ADMINI~1\ModŠles 2007-09-14 11:00 <REP> d-------- C:\DOCUME~1\ADMINI~1\Mes documents 2007-09-14 11:00 <REP> d-------- C:\DOCUME~1\ADMINI~1\Favoris 2007-09-14 11:00 <REP> d-------- C:\DOCUME~1\ADMINI~1\Bureau 2007-09-11 18:55 <REP> d-------- C:\DOCUME~1\God\APPLIC~1\Emjysoft 2007-09-11 18:55 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Emjysoft 2007-09-10 16:13 85,376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys 2007-09-10 16:13 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys 2007-09-10 16:13 19,328 --a------ C:\WINDOWS\system32\drivers\WSTCODEC.SYS 2007-09-10 16:13 17,024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys 2007-09-10 16:13 15,360 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys 2007-09-10 16:13 11,136 --a------ C:\WINDOWS\system32\drivers\SLIP.sys 2007-09-10 16:13 10,880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys 2007-09-10 16:12 54,784 --a------ C:\WINDOWS\vfwwdm32.dll 2007-09-10 16:00 65,536 --a------ C:\WINDOWS\system32\camlib.dll 2007-09-10 16:00 28,672 --a------ C:\WINDOWS\tpsti.exe 2007-09-10 16:00 221,184 --a------ C:\WINDOWS\ToproUI.exe 2007-09-10 16:00 198,316 --a------ C:\WINDOWS\system32\drivers\TP6800.sys 2007-09-10 16:00 1,523,712 --a------ C:\WINDOWS\system32\ToproVC.dll 2007-09-06 18:29 184,320 --a------ C:\WINDOWS\system3256205C6.dll 2007-09-06 18:07 <REP> d--h----- C:\WINDOWS\PIF . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-09-11 22:51 --------- d-------- C:\Program Files\MSN Messenger 2007-09-11 22:49 --------- d-------- C:\Program Files\Services en ligne 2007-09-10 16:00 --------- d--h----- C:\Program Files\InstallShield Installation Information 2007-09-05 14:58 --------- d-------- C:\DOCUME~1\God\APPLIC~1\dvdcss 2007-08-30 16:32 --------- d-------- C:\Program Files\Winamp 2007-08-22 19:43 --------- d-------- C:\DOCUME~1\God\APPLIC~1\MSNInstaller 2007-08-13 01:38 --------- d-------- C:\Program Files\InterActual . ((((((((((((((((((((((((((((( snapshot_2007-09-14_164845.48 ))))))))))))))))))))))))))))))))))))))))) . ----a-w 15,072 2005-02-24 18:35:26 C:\WINDOWS\$hf_mig$\KB896423\spmsg.dll ----a-w 213,216 2005-02-24 18:35:26 C:\WINDOWS\$hf_mig$\KB896423\spuninst.exe ----a-w 57,856 2005-06-11 00:17:13 C:\WINDOWS\$hf_mig$\KB896423\SP2QFE\spoolsv.exe ----a-w 30,720 2005-06-29 14:54:32 C:\WINDOWS\$hf_mig$\KB896423\update\arpidfix.exe ----a-w 22,240 2005-02-24 18:35:26 C:\WINDOWS\$hf_mig$\KB896423\update\spcustom.dll ----a-w 730,336 2005-02-24 18:35:26 C:\WINDOWS\$hf_mig$\KB896423\update\update.exe ----a-w 395,488 2005-02-24 18:35:26 C:\WINDOWS\$hf_mig$\KB896423\update\updspapi.dll ----a-w 15,072 2005-02-25 03:35:24 C:\WINDOWS\$hf_mig$\KB898461\spmsg.dll ----a-w 213,216 2005-02-25 03:35:24 C:\WINDOWS\$hf_mig$\KB898461\spuninst.exe ----a-w 22,752 2005-02-25 03:35:24 C:\WINDOWS\$hf_mig$\KB898461\spupdsvc.exe ----a-w 22,240 2005-02-25 03:35:24 C:\WINDOWS\$hf_mig$\KB898461\update\spcustom.dll ----a-w 730,336 2005-02-25 03:35:24 C:\WINDOWS\$hf_mig$\KB898461\update\update.exe ----a-w 395,488 2005-02-25 03:35:25 C:\WINDOWS\$hf_mig$\KB898461\update\updspapi.dll ----a-w 15,072 2005-10-12 23:18:45 C:\WINDOWS\$hf_mig$\KB916595\spmsg.dll ----a-w 216,800 2005-10-12 23:18:45 C:\WINDOWS\$hf_mig$\KB916595\spuninst.exe ----a-w 262,656 2006-03-17 01:08:10 C:\WINDOWS\$hf_mig$\KB916595\SP2QFE\http.sys ----a-w 22,752 2005-10-12 23:18:45 C:\WINDOWS\$hf_mig$\KB916595\update\spcustom.dll ----a-w 727,776 2005-10-12 23:18:46 C:\WINDOWS\$hf_mig$\KB916595\update\update.exe ----a-w 394,976 2005-10-12 23:18:49 C:\WINDOWS\$hf_mig$\KB916595\update\updspapi.dll ----a-w 15,072 2005-10-12 23:18:45 C:\WINDOWS\$hf_mig$\KB917344\spmsg.dll ----a-w 216,800 2005-10-12 23:18:45 C:\WINDOWS\$hf_mig$\KB917344\spuninst.exe ----a-w 450,560 2006-05-18 05:49:55 C:\WINDOWS\$hf_mig$\KB917344\SP2QFE\jscript.dll ----a-w 22,752 2005-10-12 23:18:45 C:\WINDOWS\$hf_mig$\KB917344\update\spcustom.dll ----a-w 727,776 2005-10-12 23:18:46 C:\WINDOWS\$hf_mig$\KB917344\update\update.exe ----a-w 394,976 2005-10-12 23:18:49 C:\WINDOWS\$hf_mig$\KB917344\update\updspapi.dll ----a-w 15,072 2005-10-12 23:15:25 C:\WINDOWS\$hf_mig$\KB917953\spmsg.dll ----a-w 216,800 2005-10-12 23:15:26 C:\WINDOWS\$hf_mig$\KB917953\spuninst.exe ----a-w 360,576 2006-04-20 12:18:35 C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys ----a-w 22,752 2005-10-12 23:15:25 C:\WINDOWS\$hf_mig$\KB917953\update\spcustom.dll ----a-w 727,776 2005-10-12 23:15:28 C:\WINDOWS\$hf_mig$\KB917953\update\update.exe ----a-w 394,976 2005-10-12 23:15:45 C:\WINDOWS\$hf_mig$\KB917953\update\updspapi.dll ----a-w 15,072 2005-10-12 23:15:25 C:\WINDOWS\$hf_mig$\KB918439\spmsg.dll ----a-w 216,800 2005-10-12 23:15:26 C:\WINDOWS\$hf_mig$\KB918439\spuninst.exe ----a-w 163,840 2006-06-01 19:46:25 C:\WINDOWS\$hf_mig$\KB918439\SP2QFE\jgdw400.dll ----a-w 27,648 2006-06-01 19:46:25 C:\WINDOWS\$hf_mig$\KB918439\SP2QFE\jgpl400.dll ----a-w 22,752 2005-10-12 23:15:25 C:\WINDOWS\$hf_mig$\KB918439\update\spcustom.dll ----a-w 727,776 2005-10-12 23:15:28 C:\WINDOWS\$hf_mig$\KB918439\update\update.exe ----a-w 394,976 2005-10-12 23:15:45 C:\WINDOWS\$hf_mig$\KB918439\update\updspapi.dll ----a-w 15,072 2005-10-12 23:15:25 C:\WINDOWS\$hf_mig$\KB919007\spmsg.dll ----a-w 216,800 2005-10-12 23:15:26 C:\WINDOWS\$hf_mig$\KB919007\spuninst.exe ----a-w 202,496 2006-07-13 11:43:08 C:\WINDOWS\$hf_mig$\KB919007\SP2QFE\rmcast.sys ----a-w 22,752 2005-10-12 23:15:25 C:\WINDOWS\$hf_mig$\KB919007\update\spcustom.dll ----a-w 727,776 2005-10-12 23:15:28 C:\WINDOWS\$hf_mig$\KB919007\update\update.exe ----a-w 394,976 2005-10-12 23:15:45 C:\WINDOWS\$hf_mig$\KB919007\update\updspapi.dll ----a-w 15,072 2005-10-12 23:18:45 C:\WINDOWS\$hf_mig$\KB920213\spmsg.dll ----a-w 216,800 2005-10-12 23:18:45 C:\WINDOWS\$hf_mig$\KB920213\spuninst.exe ----a-w 42,496 2006-10-12 13:55:58 C:\WINDOWS\$hf_mig$\KB920213\SP2QFE\agentdp2.dll ----a-w 57,344 2006-10-12 13:55:58 C:\WINDOWS\$hf_mig$\KB920213\SP2QFE\agentdpv.dll ----a-w 256,512 2006-10-12 11:54:07 C:\WINDOWS\$hf_mig$\KB920213\SP2QFE\agentsvr.exe ----a-w 265,216 2006-10-16 11:19:09 C:\WINDOWS\$hf_mig$\KB920213\SP2QFE\spru040c.dll ----a-w 22,752 2005-10-12 23:18:45 C:\WINDOWS\$hf_mig$\KB920213\update\spcustom.dll ----a-w 727,776 2005-10-12 23:18:46 C:\WINDOWS\$hf_mig$\KB920213\update\update.exe ----a-w 394,976 2005-10-12 23:18:49 C:\WINDOWS\$hf_mig$\KB920213\update\updspapi.dll ----a-w 15,072 2005-10-12 23:15:23 C:\WINDOWS\$hf_mig$\KB922582\spmsg.dll ----a-w 216,800 2005-10-12 23:15:24 C:\WINDOWS\$hf_mig$\KB922582\spuninst.exe ----a-w 16,896 2006-08-21 12:29:03 C:\WINDOWS\$hf_mig$\KB922582\SP2QFE\fltlib.dll ----a-w 23,040 2006-08-21 09:43:32 C:\WINDOWS\$hf_mig$\KB922582\SP2QFE\fltmc.exe ----a-w 128,768 2006-08-21 09:43:32 C:\WINDOWS\$hf_mig$\KB922582\SP2QFE\fltmgr.sys ----a-w 22,752 2005-10-12 23:15:23 C:\WINDOWS\$hf_mig$\KB922582\update\spcustom.dll ----a-w 727,776 2005-10-12 23:15:26 C:\WINDOWS\$hf_mig$\KB922582\update\update.exe ----a-w 394,976 2005-10-12 23:15:43 C:\WINDOWS\$hf_mig$\KB922582\update\updspapi.dll ----a-w 15,072 2006-12-14 08:53:58 C:\WINDOWS\$hf_mig$\KB927891\spmsg.dll ----a-w 216,800 2006-12-14 08:53:58 C:\WINDOWS\$hf_mig$\KB927891\spuninst.exe ----a-w 2,854,400 2007-04-18 16:16:25 C:\WINDOWS\$hf_mig$\KB927891\SP2QFE\msi31.dll ----a-w 22,752 2006-12-14 08:53:58 C:\WINDOWS\$hf_mig$\KB927891\update\spcustom.dll ----a-w 727,776 2006-12-14 08:53:58 C:\WINDOWS\$hf_mig$\KB927891\update\update.exe ----a-w 394,976 2006-12-14 08:53:58 C:\WINDOWS\$hf_mig$\KB927891\update\updspapi.dll ----a-w 15,072 2006-01-19 19:29:25 C:\WINDOWS\$hf_mig$\KB935840\spmsg.dll ----a-w 216,800 2006-01-19 19:29:25 C:\WINDOWS\$hf_mig$\KB935840\spuninst.exe ----a-w 144,896 2007-04-25 20:32:29 C:\WINDOWS\$hf_mig$\KB935840\SP2QFE\schannel.dll ----a-w 22,752 2006-01-19 19:29:25 C:\WINDOWS\$hf_mig$\KB935840\update\spcustom.dll ----a-w 727,776 2006-01-19 19:29:26 C:\WINDOWS\$hf_mig$\KB935840\update\update.exe ----a-w 394,976 2006-01-19 19:29:26 C:\WINDOWS\$hf_mig$\KB935840\update\updspapi.dll -c----w 2,804,224 2004-08-03 22:54:34 C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msi.dll -c----w 77,312 2004-08-03 22:54:58 C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msiexec.exe -c----w 331,264 2004-08-03 22:54:34 C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msihnd.dll -c----w 884,736 2004-08-03 22:53:32 C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msimsg.dll -c----w 44,032 2004-08-03 22:54:34 C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msisip.dll -c----w 213,216 2005-05-04 12:45:28 C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe -c----w 395,488 2005-05-04 12:45:28 C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\updspapi.dll -c----w 57,856 2004-08-03 22:55:02 C:\WINDOWS\$NtUninstallKB896423$\spoolsv.exe -c----w 213,216 2005-02-24 18:35:26 C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe -c----w 395,488 2005-02-24 18:35:26 C:\WINDOWS\$NtUninstallKB896423$\spuninst\updspapi.dll -c----w 213,216 2005-02-25 03:35:24 C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe -c----w 395,488 2005-02-25 03:35:25 C:\WINDOWS\$NtUninstallKB898461$\spuninst\updspapi.dll -c----w 364,544 2004-08-03 22:54:36 C:\WINDOWS\$NtUninstallKB911564$\npdsplay.dll -c----w 216,800 2005-06-28 07:23:40 C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe -c----w 371,424 2005-06-28 07:23:54 C:\WINDOWS\$NtUninstallKB911564$\spuninst\updspapi.dll -c----w 263,040 2004-08-03 21:00:14 C:\WINDOWS\$NtUninstallKB916595$\http.sys -c----w 216,800 2005-10-12 23:18:45 C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe -c----w 394,976 2005-10-12 23:18:49 C:\WINDOWS\$NtUninstallKB916595$\spuninst\updspapi.dll -c----w 450,560 2004-08-03 22:54:30 C:\WINDOWS\$NtUninstallKB917344$\jscript.dll -c----w 216,800 2005-10-12 23:18:45 C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe -c----w 394,976 2005-10-12 23:18:49 C:\WINDOWS\$NtUninstallKB917344$\spuninst\updspapi.dll -c----w 359,040 2007-09-10 10:00:29 C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys -c----w 216,800 2005-10-12 23:15:26 C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe -c----w 394,976 2005-10-12 23:15:45 C:\WINDOWS\$NtUninstallKB917953$\spuninst\updspapi.dll -c----w 144,896 2001-08-24 12:00:00 C:\WINDOWS\$NtUninstallKB918439$\jgdw400.dll -c----w 42,496 2001-08-24 12:00:00 C:\WINDOWS\$NtUninstallKB918439$\jgpl400.dll -c----w 216,800 2005-10-12 23:15:26 C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe -c----w 394,976 2005-10-12 23:15:45 C:\WINDOWS\$NtUninstallKB918439$\spuninst\updspapi.dll -c----w 200,064 2001-08-24 12:00:00 C:\WINDOWS\$NtUninstallKB919007$\rmcast.sys -c----w 216,800 2005-10-12 23:15:26 C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe -c----w 394,976 2005-10-12 23:15:45 C:\WINDOWS\$NtUninstallKB919007$\spuninst\updspapi.dll -c----w 41,984 2004-08-03 22:54:22 C:\WINDOWS\$NtUninstallKB920213$\agentdp2.dll -c----w 58,880 2004-08-03 22:54:22 C:\WINDOWS\$NtUninstallKB920213$\agentdpv.dll -c----w 256,512 2004-08-03 22:54:50 C:\WINDOWS\$NtUninstallKB920213$\agentsvr.exe -c----w 216,800 2005-10-12 23:18:45 C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe -c----w 394,976 2005-10-12 23:18:49 C:\WINDOWS\$NtUninstallKB920213$\spuninst\updspapi.dll -c----w 16,896 2004-08-03 22:54:26 C:\WINDOWS\$NtUninstallKB922582$\fltlib.dll -c----w 22,528 2004-08-03 22:54:50 C:\WINDOWS\$NtUninstallKB922582$\fltmc.exe -c----w 124,800 2004-08-03 21:01:20 C:\WINDOWS\$NtUninstallKB922582$\fltmgr.sys -c----w 216,800 2005-10-12 23:15:24 C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe -c----w 394,976 2005-10-12 23:15:43 C:\WINDOWS\$NtUninstallKB922582$\spuninst\updspapi.dll -c----w 2,370,296 2005-01-28 12:44:28 C:\WINDOWS\$NtUninstallKB923689$\wmvcore.dll -c----w 216,800 2005-06-28 17:23:38 C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe -c----w 371,424 2005-06-28 17:23:53 C:\WINDOWS\$NtUninstallKB923689$\spuninst\updspapi.dll -c----w 2,890,240 2005-05-04 12:45:32 C:\WINDOWS\$NtUninstallKB927891$\msi.dll -c----w 216,800 2006-12-14 08:53:58 C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe -c----w 394,976 2006-12-14 08:53:58 C:\WINDOWS\$NtUninstallKB927891$\spuninst\updspapi.dll -c----w 144,896 2004-08-03 22:54:38 C:\WINDOWS\$NtUninstallKB935840$\schannel.dll -c----w 216,800 2006-01-19 19:29:25 C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe -c----w 394,976 2006-01-19 19:29:26 C:\WINDOWS\$NtUninstallKB935840$\spuninst\updspapi.dll ------w 262,784 2006-03-17 00:33:10 C:\WINDOWS\Driver Cache\i386\http.sys ----a-w 42,496 2006-10-12 14:04:13 C:\WINDOWS\msagent\agentdp2.dll ----a-w 57,344 2006-10-12 14:04:13 C:\WINDOWS\msagent\agentdpv.dll ----a-w 256,512 2006-10-12 11:09:53 C:\WINDOWS\msagent\agentsvr.exe ----a-w 15,072 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download2970179a133da43483e5e8495d03f51\spmsg.dll ----a-w 216,800 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download2970179a133da43483e5e8495d03f51\spuninst.exe ----a-w 22,752 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download2970179a133da43483e5e8495d03f51\update\spcustom.dll ----a-w 727,776 2005-10-12 23:15:28 C:\WINDOWS\SoftwareDistribution\Download2970179a133da43483e5e8495d03f51\update\update.exe ----a-w 394,976 2005-10-12 23:15:45 C:\WINDOWS\SoftwareDistribution\Download2970179a133da43483e5e8495d03f51\update\updspapi.dll ----a-w 483,568 2005-07-08 21:42:51 C:\WINDOWS\SoftwareDistribution\Download4e93e2b18e4b4760ef5669e3d90e36e\WindowsXP-KB901214-x86-express-FRA.exe ----a-w 8,192 2004-10-14 09:35:08 C:\WINDOWS\SoftwareDistribution\Download6119f7f007fbf3388fb7f012fd2ce49\spmsg.dll ----a-w 172,032 2004-10-14 09:36:22 C:\WINDOWS\SoftwareDistribution\Download6119f7f007fbf3388fb7f012fd2ce49\spuninst.exe ------w 1,667,584 2004-08-04 00:07:10 C:\WINDOWS\SoftwareDistribution\Download6119f7f007fbf3388fb7f012fd2ce49\backup\sp2gdr\msmsgs.exe ----a-w 21,504 2004-10-14 09:36:20 C:\WINDOWS\SoftwareDistribution\Download6119f7f007fbf3388fb7f012fd2ce49\update\spcustom.dll ----a-w 666,624 2004-10-14 09:35:12 C:\WINDOWS\SoftwareDistribution\Download6119f7f007fbf3388fb7f012fd2ce49\update\update.exe ----a-w 343,784 2004-12-13 23:17:50 C:\WINDOWS\SoftwareDistribution\Download8fcc408139b43fa0e9fa6d9360a7752\WindowsXP-KB885835-x86-express-FRA.exe ----a-w 497,392 2005-10-07 01:43:13 C:\WINDOWS\SoftwareDistribution\Downloadbb6d821e25e4fc9a9866ee523727318\WindowsXP-KB905749-x86-express-FRA.exe ----a-w 15,072 2007-03-06 01:34:33 C:\WINDOWS\SoftwareDistribution\Downloadec11185f55e56bbf8143a0782f17c59\spmsg.dll ----a-w 216,800 2007-03-06 01:34:38 C:\WINDOWS\SoftwareDistribution\Downloadec11185f55e56bbf8143a0782f17c59\spuninst.exe ----a-w 22,752 2007-03-06 01:34:31 C:\WINDOWS\SoftwareDistribution\Downloadec11185f55e56bbf8143a0782f17c59\update\spcustom.dll ----a-w 727,776 2007-03-06 01:34:56 C:\WINDOWS\SoftwareDistribution\Downloadec11185f55e56bbf8143a0782f17c59\update\update.exe ----a-w 394,976 2007-03-06 01:35:48 C:\WINDOWS\SoftwareDistribution\Downloadec11185f55e56bbf8143a0782f17c59\update\updspapi.dll ----a-w 15,072 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\1069fefe0618a99a6fb81135ec7e6c53\spmsg.dll ----a-w 216,800 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\1069fefe0618a99a6fb81135ec7e6c53\spuninst.exe ----a-w 163,840 2006-06-01 18:48:44 C:\WINDOWS\SoftwareDistribution\Download\1069fefe0618a99a6fb81135ec7e6c53\sp2gdr\jgdw400.dll ----a-w 27,648 2006-06-01 18:48:44 C:\WINDOWS\SoftwareDistribution\Download\1069fefe0618a99a6fb81135ec7e6c53\sp2gdr\jgpl400.dll ----a-w 163,840 2006-06-01 19:46:25 C:\WINDOWS\SoftwareDistribution\Download\1069fefe0618a99a6fb81135ec7e6c53\sp2qfe\jgdw400.dll ----a-w 27,648 2006-06-01 19:46:25 C:\WINDOWS\SoftwareDistribution\Download\1069fefe0618a99a6fb81135ec7e6c53\sp2qfe\jgpl400.dll ----a-w 22,752 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\1069fefe0618a99a6fb81135ec7e6c53\update\spcustom.dll ----a-w 727,776 2005-10-12 23:15:28 C:\WINDOWS\SoftwareDistribution\Download\1069fefe0618a99a6fb81135ec7e6c53\update\update.exe ----a-w 394,976 2005-10-12 23:15:45 C:\WINDOWS\SoftwareDistribution\Download\1069fefe0618a99a6fb81135ec7e6c53\update\updspapi.dll ----a-w 15,072 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\126216e1ea5a965d65b4b02390ca8357\spmsg.dll ----a-w 216,800 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\126216e1ea5a965d65b4b02390ca8357\spuninst.exe ----a-w 22,752 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\126216e1ea5a965d65b4b02390ca8357\update\spcustom.dll ----a-w 727,776 2005-10-12 23:15:28 C:\WINDOWS\SoftwareDistribution\Download\126216e1ea5a965d65b4b02390ca8357\update\update.exe ----a-w 394,976 2005-10-12 23:15:45 C:\WINDOWS\SoftwareDistribution\Download\126216e1ea5a965d65b4b02390ca8357\update\updspapi.dll ----a-w 15,072 2006-12-14 08:53:58 C:\WINDOWS\SoftwareDistribution\Download\13a89d5ef933bdc562c8fdbcc7a52a37\spmsg.dll ----a-w 216,800 2006-12-14 08:53:58 C:\WINDOWS\SoftwareDistribution\Download\13a89d5ef933bdc562c8fdbcc7a52a37\spuninst.exe ----a-w 2,854,400 2007-04-18 16:14:18 C:\WINDOWS\SoftwareDistribution\Download\13a89d5ef933bdc562c8fdbcc7a52a37\SP2GDR\msi31.dll ----a-w 2,854,400 2007-04-18 16:16:25 C:\WINDOWS\SoftwareDistribution\Download\13a89d5ef933bdc562c8fdbcc7a52a37\SP2QFE\msi31.dll ----a-w 22,752 2006-12-14 08:53:58 C:\WINDOWS\SoftwareDistribution\Download\13a89d5ef933bdc562c8fdbcc7a52a37\update\spcustom.dll ----a-w 727,776 2006-12-14 08:53:58 C:\WINDOWS\SoftwareDistribution\Download\13a89d5ef933bdc562c8fdbcc7a52a37\update\update.exe ----a-w 394,976 2006-12-14 08:53:58 C:\WINDOWS\SoftwareDistribution\Download\13a89d5ef933bdc562c8fdbcc7a52a37\update\updspapi.dll ----a-w 15,072 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\171d2120022f92869484c921d3263cc3\spmsg.dll ----a-w 216,800 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\171d2120022f92869484c921d3263cc3\spuninst.exe ----a-w 22,752 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\171d2120022f92869484c921d3263cc3\update\spcustom.dll ----a-w 727,776 2005-10-12 23:15:28 C:\WINDOWS\SoftwareDistribution\Download\171d2120022f92869484c921d3263cc3\update\update.exe ----a-w 394,976 2005-10-12 23:15:45 C:\WINDOWS\SoftwareDistribution\Download\171d2120022f92869484c921d3263cc3\update\updspapi.dll ----a-w 15,072 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\17e3f23ff72184333b78d75c8e81cda8\spmsg.dll ----a-w 213,216 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\17e3f23ff72184333b78d75c8e81cda8\spuninst.exe ----a-w 30,720 2005-09-09 14:26:26 C:\WINDOWS\SoftwareDistribution\Download\17e3f23ff72184333b78d75c8e81cda8\update\arpidfix.exe ----a-w 22,240 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\17e3f23ff72184333b78d75c8e81cda8\update\spcustom.dll ----a-w 730,336 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\17e3f23ff72184333b78d75c8e81cda8\update\update.exe ----a-w 395,488 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\17e3f23ff72184333b78d75c8e81cda8\update\updspapi.dll ----a-w 15,072 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\1e10da77e5e1c72d2afe101dc568fb06\spmsg.dll ----a-w 216,800 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\1e10da77e5e1c72d2afe101dc568fb06\spuninst.exe ----a-w 22,752 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\1e10da77e5e1c72d2afe101dc568fb06\update\spcustom.dll ----a-w 727,776 2005-10-12 23:15:28 C:\WINDOWS\SoftwareDistribution\Download\1e10da77e5e1c72d2afe101dc568fb06\update\update.exe ----a-w 394,976 2005-10-12 23:15:45 C:\WINDOWS\SoftwareDistribution\Download\1e10da77e5e1c72d2afe101dc568fb06\update\updspapi.dll ----a-w 496,880 2005-08-05 21:25:20 C:\WINDOWS\SoftwareDistribution\Download\25bfd4baf7d5e6a82d6176aa0d2621f0\WindowsXP-KB899591-x86-express-FRA.exe ----a-w 497,904 2005-08-05 21:09:31 C:\WINDOWS\SoftwareDistribution\Download\271387204fbbe61209bf992bb92b3a5f\WindowsXP-KB893756-x86-express-FRA.exe ----a-w 8,192 2004-10-14 09:35:08 C:\WINDOWS\SoftwareDistribution\Download\27efdbd68a382580fdb15dd4f797360e\spmsg.dll ----a-w 172,032 2004-10-14 09:36:22 C:\WINDOWS\SoftwareDistribution\Download\27efdbd68a382580fdb15dd4f797360e\spuninst.exe ----a-w 21,504 2004-10-14 09:36:20 C:\WINDOWS\SoftwareDistribution\Download\27efdbd68a382580fdb15dd4f797360e\update\spcustom.dll ----a-w 666,624 2004-10-14 09:35:12 C:\WINDOWS\SoftwareDistribution\Download\27efdbd68a382580fdb15dd4f797360e\update\update.exe ----a-w 15,072 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\29f6d57cd4efa945b402cdec2ffedddf\spmsg.dll ----a-w 216,800 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\29f6d57cd4efa945b402cdec2ffedddf\spuninst.exe ----a-w 22,752 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\29f6d57cd4efa945b402cdec2ffedddf\update\spcustom.dll ----a-w 727,776 2005-10-12 23:15:28 C:\WINDOWS\SoftwareDistribution\Download\29f6d57cd4efa945b402cdec2ffedddf\update\update.exe ----a-w 394,976 2005-10-12 23:15:45 C:\WINDOWS\SoftwareDistribution\Download\29f6d57cd4efa945b402cdec2ffedddf\update\updspapi.dll ----a-w 15,072 2006-01-19 19:29:25 C:\WINDOWS\SoftwareDistribution\Download\2b0ec6af95107cd747155f214801a1de\spmsg.dll ----a-w 216,800 2006-01-19 19:29:25 C:\WINDOWS\SoftwareDistribution\Download\2b0ec6af95107cd747155f214801a1de\spuninst.exe ----a-w 22,752 2006-01-19 19:29:25 C:\WINDOWS\SoftwareDistribution\Download\2b0ec6af95107cd747155f214801a1de\update\spcustom.dll ----a-w 727,776 2006-01-19 19:29:26 C:\WINDOWS\SoftwareDistribution\Download\2b0ec6af95107cd747155f214801a1de\update\update.exe ----a-w 394,976 2006-01-19 19:29:26 C:\WINDOWS\SoftwareDistribution\Download\2b0ec6af95107cd747155f214801a1de\update\updspapi.dll ----a-w 15,072 2007-03-06 01:34:33 C:\WINDOWS\SoftwareDistribution\Download\2e7a189200995a8815b37a5d2ef6c8c6\spmsg.dll ----a-w 216,800 2007-03-06 01:34:38 C:\WINDOWS\SoftwareDistribution\Download\2e7a189200995a8815b37a5d2ef6c8c6\spuninst.exe ------w 18,432 2004-08-03 22:54:52 C:\WINDOWS\SoftwareDistribution\Download\2e7a189200995a8815b37a5d2ef6c8c6\backup\sp2gdr\iedw.exe ----a-w 22,752 2007-03-06 01:34:31 C:\WINDOWS\SoftwareDistribution\Download\2e7a189200995a8815b37a5d2ef6c8c6\update\spcustom.dll ----a-w 727,776 2007-03-06 01:34:56 C:\WINDOWS\SoftwareDistribution\Download\2e7a189200995a8815b37a5d2ef6c8c6\update\update.exe ----a-w 394,976 2007-03-06 01:35:48 C:\WINDOWS\SoftwareDistribution\Download\2e7a189200995a8815b37a5d2ef6c8c6\update\updspapi.dll ----a-w 15,072 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\302e1056006644b6630bcb41e5969ade\spmsg.dll ----a-w 213,216 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\302e1056006644b6630bcb41e5969ade\spuninst.exe ------w 69,120 2001-08-24 12:00:00 C:\WINDOWS\SoftwareDistribution\Download\302e1056006644b6630bcb41e5969ade\backup\sp2gdr\olecli32.dll ------w 34,304 2001-08-24 12:00:00 C:\WINDOWS\SoftwareDistribution\Download\302e1056006644b6630bcb41e5969ade\backup\sp2gdr\olecnv32.dll ------w 69,120 2001-08-24 12:00:00 C:\WINDOWS\SoftwareDistribution\Download\302e1056006644b6630bcb41e5969ade\backup\sp2qfe\olecli32.dll ------w 34,304 2001-08-24 12:00:00 C:\WINDOWS\SoftwareDistribution\Download\302e1056006644b6630bcb41e5969ade\backup\sp2qfe\olecnv32.dll ----a-w 22,240 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\302e1056006644b6630bcb41e5969ade\update\spcustom.dll ----a-w 730,336 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\302e1056006644b6630bcb41e5969ade\update\update.exe ----a-w 395,488 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\302e1056006644b6630bcb41e5969ade\update\updspapi.dll ----a-w 15,072 2006-01-19 19:29:25 C:\WINDOWS\SoftwareDistribution\Download\35bbde8fdee56f0e617029c5089de591\spmsg.dll ----a-w 216,800 2006-01-19 19:29:25 C:\WINDOWS\SoftwareDistribution\Download\35bbde8fdee56f0e617029c5089de591\spuninst.exe ----a-w 144,896 2007-04-25 14:22:35 C:\WINDOWS\SoftwareDistribution\Download\35bbde8fdee56f0e617029c5089de591\sp2gdr\schannel.dll ----a-w 144,896 2007-04-25 20:32:29 C:\WINDOWS\SoftwareDistribution\Download\35bbde8fdee56f0e617029c5089de591\sp2qfe\schannel.dll ----a-w 22,752 2006-01-19 19:29:25 C:\WINDOWS\SoftwareDistribution\Download\35bbde8fdee56f0e617029c5089de591\update\spcustom.dll ----a-w 727,776 2006-01-19 19:29:26 C:\WINDOWS\SoftwareDistribution\Download\35bbde8fdee56f0e617029c5089de591\update\update.exe ----a-w 394,976 2006-01-19 19:29:26 C:\WINDOWS\SoftwareDistribution\Download\35bbde8fdee56f0e617029c5089de591\update\updspapi.dll ----a-w 15,072 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\3785f1ad0230e231b0e7dc1f4bb81cd1\spmsg.dll ----a-w 213,216 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\3785f1ad0230e231b0e7dc1f4bb81cd1\spuninst.exe ----a-w 78,336 2005-05-11 02:30:03 C:\WINDOWS\SoftwareDistribution\Download\3785f1ad0230e231b0e7dc1f4bb81cd1\sp2gdr\telnet.exe ----a-w 78,336 2005-05-11 02:33:19 C:\WINDOWS\SoftwareDistribution\Download\3785f1ad0230e231b0e7dc1f4bb81cd1\sp2qfe\telnet.exe ----a-w 22,240 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\3785f1ad0230e231b0e7dc1f4bb81cd1\update\spcustom.dll ----a-w 730,336 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\3785f1ad0230e231b0e7dc1f4bb81cd1\update\update.exe ----a-w 395,488 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\3785f1ad0230e231b0e7dc1f4bb81cd1\update\updspapi.dll ----a-w 15,072 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\3887d65d3ab5fa0d45001f504bed5b37\spmsg.dll ----a-w 213,216 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\3887d65d3ab5fa0d45001f504bed5b37\spuninst.exe ----a-w 22,240 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\3887d65d3ab5fa0d45001f504bed5b37\update\spcustom.dll ----a-w 730,336 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\3887d65d3ab5fa0d45001f504bed5b37\update\update.exe ----a-w 395,488 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\3887d65d3ab5fa0d45001f504bed5b37\update\updspapi.dll ----a-w 15,072 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\3d626d96e6e22b8a5867784640121555\spmsg.dll ----a-w 216,800 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\3d626d96e6e22b8a5867784640121555\spuninst.exe ----a-w 22,752 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\3d626d96e6e22b8a5867784640121555\update\spcustom.dll ----a-w 727,776 2005-10-12 23:15:28 C:\WINDOWS\SoftwareDistribution\Download\3d626d96e6e22b8a5867784640121555\update\update.exe ----a-w 394,976 2005-10-12 23:15:45 C:\WINDOWS\SoftwareDistribution\Download\3d626d96e6e22b8a5867784640121555\update\updspapi.dll ----a-w 15,072 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\spmsg.dll ----a-w 213,216 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\spuninst.exe ----a-w 57,856 2005-06-10 23:53:32 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\sp2gdr\spoolsv.exe ----a-w 57,856 2005-06-11 00:17:13 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\sp2qfe\spoolsv.exe ----a-w 30,720 2005-06-29 14:54:32 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\update\arpidfix.exe ----a-w 22,240 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\update\spcustom.dll ----a-w 730,336 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\update\update.exe ----a-w 395,488 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\update\updspapi.dll ----a-w 15,072 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\40a97f6c0856bba0c9f3849f8b3ef44f\spmsg.dll ----a-w 216,800 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\40a97f6c0856bba0c9f3849f8b3ef44f\spuninst.exe ----a-w 453,120 2006-05-05 09:41:45 C:\WINDOWS\SoftwareDistribution\Download\40a97f6c0856bba0c9f3849f8b3ef44f\sp2gdr\mrxsmb.sys ----a-w 174,592 2006-05-05 09:47:57 C:\WINDOWS\SoftwareDistribution\Download\40a97f6c0856bba0c9f3849f8b3ef44f\sp2gdr\rdbss.sys ----a-w 454,400 2006-05-05 10:16:39 C:\WINDOWS\SoftwareDistribution\Download\40a97f6c0856bba0c9f3849f8b3ef44f\sp2qfe\mrxsmb.sys ----a-w 174,592 2006-05-05 10:22:52 C:\WINDOWS\SoftwareDistribution\Download\40a97f6c0856bba0c9f3849f8b3ef44f\sp2qfe\rdbss.sys ----a-w 22,752 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\40a97f6c0856bba0c9f3849f8b3ef44f\update\spcustom.dll ----a-w 727,776 2005-10-12 23:15:28 C:\WINDOWS\SoftwareDistribution\Download\40a97f6c0856bba0c9f3849f8b3ef44f\update\update.exe ----a-w 394,976 2005-10-12 23:15:45 C:\WINDOWS\SoftwareDistribution\Download\40a97f6c0856bba0c9f3849f8b3ef44f\update\updspapi.dll ----a-w 15,072 2005-10-12 23:18:45 C:\WINDOWS\SoftwareDistribution\Download\42526a992b20eef1df8750beb4f78f35\spmsg.dll ----a-w 216,800 2005-10-12 23:18:45 C:\WINDOWS\SoftwareDistribution\Download\42526a992b20eef1df8750beb4f78f35\spuninst.exe ------w 336,256 2004-08-03 21:14:46 C:\WINDOWS\SoftwareDistribution\Download\42526a992b20eef1df8750beb4f78f35\backup\sp2gdr\srv.sys ------w 336,256 2004-08-03 21:14:46 C:\WINDOWS\SoftwareDistribution\Download\42526a992b20eef1df8750beb4f78f35\backup\sp2qfe\srv.sys ----a-w 22,752 2005-10-12 23:18:45 C:\WINDOWS\SoftwareDistribution\Download\42526a992b20eef1df8750beb4f78f35\update\spcustom.dll ----a-w 727,776 2005-10-12 23:18:46 C:\WINDOWS\SoftwareDistribution\Download\42526a992b20eef1df8750beb4f78f35\update\update.exe ----a-w 394,976 2005-10-12 23:18:49 C:\WINDOWS\SoftwareDistribution\Download\42526a992b20eef1df8750beb4f78f35\update\updspapi.dll ----a-w 15,072 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\428a8e1b8036b8225440fd6ce9cf9a62\spmsg.dll ----a-w 216,800 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\428a8e1b8036b8225440fd6ce9cf9a62\spuninst.exe ----a-w 22,752 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\428a8e1b8036b8225440fd6ce9cf9a62\update\spcustom.dll ----a-w 727,776 2005-10-12 23:15:28 C:\WINDOWS\SoftwareDistribution\Download\428a8e1b8036b8225440fd6ce9cf9a62\update\update.exe ----a-w 394,976 2005-10-12 23:15:45 