scheuch

dans ce cas je v taper ta commande et refaire encore

ok je viens de refaire, donc ca devrait durer combien de temps?

Pour info ma question n'est pas de l'impatience mais de l'etonnement : Est ce normal qu'au bout d'1/4 d'heure j'ai encore la fenetre : envoi de fichier ??? ou bien est ce que c'est un soucis technique?

Ok j'y suis voila le rapport : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:06, on 2008-11-23 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\netdde.exe C:\WINDOWS\system32\hinsrv.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe C:\Program Files\Fichiers communs\RbtProt\sgsrv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Dell Photo AIO Printer 962\dlbxmon.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Hercules\WiFi Station\WifiStation.exe C:\WINDOWS\system32\dlbxcoms.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Mireille\Bureau\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Iminent.SearchTheWeb.HelperObject - {0E896FCA-D07E-45FE-901F-6A26FCF59C02} - mscoree.dll (file missing) O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - (no file) O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [DLBXCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBXtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [dlbxmon.exe] "C:\Program Files\Dell Photo AIO Printer 962\dlbxmon.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: WiFi Station.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{35B3EFF2-D176-4CD0-9363-470ED3A77F48}: NameServer = 212.27.53.252,212.27.54.252 O17 - HKLM\System\CS1\Services\Tcpip\..\{35B3EFF2-D176-4CD0-9363-470ED3A77F48}: NameServer = 212.27.53.252,212.27.54.252 O17 - HKLM\System\CS2\Services\Tcpip\..\{35B3EFF2-D176-4CD0-9363-470ED3A77F48}: NameServer = 212.27.53.252,212.27.54.252 O17 - HKLM\System\CS3\Services\Tcpip\..\{35B3EFF2-D176-4CD0-9363-470ED3A77F48}: NameServer = 212.27.53.252,212.27.54.252 O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file) O23 - Service: dlbx_device - Dell - C:\WINDOWS\system32\dlbxcoms.exe O23 - Service: Hinsrv Service (Hinsrv) - Unknown owner - C:\WINDOWS\system32\hinsrv.exe O23 - Service: Sentinel Protection Server (SentinelProtectionServer) - SafeNet, Inc - C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe O23 - Service: SoftGuard Service (SG_Service) - Unknown owner - C:\Program Files\Fichiers communs\RbtProt\sgsrv.exe O24 - Desktop Component 0: Ma page d'accueil - About:Home -- End of file - 3859 bytes

La je suis chez moi, Je vais aller de suite chez mes parents et je t'enverrai le log a tout de suite seb

Bien le bonjour, apres une bonne nuit de sommeil je suis prêt a reprendre les manips j'éspère que t'as passé une bonne nuitée

Bon je vais aller dormir, merci encore pour ton aide, je regarderai demain ce que tu me conseilles de faire maintenant a+ seb

ok voici le log Malwarebytes' Anti-Malware 1.30 Version de la base de données: 1416 Windows 5.1.2600 Service Pack 2 2008-11-22 23:30:45 mbam-log-2008-11-22 (23-30-45).txt Type de recherche: Examen rapide Eléments examinés: 54400 Temps écoulé: 3 minute(s), 27 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 2 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 3 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.Homepage) -> Bad: (http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2) Good: (http://www.google.com/) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProductId (Trojan.FakeAlert) -> Bad: (VIRUS ALERT!) Good: (55274-640-0000275-23793) -> Quarantined and deleted successfully. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Documents and Settings\Mireille\Bureau\Protect Your Privacy.url (Rogue.Link) -> Quarantined and deleted successfully. C:\Documents and Settings\Mireille\Bureau\Malware Defender.url (Rogue.Link) -> Quarantined and deleted successfully. C:\Documents and Settings\Mireille\Bureau\System Error Fixer.url (Rogue.Link) -> Quarantined and deleted successfully.