C:\WINDOWS\SoftwareDistribution\Download\428a8e1b8036b8225440fd6ce9cf9a62\update\updspapi.dll ----a-w 496,368 2005-04-12 01:37:31 C:\WINDOWS\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\WindowsXP-KB890859-x86-express-FRA.exe ----a-w 15,072 2006-01-19 19:29:25 C:\WINDOWS\SoftwareDistribution\Download\4896e7eb404b9f0d2ec9221b3c0f425b\spmsg.dll ----a-w 216,800 2006-01-19 19:29:25 C:\WINDOWS\SoftwareDistribution\Download\4896e7eb404b9f0d2ec9221b3c0f425b\spuninst.exe ----a-w 22,752 2006-01-19 19:29:25 C:\WINDOWS\SoftwareDistribution\Download\4896e7eb404b9f0d2ec9221b3c0f425b\update\spcustom.dll ----a-w 727,776 2006-01-19 19:29:26 C:\WINDOWS\SoftwareDistribution\Download\4896e7eb404b9f0d2ec9221b3c0f425b\update\update.exe ----a-w 394,976 2006-01-19 19:29:26 C:\WINDOWS\SoftwareDistribution\Download\4896e7eb404b9f0d2ec9221b3c0f425b\update\updspapi.dll ----a-w 15,072 2005-10-12 23:18:45 C:\WINDOWS\SoftwareDistribution\Download\48ca58e29fe13ab96bd60ae4f957b75e\spmsg.dll ----a-w 216,800 2005-10-12 23:18:45 C:\WINDOWS\SoftwareDistribution\Download\48ca58e29fe13ab96bd60ae4f957b75e\spuninst.exe ----a-w 262,784 2006-03-17 00:33:10 C:\WINDOWS\SoftwareDistribution\Download\48ca58e29fe13ab96bd60ae4f957b75e\sp2gdr\http.sys ----a-w 262,656 2006-03-17 01:08:10 C:\WINDOWS\SoftwareDistribution\Download\48ca58e29fe13ab96bd60ae4f957b75e\sp2qfe\http.sys ----a-w 22,752 2005-10-12 23:18:45 C:\WINDOWS\SoftwareDistribution\Download\48ca58e29fe13ab96bd60ae4f957b75e\update\spcustom.dll ----a-w 727,776 2005-10-12 23:18:46 C:\WINDOWS\SoftwareDistribution\Download\48ca58e29fe13ab96bd60ae4f957b75e\update\update.exe ----a-w 394,976 2005-10-12 23:18:49 C:\WINDOWS\SoftwareDistribution\Download\48ca58e29fe13ab96bd60ae4f957b75e\update\updspapi.dll ----a-w 15,072 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\4ad242756613df3e539d49e3db7fff27\spmsg.dll ----a-w 213,216 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\4ad242756613df3e539d49e3db7fff27\spuninst.exe ----a-w 30,720 2005-06-29 14:54:32 C:\WINDOWS\SoftwareDistribution\Download\4ad242756613df3e539d49e3db7fff27\update\arpidfix.exe ----a-w 22,240 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\4ad242756613df3e539d49e3db7fff27\update\spcustom.dll ----a-w 730,336 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\4ad242756613df3e539d49e3db7fff27\update\update.exe ----a-w 395,488 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\4ad242756613df3e539d49e3db7fff27\update\updspapi.dll ----a-w 15,072 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\4c5c888ff189ce65af20cc141b13bcd3\spmsg.dll ----a-w 216,800 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\4c5c888ff189ce65af20cc141b13bcd3\spuninst.exe ------w 574,592 2004-08-03 21:15:10 C:\WINDOWS\SoftwareDistribution\Download\4c5c888ff189ce65af20cc141b13bcd3\backup\sp2gdr\ntfs.sys ------w 574,592 2004-08-03 21:15:10 C:\WINDOWS\SoftwareDistribution\Download\4c5c888ff189ce65af20cc141b13bcd3\backup\sp2qfe\ntfs.sys ----a-w 22,752 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\4c5c888ff189ce65af20cc141b13bcd3\update\spcustom.dll ----a-w 727,776 2005-10-12 23:15:28 C:\WINDOWS\SoftwareDistribution\Download\4c5c888ff189ce65af20cc141b13bcd3\update\update.exe ----a-w 394,976 2005-10-12 23:15:45 C:\WINDOWS\SoftwareDistribution\Download\4c5c888ff189ce65af20cc141b13bcd3\update\updspapi.dll ----a-w 338,664 2004-12-13 22:59:14 C:\WINDOWS\SoftwareDistribution\Download\4c72f6556ac763ca9bc84c4cf674a87f\WindowsXP-KB873339-x86-express-FRA.exe ----a-w 15,072 2005-02-24 17:35:26 C:\WINDOWS\SoftwareDistribution\Download\4cabbc33d9fa3ea879d2330766ba6ff1\spmsg.dll ----a-w 213,216 2005-02-24 17:35:26 C:\WINDOWS\SoftwareDistribution\Download\4cabbc33d9fa3ea879d2330766ba6ff1\spuninst.exe ------w 2,150,400 2004-08-03 22:48:54 C:\WINDOWS\SoftwareDistribution\Download\4cabbc33d9fa3ea879d2330766ba6ff1\backup\sp2gdr\ntkrnlmp.exe ------w 2,058,880 2004-08-03 23:05:42 C:\WINDOWS\SoftwareDistribution\Download\4cabbc33d9fa3ea879d2330766ba6ff1\backup\sp2gdr\ntkrnlpa.exe ------w 2,017,280 2004-08-03 22:49:04 C:\WINDOWS\SoftwareDistribution\Download\4cabbc33d9fa3ea879d2330766ba6ff1\backup\sp2gdr\ntkrpamp.exe ------w 2,183,040 2004-08-03 22:49:16 C:\WINDOWS\SoftwareDistribution\Download\4cabbc33d9fa3ea879d2330766ba6ff1\backup\sp2gdr\ntoskrnl.exe ------w 1,836,032 2004-08-03 22:45:58 C:\WINDOWS\SoftwareDistribution\Download\4cabbc33d9fa3ea879d2330766ba6ff1\backup\sp2gdr\win32k.sys ------w 2,150,400 2004-08-03 22:48:54 C:\WINDOWS\SoftwareDistribution\Download\4cabbc33d9fa3ea879d2330766ba6ff1\backup\sp2qfe\ntkrnlmp.exe ------w 2,058,880 2004-08-03 22:48:58 C:\WINDOWS\SoftwareDistribution\Download\4cabbc33d9fa3ea879d2330766ba6ff1\backup\sp2qfe\ntkrnlpa.exe ------w 2,017,280 2004-08-03 22:49:04 C:\WINDOWS\SoftwareDistribution\Download\4cabbc33d9fa3ea879d2330766ba6ff1\backup\sp2qfe\ntkrpamp.exe ------w 2,183,040 2004-08-03 22:49:16 C:\WINDOWS\SoftwareDistribution\Download\4cabbc33d9fa3ea879d2330766ba6ff1\backup\sp2qfe\ntoskrnl.exe ------w 1,836,032 2004-08-03 22:45:58 C:\WINDOWS\SoftwareDistribution\Download\4cabbc33d9fa3ea879d2330766ba6ff1\backup\sp2qfe\win32k.sys ----a-w 22,240 2005-02-24 17:35:26 C:\WINDOWS\SoftwareDistribution\Download\4cabbc33d9fa3ea879d2330766ba6ff1\update\spcustom.dll ----a-w 730,336 2005-02-24 17:35:26 C:\WINDOWS\SoftwareDistribution\Download\4cabbc33d9fa3ea879d2330766ba6ff1\update\update.exe ----a-w 395,488 2005-02-24 17:35:26 C:\WINDOWS\SoftwareDistribution\Download\4cabbc33d9fa3ea879d2330766ba6ff1\update\updspapi.dll ----a-w 15,072 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\spmsg.dll ----a-w 216,800 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\spuninst.exe ----a-w 359,808 2006-04-20 11:51:50 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\sp2gdr\tcpip.sys ----a-w 360,576 2006-04-20 12:18:35 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\sp2qfe\tcpip.sys ----a-w 22,752 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\update\spcustom.dll ----a-w 727,776 2005-10-12 23:15:28 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\update\update.exe ----a-w 394,976 2005-10-12 23:15:45 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\update\updspapi.dll ----a-w 522,480 2005-10-06 23:01:22 C:\WINDOWS\SoftwareDistribution\Download\520cbe0ea5d1df1dc8d5c0c4548a90f7\WindowsXP-KB902400-x86-express-FRA.exe ----a-w 15,072 2005-10-12 23:18:45 C:\WINDOWS\SoftwareDistribution\Download\56ef5a91865d3be358ed046ea9fb2288\spmsg.dll ----a-w 216,800 2005-10-12 23:18:45 C:\WINDOWS\SoftwareDistribution\Download\56ef5a91865d3be358ed046ea9fb2288\spuninst.exe ----a-w 42,496 2006-10-12 14:04:13 C:\WINDOWS\SoftwareDistribution\Download\56ef5a91865d3be358ed046ea9fb2288\sp2gdr\agentdp2.dll ----a-w 57,344 2006-10-12 14:04:13 C:\WINDOWS\SoftwareDistribution\Download\56ef5a91865d3be358ed046ea9fb2288\sp2gdr\agentdpv.dll ----a-w 256,512 2006-10-12 11:09:53 C:\WINDOWS\SoftwareDistribution\Download\56ef5a91865d3be358ed046ea9fb2288\sp2gdr\agentsvr.exe ----a-w 121,856 2006-10-16 10:40:51 C:\WINDOWS\SoftwareDistribution\Download\56ef5a91865d3be358ed046ea9fb2288\sp2gdr\spru040c.dll ----a-w 42,496 2006-10-12 13:55:58 C:\WINDOWS\SoftwareDistribution\Download\56ef5a91865d3be358ed046ea9fb2288\sp2qfe\agentdp2.dll ----a-w 57,344 2006-10-12 13:55:58 C:\WINDOWS\SoftwareDistribution\Download\56ef5a91865d3be358ed046ea9fb2288\sp2qfe\agentdpv.dll ----a-w 256,512 2006-10-12 11:54:07 C:\WINDOWS\SoftwareDistribution\Download\56ef5a91865d3be358ed046ea9fb2288\sp2qfe\agentsvr.exe ----a-w 265,216 2006-10-16 11:19:09 C:\WINDOWS\SoftwareDistribution\Download\56ef5a91865d3be358ed046ea9fb2288\sp2qfe\spru040c.dll ----a-w 22,752 2005-10-12 23:18:45 C:\WINDOWS\SoftwareDistribution\Download\56ef5a91865d3be358ed046ea9fb2288\update\spcustom.dll ----a-w 727,776 2005-10-12 23:18:46 C:\WINDOWS\SoftwareDistribution\Download\56ef5a91865d3be358ed046ea9fb2288\update\update.exe ----a-w 394,976 2005-10-12 23:18:49 C:\WINDOWS\SoftwareDistribution\Download\56ef5a91865d3be358ed046ea9fb2288\update\updspapi.dll ----a-w 15,072 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\5857fd464a38367b479c179d651cd5d4\spmsg.dll ----a-w 216,800 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\5857fd464a38367b479c179d651cd5d4\spuninst.exe ----a-w 22,752 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\5857fd464a38367b479c179d651cd5d4\update\spcustom.dll ----a-w 727,776 2005-10-12 23:15:28 C:\WINDOWS\SoftwareDistribution\Download\5857fd464a38367b479c179d651cd5d4\update\update.exe ----a-w 394,976 2005-10-12 23:15:45 C:\WINDOWS\SoftwareDistribution\Download\5857fd464a38367b479c179d651cd5d4\update\updspapi.dll ----a-w 15,072 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\5cbce544ba5a58e170acdb52973e4471\spmsg.dll ----a-w 213,216 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\5cbce544ba5a58e170acdb52973e4471\spuninst.exe ----a-w 22,240 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\5cbce544ba5a58e170acdb52973e4471\update\spcustom.dll ----a-w 730,336 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\5cbce544ba5a58e170acdb52973e4471\update\update.exe ----a-w 395,488 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\5cbce544ba5a58e170acdb52973e4471\update\updspapi.dll ----a-w 15,072 2006-01-19 19:29:25 C:\WINDOWS\SoftwareDistribution\Download\5d24ad19cee78bba662249a4deccb260\spmsg.dll ----a-w 216,800 2006-01-19 19:29:25 C:\WINDOWS\SoftwareDistribution\Download\5d24ad19cee78bba662249a4deccb260\spuninst.exe ----a-w 22,752 2006-01-19 19:29:25 C:\WINDOWS\SoftwareDistribution\Download\5d24ad19cee78bba662249a4deccb260\update\spcustom.dll ----a-w 727,776 2006-01-19 19:29:26 C:\WINDOWS\SoftwareDistribution\Download\5d24ad19cee78bba662249a4deccb260\update\update.exe ----a-w 394,976 2006-01-19 19:29:26 C:\WINDOWS\SoftwareDistribution\Download\5d24ad19cee78bba662249a4deccb260\update\updspapi.dll ----a-w 338,152 2005-02-07 22:59:55 C:\WINDOWS\SoftwareDistribution\Download\5f51a5d334ac80a2988bd8848bc695cb\WindowsXP-KB891781-x86-express-FRA.exe ----a-w 15,072 2005-10-12 23:18:45 C:\WINDOWS\SoftwareDistribution\Download\60ed62953e03ee5bf235cba11ef6e53b\spmsg.dll ----a-w 216,800 2005-10-12 23:18:45 C:\WINDOWS\SoftwareDistribution\Download\60ed62953e03ee5bf235cba11ef6e53b\spuninst.exe ------w 119,808 2001-08-24 12:00:00 C:\WINDOWS\SoftwareDistribution\Download\60ed62953e03ee5bf235cba11ef6e53b\backup\sp2gdr\oledlg.dll ------w 119,808 2001-08-24 12:00:00 C:\WINDOWS\SoftwareDistribution\Download\60ed62953e03ee5bf235cba11ef6e53b\backup\sp2qfe\oledlg.dll ----a-w 22,752 2005-10-12 23:18:45 C:\WINDOWS\SoftwareDistribution\Download\60ed62953e03ee5bf235cba11ef6e53b\update\spcustom.dll ----a-w 727,776 2005-10-12 23:18:46 C:\WINDOWS\SoftwareDistribution\Download\60ed62953e03ee5bf235cba11ef6e53b\update\update.exe ----a-w 394,976 2005-10-12 23:18:49 C:\WINDOWS\SoftwareDistribution\Download\60ed62953e03ee5bf235cba11ef6e53b\update\updspapi.dll ----a-w 15,072 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\61cb8cabb47496dec6d7e4c842c3b827\spmsg.dll ----a-w 213,216 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\61cb8cabb47496dec6d7e4c842c3b827\spuninst.exe ----a-w 925,184 2005-08-31 16:50:40 C:\WINDOWS\SoftwareDistribution\Download\61cb8cabb47496dec6d7e4c842c3b827\sp1qfe\asms\60\msft\windows\common\controls\comctl32.dll ----a-w 30,720 2005-09-26 15:36:24 C:\WINDOWS\SoftwareDistribution\Download\61cb8cabb47496dec6d7e4c842c3b827\update\arpidfix.exe ----a-w 22,240 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\61cb8cabb47496dec6d7e4c842c3b827\update\spcustom.dll ----a-w 730,336 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\61cb8cabb47496dec6d7e4c842c3b827\update\update.exe ----a-w 395,488 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\61cb8cabb47496dec6d7e4c842c3b827\update\updspapi.dll ----a-w 15,072 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\6291f486ec5de5182ec3cff2071af184\spmsg.dll ----a-w 216,800 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\6291f486ec5de5182ec3cff2071af184\spuninst.exe ------w 924,432 2001-08-24 12:00:00 C:\WINDOWS\SoftwareDistribution\Download\6291f486ec5de5182ec3cff2071af184\backup\sp2qfe\mfc40u.dll ----a-w 74,802 2007-01-19 12:51:03 C:\WINDOWS\SoftwareDistribution\Download\6291f486ec5de5182ec3cff2071af184\sp2qfe\asms\60\msft\vcrtl\atl.dll ----a-w 995,383 2007-01-19 12:51:04 C:\WINDOWS\SoftwareDistribution\Download\6291f486ec5de5182ec3cff2071af184\sp2qfe\asms\60\msft\vcrtl\mfc42.dll ----a-w 1,011,774 2007-01-19 12:51:04 C:\WINDOWS\SoftwareDistribution\Download\6291f486ec5de5182ec3cff2071af184\sp2qfe\asms\60\msft\vcrtl\mfc42u.dll ----a-w 401,462 2007-01-19 12:51:04 C:\WINDOWS\SoftwareDistribution\Download\6291f486ec5de5182ec3cff2071af184\sp2qfe\asms\60\msft\vcrtl\msvcp60.dll ----a-w 22,752 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\6291f486ec5de5182ec3cff2071af184\update\spcustom.dll ----a-w 727,776 2005-10-12 23:15:28 C:\WINDOWS\SoftwareDistribution\Download\6291f486ec5de5182ec3cff2071af184\update\update.exe ----a-w 394,976 2005-10-12 23:15:45 C:\WINDOWS\SoftwareDistribution\Download\6291f486ec5de5182ec3cff2071af184\update\updspapi.dll ----a-w 15,072 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\6c75180874e00b1d103af2b8b2b3b170\spmsg.dll ----a-w 213,216 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\6c75180874e00b1d103af2b8b2b3b170\spuninst.exe ----a-w 30,720 2005-08-19 23:50:31 C:\WINDOWS\SoftwareDistribution\Download\6c75180874e00b1d103af2b8b2b3b170\update\arpidfix.exe ----a-w 22,240 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\6c75180874e00b1d103af2b8b2b3b170\update\spcustom.dll ----a-w 730,336 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\6c75180874e00b1d103af2b8b2b3b170\update\update.exe ----a-w 395,488 2005-02-25 03:35:25 C:\WINDOWS\SoftwareDistribution\Download\6c75180874e00b1d103af2b8b2b3b170\update\updspapi.dll ----a-w 15,072 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\773244b80a35d887f4682727f34cdcce\spmsg.dll ----a-w 213,216 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\773244b80a35d887f4682727f34cdcce\spuninst.exe ----a-w 30,720 2005-08-22 16:01:30 C:\WINDOWS\SoftwareDistribution\Download\773244b80a35d887f4682727f34cdcce\update\arpidfix.exe ----a-w 22,240 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\773244b80a35d887f4682727f34cdcce\update\spcustom.dll ----a-w 730,336 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\773244b80a35d887f4682727f34cdcce\update\update.exe ----a-w 395,488 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\773244b80a35d887f4682727f34cdcce\update\updspapi.dll ----a-w 15,072 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\79dfe016119d9f9104f7a081382c2de7\spmsg.dll ----a-w 216,800 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\79dfe016119d9f9104f7a081382c2de7\spuninst.exe ----a-w 22,752 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\79dfe016119d9f9104f7a081382c2de7\update\spcustom.dll ----a-w 727,776 2005-10-12 23:15:28 C:\WINDOWS\SoftwareDistribution\Download\79dfe016119d9f9104f7a081382c2de7\update\update.exe ----a-w 394,976 2005-10-12 23:15:45 C:\WINDOWS\SoftwareDistribution\Download\79dfe016119d9f9104f7a081382c2de7\update\updspapi.dll ----a-w 15,072 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\7a40be1d5e41517009a903a286bf28bd\spmsg.dll ----a-w 216,800 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\7a40be1d5e41517009a903a286bf28bd\spuninst.exe ----a-w 22,752 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\7a40be1d5e41517009a903a286bf28bd\update\spcustom.dll ----a-w 727,776 2005-10-12 23:15:28 C:\WINDOWS\SoftwareDistribution\Download\7a40be1d5e41517009a903a286bf28bd\update\update.exe ----a-w 394,976 2005-10-12 23:15:45 C:\WINDOWS\SoftwareDistribution\Download\7a40be1d5e41517009a903a286bf28bd\update\updspapi.dll ----a-w 15,072 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\7bd07c1089c2af7712a37e4bc06b52c1\spmsg.dll ----a-w 216,800 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\7bd07c1089c2af7712a37e4bc06b52c1\spuninst.exe ----a-w 22,752 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\7bd07c1089c2af7712a37e4bc06b52c1\update\spcustom.dll ----a-w 727,776 2005-10-12 23:15:28 C:\WINDOWS\SoftwareDistribution\Download\7bd07c1089c2af7712a37e4bc06b52c1\update\update.exe ----a-w 394,976 2005-10-12 23:15:45 C:\WINDOWS\SoftwareDistribution\Download\7bd07c1089c2af7712a37e4bc06b52c1\update\updspapi.dll ----a-w 490,224 2005-08-05 22:04:28 C:\WINDOWS\SoftwareDistribution\Download\7c43cf31471ac5c8600409a70e40c22f\WindowsXP-KB894391-x86-express-FRA.exe ----a-w 15,072 2005-10-12 23:18:45 C:\WINDOWS\SoftwareDistribution\Download\7d67df8d2fa218514bbe5a22ae12a9b3\spmsg.dll ----a-w 216,800 2005-10-12 23:18:45 C:\WINDOWS\SoftwareDistribution\Download\7d67df8d2fa218514bbe5a22ae12a9b3\spuninst.exe ------w 223,616 2004-08-03 21:07:46 C:\WINDOWS\SoftwareDistribution\Download\7d67df8d2fa218514bbe5a22ae12a9b3\backup\sp2gdr\tcpip6.sys ------w 223,616 2004-08-03 21:07:46 C:\WINDOWS\SoftwareDistribution\Download\7d67df8d2fa218514bbe5a22ae12a9b3\backup\sp2qfe\tcpip6.sys ----a-w 22,752 2005-10-12 23:18:45 C:\WINDOWS\SoftwareDistribution\Download\7d67df8d2fa218514bbe5a22ae12a9b3\update\spcustom.dll ----a-w 727,776 2005-10-12 23:18:46 C:\WINDOWS\SoftwareDistribution\Download\7d67df8d2fa218514bbe5a22ae12a9b3\update\update.exe ----a-w 394,976 2005-10-12 23:18:49 C:\WINDOWS\SoftwareDistribution\Download\7d67df8d2fa218514bbe5a22ae12a9b3\update\updspapi.dll ----a-w 15,072 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\813a989071c1720c8fca52f421b7b9e5\spmsg.dll ----a-w 216,800 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\813a989071c1720c8fca52f421b7b9e5\spuninst.exe ------w 1,036,288 2004-08-03 22:54:50 C:\WINDOWS\SoftwareDistribution\Download\813a989071c1720c8fca52f421b7b9e5\backup\sp2gdr\explorer.exe ----a-w 22,752 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\813a989071c1720c8fca52f421b7b9e5\update\spcustom.dll ----a-w 727,776 2005-10-12 23:15:28 C:\WINDOWS\SoftwareDistribution\Download\813a989071c1720c8fca52f421b7b9e5\update\update.exe ----a-w 394,976 2005-10-12 23:15:45 C:\WINDOWS\SoftwareDistribution\Download\813a989071c1720c8fca52f421b7b9e5\update\updspapi.dll ----a-w 15,072 2006-01-19 19:29:25 C:\WINDOWS\SoftwareDistribution\Download\8cf13444ad5b33cad5e4b774633810f9\spmsg.dll ----a-w 216,800 2006-01-19 19:29:25 C:\WINDOWS\SoftwareDistribution\Download\8cf13444ad5b33cad5e4b774633810f9\spuninst.exe ----a-w 22,752 2006-01-19 19:29:25 C:\WINDOWS\SoftwareDistribution\Download\8cf13444ad5b33cad5e4b774633810f9\update\spcustom.dll ----a-w 727,776 2006-01-19 19:29:26 C:\WINDOWS\SoftwareDistribution\Download\8cf13444ad5b33cad5e4b774633810f9\update\update.exe ----a-w 394,976 2006-01-19 19:29:26 C:\WINDOWS\SoftwareDistribution\Download\8cf13444ad5b33cad5e4b774633810f9\update\updspapi.dll ----a-w 15,072 2005-10-12 23:18:45 C:\WINDOWS\SoftwareDistribution\Download\8d31f6e93a03bc7a736602ed1adb9986\spmsg.dll ----a-w 216,800 2005-10-12 23:18:45 C:\WINDOWS\SoftwareDistribution\Download\8d31f6e93a03bc7a736602ed1adb9986\spuninst.exe ------w 77,850 2001-08-24 12:00:00 C:\WINDOWS\SoftwareDistribution\Download\8d31f6e93a03bc7a736602ed1adb9986\backup\sp2gdr\hlink.dll ------w 77,850 2001-08-24 12:00:00 C:\WINDOWS\SoftwareDistribution\Download\8d31f6e93a03bc7a736602ed1adb9986\backup\sp2qfe\hlink.dll ----a-w 22,752 2005-10-12 23:18:45 C:\WINDOWS\SoftwareDistribution\Download\8d31f6e93a03bc7a736602ed1adb9986\update\spcustom.dll ----a-w 727,776 2005-10-12 23:18:46 C:\WINDOWS\SoftwareDistribution\Download\8d31f6e93a03bc7a736602ed1adb9986\update\update.exe ----a-w 394,976 2005-10-12 23:18:49 C:\WINDOWS\SoftwareDistribution\Download\8d31f6e93a03bc7a736602ed1adb9986\update\updspapi.dll ----a-w 15,072 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\90eded57e7780b832eed3339a922a322\spmsg.dll ----a-w 213,216 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\90eded57e7780b832eed3339a922a322\spuninst.exe ------w 82,432 2001-08-24 12:00:00 C:\WINDOWS\SoftwareDistribution\Download\90eded57e7780b832eed3339a922a322\backup\sp2gdr\comrepl.dll ------w 7,680 2004-08-03 22:54:54 C:\WINDOWS\SoftwareDistribution\Download\90eded57e7780b832eed3339a922a322\backup\sp2gdr\migregdb.exe ------w 69,120 2001-08-24 12:00:00 C:\WINDOWS\SoftwareDistribution\Download\90eded57e7780b832eed3339a922a322\backup\sp2gdr\olecli32.dll ------w 34,304 2001-08-24 12:00:00 C:\WINDOWS\SoftwareDistribution\Download\90eded57e7780b832eed3339a922a322\backup\sp2gdr\olecnv32.dll ------w 82,432 2001-08-24 12:00:00 C:\WINDOWS\SoftwareDistribution\Download\90eded57e7780b832eed3339a922a322\backup\sp2qfe\comrepl.dll ------w 7,680 2004-08-03 22:54:54 C:\WINDOWS\SoftwareDistribution\Download\90eded57e7780b832eed3339a922a322\backup\sp2qfe\migregdb.exe ------w 69,120 2001-08-24 12:00:00 C:\WINDOWS\SoftwareDistribution\Download\90eded57e7780b832eed3339a922a322\backup\sp2qfe\olecli32.dll ------w 34,304 2001-08-24 12:00:00 C:\WINDOWS\SoftwareDistribution\Download\90eded57e7780b832eed3339a922a322\backup\sp2qfe\olecnv32.dll ----a-w 30,720 2005-07-25 17:21:18 C:\WINDOWS\SoftwareDistribution\Download\90eded57e7780b832eed3339a922a322\update\arpidfix.exe ----a-w 22,240 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\90eded57e7780b832eed3339a922a322\update\spcustom.dll ----a-w 730,336 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\90eded57e7780b832eed3339a922a322\update\update.exe ----a-w 395,488 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\90eded57e7780b832eed3339a922a322\update\updspapi.dll ----a-w 15,072 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\98e4ab2cb14986b0be91146bef7a2943\spmsg.dll ----a-w 216,800 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\98e4ab2cb14986b0be91146bef7a2943\spuninst.exe ----a-w 925,184 2006-08-25 15:54:02 C:\WINDOWS\SoftwareDistribution\Download\98e4ab2cb14986b0be91146bef7a2943\sp1qfe\asms\60\msft\windows\common\controls\comctl32.dll ----a-w 1,054,208 2006-08-25 15:51:12 C:\WINDOWS\SoftwareDistribution\Download\98e4ab2cb14986b0be91146bef7a2943\sp2qfe\asms\60\msft\windows\common\controls\comctl32.dll ----a-w 22,752 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\98e4ab2cb14986b0be91146bef7a2943\update\spcustom.dll ----a-w 727,776 2005-10-12 23:15:28 C:\WINDOWS\SoftwareDistribution\Download\98e4ab2cb14986b0be91146bef7a2943\update\update.exe ----a-w 394,976 2005-10-12 23:15:45 C:\WINDOWS\SoftwareDistribution\Download\98e4ab2cb14986b0be91146bef7a2943\update\updspapi.dll ----a-w 15,072 2005-10-12 23:18:45 C:\WINDOWS\SoftwareDistribution\Download\9e4b335e3070524b6d5466da3c0c52ee\spmsg.dll ----a-w 216,800 2005-10-12 23:18:45 C:\WINDOWS\SoftwareDistribution\Download\9e4b335e3070524b6d5466da3c0c52ee\spuninst.exe ----a-w 450,560 2006-05-18 05:31:21 C:\WINDOWS\SoftwareDistribution\Download\9e4b335e3070524b6d5466da3c0c52ee\sp2gdr\jscript.dll ----a-w 450,560 2006-05-18 05:49:55 C:\WINDOWS\SoftwareDistribution\Download\9e4b335e3070524b6d5466da3c0c52ee\sp2qfe\jscript.dll ----a-w 22,752 2005-10-12 23:18:45 C:\WINDOWS\SoftwareDistribution\Download\9e4b335e3070524b6d5466da3c0c52ee\update\spcustom.dll ----a-w 727,776 2005-10-12 23:18:46 C:\WINDOWS\SoftwareDistribution\Download\9e4b335e3070524b6d5466da3c0c52ee\update\update.exe ----a-w 394,976 2005-10-12 23:18:49 C:\WINDOWS\SoftwareDistribution\Download\9e4b335e3070524b6d5466da3c0c52ee\update\updspapi.dll ----a-w 15,072 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\a04a8dce324b141449b6bb4b762ae54a\spmsg.dll ----a-w 216,800 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\a04a8dce324b141449b6bb4b762ae54a\spuninst.exe ------w 2,150,400 2004-08-03 22:48:54 C:\WINDOWS\SoftwareDistribution\Download\a04a8dce324b141449b6bb4b762ae54a\backup\sp2gdr\ntkrnlmp.exe ------w 2,058,880 2004-08-03 23:05:42 C:\WINDOWS\SoftwareDistribution\Download\a04a8dce324b141449b6bb4b762ae54a\backup\sp2gdr\ntkrnlpa.exe ------w 2,017,280 2004-08-03 22:49:04 C:\WINDOWS\SoftwareDistribution\Download\a04a8dce324b141449b6bb4b762ae54a\backup\sp2gdr\ntkrpamp.exe ------w 2,183,040 2004-08-03 22:49:16 C:\WINDOWS\SoftwareDistribution\Download\a04a8dce324b141449b6bb4b762ae54a\backup\sp2gdr\ntoskrnl.exe ------w 2,150,400 2004-08-03 22:48:54 C:\WINDOWS\SoftwareDistribution\Download\a04a8dce324b141449b6bb4b762ae54a\backup\sp2qfe\ntkrnlmp.exe ------w 2,058,880 2004-08-03 22:48:58 C:\WINDOWS\SoftwareDistribution\Download\a04a8dce324b141449b6bb4b762ae54a\backup\sp2qfe\ntkrnlpa.exe ------w 2,017,280 2004-08-03 22:49:04 C:\WINDOWS\SoftwareDistribution\Download\a04a8dce324b141449b6bb4b762ae54a\backup\sp2qfe\ntkrpamp.exe ------w 2,183,040 2004-08-03 22:49:16 C:\WINDOWS\SoftwareDistribution\Download\a04a8dce324b141449b6bb4b762ae54a\backup\sp2qfe\ntoskrnl.exe ----a-w 22,752 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\a04a8dce324b141449b6bb4b762ae54a\update\spcustom.dll ----a-w 727,776 2005-10-12 23:15:28 C:\WINDOWS\SoftwareDistribution\Download\a04a8dce324b141449b6bb4b762ae54a\update\update.exe ----a-w 394,976 2005-10-12 23:15:45 C:\WINDOWS\SoftwareDistribution\Download\a04a8dce324b141449b6bb4b762ae54a\update\updspapi.dll ----a-w 902,384 2005-10-07 01:15:18 C:\WINDOWS\SoftwareDistribution\Download\a20dc986c94132560aec16a0ce3c192a\WindowsXP-KB900725-x86-express-FRA.exe ----a-w 15,072 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\a957c596efa7d0ec1b4b7fdc1e1c5705\spmsg.dll ----a-w 216,800 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\a957c596efa7d0ec1b4b7fdc1e1c5705\spuninst.exe ----a-w 22,752 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\a957c596efa7d0ec1b4b7fdc1e1c5705\update\spcustom.dll ----a-w 727,776 2005-10-12 23:15:28 C:\WINDOWS\SoftwareDistribution\Download\a957c596efa7d0ec1b4b7fdc1e1c5705\update\update.exe ----a-w 394,976 2005-10-12 23:15:45 C:\WINDOWS\SoftwareDistribution\Download\a957c596efa7d0ec1b4b7fdc1e1c5705\update\updspapi.dll ----a-w 15,072 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\aa0b71fd9cbe8950ff015613ef67c6fe\spmsg.dll ----a-w 216,800 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\aa0b71fd9cbe8950ff015613ef67c6fe\spuninst.exe ----a-w 202,240 2006-07-13 08:48:58 C:\WINDOWS\SoftwareDistribution\Download\aa0b71fd9cbe8950ff015613ef67c6fe\sp2gdr\rmcast.sys ----a-w 202,496 2006-07-13 11:43:08 C:\WINDOWS\SoftwareDistribution\Download\aa0b71fd9cbe8950ff015613ef67c6fe\sp2qfe\rmcast.sys ----a-w 22,752 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\aa0b71fd9cbe8950ff015613ef67c6fe\update\spcustom.dll ----a-w 727,776 2005-10-12 23:15:28 C:\WINDOWS\SoftwareDistribution\Download\aa0b71fd9cbe8950ff015613ef67c6fe\update\update.exe ----a-w 394,976 2005-10-12 23:15:45 C:\WINDOWS\SoftwareDistribution\Download\aa0b71fd9cbe8950ff015613ef67c6fe\update\updspapi.dll ----a-w 15,072 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\abca9e2bf0dd5e18df937d2b7f598387\spmsg.dll ----a-w 216,800 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\abca9e2bf0dd5e18df937d2b7f598387\spuninst.exe ----a-w 22,752 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\abca9e2bf0dd5e18df937d2b7f598387\update\spcustom.dll ----a-w 727,776 2005-10-12 23:15:28 C:\WINDOWS\SoftwareDistribution\Download\abca9e2bf0dd5e18df937d2b7f598387\update\update.exe ----a-w 394,976 2005-10-12 23:15:45 C:\WINDOWS\SoftwareDistribution\Download\abca9e2bf0dd5e18df937d2b7f598387\update\updspapi.dll ----a-w 2,890,240 2005-05-04 12:45:32 C:\WINDOWS\SoftwareDistribution\Download\ad9c4c2a779933f83b51a49a2c88838d\msi.dll ----a-w 78,848 2005-05-04 12:45:36 C:\WINDOWS\SoftwareDistribution\Download\ad9c4c2a779933f83b51a49a2c88838d\msiexec.exe ----a-w 271,360 2005-05-04 12:45:36 C:\WINDOWS\SoftwareDistribution\Download\ad9c4c2a779933f83b51a49a2c88838d\msihnd.dll ----a-w 884,736 2005-05-04 12:45:36 C:\WINDOWS\SoftwareDistribution\Download\ad9c4c2a779933f83b51a49a2c88838d\msimsg.dll ----a-w 15,360 2005-05-04 12:45:36 C:\WINDOWS\SoftwareDistribution\Download\ad9c4c2a779933f83b51a49a2c88838d\msisip.dll ----a-w 14,560 2005-05-04 12:45:28 C:\WINDOWS\SoftwareDistribution\Download\ad9c4c2a779933f83b51a49a2c88838d\spmsg.dll ----a-w 213,216 2005-05-04 12:45:28 C:\WINDOWS\SoftwareDistribution\Download\ad9c4c2a779933f83b51a49a2c88838d\spuninst.exe ----a-w 22,240 2005-05-04 12:45:28 C:\WINDOWS\SoftwareDistribution\Download\ad9c4c2a779933f83b51a49a2c88838d\update\spcustom.dll ----a-w 730,336 2005-05-04 12:45:28 C:\WINDOWS\SoftwareDistribution\Download\ad9c4c2a779933f83b51a49a2c88838d\update\update.exe ----a-w 395,488 2005-05-04 12:45:28 C:\WINDOWS\SoftwareDistribution\Download\ad9c4c2a779933f83b51a49a2c88838d\update\updspapi.dll ----a-w 15,072 2006-01-19 19:29:25 C:\WINDOWS\SoftwareDistribution\Download\b64e31385aaefb5f71ce824b6ef21166\spmsg.dll ----a-w 216,800 2006-01-19 19:29:25 C:\WINDOWS\SoftwareDistribution\Download\b64e31385aaefb5f71ce824b6ef21166\spuninst.exe ------w 209,408 2004-08-03 20:58:34 C:\WINDOWS\SoftwareDistribution\Download\b64e31385aaefb5f71ce824b6ef21166\backup\sp2gdr\update.sys ------w 209,408 2004-08-03 20:58:34 C:\WINDOWS\SoftwareDistribution\Download\b64e31385aaefb5f71ce824b6ef21166\backup\sp2qfe\update.sys ----a-w 22,752 2006-01-19 19:29:25 C:\WINDOWS\SoftwareDistribution\Download\b64e31385aaefb5f71ce824b6ef21166\update\spcustom.dll ----a-w 727,776 2006-01-19 19:29:26 C:\WINDOWS\SoftwareDistribution\Download\b64e31385aaefb5f71ce824b6ef21166\update\update.exe ----a-w 394,976 2006-01-19 19:29:26 C:\WINDOWS\SoftwareDistribution\Download\b64e31385aaefb5f71ce824b6ef21166\update\updspapi.dll ----a-w 15,072 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\b81252ef70e0d4f53d4fb43336030927\spmsg.dll ----a-w 216,800 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\b81252ef70e0d4f53d4fb43336030927\spuninst.exe ------w 79,360 2001-08-24 12:00:00 C:\WINDOWS\SoftwareDistribution\Download\b81252ef70e0d4f53d4fb43336030927\backup\sp2gdr\fontsub.dll ------w 79,360 2001-08-24 12:00:00 C:\WINDOWS\SoftwareDistribution\Download\b81252ef70e0d4f53d4fb43336030927\backup\sp2qfe\fontsub.dll ----a-w 22,752 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\b81252ef70e0d4f53d4fb43336030927\update\spcustom.dll ----a-w 727,776 2005-10-12 23:15:28 C:\WINDOWS\SoftwareDistribution\Download\b81252ef70e0d4f53d4fb43336030927\update\update.exe ----a-w 394,976 2005-10-12 23:15:45 C:\WINDOWS\SoftwareDistribution\Download\b81252ef70e0d4f53d4fb43336030927\update\updspapi.dll ----a-w 8,192 2004-11-30 12:46:52 C:\WINDOWS\SoftwareDistribution\Download\b848f7bbcc1590afa157f879b74964b2\spmsg.dll ----a-w 172,032 2004-11-30 18:22:42 C:\WINDOWS\SoftwareDistribution\Download\b848f7bbcc1590afa157f879b74964b2\spuninst.exe ----a-w 21,504 2004-11-30 18:22:42 C:\WINDOWS\SoftwareDistribution\Download\b848f7bbcc1590afa157f879b74964b2\update\spcustom.dll ----a-w 666,624 2004-11-30 12:46:52 C:\WINDOWS\SoftwareDistribution\Download\b848f7bbcc1590afa157f879b74964b2\update\update.exe ----a-w 15,072 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\b8ac6274ac8ad7e4b0febe55aca1e516\spmsg.dll ----a-w 216,800 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\b8ac6274ac8ad7e4b0febe55aca1e516\spuninst.exe ----a-w 22,752 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\b8ac6274ac8ad7e4b0febe55aca1e516\update\spcustom.dll ----a-w 727,776 2005-10-12 23:15:28 C:\WINDOWS\SoftwareDistribution\Download\b8ac6274ac8ad7e4b0febe55aca1e516\update\update.exe ----a-w 394,976 2005-10-12 23:15:45 C:\WINDOWS\SoftwareDistribution\Download\b8ac6274ac8ad7e4b0febe55aca1e516\update\updspapi.dll ----a-w 15,072 2006-01-19 19:29:25 C:\WINDOWS\SoftwareDistribution\Download\ba502b35f31a2bf19a595db79d7bef15\spmsg.dll ----a-w 216,800 2006-01-19 19:29:25 C:\WINDOWS\SoftwareDistribution\Download\ba502b35f31a2bf19a595db79d7bef15\spuninst.exe ----a-w 22,752 2006-01-19 19:29:25 C:\WINDOWS\SoftwareDistribution\Download\ba502b35f31a2bf19a595db79d7bef15\update\spcustom.dll ----a-w 727,776 2006-01-19 19:29:26 C:\WINDOWS\SoftwareDistribution\Download\ba502b35f31a2bf19a595db79d7bef15\update\update.exe ----a-w 394,976 2006-01-19 19:29:26 C:\WINDOWS\SoftwareDistribution\Download\ba502b35f31a2bf19a595db79d7bef15\update\updspapi.dll ----a-w 15,072 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\bfd81cbd42e5265d12677c96600c0804\spmsg.dll ----a-w 216,800 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\bfd81cbd42e5265d12677c96600c0804\spuninst.exe ----a-w 22,752 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\bfd81cbd42e5265d12677c96600c0804\update\spcustom.dll ----a-w 727,776 2005-10-12 23:15:28 C:\WINDOWS\SoftwareDistribution\Download\bfd81cbd42e5265d12677c96600c0804\update\update.exe ----a-w 394,976 2005-10-12 23:15:45 C:\WINDOWS\SoftwareDistribution\Download\bfd81cbd42e5265d12677c96600c0804\update\updspapi.dll ----a-w 496,880 2005-10-07 01:35:37 C:\WINDOWS\SoftwareDistribution\Download\c7e54a987e106cb7cbbf959fe8f6cdfe\WindowsXP-KB901017-x86-express-FRA.exe ----a-w 8,192 2004-11-30 12:46:52 C:\WINDOWS\SoftwareDistribution\Download\c8378ccca1581319d7b7f3a9d1188607\spmsg.dll ----a-w 172,032 2004-11-30 18:22:42 C:\WINDOWS\SoftwareDistribution\Download\c8378ccca1581319d7b7f3a9d1188607\spuninst.exe ----a-w 21,504 2004-11-30 18:22:42 C:\WINDOWS\SoftwareDistribution\Download\c8378ccca1581319d7b7f3a9d1188607\update\spcustom.dll ----a-w 666,624 2004-11-30 12:46:52 C:\WINDOWS\SoftwareDistribution\Download\c8378ccca1581319d7b7f3a9d1188607\update\update.exe ----a-w 8,192 2004-10-14 09:35:08 C:\WINDOWS\SoftwareDistribution\Download\c8f95ed251aedea843abb9ea5b1a52d3\spmsg.dll ----a-w 172,032 2004-10-14 09:36:22 C:\WINDOWS\SoftwareDistribution\Download\c8f95ed251aedea843abb9ea5b1a52d3\spuninst.exe ------w 451,456 2004-08-03 21:15:18 C:\WINDOWS\SoftwareDistribution\Download\c8f95ed251aedea843abb9ea5b1a52d3\backup\sp2gdr\mrxsmb.sys ------w 176,512 2004-08-03 21:20:08 C:\WINDOWS\SoftwareDistribution\Download\c8f95ed251aedea843abb9ea5b1a52d3\backup\sp2gdr\rdbss.sys ------w 176,512 2004-08-03 21:20:08 C:\WINDOWS\SoftwareDistribution\Download\c8f95ed251aedea843abb9ea5b1a52d3\backup\sp2qfe\rdbss.sys ----a-w 21,504 2004-10-14 09:36:20 C:\WINDOWS\SoftwareDistribution\Download\c8f95ed251aedea843abb9ea5b1a52d3\update\spcustom.dll ----a-w 666,624 2004-10-14 09:35:12 C:\WINDOWS\SoftwareDistribution\Download\c8f95ed251aedea843abb9ea5b1a52d3\update\update.exe ----a-w 15,072 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\cbee9c95b55c0a7f59376a89c9a3d3c1\spmsg.dll ----a-w 213,216 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\cbee9c95b55c0a7f59376a89c9a3d3c1\spuninst.exe ------w 139,400 2004-08-03 22:55:14 C:\WINDOWS\SoftwareDistribution\Download\cbee9c95b55c0a7f59376a89c9a3d3c1\backup\sp2gdr\rdpwd.sys ------w 139,400 2004-08-03 22:55:14 C:\WINDOWS\SoftwareDistribution\Download\cbee9c95b55c0a7f59376a89c9a3d3c1\backup\sp2qfe\rdpwd.sys ----a-w 30,720 2005-06-29 14:54:32 C:\WINDOWS\SoftwareDistribution\Download\cbee9c95b55c0a7f59376a89c9a3d3c1\update\arpidfix.exe ----a-w 22,240 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\cbee9c95b55c0a7f59376a89c9a3d3c1\update\spcustom.dll ----a-w 730,336 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\cbee9c95b55c0a7f59376a89c9a3d3c1\update\update.exe ----a-w 395,488 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\cbee9c95b55c0a7f59376a89c9a3d3c1\update\updspapi.dll ----a-w 496,880 2005-08-05 21:40:57 C:\WINDOWS\SoftwareDistribution\Download\cf7c4c098cbd54051a69cb1654a243b4\WindowsXP-KB899587-x86-express-FRA.exe ----a-w 15,072 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\d14d0217f816e7b705d500838dec3aae\spmsg.dll ----a-w 216,800 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\d14d0217f816e7b705d500838dec3aae\spuninst.exe ------w 171,776 2004-08-03 22:07:50 C:\WINDOWS\SoftwareDistribution\Download\d14d0217f816e7b705d500838dec3aae\backup\sp2gdr\kmixer.sys ------w 6,400 2004-08-03 22:07:48 C:\WINDOWS\SoftwareDistribution\Download\d14d0217f816e7b705d500838dec3aae\backup\sp2gdr\splitter.sys ------w 82,944 2004-08-03 22:15:06 C:\WINDOWS\SoftwareDistribution\Download\d14d0217f816e7b705d500838dec3aae\backup\sp2gdr\wdmaud.sys ------w 171,776 2004-08-03 21:07:50 C:\WINDOWS\SoftwareDistribution\Download\d14d0217f816e7b705d500838dec3aae\backup\sp2qfe\kmixer.sys ------w 6,400 2004-08-03 21:07:48 C:\WINDOWS\SoftwareDistribution\Download\d14d0217f816e7b705d500838dec3aae\backup\sp2qfe\splitter.sys ------w 82,944 2004-08-03 21:15:06 C:\WINDOWS\SoftwareDistribution\Download\d14d0217f816e7b705d500838dec3aae\backup\sp2qfe\wdmaud.sys ----a-w 22,752 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\d14d0217f816e7b705d500838dec3aae\update\spcustom.dll ----a-w 727,776 2005-10-12 23:15:28 C:\WINDOWS\SoftwareDistribution\Download\d14d0217f816e7b705d500838dec3aae\update\update.exe ----a-w 394,976 2005-10-12 23:15:45 C:\WINDOWS\SoftwareDistribution\Download\d14d0217f816e7b705d500838dec3aae\update\updspapi.dll ----a-w 485,104 2005-06-08 19:28:46 C:\WINDOWS\SoftwareDistribution\Download\d3c181d971d83bacdf1ae12100584248\WindowsXP-KB890046-x86-express-FRA.exe ----a-w 15,072 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\d3d59acde4bc99f07df90298fa402c77\spmsg.dll ----a-w 216,800 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\d3d59acde4bc99f07df90298fa402c77\spuninst.exe ----a-w 22,752 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\d3d59acde4bc99f07df90298fa402c77\update\spcustom.dll ----a-w 727,776 2005-10-12 23:15:28 C:\WINDOWS\SoftwareDistribution\Download\d3d59acde4bc99f07df90298fa402c77\update\update.exe ----a-w 394,976 2005-10-12 23:15:45 C:\WINDOWS\SoftwareDistribution\Download\d3d59acde4bc99f07df90298fa402c77\update\updspapi.dll ----a-w 15,072 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\d8cfedd5cfd3f0881276825d82978e5d\spmsg.dll ----a-w 213,216 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\d8cfedd5cfd3f0881276825d82978e5d\spuninst.exe ----a-w 30,720 2005-07-07 17:27:08 C:\WINDOWS\SoftwareDistribution\Download\d8cfedd5cfd3f0881276825d82978e5d\update\arpidfix.exe ----a-w 22,240 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\d8cfedd5cfd3f0881276825d82978e5d\update\spcustom.dll ----a-w 730,336 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\d8cfedd5cfd3f0881276825d82978e5d\update\update.exe ----a-w 395,488 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\d8cfedd5cfd3f0881276825d82978e5d\update\updspapi.dll ----a-w 15,072 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\d983f6bace749011714a05db9ad756fb\spmsg.dll ----a-w 216,800 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\d983f6bace749011714a05db9ad756fb\spuninst.exe ----a-w 22,752 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\d983f6bace749011714a05db9ad756fb\update\spcustom.dll ----a-w 727,776 2005-10-12 23:15:28 C:\WINDOWS\SoftwareDistribution\Download\d983f6bace749011714a05db9ad756fb\update\update.exe ----a-w 394,976 2005-10-12 23:15:45 C:\WINDOWS\SoftwareDistribution\Download\d983f6bace749011714a05db9ad756fb\update\updspapi.dll ----a-w 364,544 2005-11-29 14:27:06 C:\WINDOWS\SoftwareDistribution\Download\dcc40725a7d5df54019097409776908c\npdsplay.dll ----a-w 13,536 2005-06-28 07:20:24 C:\WINDOWS\SoftwareDistribution\Download\dcc40725a7d5df54019097409776908c\spmsg.dll ----a-w 216,800 2005-06-28 07:23:40 C:\WINDOWS\SoftwareDistribution\Download\dcc40725a7d5df54019097409776908c\spuninst.exe ----a-w 22,752 2005-06-28 07:21:34 C:\WINDOWS\SoftwareDistribution\Download\dcc40725a7d5df54019097409776908c\spupdsvc.exe ----a-w 727,776 2005-06-28 07:25:06 C:\WINDOWS\SoftwareDistribution\Download\dcc40725a7d5df54019097409776908c\update\update.exe ----a-w 371,424 2005-06-28 07:23:54 C:\WINDOWS\SoftwareDistribution\Download\dcc40725a7d5df54019097409776908c\update\updspapi.dll ----a-w 15,072 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\e2ee6701f2679c24dd339050a068b193\spmsg.dll ----a-w 216,800 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\e2ee6701f2679c24dd339050a068b193\spuninst.exe ----a-w 22,752 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\e2ee6701f2679c24dd339050a068b193\update\spcustom.dll ----a-w 727,776 2005-10-12 23:15:28 C:\WINDOWS\SoftwareDistribution\Download\e2ee6701f2679c24dd339050a068b193\update\update.exe ----a-w 394,976 2005-10-12 23:15:45 C:\WINDOWS\SoftwareDistribution\Download\e2ee6701f2679c24dd339050a068b193\update\updspapi.dll ----a-w 489,712 2005-06-10 21:12:16 C:\WINDOWS\SoftwareDistribution\Download\e5d795a521bde1cfc36d064ae624a591\WindowsXP-KB896358-x86-express-FRA.exe ----a-w 15,072 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\e6709a5593e8edb948fefef2ae74a35e\spmsg.dll ----a-w 216,800 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\e6709a5593e8edb948fefef2ae74a35e\spuninst.exe ----a-w 22,752 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\e6709a5593e8edb948fefef2ae74a35e\update\spcustom.dll ----a-w 727,776 2005-10-12 23:15:28 C:\WINDOWS\SoftwareDistribution\Download\e6709a5593e8edb948fefef2ae74a35e\update\update.exe ----a-w 394,976 2005-10-12 23:15:45 C:\WINDOWS\SoftwareDistribution\Download\e6709a5593e8edb948fefef2ae74a35e\update\updspapi.dll ----a-w 337,128 2005-02-07 21:28:08 C:\WINDOWS\SoftwareDistribution\Download\e842bca2d27f55f2e29bd72d55d48298\WindowsXP-KB887472-x86-express-fra.exe ----a-w 15,072 2005-10-12 23:18:45 C:\WINDOWS\SoftwareDistribution\Download\e8ac11bc9e4687d6c2a32699ff0541d6\spmsg.dll ----a-w 216,800 2005-10-12 23:18:45 C:\WINDOWS\SoftwareDistribution\Download\e8ac11bc9e4687d6c2a32699ff0541d6\spuninst.exe ------w 58,880 2001-08-24 12:00:00 C:\WINDOWS\SoftwareDistribution\Download\e8ac11bc9e4687d6c2a32699ff0541d6\backup\sp2gdr\nwapi32.dll ------w 163,584 2004-08-03 21:02:24 C:\WINDOWS\SoftwareDistribution\Download\e8ac11bc9e4687d6c2a32699ff0541d6\backup\sp2gdr\nwrdr.sys ------w 58,880 2001-08-24 12:00:00 C:\WINDOWS\SoftwareDistribution\Download\e8ac11bc9e4687d6c2a32699ff0541d6\backup\sp2qfe\nwapi32.dll ----a-w 22,752 2005-10-12 23:18:45 C:\WINDOWS\SoftwareDistribution\Download\e8ac11bc9e4687d6c2a32699ff0541d6\update\spcustom.dll ----a-w 727,776 2005-10-12 23:18:46 C:\WINDOWS\SoftwareDistribution\Download\e8ac11bc9e4687d6c2a32699ff0541d6\update\update.exe ----a-w 394,976 2005-10-12 23:18:49 C:\WINDOWS\SoftwareDistribution\Download\e8ac11bc9e4687d6c2a32699ff0541d6\update\updspapi.dll ----a-w 13,536 2005-06-28 17:20:23 C:\WINDOWS\SoftwareDistribution\Download\e9d8f4956732e81db0bc0f380a674919\spmsg.dll ----a-w 216,800 2005-06-28 17:23:38 C:\WINDOWS\SoftwareDistribution\Download\e9d8f4956732e81db0bc0f380a674919\spuninst.exe ----a-w 2,330,624 2006-12-07 04:14:51 C:\WINDOWS\SoftwareDistribution\Download\e9d8f4956732e81db0bc0f380a674919\Emerald\WMVCORE.DLL ----a-w 727,776 2005-06-28 17:25:05 C:\WINDOWS\SoftwareDistribution\Download\e9d8f4956732e81db0bc0f380a674919\update\Update.exe ----a-w 371,424 2005-06-28 17:23:53 C:\WINDOWS\SoftwareDistribution\Download\e9d8f4956732e81db0bc0f380a674919\update\updspapi.dll ----a-w 2,374,472 2006-12-07 05:29:34 C:\WINDOWS\SoftwareDistribution\Download\e9d8f4956732e81db0bc0f380a674919\WMP10L\WMVCORE.DLL ----a-w 2,362,184 2006-12-07 06:40:49 C:\WINDOWS\SoftwareDistribution\Download\e9d8f4956732e81db0bc0f380a674919\WMP10NL\Wmvcore.dll ----a-w 2,071,368 2006-12-07 08:04:44 C:\WINDOWS\SoftwareDistribution\Download\e9d8f4956732e81db0bc0f380a674919\WMP9L\WMVCORE.DLL ----a-w 2,174,976 2006-12-07 16:02:24 C:\WINDOWS\SoftwareDistribution\Download\e9d8f4956732e81db0bc0f380a674919\WMP9NL\WMVCORE.DLL ----a-w 15,072 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\eb96ceab77261e76cdbe943d8cf8e4cc\spmsg.dll ----a-w 216,800 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\eb96ceab77261e76cdbe943d8cf8e4cc\spuninst.exe ----a-w 22,752 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\eb96ceab77261e76cdbe943d8cf8e4cc\update\spcustom.dll ----a-w 727,776 2005-10-12 23:15:28 C:\WINDOWS\SoftwareDistribution\Download\eb96ceab77261e76cdbe943d8cf8e4cc\update\update.exe ----a-w 394,976 2005-10-12 23:15:45 C:\WINDOWS\SoftwareDistribution\Download\eb96ceab77261e76cdbe943d8cf8e4cc\update\updspapi.dll ----a-w 15,072 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\ec9dc63e53c8bf9a1e80cf1489c682bd\spmsg.dll ----a-w 213,216 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\ec9dc63e53c8bf9a1e80cf1489c682bd\spuninst.exe ------w 10,752 2004-08-03 22:54:52 C:\WINDOWS\SoftwareDistribution\Download\ec9dc63e53c8bf9a1e80cf1489c682bd\backup\sp2gdr\hh.exe ------w 10,752 2004-08-03 22:54:52 C:\WINDOWS\SoftwareDistribution\Download\ec9dc63e53c8bf9a1e80cf1489c682bd\backup\sp2qfe\hh.exe ----a-w 22,240 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\ec9dc63e53c8bf9a1e80cf1489c682bd\update\spcustom.dll ----a-w 730,336 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\ec9dc63e53c8bf9a1e80cf1489c682bd\update\update.exe ----a-w 395,488 2005-02-24 18:35:26 C:\WINDOWS\SoftwareDistribution\Download\ec9dc63e53c8bf9a1e80cf1489c682bd\update\updspapi.dll ----a-w 337,640 2005-02-07 20:43:15 C:\WINDOWS\SoftwareDistribution\Download\edcc3f7164a381fb0912c47bc6b94ca4\WindowsXP-KB888302-x86-express-FRA.exe ----a-w 15,072 2006-01-19 19:29:25 C:\WINDOWS\SoftwareDistribution\Download\edf770ea565c428bca41a4befcabb97b\spmsg.dll ----a-w 216,800 2006-01-19 19:29:25 C:\WINDOWS\SoftwareDistribution\Download\edf770ea565c428bca41a4befcabb97b\spuninst.exe ------w 1,836,032 2004-08-03 22:45:58 C:\WINDOWS\SoftwareDistribution\Download\edf770ea565c428bca41a4befcabb97b\backup\sp2gdr\win32k.sys ------w 1,836,032 2004-08-03 22:45:58 C:\WINDOWS\SoftwareDistribution\Download\edf770ea565c428bca41a4befcabb97b\backup\sp2qfe\win32k.sys ----a-w 22,752 2006-01-19 19:29:25 C:\WINDOWS\SoftwareDistribution\Download\edf770ea565c428bca41a4befcabb97b\update\spcustom.dll ----a-w 727,776 2006-01-19 19:29:26 C:\WINDOWS\SoftwareDistribution\Download\edf770ea565c428bca41a4befcabb97b\update\update.exe ----a-w 394,976 2006-01-19 19:29:26 C:\WINDOWS\SoftwareDistribution\Download\edf770ea565c428bca41a4befcabb97b\update\updspapi.dll ----a-w 15,072 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\ef76b58e91ae8084bf0833c90d4b9382\spmsg.dll ----a-w 216,800 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\ef76b58e91ae8084bf0833c90d4b9382\spuninst.exe ------w 142,464 2004-08-03 21:39:38 C:\WINDOWS\SoftwareDistribution\Download\ef76b58e91ae8084bf0833c90d4b9382\backup\sp2gdr\aec.sys ------w 142,464 2004-08-03 20:39:38 C:\WINDOWS\SoftwareDistribution\Download\ef76b58e91ae8084bf0833c90d4b9382\backup\sp2qfe\aec.sys ----a-w 22,752 2005-10-12 23:15:25 C:\WINDOWS\SoftwareDistribution\Download\ef76b58e91ae8084bf0833c90d4b9382\update\spcustom.dll ----a-w 727,776 2005-10-12 23:15:28 C:\WINDOWS\SoftwareDistribution\Download\ef76b58e91ae8084bf0833c90d4b9382\update\update.exe ----a-w 394,976 2005-10-12 23:15:45 C:\WINDOWS\SoftwareDistribution\Download\ef76b58e91ae8084bf0833c90d4b9382\update\updspapi.dll ----a-w 15,072 2006-01-19 19:29:25 C:\WINDOWS\SoftwareDistribution\Download\f32bfa5d1049b53eae766f9d37379ea6\spmsg.dll ----a-w 216,800 2006-01-19 19:29:25 C:\WINDOWS\SoftwareDistribution\Download\f32bfa5d1049b53eae766f9d37379ea6\spuninst.exe ----a-w 22,752 2006-01-19 19:29:25 C:\WINDOWS\SoftwareDistribution\Download\f32bfa5d1049b53eae766f9d37379ea6\update\spcustom.dll ----a-w 727,776 2006-01-19 19:29:26 C:\WINDOWS\SoftwareDistribution\Download\f32bfa5d1049b53eae766f9d37379ea6\update\update.exe ----a-w 394,976 2006-01-19 19:29:26 C:\WINDOWS\SoftwareDistribution\Download\f32bfa5d1049b53eae766f9d37379ea6\update\updspapi.dll ----a-w 338,152 2004-12-14 00:05:45 C:\WINDOWS\SoftwareDistribution\Download\f3f2705b5fdfd9264b7123a2d283e06d\WindowsXP-KB885836-x86-express-FRA.exe ----a-w 15,072 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\fbbf97636558a8b12d2660a1fbe98336\spmsg.dll ----a-w 213,216 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\fbbf97636558a8b12d2660a1fbe98336\spuninst.exe ----a-w 22,752 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\fbbf97636558a8b12d2660a1fbe98336\spupdsvc.exe ----a-w 22,240 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\fbbf97636558a8b12d2660a1fbe98336\update\spcustom.dll ----a-w 730,336 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\fbbf97636558a8b12d2660a1fbe98336\update\update.exe ----a-w 395,488 2005-02-25 03:35:25 C:\WINDOWS\SoftwareDistribution\Download\fbbf97636558a8b12d2660a1fbe98336\update\updspapi.dll ----a-w 8,192 2004-10-14 08:35:08 C:\WINDOWS\SoftwareDistribution\Download\fde0566446f6dd640c536f419fe1216a\spmsg.dll ----a-w 172,032 2004-10-14 08:36:22 C:\WINDOWS\SoftwareDistribution\Download\fde0566446f6dd640c536f419fe1216a\spuninst.exe ----a-w 21,504 2004-10-14 08:36:20 C:\WINDOWS\SoftwareDistribution\Download\fde0566446f6dd640c536f419fe1216a\update\spcustom.dll ----a-w 666,624 2004-10-14 08:35:12 C:\WINDOWS\SoftwareDistribution\Download\fde0566446f6dd640c536f419fe1216a\update\update.exe ----a-w 92,504 2007-07-30 17:19:20 C:\WINDOWS\system32\cdm.dll ----a-w 16,896 2006-08-21 12:26:15 C:\WINDOWS\system32\fltlib.dll ----a-w 23,040 2006-08-21 09:14:58 C:\WINDOWS\system32\fltmc.exe ----a-w 46,080 2007-09-17 13:04:59 C:\WINDOWS\system32\ftp.exe ----a-w 163,840 2006-06-01 18:48:44 C:\WINDOWS\system32\jgdw400.dll ----a-w 27,648 2006-06-01 18:48:44 C:\WINDOWS\system32\jgpl400.dll ----a-w 450,560 2006-05-18 05:31:21 C:\WINDOWS\system32\jscript.dll ----a-w 2,854,400 2007-04-18 16:14:18 C:\WINDOWS\system32\msi.dll ----a-w 78,848 2005-05-04 12:45:36 C:\WINDOWS\system32\msiexec.exe ----a-w 271,360 2005-05-04 12:45:36 C:\WINDOWS\system32\msihnd.dll ----a-w 884,736 2005-05-04 12:45:36 C:\WINDOWS\system32\msimsg.dll ----a-w 15,360 2005-05-04 12:45:36 C:\WINDOWS\system32\msisip.dll ----a-w 40,326 2007-10-01 06:33:37 C:\WINDOWS\system32\perfc009.dat ----a-w 49,054 2007-10-01 06:33:37 C:\WINDOWS\system32\perfc00C.dat ----a-w 311,938 2007-10-01 06:33:37 C:\WINDOWS\system32\perfh009.dat ----a-w 368,314 2007-10-01 06:33:38 C:\WINDOWS\system32\perfh00C.dat ----a-w 144,896 2007-04-25 14:22:35 C:\WINDOWS\system32\schannel.dll ------w 15,072 2006-12-14 08:53:58 C:\WINDOWS\system32\spmsg.dll ----a-w 57,856 2005-06-10 23:53:32 C:\WINDOWS\system32\spoolsv.exe ----a-w 22,752 2005-06-28 07:21:34 C:\WINDOWS\system32\spupdsvc.exe ----a-w 17,920 2001-08-24 12:00:00 C:\WINDOWS\system32\tftp.exe ----a-w 2,374,472 2006-12-07 05:29:34 C:\WINDOWS\system32\wmvcore.dll ----a-w 549,720 2007-07-30 17:19:36 C:\WINDOWS\system32\wuapi.dll ----a-w 53,080 2007-07-30 17:19:16 C:\WINDOWS\system32\wuauclt.exe ----a-w 1,712,984 2007-07-30 17:19:42 C:\WINDOWS\system32\wuaueng.dll ----a-w 325,976 2007-07-30 17:19:32 C:\WINDOWS\system32\wucltui.dll ----a-w 33,624 2007-07-30 17:18:40 C:\WINDOWS\system32\wups.dll ----a-w 43,352 2007-07-30 17:19:12 C:\WINDOWS\system32\wups2.dll ----a-w 203,096 2007-07-30 17:19:28 C:\WINDOWS\system32\wuweb.dll ------w 121,856 2006-10-16 10:40:51 C:\WINDOWS\system32\xpsp3res.dll -c--a-w 42,496 2006-10-12 14:04:13 C:\WINDOWS\system32\dllcache\agentdp2.dll -c--a-w 57,344 2006-10-12 14:04:13 C:\WINDOWS\system32\dllcache\agentdpv.dll -c--a-w 256,512 2006-10-12 11:09:53 C:\WINDOWS\system32\dllcache\agentsvr.exe -c--a-w 92,504 2007-07-30 17:19:20 C:\WINDOWS\system32\dllcache\cdm.dll -c--a-w 16,896 2006-08-21 12:26:15 C:\WINDOWS\system32\dllcache\fltlib.dll -c--a-w 23,040 2006-08-21 09:14:58 C:\WINDOWS\system32\dllcache\fltmc.exe -c--a-w 128,896 2006-08-21 09:14:58 C:\WINDOWS\system32\dllcache\fltmgr.sys -c--a-w 46,080 2007-09-17 13:04:59 C:\WINDOWS\system32\dllcache\ftp.exe -c----w 163,840 2006-06-01 18:48:44 C:\WINDOWS\system32\dllcache\jgdw400.dll -c----w 27,648 2006-06-01 18:48:44 C:\WINDOWS\system32\dllcache\jgpl400.dll -c--a-w 450,560 2006-05-18 05:31:21 C:\WINDOWS\system32\dllcache\jscript.dll -c--a-w 2,854,400 2007-04-18 16:14:18 C:\WINDOWS\system32\dllcache\msi.dll -c--a-w 78,848 2005-05-04 12:45:36 C:\WINDOWS\system32\dllcache\msiexec.exe -c--a-w 271,360 2005-05-04 12:45:36 C:\WINDOWS\system32\dllcache\msihnd.dll -c--a-w 884,736 2005-05-04 12:45:36 C:\WINDOWS\system32\dllcache\msimsg.dll -c--a-w 15,360 2005-05-04 12:45:36 C:\WINDOWS\system32\dllcache\msisip.dll -c--a-w 364,544 2005-11-29 14:27:06 C:\WINDOWS\system32\dllcache\npdsplay.dll -c--a-w 202,240 2006-07-13 08:48:58 C:\WINDOWS\system32\dllcache\rmcast.sys -c--a-w 144,896 2007-04-25 14:22:35 C:\WINDOWS\system32\dllcache\schannel.dll -c--a-w 57,856 2005-06-10 23:53:32 C:\WINDOWS\system32\dllcache\spoolsv.exe -c----w 359,808 2006-04-20 11:51:50 C:\WINDOWS\system32\dllcache\tcpip.sys -c--a-w 17,920 2001-08-24 12:00:00 C:\WINDOWS\system32\dllcache\tftp.exe -c--a-w 2,374,472 2006-12-07 05:29:34 C:\WINDOWS\system32\dllcache\wmvcore.dll -c--a-w 549,720 2007-07-30 17:19:36 C:\WINDOWS\system32\dllcache\wuapi.dll -c--a-w 53,080 2007-07-30 17:19:16 C:\WINDOWS\system32\dllcache\wuauclt.exe -c--a-w 1,712,984 2007-07-30 17:19:42 C:\WINDOWS\system32\dllcache\wuaueng.dll -c--a-w 325,976 2007-07-30 17:19:32 C:\WINDOWS\system32\dllcache\wucltui.dll -c--a-w 33,624 2007-07-30 17:18:40 C:\WINDOWS\system32\dllcache\wups.dll -c--a-w 203,096 2007-07-30 17:19:28 C:\WINDOWS\system32\dllcache\wuweb.dll ----a-w 40,768 2007-08-09 11:04:11 C:\WINDOWS\system32\drivers\avgntdd.sys ----a-w 21,312 2007-07-18 12:22:19 C:\WINDOWS\system32\drivers\avgntmgr.sys ----a-w 62,016 2007-09-07 10:05:19 C:\WINDOWS\system32\drivers\avipbb.sys ----a-w 128,896 2006-08-21 09:14:58 C:\WINDOWS\system32\drivers\fltmgr.sys ----a-w 262,784 2006-03-17 00:33:10 C:\WINDOWS\system32\drivers\http.sys ----a-w 202,240 2006-07-13 08:48:58 C:\WINDOWS\system32\drivers\rmcast.sys ----a-w 28,352 2007-03-01 08:34:36 C:\WINDOWS\system32\drivers\ssmdrv.sys ------w 359,808 2006-04-20 11:51:50 C:\WINDOWS\system32\drivers\tcpip.sys ----a-w 17,920 2001-08-24 12:00:00 C:\WINDOWS\system32\Microsoft\tftp.exe ----a-w 33,624 2007-07-30 17:18:40 C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.0.6000.381\wups.dll . ----a-w 41,984 2004-08-03 22:54:22 C:\WINDOWS\msagent\agentdp2.dll ----a-w 58,880 2004-08-03 22:54:22 C:\WINDOWS\msagent\agentdpv.dll ----a-w 256,512 2004-08-03 22:54:50 C:\WINDOWS\msagent\agentsvr.exe ----a-w 66,560 2004-08-03 22:54:22 C:\WINDOWS\system32\cdm.dll ----a-w 16,896 2004-08-03 22:54:26 C:\WINDOWS\system32\fltlib.dll ----a-w 22,528 2004-08-03 22:54:50 C:\WINDOWS\system32\fltMc.exe ----a-w 46,080 2007-09-14 14:48:27 C:\WINDOWS\system32\ftp.exe ----a-w 144,896 2001-08-24 12:00:00 C:\WINDOWS\system32\jgdw400.dll ----a-w 42,496 2001-08-24 12:00:00 C:\WINDOWS\system32\jgpl400.dll ----a-w 450,560 2004-08-03 22:54:30 C:\WINDOWS\system32\jscript.dll ----a-w 2,804,224 2004-08-03 22:54:34 C:\WINDOWS\system32\msi.dll ----a-w 77,312 2004-08-03 22:54:58 C:\WINDOWS\system32\msiexec.exe ----a-w 331,264 2004-08-03 22:54:34 C:\WINDOWS\system32\msihnd.dll ----a-w 884,736 2004-08-03 22:53:32 C:\WINDOWS\system32\msimsg.dll ----a-w 44,032 2004-08-03 22:54:34 C:\WINDOWS\system32\msisip.dll ----a-w 40,326 2007-04-09 20:03:57 C:\WINDOWS\system32\perfc009.dat ----a-w 49,054 2007-04-09 20:03:57 C:\WINDOWS\system32\perfc00C.dat ----a-w 311,938 2007-04-09 20:03:57 C:\WINDOWS\system32\perfh009.dat ----a-w 368,314 2007-04-09 20:03:57 C:\WINDOWS\system32\perfh00C.dat ----a-w 144,896 2004-08-03 22:54:38 C:\WINDOWS\system32\schannel.dll ----a-w 57,856 2004-08-03 22:55:02 C:\WINDOWS\system32\spoolsv.exe ----a-w 22,752 2004-11-18 09:42:52 C:\WINDOWS\system32\spupdsvc.exe ----a-w 17,920 2007-09-14 14:48:27 C:\WINDOWS\system32\tftp.exe ----a-w 2,370,296 2005-01-28 12:44:28 C:\WINDOWS\system32\wmvcore.dll ----a-w 432,640 2004-08-03 22:54:48 C:\WINDOWS\system32\wuapi.dll ----a-w 112,640 2004-08-03 22:55:04 C:\WINDOWS\system32\wuauclt.exe ----a-w 1,134,592 2004-08-03 22:54:48 C:\WINDOWS\system32\wuaueng.dll ----a-w 114,176 2004-08-03 22:54:48 C:\WINDOWS\system32\wucltui.dll ----a-w 36,864 2004-08-03 22:54:48 C:\WINDOWS\system32\wups.dll ----a-w 120,320 2004-08-03 22:54:48 C:\WINDOWS\system32\wuweb.dll -c--a-w 41,984 2004-08-03 22:54:22 C:\WINDOWS\system32\dllcache\agentdp2.dll -c--a-w 58,880 2004-08-03 22:54:22 C:\WINDOWS\system32\dllcache\agentdpv.dll -c--a-w 256,512 2004-08-03 22:54:50 C:\WINDOWS\system32\dllcache\agentsvr.exe -c--a-w 66,560 2004-08-03 22:54:22 C:\WINDOWS\system32\dllcache\cdm.dll -c--a-w 16,896 2004-08-03 22:54:26 C:\WINDOWS\system32\dllcache\fltlib.dll -c--a-w 22,528 2004-08-03 22:54:50 C:\WINDOWS\system32\dllcache\fltmc.exe -c--a-w 124,800 2004-08-03 21:01:20 C:\WINDOWS\system32\dllcache\fltmgr.sys -c--a-w 46,080 2007-09-14 14:48:27 C:\WINDOWS\system32\dllcache\ftp.exe -c--a-w 450,560 2004-08-03 22:54:30 C:\WINDOWS\system32\dllcache\jscript.dll -c--a-w 2,804,224 2004-08-03 22:54:34 C:\WINDOWS\system32\dllcache\msi.dll -c--a-w 77,312 2004-08-03 22:54:58 C:\WINDOWS\system32\dllcache\msiexec.exe -c--a-w 331,264 2004-08-03 22:54:34 C:\WINDOWS\system32\dllcache\msihnd.dll -c--a-w 884,736 2004-08-03 22:53:32 C:\WINDOWS\system32\dllcache\msimsg.dll -c--a-w 44,032 2004-08-03 22:54:34 C:\WINDOWS\system32\dllcache\msisip.dll -c--a-w 364,544 2004-08-03 22:54:36 C:\WINDOWS\system32\dllcache\npdsplay.dll -c--a-w 200,064 2001-08-24 12:00:00 C:\WINDOWS\system32\dllcache\rmcast.sys -c--a-w 144,896 2004-08-03 22:54:38 C:\WINDOWS\system32\dllcache\schannel.dll -c--a-w 57,856 2004-08-03 22:55:02 C:\WINDOWS\system32\dllcache\spoolsv.exe -c----w 359,040 2007-09-10 10:00:30 C:\WINDOWS\system32\dllcache\tcpip.sys -c--a-w 17,920 2007-09-14 14:48:27 C:\WINDOWS\system32\dllcache\tftp.exe -c--a-w 2,370,296 2005-01-28 12:44:28 C:\WINDOWS\system32\dllcache\wmvcore.dll -c--a-w 432,640 2004-08-03 22:54:48 C:\WINDOWS\system32\dllcache\wuapi.dll -c--a-w 112,640 2004-08-03 22:55:04 C:\WINDOWS\system32\dllcache\wuauclt.exe -c--a-w 1,134,592 2004-08-03 22:54:48 C:\WINDOWS\system32\dllcache\wuaueng.dll -c--a-w 114,176 2004-08-03 22:54:48 C:\WINDOWS\system32\dllcache\wucltui.dll -c--a-w 36,864 2004-08-03 22:54:48 C:\WINDOWS\system32\dllcache\wups.dll -c--a-w 120,320 2004-08-03 22:54:48 C:\WINDOWS\system32\dllcache\wuweb.dll ----a-w 124,800 2004-08-03 21:01:20 C:\WINDOWS\system32\drivers\fltMgr.sys ----a-w 263,040 2004-08-03 21:00:14 C:\WINDOWS\system32\drivers\http.sys ----a-w 200,064 2001-08-24 12:00:00 C:\WINDOWS\system32\drivers\RMCast.sys ------w 359,040 2007-09-10 10:00:29 C:\WINDOWS\system32\drivers\tcpip.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-06-08 12:02] "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-06-08 11:59] "Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2005-06-08 12:03] "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 18:07 C:\WINDOWS\system32\HdAShCut.exe] "AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [2005-06-11 20:51] "RTHDCPL"="RTHDCPL.EXE" [2005-08-09 16:17 C:\WINDOWS\RTHDCPL.EXE] "TPPOLL"="C:\Program Files\Topro\tppoll.exe" [] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-08-31 12:25] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 13:55] S3 DCamUSBIntel;Webcam;C:\WINDOWS\system32\Drivers\TP6800.sys [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{03ba0f36-1299-11dc-bc71-0013ce91087a}] Auto\command- bittorrent.exe e AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL bittorrent.exe e [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{67bba7e8-0c6c-11dc-a957-806d6172696f}] play\command- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file dvd:%1 . ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-10-01 09:06:06 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... ************************************************************************** . Completion time: 2007-10-01 9:07:53 - machine was rebooted C:\ComboFix-quarantined-files.txt ... 2007-10-01 09:07 C:\ComboFix2.txt ... 2007-09-17 18:03 C:\ComboFix3.txt ... 2007-09-14 16:49 . --- E O F --- j espere qu on arrive au bout bye