voila donc le second rapport : --------------------\\ Lop S&D 4.2.4-9c XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : AMD Athlon XP 1800+ ) BIOS : Phoenix - AwardBIOS v6.00PG USER : Mireille ( Administrator ) BOOT : Normal boot A:\ (USB) C:\ (Local Disk) - NTFS - Total:37 Go (Free:26 Go) D:\ (Local Disk) - NTFS - Total:74 Go (Free:32 Go) E:\ (Local Disk) - NTFS - Total:19 Go (Free:19 Go) F:\ (CD or DVD) G:\ (CD or DVD) "C:\Lop SD" ( MAJ : 01-11-2008|16:30 ) Option : [2] ( 2008-11-22|23:08 ) \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION Supprime! - C:\Program Files\BitTorrent Fastest Tool\3wPlayer-2.0.0.0-setup.exe Supprime! - C:\Program Files\BitTorrent Fastest Tool\BitDownload-4.5.0.0-setup.exe Supprime! - C:\Program Files\BitTorrent Fastest Tool\BitP.exe Supprime! - C:\Program Files\BitTorrent Fastest Tool\Checklime.exe Supprime! - C:\Program Files\BitTorrent Fastest Tool\DWbrk03_0308.exe Supprime! - C:\Program Files\BitTorrent Fastest Tool\INSTALL.LOG Supprime! - C:\Program Files\Multi_Media\INSTALL.LOG Supprime! - C:\Program Files\Multi_Media\Multi_MediaToolbarHelper.exe Supprime! - C:\Program Files\Multi_Media\tbMult.dll Supprime! - C:\Program Files\Multi_Media\toolbar.cfg Supprime! - C:\Program Files\Multi_Media\UNWISE.EXE Supprime! - C:\DOCUME~1\Mireille\Cookies\mireille@advertising[1].txt Supprime! - C:\DOCUME~1\Mireille\Cookies\mireille@adin.bigpoint[1].txt Supprime! - C:\DOCUME~1\Mireille\Cookies\mireille@fr.seafight.bigpoint[2].txt Supprime! - C:\DOCUME~1\Mireille\Cookies\mireille@adopt.euroclick[2].txt Supprime! - C:\DOCUME~1\Mireille\Cookies\mireille@partypoker[2].txt Supprime! - C:\DOCUME~1\Mireille\Cookies\mireille@push.2xmoinscher[2].txt Supprime! - C:\WINDOWS\Tasks\A2AF9D86918C1156.job Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Htm Support Bait Deaf Supprime! - C:\DOCUME~1\Mireille\APPLIC~1\dupeob~1 Supprime! - C:\DOCUME~1\Sylvain\APPLIC~1\dupeob~1 Supprime! - C:\Program Files\BitTorrent Fastest Tool Supprime! - C:\Program Files\Multi_Media \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing des dossiers dans APPLIC~1 [2008-08-19|20:39] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe [2008-08-21|15:41] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities [2008-08-19|20:39] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia [2008-08-04|16:12] C:\DOCUME~1\ADMINI~1\APPLIC~1\Malwarebytes [2008-11-22|16:58] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [2008-08-21|17:52] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla [2008-03-27|16:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\4D [2008-03-27|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [2008-04-09|17:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY [2008-05-17|20:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BufferZone [2008-02-25|11:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software [2008-09-05|17:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\cadwork [2008-03-19|15:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations [2008-03-02|20:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink [2008-09-01|17:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield [2008-08-04|16:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [2008-11-19|09:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee [2008-09-01|22:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [2008-11-13|00:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help [2008-06-13|22:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MumboJumbo [2008-06-11|10:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\n7-89-o9-3r-4t-r9 [2008-03-16|15:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero [2008-05-14|08:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage [2008-03-27|17:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime [2008-08-17|18:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\services [2008-11-19|09:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [2008-06-11|14:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [2008-07-21|18:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom [2008-05-23|10:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia [2008-02-27|08:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [2008-04-12|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [2008-05-23|21:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom [2008-02-24|17:03] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [2006-08-20|18:52] C:\DOCUME~1\LOCALS~1\APPLIC~1\Help [2008-02-25|09:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [2008-11-07|09:00] C:\DOCUME~1\LOCALS~1\APPLIC~1\SACore [2008-04-01|08:44] C:\DOCUME~1\Mireille\APPLIC~1\Adobe [2008-11-12|19:36] C:\DOCUME~1\Mireille\APPLIC~1\AdobeUM [2008-05-04|18:57] C:\DOCUME~1\Mireille\APPLIC~1\Ahead [2008-07-21|18:44] C:\DOCUME~1\Mireille\APPLIC~1\Help [2008-02-24|17:10] C:\DOCUME~1\Mireille\APPLIC~1\Identities [2008-02-24|18:16] C:\DOCUME~1\Mireille\APPLIC~1\InstallShield [2008-02-25|11:34] C:\DOCUME~1\Mireille\APPLIC~1\Jasc Software Inc [2008-09-02|06:31] C:\DOCUME~1\Mireille\APPLIC~1\LuckyTender [2008-02-25|20:37] C:\DOCUME~1\Mireille\APPLIC~1\Macromedia [2008-08-04|16:08] C:\DOCUME~1\Mireille\APPLIC~1\Malwarebytes [2008-10-21|20:29] C:\DOCUME~1\Mireille\APPLIC~1\Microsoft [2008-08-08|13:16] C:\DOCUME~1\Mireille\APPLIC~1\Mozilla [2008-03-04|08:37] C:\DOCUME~1\Mireille\APPLIC~1\Nero [2008-07-16|23:11] C:\DOCUME~1\Mireille\APPLIC~1\U3 [2008-03-24|19:18] C:\DOCUME~1\Mireille\APPLIC~1\vlc [2008-07-21|18:44] C:\DOCUME~1\NETWOR~1\APPLIC~1\Adobe [2008-07-18|16:38] C:\DOCUME~1\NETWOR~1\APPLIC~1\Macromedia [2008-02-24|17:09] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [2008-04-23|08:08] C:\DOCUME~1\Sylvain\APPLIC~1\Adobe [2008-10-24|10:30] C:\DOCUME~1\Sylvain\APPLIC~1\AdobeUM [2008-07-21|18:42] C:\DOCUME~1\Sylvain\APPLIC~1\Ahead [2008-10-20|17:21] C:\DOCUME~1\Sylvain\APPLIC~1\DeepBurner [2008-11-14|13:31] C:\DOCUME~1\Sylvain\APPLIC~1\dvdcss [2008-06-11|16:25] C:\DOCUME~1\Sylvain\APPLIC~1\GameHouse [2008-03-21|09:27] C:\DOCUME~1\Sylvain\APPLIC~1\Help [2008-06-16|10:35] C:\DOCUME~1\Sylvain\APPLIC~1\Identities [2008-09-02|06:30] C:\DOCUME~1\Sylvain\APPLIC~1\LuckyTender [2008-02-24|19:58] C:\DOCUME~1\Sylvain\APPLIC~1\Macromedia [2008-08-08|16:09] C:\DOCUME~1\Sylvain\APPLIC~1\Malwarebytes [2008-03-20|20:00] C:\DOCUME~1\Sylvain\APPLIC~1\Media Player Classic [2008-10-16|12:11] C:\DOCUME~1\Sylvain\APPLIC~1\Microsoft [2008-07-21|18:44] C:\DOCUME~1\Sylvain\APPLIC~1\Mozilla [2008-03-03|10:58] C:\DOCUME~1\Sylvain\APPLIC~1\Nero [2008-09-01|17:45] C:\DOCUME~1\Sylvain\APPLIC~1\RoboBAT [2008-11-18|20:27] C:\DOCUME~1\Sylvain\APPLIC~1\TmpRecentIcons [2008-07-14|16:32] C:\DOCUME~1\Sylvain\APPLIC~1\TomTom [2008-03-21|10:47] C:\DOCUME~1\Sylvain\APPLIC~1\vlc [2008-11-19|10:26] C:\DOCUME~1\Sylvain\APPLIC~1\WinButler [2008-03-18|11:48] C:\DOCUME~1\Sylvain\APPLIC~1\WinRAR [2008-06-16|10:35] C:\DOCUME~1\Sylvain\APPLIC~1\Zylom --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [2008-11-22 23:00][--a------] C:\WINDOWS\tasks\At48.job [2008-11-22 22:00][--a------] C:\WINDOWS\tasks\At47.job [2008-11-21 21:00][--a------] C:\WINDOWS\tasks\At46.job [2008-11-21 20:00][--a------] C:\WINDOWS\tasks\At45.job [2008-11-21 19:00][--a------] C:\WINDOWS\tasks\At44.job [2008-11-21 18:00][--a------] C:\WINDOWS\tasks\At43.job [2008-11-21 17:00][--a------] C:\WINDOWS\tasks\At42.job [2008-11-22 16:00][--a------] C:\WINDOWS\tasks\At41.job [2008-11-22 15:00][--a------] C:\WINDOWS\tasks\At40.job [2008-11-21 14:00][--a------] C:\WINDOWS\tasks\At39.job [2008-11-21 13:00][--a------] C:\WINDOWS\tasks\At38.job [2008-11-21 12:00][--a------] C:\WINDOWS\tasks\At37.job [2008-11-21 11:00][--a------] C:\WINDOWS\tasks\At36.job [2008-11-21 10:00][--a------] C:\WINDOWS\tasks\At35.job [2008-11-21 09:00][--a------] C:\WINDOWS\tasks\At34.job [2008-11-21 08:00][--a------] C:\WINDOWS\tasks\At33.job [2008-11-19 07:00][--a------] C:\WINDOWS\tasks\At32.job [2008-11-18 06:00][--a------] C:\WINDOWS\tasks\At31.job [2008-11-18 05:00][--a------] C:\WINDOWS\tasks\At30.job [2008-11-18 04:00][--a------] C:\WINDOWS\tasks\At29.job [2008-11-18 03:00][--a------] C:\WINDOWS\tasks\At28.job [2008-11-18 02:00][--a------] C:\WINDOWS\tasks\At27.job [2008-11-22 01:00][--a------] C:\WINDOWS\tasks\At26.job [2008-11-22 