re il me donne ca le scan avec antivir AntiVir PersonalEdition Classic Report file date: vendredi 28 septembre 2007 22:41 Scanning for 1036370 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Username: God Computer name: UNICORNI-DB0398 Version information: BUILD.DAT : 269 15604 Bytes 10/09/2007 14:31:00 AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 12:16:29 AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 11:23:51 LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 14:32:47 LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 11:35:20 ANTIVIR0.VDF : 6.35.0.1 7371264 Bytes 31/05/2006 11:32:40 ANTIVIR1.VDF : 6.39.0.129 7251968 Bytes 10/07/2007 11:32:46 ANTIVIR2.VDF : 6.39.1.43 1542656 Bytes 25/08/2007 16:21:02 ANTIVIR3.VDF : 6.39.1.51 29696 Bytes 28/08/2007 06:22:36 AVEWIN32.DLL : 7.6.0.5 2789888 Bytes 29/08/2007 16:09:10 AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 09:36:26 AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 06:39:17 AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24 AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 07:46:00 AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 06:17:06 AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 11:26:33 AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 06:10:18 NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 10:09:42 RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 11:38:13 RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 11:50:37 SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 08:37:21 Configuration settings for the scan: Jobname..........................: Local Drives Configuration file...............: c:\program files\avira\antivir personaledition classic\alldrives.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: off Scan boot sector.................: on Boot sectors.....................: E:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Search for rootkits..............: off Scan all files...................: Intelligent file selection Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Start of the scan: vendredi 28 septembre 2007 22:41 The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'wuauclt.exe' - '1' Module(s) have been scanned Scan process 'IEXPLORE.EXE' - '1' Module(s) have been scanned Scan process 'IEXPLORE.EXE' - '1' Module(s) have been scanned Scan process 'IEXPLORE.EXE' - '1' Module(s) have been scanned Scan process 'usnsvc.exe' - '1' Module(s) have been scanned Scan process 'IEXPLORE.EXE' - '1' Module(s) have been scanned Scan process 'wscntfy.exe' - '1' Module(s) have been scanned Scan process 'alg.exe' - '1' Module(s) have been scanned Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'RTHDCPL.EXE' - '1' Module(s) have been scanned Scan process 'igfxpers.exe' - '1' Module(s) have been scanned Scan process 'hkcmd.exe' - '1' Module(s) have been scanned Scan process 'igfxtray.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 32 processes with 32 modules were scanned Start scanning boot sectors: Boot sector 'C:\' [NOTE] No virus was found! Boot sector 'D:\' [NOTE] No virus was found! Boot sector 'F:\' [NOTE] No virus was found! Starting to scan the registry. The registry was scanned ( '27' files ). Starting the file scan: Begin scan in 'C:\' <WINDOWS> C:\pagefile.sys [WARNING] The file could not be opened! Begin scan in 'D:\' <DOCUMENTS> Begin scan in 'F:\' <KINGSTON> Begin scan in 'E:\' Search path E:\ could not be opened! Le périphérique n'est pas prêt. End of the scan: vendredi 28 septembre 2007 22:57 Used time: 16:07 min The scan has been done completely. 1851 Scanning directories 84247 Files were scanned 0 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 1 Files cannot be scanned 84247 Files not concerned 1269 Archives were scanned 1 Warnings 0 Notes est ce que tu penses que ca va aller?? A plus