00:55][--a------] C:\WINDOWS\tasks\At25.job [2008-11-22 23:00][--a------] C:\WINDOWS\tasks\At24.job [2008-11-22 22:00][--a------] C:\WINDOWS\tasks\At23.job [2008-11-21 21:00][--a------] C:\WINDOWS\tasks\At22.job [2008-11-21 20:00][--a------] C:\WINDOWS\tasks\At21.job [2008-11-21 19:00][--a------] C:\WINDOWS\tasks\At20.job [2008-11-21 18:00][--a------] C:\WINDOWS\tasks\At19.job [2008-11-21 17:00][--a------] C:\WINDOWS\tasks\At18.job [2008-11-22 16:00][--a------] C:\WINDOWS\tasks\At17.job [2008-11-22 15:00][--a------] C:\WINDOWS\tasks\At16.job [2008-11-21 14:00][--a------] C:\WINDOWS\tasks\At15.job [2008-11-21 13:00][--a------] C:\WINDOWS\tasks\At14.job [2008-11-21 12:00][--a------] C:\WINDOWS\tasks\At13.job [2008-11-21 11:00][--a------] C:\WINDOWS\tasks\At12.job [2008-11-21 10:00][--a------] C:\WINDOWS\tasks\At11.job [2008-11-21 09:00][--a------] C:\WINDOWS\tasks\At10.job [2008-11-21 08:00][--a------] C:\WINDOWS\tasks\At9.job [2008-11-19 07:00][--a------] C:\WINDOWS\tasks\At8.job [2008-11-18 06:00][--a------] C:\WINDOWS\tasks\At7.job [2008-11-18 05:00][--a------] C:\WINDOWS\tasks\At6.job [2008-11-18 04:00][--a------] C:\WINDOWS\tasks\At5.job [2008-11-18 03:00][--a------] C:\WINDOWS\tasks\At4.job [2008-11-18 02:00][--a------] C:\WINDOWS\tasks\At3.job [2008-11-22 01:00][--a------] C:\WINDOWS\tasks\At2.job [2008-11-22 00:49][--a------] C:\WINDOWS\tasks\At1.job [2008-11-22 22:33][--ah-----] C:\WINDOWS\tasks\SA.DAT [2001-08-28 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [2008-06-13|23:12] C:\Program Files\3D Live Pool [2008-10-22|08:47] C:\Program Files\Abbyy FineReader 6.0 Sprint [2008-03-27|17:10] C:\Program Files\Adobe [2008-07-21|18:42] C:\Program Files\Ahead [2008-10-20|17:11] C:\Program Files\Astonsoft [2008-02-24|19:31] C:\Program Files\ATI Technologies [2008-11-22|16:58] C:\Program Files\Avira GmbH [2008-11-22|17:03] C:\Program Files\AxBx [2008-04-09|17:50] C:\Program Files\Boonty [2008-09-26|09:40] C:\Program Files\BufferZone [2008-08-05|15:16] C:\Program Files\CCleaner [2008-11-18|11:50] C:\Program Files\CDex_150 [2008-11-18|17:38] C:\Program Files\Code Postal [2008-11-17|14:30] C:\Program Files\Codutil 59 [2008-09-01|11:36] C:\Program Files\Conduit [2008-02-25|11:33] C:\Program Files\Dell Computer [2008-08-31|18:42] C:\Program Files\Dell Photo AIO Printer 962 [2008-02-25|11:37] C:\Program Files\Dell_Photo AIO Printer 962 [2008-02-24|19:14] C:\Program Files\directx [2008-11-20|12:14] C:\Program Files\Dl_cats [2008-11-04|15:18] C:\Program Files\Everest Poker [2008-11-22|22:31] C:\Program Files\Fichiers communs [2008-05-23|10:27] C:\Program Files\Fliptop Games [2008-03-10|10:07] C:\Program Files\Free [2008-06-14|00:12] C:\Program Files\GameHouse [2008-11-19|09:49] C:\Program Files\GenoPro [2008-06-11|10:39] C:\Program Files\Google [2008-07-20|17:27] C:\Program Files\Hercules [2008-11-13|12:14] C:\Program Files\Iminent [2008-11-22|16:58] C:\Program Files\InstallShield Installation Information [2008-11-13|11:26] C:\Program Files\Internet Explorer [2008-02-25|11:34] C:\Program Files\Jasc Software Inc [2008-11-21|17:45] C:\Program Files\Jewel Quest [2008-09-01|22:43] C:\Program Files\LuckyTender [2008-11-19|09:53] C:\Program Files\Malwarebytes' Anti-Malware [2008-09-27|09:25] C:\Program Files\Mario Forever [2008-11-19|09:39] C:\Program Files\McAfee [2008-11-19|09:38] C:\Program Files\McAfee.com [2006-08-20|17:18] C:\Program Files\Messenger [2008-06-09|19:24] C:\Program Files\Microsoft ActiveSync [2008-02-24|17:03] C:\Program Files\microsoft frontpage [2008-02-24|17:52] C:\Program Files\Microsoft Office [2008-02-24|17:52] C:\Program Files\Microsoft Visual Studio [2008-02-24|17:53] C:\Program Files\Microsoft Works [2008-02-24|17:28] C:\Program Files\Movie Maker [2008-11-22|16:03] C:\Program Files\Mozilla Firefox [2008-02-24|17:52] C:\Program Files\MSBuild [2008-02-24|16:57] C:\Program Files\MSN Gaming Zone [2008-03-11|00:58] C:\Program Files\MSXML 4.0 [2008-06-13|22:20] C:\Program Files\MumboJumbo [2008-07-21|18:42] C:\Program Files\Nero [2008-07-20|21:18] C:\Program Files\Nero(2) [2008-02-24|17:25] C:\Program Files\NetMeeting [2008-06-17|07:40] C:\Program Files\Ouba - The Great Journey [2008-02-25|23:30] C:\Program Files\Outlook Express [2008-06-13|23:12] C:\Program Files\phelios [2008-11-02|08:10] C:\Program Files\PIXELA [2008-07-21|18:43] C:\Program Files\PopCap Games [2008-07-23|08:35] C:\Program Files\PopUp Destroy [2008-03-27|17:14] C:\Program Files\QuickTime [2008-09-01|17:24] C:\Program Files\RadarSync [2008-09-01|17:24] C:\Program Files\RadarSyncBar [2008-09-01|14:19] C:\Program Files\ReflexiveArcade [2008-09-03|16:28] C:\Program Files\SafeNet Sentinel [2008-08-08|18:49] C:\Program Files\Secured eMule [2008-08-02|15:11] C:\Program Files\Secured_eMule [2008-03-16|19:00] C:\Program Files\Services en ligne [2008-06-14|00:16] C:\Program Files\shockwave.com [2008-11-02|08:49] C:\Program Files\Sony Corporation [2008-11-19|09:01] C:\Program Files\Spybot - Search & Destroy [2008-09-03|18:25] C:\Program Files\Sudoku XP [2008-06-13|23:59] C:\Program Files\The Treasures Of Montezuma [2008-07-21|18:44] C:\Program Files\TomTom DesktopSuite [2008-05-27|14:30] C:\Program Files\Trymedia [2008-02-24|17:10] C:\Program Files\Uninstall Information [2008-03-21|10:45] C:\Program Files\VideoLAN [2008-11-03|20:54] C:\Program Files\Web Hottest Videos Personal Player [2008-02-25|09:02] C:\Program Files\Windows Desktop Search [2008-04-12|11:39] C:\Program Files\Windows Live [2008-07-20|16:47] C:\Program Files\Windows Media Connect 2 [2008-03-02|17:35] C:\Program Files\Windows Media Player [2008-02-24|17:25] C:\Program Files\Windows NT [2008-02-24|19:46] C:\Program Files\WindowsUpdate [2008-02-24|17:03] C:\Program Files\xerox [2008-03-27|17:10] C:\Program Files\Yvert & Tellier [2008-06-17|19:16] C:\Program Files\Zumma deluxe [2008-07-21|18:44] C:\Program Files\Zylom Games --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [2008-04-01|08:44] C:\Program Files\Fichiers communs\Adobe [2008-03-17|17:16] C:\Program Files\Fichiers communs\Ahead [2008-04-09|17:52] C:\Program Files\Fichiers communs\BOONTY Shared [2008-02-24|17:52] C:\Program Files\Fichiers communs\DESIGNER [2008-09-03|16:35] C:\Program Files\Fichiers communs\InstallShield [2008-11-19|09:38] C:\Program Files\Fichiers communs\McAfee [2008-08-08|14:02] C:\Program Files\Fichiers communs\Microsoft Shared [2008-02-24|16:58] C:\Program Files\Fichiers communs\MSSoap [2008-03-16|15:57] C:\Program Files\Fichiers communs\Nero [2008-02-24|16:51] C:\Program Files\Fichiers communs\ODBC [2008-09-01|17:43] C:\Program Files\Fichiers communs\RbtProt [2008-09-01|17:50] C:\Program Files\Fichiers communs\RoboBAT [2008-09-03|16:28] C:\Program Files\Fichiers communs\SafeNet Sentinel [2008-02-24|16:59] C:\Program Files\Fichiers communs\Services [2008-02-24|16:51] C:\Program Files\Fichiers communs\SpeechEngines [2008-09-01|22:49] C:\Program Files\Fichiers communs\SWF Studio [2008-02-25|23:30] C:\Program Files\Fichiers communs\System [2008-04-12|11:37] C:\Program Files\Fichiers communs\WindowsLiveInstaller --------------------\\ Process ( 27 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-11-22 23:09:39 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 13 --------------------\\ Recherche d'autres infections C:\WINDOWS\Tasks\At1.job C:\WINDOWS\Tasks\At10.job C:\WINDOWS\Tasks\At11.job C:\WINDOWS\Tasks\At12.job C:\WINDOWS\Tasks\At13.job C:\WINDOWS\Tasks\At14.job C:\WINDOWS\Tasks\At15.job C:\WINDOWS\Tasks\At16.job C:\WINDOWS\Tasks\At17.job C:\WINDOWS\Tasks\At18.job C:\WINDOWS\Tasks\At19.job C:\WINDOWS\Tasks\At2.job C:\WINDOWS\Tasks\At20.job C:\WINDOWS\Tasks\At21.job C:\WINDOWS\Tasks\At22.job C:\WINDOWS\Tasks\At23.job C:\WINDOWS\Tasks\At24.job C:\WINDOWS\Tasks\At25.job C:\WINDOWS\Tasks\At26.job C:\WINDOWS\Tasks\At27.job C:\WINDOWS\Tasks\At28.job C:\WINDOWS\Tasks\At29.job C:\WINDOWS\Tasks\At3.job C:\WINDOWS\Tasks\At30.job C:\WINDOWS\Tasks\At31.job C:\WINDOWS\Tasks\At32.job C:\WINDOWS\Tasks\At33.job C:\WINDOWS\Tasks\At34.job C:\WINDOWS\Tasks\At35.job C:\WINDOWS\Tasks\At36.job C:\WINDOWS\Tasks\At37.job C:\WINDOWS\Tasks\At38.job C:\WINDOWS\Tasks\At39.job C:\WINDOWS\Tasks\At4.job C:\WINDOWS\Tasks\At40.job C:\WINDOWS\Tasks\At41.job C:\WINDOWS\Tasks\At42.job C:\WINDOWS\Tasks\At43.job C:\WINDOWS\Tasks\At44.job C:\WINDOWS\Tasks\At45.job C:\WINDOWS\Tasks\At46.job