le scan de MSNFix donne ca (je l ai fait en mode normal) MSNFix 1.521 D:\Mes documents\MSNFix\MSNFix Fix exécuté le 27/09/2007 - 17:54:36,62 By God mode normal ************************ Recherche les fichiers présents ... C:\DOCUME~1\ALLUSE~1\MENUDM~1\carlton ... C:\Program Files\Fichiers communs\Carlson\carlton ... C:\WINDOWS\W139_jpg.zip ... C:\WINDOWS\Z058_jpg.zip ... C:\WINDOWS\system32\microsoft\backup.ftp ... C:\WINDOWS\system32\microsoft\backup.tftp ... C:\WINDOWS\W139_jpg.zip ... C:\WINDOWS\Z058_jpg.zip ************************ MSNCHK ***** /!\ beta test /!\ ************************ Recherche les dossiers présents ... C:\Program Files\Fichiers communs\Carlson\ ************************ Suppression des fichiers .. OK ... C:\DOCUME~1\ALLUSE~1\MENUDM~1\carlton .. OK ... C:\Program Files\Fichiers communs\Carlson\carlton .. OK ... C:\WINDOWS\W139_jpg.zip .. OK ... C:\WINDOWS\Z058_jpg.zip .. OK ... C:\WINDOWS\system32\microsoft\backup.ftp .. OK ... C:\WINDOWS\system32\microsoft\backup.tftp .. OK ... C:\WINDOWS\W139_jpg.zip .. OK ... C:\WINDOWS\Z058_jpg.zip ************************ Suppression des dossiers .. OK ... C:\Program Files\Fichiers communs\Carlson\ ************************ Nettoyage du registre ************************ Fichiers suspects Aucun Fichier trouvé Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 27092007_17552060.zip ------------------------------------------------------------------------ Auteur : !aur3n7 Contact: http://changelog.fr ------------------------------------------------------------------------ --------------------------------------------- END --------------------------------------------- a tte