C:\WINDOWS\Tasks\At47.job C:\WINDOWS\Tasks\At48.job C:\WINDOWS\Tasks\At5.job C:\WINDOWS\Tasks\At6.job C:\WINDOWS\Tasks\At7.job C:\WINDOWS\Tasks\At8.job C:\WINDOWS\Tasks\At9.job --------------------\\ ROOTKIT !! Rootkit Bagle ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA] --------------------\\ ROGUES .. C:\DOCUME~1\Sylvain\APPLIC~1\WinButler C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\VirusRemover2008 [F:469][D:0]-> C:\DOCUME~1\Mireille\Cookies [F:382][D:4]-> C:\DOCUME~1\Mireille\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 2008-11-22|23:01 - Option : [1] 2 - "C:\Lop SD\LopR_2.txt" - 2008-11-22|23:10 - Option : [2] --------------------\\ Fin du rapport a 23:10:30

Ok voici le rapport de Lop S&D --------------------\\ Lop S&D 4.2.4-9c XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : AMD Athlon XP 1800+ ) BIOS : Phoenix - AwardBIOS v6.00PG USER : Mireille ( Administrator ) BOOT : Normal boot A:\ (USB) C:\ (Local Disk) - NTFS - Total:37 Go (Free:26 Go) D:\ (Local Disk) - NTFS - Total:74 Go (Free:32 Go) E:\ (Local Disk) - NTFS - Total:19 Go (Free:19 Go) F:\ (CD or DVD) G:\ (CD or DVD) "C:\Lop SD" ( MAJ : 01-11-2008|16:30 ) Option : [1] ( 2008-11-22|22:58 ) --------------------\\ Listing des dossiers dans APPLIC~1 [2008-08-19|20:39] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe [2008-08-21|15:41] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities [2008-08-19|20:39] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia [2008-08-04|16:12] C:\DOCUME~1\ADMINI~1\APPLIC~1\Malwarebytes [2008-11-22|16:58] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [2008-08-21|17:52] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla [2008-03-27|16:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\4D [2008-03-27|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [2008-04-09|17:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY [2008-05-17|20:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BufferZone [2008-02-25|11:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software [2008-09-05|17:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\cadwork [2008-03-19|15:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations [2008-03-02|20:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink [2008-08-05|16:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Htm Support Bait Deaf [2008-09-01|17:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield [2008-08-04|16:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [2008-11-19|09:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee [2008-09-01|22:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [2008-11-13|00:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help [2008-06-13|22:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MumboJumbo [2008-06-11|10:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\n7-89-o9-3r-4t-r9 [2008-03-16|15:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero [2008-05-14|08:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage [2008-03-27|17:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime [2008-08-17|18:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\services [2008-11-19|09:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [2008-06-11|14:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [2008-07-21|18:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom [2008-05-23|10:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia [2008-02-27|08:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [2008-04-12|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [2008-05-23|21:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom [2008-02-24|17:03] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [2006-08-20|18:52] C:\DOCUME~1\LOCALS~1\APPLIC~1\Help [2008-02-25|09:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [2008-11-07|09:00] C:\DOCUME~1\LOCALS~1\APPLIC~1\SACore [2008-04-01|08:44] C:\DOCUME~1\Mireille\APPLIC~1\Adobe [2008-11-12|19:36] C:\DOCUME~1\Mireille\APPLIC~1\AdobeUM [2008-05-04|18:57] C:\DOCUME~1\Mireille\APPLIC~1\Ahead [2008-07-21|18:44] C:\DOCUME~1\Mireille\APPLIC~1\dupeobjbib [2008-07-21|18:44] C:\DOCUME~1\Mireille\APPLIC~1\Help [2008-02-24|17:10] C:\DOCUME~1\Mireille\APPLIC~1\Identities [2008-02-24|18:16] C:\DOCUME~1\Mireille\APPLIC~1\InstallShield [2008-02-25|11:34] C:\DOCUME~1\Mireille\APPLIC~1\Jasc Software Inc [2008-09-02|06:31] C:\DOCUME~1\Mireille\APPLIC~1\LuckyTender [2008-02-25|20:37] C:\DOCUME~1\Mireille\APPLIC~1\Macromedia [2008-08-04|16:08] C:\DOCUME~1\Mireille\APPLIC~1\Malwarebytes [2008-10-21|20:29] C:\DOCUME~1\Mireille\APPLIC~1\Microsoft [2008-08-08|13:16] C:\DOCUME~1\Mireille\APPLIC~1\Mozilla [2008-03-04|08:37] C:\DOCUME~1\Mireille\APPLIC~1\Nero [2008-07-16|23:11] C:\DOCUME~1\Mireille\APPLIC~1\U3 [2008-03-24|19:18] C:\DOCUME~1\Mireille\APPLIC~1\vlc [2008-07-21|18:44] C:\DOCUME~1\NETWOR~1\APPLIC~1\Adobe [2008-07-18|16:38] C:\DOCUME~1\NETWOR~1\APPLIC~1\Macromedia [2008-02-24|17:09] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [2008-04-23|08:08] C:\DOCUME~1\Sylvain\APPLIC~1\Adobe [2008-10-24|10:30] C:\DOCUME~1\Sylvain\APPLIC~1\AdobeUM [2008-07-21|18:42] C:\DOCUME~1\Sylvain\APPLIC~1\Ahead [2008-10-20|17:21] C:\DOCUME~1\Sylvain\APPLIC~1\DeepBurner [2008-08-05|16:53] C:\DOCUME~1\Sylvain\APPLIC~1\dupeobjbib [2008-11-14|13:31] C:\DOCUME~1\Sylvain\APPLIC~1\dvdcss [2008-06-11|16:25] C:\DOCUME~1\Sylvain\APPLIC~1\GameHouse [2008-03-21|09:27] C:\DOCUME~1\Sylvain\APPLIC~1\Help [2008-06-16|10:35] C:\DOCUME~1\Sylvain\APPLIC~1\Identities [2008-09-02|06:30] C:\DOCUME~1\Sylvain\APPLIC~1\LuckyTender [2008-02-24|19:58] C:\DOCUME~1\Sylvain\APPLIC~1\Macromedia [2008-08-08|16:09] C:\DOCUME~1\Sylvain\APPLIC~1\Malwarebytes [2008-03-20|20:00] C:\DOCUME~1\Sylvain\APPLIC~1\Media Player Classic [2008-10-16|12:11] C:\DOCUME~1\Sylvain\APPLIC~1\Microsoft [2008-07-21|18:44] C:\DOCUME~1\Sylvain\APPLIC~1\Mozilla [2008-03-03|10:58] C:\DOCUME~1\Sylvain\APPLIC~1\Nero [2008-09-01|17:45] C:\DOCUME~1\Sylvain\APPLIC~1\RoboBAT [2008-11-18|20:27] C:\DOCUME~1\Sylvain\APPLIC~1\TmpRecentIcons [2008-07-14|16:32] C:\DOCUME~1\Sylvain\APPLIC~1\TomTom [2008-03-21|10:47] C:\DOCUME~1\Sylvain\APPLIC~1\vlc [2008-11-19|10:26] C:\DOCUME~1\Sylvain\APPLIC~1\WinButler [2008-03-18|11:48] C:\DOCUME~1\Sylvain\APPLIC~1\WinRAR [2008-06-16|10:35] C:\DOCUME~1\Sylvain\APPLIC~1\Zylom --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [2008-11-22 22:00][--ah-----] C:\WINDOWS\tasks\A2AF9D86918C1156.job [2008-11-21 23:00][--a------] C:\WINDOWS\tasks\At48.job [2008-11-22 22:00][--a------] C:\WINDOWS\tasks\At47.job [2008-11-21 21:00][--a------] C:\WINDOWS\tasks\At46.job [2008-11-21 20:00][--a------] C:\WINDOWS\tasks\At45.job [2008-11-21 19:00][--a------] C:\WINDOWS\tasks\At44.job [2008-11-21 18:00][--a------] C:\WINDOWS\tasks\At43.job [2008-11-21 17:00][--a------] C:\WINDOWS\tasks\At42.job [2008-11-22 16:00][--a------] C:\WINDOWS\tasks\At41.job [2008-11-22 15:00][--a------] C:\WINDOWS\tasks\At40.job [2008-11-21 14:00][--a------] C:\WINDOWS\tasks\At39.job [2008-11-21 13:00][--a------] C:\WINDOWS\tasks\At38.job [2008-11-21 12:00][--a------] C:\WINDOWS\tasks\At37.job [2008-11-21 11:00][--a------] C:\WINDOWS\tasks\At36.job [2008-11-21 10:00][--a------] C:\WINDOWS\tasks\At35.job [2008-11-21 09:00][--a------] C:\WINDOWS\tasks\At34.job [2008-11-21 08:00][--a------] C:\WINDOWS\tasks\At33.job [2008-11-19 07:00][--a------] C:\WINDOWS\tasks\At32.job [2008-11-18 06:00][--a------] C:\WINDOWS\tasks\At31.job [2008-11-18 05:00][--a------] C:\WINDOWS\tasks\At30.job [2008-11-18 04:00][--a------] C:\WINDOWS\tasks\At29.job [2008-11-18 03:00][--a------] C:\WINDOWS\tasks\At28.job [2008-11-18 02:00][--a------] C:\WINDOWS\tasks\At27.job [2008-11-22 01:00][--a------] C:\WINDOWS\tasks\At26.job [2008-11-22 00:55][--a------] C:\WINDOWS\tasks\At25.job [2008-11-21 23:00][--a------] C:\WINDOWS\tasks\At24.job [2008-11-22 22:00][--a------] C:\WINDOWS\tasks\At23.job [2008-11-21 21:00][--a------] C:\WINDOWS\tasks\At22.job [2008-11-21 20:00][--a------] C:\WINDOWS\tasks\At21.job [2008-11-21 19:00][--a------] C:\WINDOWS\tasks\At20.job [2008-11-21 18:00][--a------] C:\WINDOWS\tasks\At19.job [2008-11-21 17:00][--a------] C:\WINDOWS\tasks\At18.job [2008-11-22 16:00][--a------] C:\WINDOWS\tasks\At17.job [2008-11-22 15:00][--a------] C:\WINDOWS\tasks\At16.job [2008-11-21 