hello charles! ma connexion marche tjrs aussi mal ms c 'est peut etre mon réseau dsl de t avoir fait attendre Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:38, on 19/09/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.emjysoft.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.files-ftp.com/~unicorni/phpBB2/index.php R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.emjysoft.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [TPPOLL] C:\Program Files\Topro\tppoll.exe O4 - HKLM\..\Run: %5 hello charles! ma connexion marche tjrs aussi mal ms c 'est peut etre mon réseau dsl de t avoir fait attendre Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:38, on 19/09/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.emjysoft.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.files-ftp.com/~unicorni/phpBB2/index.php R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.emjysoft.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [TPPOLL] C:\Program Files\Topro\tppoll.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://www.touslesdrivers.com/fichiers/har...on.cab?version= O22 - SharedTaskScheduler: barbican - {e0f691d7-01bf-4fed-926c-7368034a45e3} - (no file) O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 3574 byt ca c est ce que me donne antivir en mode sans échec j espere que ca pourra t aider je fais maintenant la lecture avec antivir (mais j ai quand meme l impression que antivir n a pas le meme mode d utilisation que celui que je devrais avoir moi c est: avira antivir personnal edition classic et je fais qd meme le scan avec antivir merci et a bientot

charles!!! j ai installé zone alarm mais a cause de ca ma connexion a été détérioré et je n avais plus accès dc j ai du le supprimer... je vais retenter de le remettre et je t envoie le rapport!!

Je voulais également rajouter que mes contacts sur msn recoivent toujours par mon biais la piece a jointe (sans que j active l operation ) qui m a contaminé donc comment puis je retirer cet élément qui va polluer mes contacts?? je téléchage les antivirus

Top!!! le lien qui appartait est: http://www.sendspace.com/file/nwdgit je commence, donc, a telechager les antivirus dont tu m'as parlé??

Cool ca a marché donc voila ca me donne ca: ComboFix 07-09-14.2 - "God" 2007-09-17 18:00:13.2 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.209 [GMT 2:00] Command switches used :: D:\Mes documents\CFScript.txt * Created a new restore point FILE:: C:\5c3x8p2r8t8.exe C:\g7n4l2o4i4v4.exe C:\WINDOWS\czsrv.exe C:\WINDOWS\wdfmgr.exe C:\WINDOWS\system32\7N0n3c1I.dll C:\WINDOWS\system32\5nC2Ku4B.dll C:\WINDOWS\system32\xB0C11vk.dll C:\WINDOWS\system32\512lnUrf.dll C:\WINDOWS\system32\stJHI1X7.dll C:\WINDOWS\system32\61QCDHYu.dll C:\WINDOWS\system3256205C6.dll C:\WINDOWS\Tasks\At1.job C:\WINDOWS\Tasks\At2.job C:\WINDOWS\Tasks\At3.job C:\WINDOWS\Tasks\At4.job C:\WINDOWS\Tasks\At5.job C:\WINDOWS\Tasks\At6.job C:\WINDOWS\Tasks\At7.job C:\WINDOWS\Tasks\At8.job C:\WINDOWS\Tasks\At9.job C:\WINDOWS\Tasks\At10.job C:\WINDOWS\Tasks\At11.job C:\WINDOWS\Tasks\At12.job C:\WINDOWS\Tasks\At13.job C:\WINDOWS\Tasks\At14.job C:\WINDOWS\Tasks\At15.job C:\WINDOWS\Tasks\At16.job C:\WINDOWS\Tasks\At17.job C:\WINDOWS\Tasks\At18.job C:\WINDOWS\Tasks\At19.job C:\WINDOWS\Tasks\At20.job C:\WINDOWS\Tasks\At21.job C:\WINDOWS\Tasks\At22.job C:\WINDOWS\Tasks\At23.job C:\WINDOWS\Tasks\At24.job . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\czsrv.exe C:\WINDOWS\services.exe C:\WINDOWS\system32\512lnUrf.dll C:\WINDOWS\system32\5nC2Ku4B.dll C:\WINDOWS\system32\61QCDHYu.dll C:\WINDOWS\system32\7N0n3c1I.dll C:\WINDOWS\system32\stJHI1X7.dll C:\WINDOWS\system32\xB0C11vk.dll C:\WINDOWS\Tasks\At1.job C:\WINDOWS\Tasks\At10.job C:\WINDOWS\Tasks\At11.job C:\WINDOWS\Tasks\At12.job C:\WINDOWS\Tasks\At13.job C:\WINDOWS\Tasks\At14.job C:\WINDOWS\Tasks\At15.job C:\WINDOWS\Tasks\At16.job C:\WINDOWS\Tasks\At17.job C:\WINDOWS\Tasks\At18.job C:\WINDOWS\Tasks\At19.job C:\WINDOWS\Tasks\At2.job C:\WINDOWS\Tasks\At20.job C:\WINDOWS\Tasks\At21.job C:\WINDOWS\Tasks\At22.job C:\WINDOWS\Tasks\At23.job C:\WINDOWS\Tasks\At24.job C:\WINDOWS\Tasks\At3.job C:\WINDOWS\Tasks\At4.job C:\WINDOWS\Tasks\At5.job C:\WINDOWS\Tasks\At6.job C:\WINDOWS\Tasks\At7.job C:\WINDOWS\Tasks\At8.job C:\WINDOWS\Tasks\At9.job C:\WINDOWS\wdfmgr.exe . ((((((((((((((((((((((((( Files Created from 2007-08-17 to 2007-09-17 ))))))))))))))))))))))))))))))) . 2007-09-17 16:59 40,960 --a------ C:\qwere.exe 2007-09-14 16:44 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-09-14 13:09 <REP> d-------- C:\Program Files\Trend Micro 2007-09-14 11:05 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira 2007-09-14 11:00 <REP> dr------- C:\DOCUME~1\ADMINI~1\Menu D‚marrer 2007-09-14 11:00 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage r‚seau 2007-09-14 11:00 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage d'impression 2007-09-14 11:00 <REP> d--h----- C:\DOCUME~1\ADMINI~1\ModŠles 2007-09-14 11:00 <REP> d-------- C:\DOCUME~1\ADMINI~1\Mes documents 2007-09-14 11:00 <REP> d-------- C:\DOCUME~1\ADMINI~1\Favoris 2007-09-14 11:00 <REP> d-------- C:\DOCUME~1\ADMINI~1\Bureau 2007-09-11 18:55 <REP> d-------- C:\DOCUME~1\God\APPLIC~1\Emjysoft 2007-09-11 18:55 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Emjysoft 2007-09-10 16:13 85,376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys 2007-09-10 16:13 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys 2007-09-10 16:13 19,328 --a------ C:\WINDOWS\system32\drivers\WSTCODEC.SYS 2007-09-10 16:13 17,024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys 2007-09-10 16:13 15,360 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys 2007-09-10 16:13 11,136 --a------ C:\WINDOWS\system32\drivers\SLIP.sys 2007-09-10 16:13 10,880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys 2007-09-10 16:12 54,784 --a------ C:\WINDOWS\vfwwdm32.dll 2007-09-10 16:06 <REP> d--h----- C:\Program Files\Fichiers communs\Carlson 2007-09-10 16:00 65,536 --a------ C:\WINDOWS\system32\camlib.dll 2007-09-10 16:00 28,672 --a------ C:\WINDOWS\tpsti.exe 2007-09-10 16:00 221,184 --a------ C:\WINDOWS\ToproUI.exe 2007-09-10 16:00 198,316 --a------ C:\WINDOWS\system32\drivers\TP6800.sys 2007-09-10 16:00 1,523,712 --a------ C:\WINDOWS\system32\ToproVC.dll 2007-09-06 18:29 184,320 --a------ C:\WINDOWS\system3256205C6.dll 2007-09-06 18:07 <REP> d--h----- C:\WINDOWS\PIF 2007-08-22 19:43 <REP> d-------- C:\DOCUME~1\God\APPLIC~1\MSNInstaller . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-09-17 15:04 46080 --a------ C:\WINDOWS\system32\ftp.exe 2007-09-17 15:04 17920 --a------ C:\WINDOWS\system32\tftp.exe 2007-09-11 22:51 --------- d-------- C:\Program Files\MSN Messenger 2007-09-11 22:49 --------- d-------- C:\Program Files\Services en ligne 2007-09-10 16:00 --------- d--h----- C:\Program Files\InstallShield Installation Information 2007-09-10 12:00 359040 --------- C:\WINDOWS\system32\drivers\tcpip.sys 2007-09-05 14:58 --------- d-------- C:\DOCUME~1\God\APPLIC~1\dvdcss 2007-08-30 16:32 --------- d-------- C:\Program Files\Winamp 2007-08-22 18:14 12288 --a-s---- C:\WINDOWS\system32\mvwqn.dll 2007-08-13 01:38 --------- d-------- C:\Program Files\InterActual . ((((((((((((((((((((((((((((( snapshot_2007-09-14_164845.48 ))))))))))))))))))))))))))))))))))))))))) . -c--a-w 46,080 2007-09-17 13:04:59 C:\WINDOWS\system32\dllcache\ftp.exe -c--a-w 17,920 2007-09-17 13:04:59 C:\WINDOWS\system32\dllcache\tftp.exe . -c--a-w 46,080 2007-09-14 14:48:27 C:\WINDOWS\system32\dllcache\ftp.exe -c--a-w 17,920 2007-09-14 14:48:27 C:\WINDOWS\system32\dllcache\tftp.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-06-08 12:02] "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-06-08 11:59] "Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2005-06-08 12:03] "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 18:07 C:\WINDOWS\system32\HdAShCut.exe] "AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [2005-06-11 20:51] "RTHDCPL"="RTHDCPL.EXE" [2005-08-09 16:17 C:\WINDOWS\RTHDCPL.EXE] "TPPOLL"="C:\Program Files\Topro\tppoll.exe" [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 13:55] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-04 02:07] S3 DCamUSBIntel;Webcam;C:\WINDOWS\system32\Drivers\TP6800.sys [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D] AutoRun\command- D:\setupSNK.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{03ba0f36-1299-11dc-bc71-0013ce91087a}] Auto\command- bittorrent.exe e AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL bittorrent.exe e [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{67bba7e8-0c6c-11dc-a957-806d6172696f}] play\command- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file dvd:%1 . ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-09-17 18:02:27 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-09-17 18:03:06 - machine was rebooted C:\ComboFix-quarantined-files.txt ... 2007-09-17 18:02 C:\ComboFix2.txt ... 2007-09-14 16:49 . --- E O F --- j attends tes instructions ) a tt de suite

Il me met un message d'erreur "etiez vous entrain d'executer CFScript? le nom CFScript semble etre incorrectement écrit" je réessaye ms ca persiste a mettre ce message d erreur dc je ne peux meme pas taper 1 Dois je faire qqchose d autre ? je continue et attend ta reponse stp

le problème c que je ne trouve pas ton fichier L14s36eV.exe dan system 32 par contre je trouve L14S36EV.EXE-26AC1C6D.pf dans "windows/prefetch" dc j'envoie le fichier a partir du site mais ca met du temps!!

Ok voila j espere que t a tt!!;o) ComboFix 07-09-14.2 - "God" 2007-09-14 16:45:38.1 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.212 [GMT 2:00] * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\services.exe C:\WINDOWS\system32\__c002FE70.dat C:\WINDOWS\system32\__c00435A0.dat C:\WINDOWS\WebAssist.dll D:\Autorun.inf . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) -------\LEGACY_PERFORMANCE_MONITOR -------\Performance Monitor ((((((((((((((((((((((((( Files Created from 2007-08-14 to 2007-09-14 ))))))))))))))))))))))))))))))) . 2007-09-14 16:44 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-09-14 13:09 40,960 --a------ C:\5c3x8p2r8t8.exe 2007-09-14 13:09 <REP> d-------- C:\Program Files\Trend Micro 2007-09-14 13:08 40,960 --a------ C:\g7n4l2o4i4v4.exe 2007-09-14 11:05 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira 2007-09-14 11:00 <REP> dr------- C:\DOCUME~1\ADMINI~1\Menu D‚marrer 2007-09-14 11:00 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage r‚seau 2007-09-14 11:00 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage d'impression 2007-09-14 11:00 <REP> d--h----- C:\DOCUME~1\ADMINI~1\ModŠles 2007-09-14 11:00 <REP> d-------- C:\DOCUME~1\ADMINI~1\Mes documents 2007-09-14 11:00 <REP> d-------- C:\DOCUME~1\ADMINI~1\Favoris 2007-09-14 11:00 <REP> d-------- C:\DOCUME~1\ADMINI~1\Bureau 2007-09-13 23:59 560,640 -r-hs---- C:\WINDOWS\czsrv.exe 2007-09-11 18:55 <REP> d-------- C:\DOCUME~1\God\APPLIC~1\Emjysoft 2007-09-11 18:55 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Emjysoft 2007-09-10 16:13 85,376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys 2007-09-10 16:13 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys 2007-09-10 16:13 19,328 --a------ C:\WINDOWS\system32\drivers\WSTCODEC.SYS 2007-09-10 16:13 17,024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys 2007-09-10 16:13 15,360 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys 2007-09-10 16:13 11,136 --a------ C:\WINDOWS\system32\drivers\SLIP.sys 2007-09-10 16:13 10,880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys 2007-09-10 16:12 54,784 --a------ C:\WINDOWS\vfwwdm32.dll 2007-09-10 16:06 <REP> d--h----- C:\Program Files\Fichiers communs\Carlson 2007-09-10 16:00 65,536 --a------ C:\WINDOWS\system32\camlib.dll 2007-09-10 16:00 28,672 --a------ C:\WINDOWS\tpsti.exe 2007-09-10 16:00 221,184 --a------ C:\WINDOWS\ToproUI.exe 2007-09-10 16:00 198,316 --a------ C:\WINDOWS\system32\drivers\TP6800.sys 2007-09-10 16:00 1,523,712 --a------ C:\WINDOWS\system32\ToproVC.dll 2007-09-10 12:00 541,696 -r-hs---- C:\WINDOWS\wdfmgr.exe 2007-09-09 16:39 184,320 --a------ C:\WINDOWS\system32\7N0n3c1I.dll 2007-09-08 13:29 184,320 --a------ C:\WINDOWS\system32\5nC2Ku4B.dll 2007-09-08 01:36 184,320 --a------ C:\WINDOWS\system32\xB0C11vk.dll 2007-09-08 01:36 184,320 --a------ C:\WINDOWS\system32\512lnUrf.dll 2007-09-08 01:35 184,320 --a------ C:\WINDOWS\system32\stJHI1X7.dll 2007-09-08 01:35 184,320 --a------ C:\WINDOWS\system32\61QCDHYu.dll 2007-09-06 18:29 184,320 --a------ C:\WINDOWS\system3256205C6.dll 2007-09-06 18:07 <REP> d--h----- C:\WINDOWS\PIF 2007-08-22 19:43 <REP> d-------- C:\DOCUME~1\God\APPLIC~1\MSNInstaller . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-09-11 22:51 --------- d-------- C:\Program Files\MSN Messenger 2007-09-11 22:49 --------- d-------- C:\Program Files\Services en ligne 2007-09-10 16:00 --------- d--h----- C:\Program Files\InstallShield Installation Information 2007-09-10 12:00 359040 --------- C:\WINDOWS\system32\drivers\tcpip.sys 2007-09-05 14:58 --------- d-------- C:\DOCUME~1\God\APPLIC~1\dvdcss 2007-08-30 16:32 --------- d-------- C:\Program Files\Winamp 2007-08-13 01:38 --------- d-------- C:\Program Files\InterActual . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{85589B5D-D53D-4237-A677-46B82EA275F3}] 2007-09-09 16:39 184320 --a------ C:\WINDOWS\system32\7N0n3c1I.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-06-08 12:02] "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-06-08 11:59] "Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2005-06-08 12:03] "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 18:07 C:\WINDOWS\system32\HdAShCut.exe] "AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [2005-06-11 20:51] "RTHDCPL"="RTHDCPL.EXE" [2005-08-09 16:17 C:\WINDOWS\RTHDCPL.EXE] "wdfmgr.exe"="C:\WINDOWS\wdfmgr.exe" [2007-09-10 09:57] "TPPOLL"="C:\Program Files\Topro\tppoll.exe" [] "services.exe"="C:\WINDOWS\services.exe" [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 13:55] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-04 02:07] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"=C:\WINDOWS\system32\__c00435A0.dat R2 Szservice;Szservice;"C:\WINDOWS\czsrv.exe" S3 DCamUSBIntel;Webcam;C:\WINDOWS\system32\Drivers\TP6800.sys [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D] AutoRun\command- D:\setupSNK.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{03ba0f36-1299-11dc-bc71-0013ce91087a}] Auto\command- bittorrent.exe e AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL bittorrent.exe e [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{47f5c268-0dd9-11dc-a95d-0013ce91087a}] Auto\command- sal.xls.exe AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL sal.xls.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{67bba7e8-0c6c-11dc-a957-806d6172696f}] play\command- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file dvd:%1 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{90f5a4e9-c7f1-11db-bc5c-0013ce91087a}] AutoRun\command- F:\.\Recycled\Driveinfo.exe Open\Command- F:\.\Recycled\Driveinfo.exe . Contents of the 'Scheduled Tasks' folder "2007-09-13 22:01:50 C:\WINDOWS\Tasks\At1.job" - C:\WINDOWS\system32\L14s36eV.exe "2007-09-05 12:19:14 C:\WINDOWS\Tasks\At10.job" - C:\WINDOWS\system32\L14s36eV.exe "2007-09-10 08:01:48 C:\WINDOWS\Tasks\At11.job" "2007-09-13 09:01:50 C:\WINDOWS\Tasks\At12.job" - C:\WINDOWS\system32\L14s36eV.exe "2007-09-10 10:01:00 C:\WINDOWS\Tasks\At13.job" "2007-09-13 11:01:52 C:\WINDOWS\Tasks\At14.job" - C:\WINDOWS\system32\L14s36eV.exe "2007-09-14 12:00:00 C:\WINDOWS\Tasks\At15.job" - C:\WINDOWS\system32\L14s36eV.exe "2007-09-10 13:01:00 C:\WINDOWS\Tasks\At16.job" "2007-09-10 14:01:01 C:\WINDOWS\Tasks\At17.job" "2007-09-10 15:01:52 C:\WINDOWS\Tasks\At18.job" "2007-09-12 16:01:55 C:\WINDOWS\Tasks\At19.job" - C:\WINDOWS\system32\L14s36eV.exe "2007-09-13 23:01:00 C:\WINDOWS\Tasks\At2.job" - C:\WINDOWS\system32\L14s36eV.exe "2007-09-12 17:01:00 C:\WINDOWS\Tasks\At20.job" - C:\WINDOWS\system32\L14s36eV.exe "2007-09-12 18:01:00 C:\WINDOWS\Tasks\At21.job" - C:\WINDOWS\system32\L14s36eV.exe "2007-09-12 19:28:06 C:\WINDOWS\Tasks\At22.job" - C:\WINDOWS\system32\L14s36eV.exe "2007-09-13 20:01:46 C:\WINDOWS\Tasks\At23.job" - C:\WINDOWS\system32\L14s36eV.exe "2007-09-12 21:03:00 C:\WINDOWS\Tasks\At24.job" - C:\WINDOWS\system32\L14s36eV.exe "2007-09-13 00:03:01 C:\WINDOWS\Tasks\At3.job" - C:\WINDOWS\system32\L14s36eV.exe "2007-09-12 01:01:00 C:\WINDOWS\Tasks\At4.job" - C:\WINDOWS\system32\L14s36eV.exe "2007-09-12 02:01:00 C:\WINDOWS\Tasks\At5.job" - C:\WINDOWS\system32\L14s36eV.exe "2007-09-12 03:01:00 C:\WINDOWS\Tasks\At6.job" - C:\WINDOWS\system32\L14s36eV.exe "2007-09-12 04:01:00 C:\WINDOWS\Tasks\At7.job" - C:\WINDOWS\system32\L14s36eV.exe "2007-09-12 05:01:00 C:\WINDOWS\Tasks\At8.job" - C:\WINDOWS\system32\L14s36eV.exe "2007-09-12 06:01:00 C:\WINDOWS\Tasks\At9.job" - C:\WINDOWS\system32\L14s36eV.exe . ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-09-14 16:48:30 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-09-14 16:49:06 - machine was rebooted C:\ComboFix-quarantined-files.txt ... 2007-09-14 16:48 . --- E O F --- merci @+

Bonjour!!!! Je vais pas étaler ma vie ms mon pc a des problèmes de connexion du au virus en question dc je ne reste pas connecté longtemps (et a la tentative d envoie de mail ce qui fait que j envoie mais message rapidement) j ai fait comme tu me l'as di j ai utilisé combofix et suivi les instructions le rapport de hijackthis est le suivant Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:53, on 14/09/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\svchost.exe C:\WINDOWS\czsrv.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\notepad.exe C:\WINDOWS\services.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.emjysoft.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.files-ftp.com/~unicorni/phpBB2/index.php R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.emjysoft.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: WebAssist - {85589B5D-D53D-4237-A677-46B82EA275F3} - C:\WINDOWS\system32\7N0n3c1I.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [TPPOLL] C:\Program Files\Topro\tppoll.exe O4 - HKLM\..\Run: [services.exe] C:\WINDOWS\services.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://www.touslesdrivers.com/fichiers/har...on.cab?version= O20 - AppInit_DLLs: C:\WINDOWS\system32\__c00435A0.dat O22 - SharedTaskScheduler: barbican - {e0f691d7-01bf-4fed-926c-7368034a45e3} - (no file) O23 - Service: Szservice - Unknown owner - C:\WINDOWS\czsrv.exe -- End of file - 3096 bytes Mon pc ou plutot ma connexion marche toujours aussi mal donc je pense que c est lié au virus merci infiniment pr le temps que tu prends... et j espere que j arriverais a en voir le bout!!

Analyse apres avoir utlisé combofix!! J'attend votre diagnostic!! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:53, on 14/09/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\svchost.exe C:\WINDOWS\czsrv.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\notepad.exe C:\WINDOWS\services.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.emjysoft.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.files-ftp.com/~unicorni/phpBB2/index.php R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.emjysoft.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: WebAssist - {85589B5D-D53D-4237-A677-46B82EA275F3} - C:\WINDOWS\system32\7N0n3c1I.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [TPPOLL] C:\Program Files\Topro\tppoll.exe O4 - HKLM\..\Run: [services.exe] C:\WINDOWS\services.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://www.touslesdrivers.com/fichiers/har...on.cab?version= O20 - AppInit_DLLs: C:\WINDOWS\system32\__c00435A0.dat O22 - SharedTaskScheduler: barbican - {e0f691d7-01bf-4fed-926c-7368034a45e3} - (no file) O23 - Service: Szservice - Unknown owner - C:\WINDOWS\czsrv.exe -- End of file - 3096 bytes

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:52:50, on 14/09/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\services.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\czsrv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Internet Explorer\iexplore.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.emjysoft.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.files-ftp.com/~unicorni/phpBB2/index.php R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.emjysoft.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F2 - REG:system.ini: Shell=Explorer.exe %WINDIR%\czsrv.exe O2 - BHO: (no name) - {47B83D78-F986-4E96-9769-2C55EF14DA0B} - C:\WINDOWS\system32\__c002FE70.dat O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: WebAssist - {85589B5D-D53D-4237-A677-46B82EA275F3} - C:\WINDOWS\system32\7N0n3c1I.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [wdfmgr.exe] C:\WINDOWS\wdfmgr.exe O4 - HKLM\..\Run: [TPPOLL] C:\Program Files\Topro\tppoll.exe O4 - HKLM\..\Run: [services.exe] C:\WINDOWS\services.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://www.touslesdrivers.com/fichiers/har...on.cab?version= O20 - AppInit_DLLs: C:\WINDOWS\system32\__c00435A0.dat O22 - SharedTaskScheduler: barbican - {e0f691d7-01bf-4fed-926c-7368034a45e3} - (no file) O23 - Service: Performance Monitor - Unknown owner - C:\WINDOWS\perfmon.exe (file missing) O23 - Service: Szservice - Unknown owner - C:\WINDOWS\czsrv.exe -- End of file - 3603 bytes

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:52:50, on 14/09/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\services.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\czsrv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Internet Explorer\iexplore.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.emjysoft.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.files-ftp.com/~unicorni/phpBB2/index.php R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.emjysoft.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F2 - REG:system.ini: Shell=Explorer.exe %WINDIR%\czsrv.exe O2 - BHO: (no name) - {47B83D78-F986-4E96-9769-2C55EF14DA0B} - C:\WINDOWS\system32\__c002FE70.dat O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: WebAssist - {85589B5D-D53D-4237-A677-46B82EA275F3} - C:\WINDOWS\system32\7N0n3c1I.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [wdfmgr.exe] C:\WINDOWS\wdfmgr.exe O4 - HKLM\..\Run: [TPPOLL] C:\Program Files\Topro\tppoll.exe O4 - HKLM\..\Run: [services.exe] C:\WINDOWS\services.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://www.touslesdrivers.com/fichiers/har...on.cab?version= O20 - AppInit_DLLs: C:\WINDOWS\system32\__c00435A0.dat O22 - SharedTaskScheduler: barbican - {e0f691d7-01bf-4fed-926c-7368034a45e3} - (no file) O23 - Service: Performance Monitor - Unknown owner - C:\WINDOWS\perfmon.exe (file missing) O23 - Service: Szservice - Unknown owner - C:\WINDOWS\czsrv.exe -- End of file - 3603 bytes

Bonjour j ai besoin d aide car j ai été infecté par un virus sur msn ("W139_jpg.zip") pouvez m'aider pour l enlever

j ai chopé un virus par msn en le téléchargant sans le vouloir, il s'appelle "W139_jpg.zip". je ne trouve aucun moyen pour le retirer de mon ordinateur!! qu'est ce que je peux faire?