14:00][--a------] C:\WINDOWS\tasks\At15.job [2008-11-21 13:00][--a------] C:\WINDOWS\tasks\At14.job [2008-11-21 12:00][--a------] C:\WINDOWS\tasks\At13.job [2008-11-21 11:00][--a------] C:\WINDOWS\tasks\At12.job [2008-11-21 10:00][--a------] C:\WINDOWS\tasks\At11.job [2008-11-21 09:00][--a------] C:\WINDOWS\tasks\At10.job [2008-11-21 08:00][--a------] C:\WINDOWS\tasks\At9.job [2008-11-19 07:00][--a------] C:\WINDOWS\tasks\At8.job [2008-11-18 06:00][--a------] C:\WINDOWS\tasks\At7.job [2008-11-18 05:00][--a------] C:\WINDOWS\tasks\At6.job [2008-11-18 04:00][--a------] C:\WINDOWS\tasks\At5.job [2008-11-18 03:00][--a------] C:\WINDOWS\tasks\At4.job [2008-11-18 02:00][--a------] C:\WINDOWS\tasks\At3.job [2008-11-22 01:00][--a------] C:\WINDOWS\tasks\At2.job [2008-11-22 00:49][--a------] C:\WINDOWS\tasks\At1.job [2008-11-22 22:33][--ah-----] C:\WINDOWS\tasks\SA.DAT [2001-08-28 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini ( A2AF9D86918C1156.job )=( c:\docume~1\sylvain\applic~1\dupeob~1\eggsprogramwin.exe ) --------------------\\ Listing des dossiers dans C:\Program Files [2008-06-13|23:12] C:\Program Files\3D Live Pool [2008-10-22|08:47] C:\Program Files\Abbyy FineReader 6.0 Sprint [2008-03-27|17:10] C:\Program Files\Adobe [2008-07-21|18:42] C:\Program Files\Ahead [2008-10-20|17:11] C:\Program Files\Astonsoft [2008-02-24|19:31] C:\Program Files\ATI Technologies [2008-11-22|16:58] C:\Program Files\Avira GmbH [2008-11-22|17:03] C:\Program Files\AxBx [2008-09-01|11:36] C:\Program Files\BitTorrent Fastest Tool [2008-04-09|17:50] C:\Program Files\Boonty [2008-09-26|09:40] C:\Program Files\BufferZone [2008-08-05|15:16] C:\Program Files\CCleaner [2008-11-18|11:50] C:\Program Files\CDex_150 [2008-11-18|17:38] C:\Program Files\Code Postal [2008-11-17|14:30] C:\Program Files\Codutil 59 [2008-09-01|11:36] C:\Program Files\Conduit [2008-02-25|11:33] C:\Program Files\Dell Computer [2008-08-31|18:42] C:\Program Files\Dell Photo AIO Printer 962 [2008-02-25|11:37] C:\Program Files\Dell_Photo AIO Printer 962 [2008-02-24|19:14] C:\Program Files\directx [2008-11-20|12:14] C:\Program Files\Dl_cats [2008-11-04|15:18] C:\Program Files\Everest Poker [2008-11-22|22:31] C:\Program Files\Fichiers communs [2008-05-23|10:27] C:\Program Files\Fliptop Games [2008-03-10|10:07] C:\Program Files\Free [2008-06-14|00:12] C:\Program Files\GameHouse [2008-11-19|09:49] C:\Program Files\GenoPro [2008-06-11|10:39] C:\Program Files\Google [2008-07-20|17:27] C:\Program Files\Hercules [2008-11-13|12:14] C:\Program Files\Iminent [2008-11-22|16:58] C:\Program Files\InstallShield Installation Information [2008-11-13|11:26] C:\Program Files\Internet Explorer [2008-02-25|11:34] C:\Program Files\Jasc Software Inc [2008-11-21|17:45] C:\Program Files\Jewel Quest [2008-09-01|22:43] C:\Program Files\LuckyTender [2008-11-19|09:53] C:\Program Files\Malwarebytes' Anti-Malware [2008-09-27|09:25] C:\Program Files\Mario Forever [2008-11-19|09:39] C:\Program Files\McAfee [2008-11-19|09:38] C:\Program Files\McAfee.com [2006-08-20|17:18] C:\Program Files\Messenger [2008-06-09|19:24] C:\Program Files\Microsoft ActiveSync [2008-02-24|17:03] C:\Program Files\microsoft frontpage [2008-02-24|17:52] C:\Program Files\Microsoft Office [2008-02-24|17:52] C:\Program Files\Microsoft Visual Studio [2008-02-24|17:53] C:\Program Files\Microsoft Works [2008-02-24|17:28] C:\Program Files\Movie Maker [2008-11-22|16:03] C:\Program Files\Mozilla Firefox [2008-02-24|17:52] C:\Program Files\MSBuild [2008-02-24|16:57] C:\Program Files\MSN Gaming Zone [2008-03-11|00:58] C:\Program Files\MSXML 4.0 [2008-09-01|11:36] C:\Program Files\Multi_Media [2008-06-13|22:20] C:\Program Files\MumboJumbo [2008-07-21|18:42] C:\Program Files\Nero [2008-07-20|21:18] C:\Program Files\Nero(2) [2008-02-24|17:25] C:\Program Files\NetMeeting [2008-06-17|07:40] C:\Program Files\Ouba - The Great Journey [2008-02-25|23:30] C:\Program Files\Outlook Express [2008-06-13|23:12] C:\Program Files\phelios [2008-11-02|08:10] C:\Program Files\PIXELA [2008-07-21|18:43] C:\Program Files\PopCap Games [2008-07-23|08:35] C:\Program Files\PopUp Destroy [2008-03-27|17:14] C:\Program Files\QuickTime [2008-09-01|17:24] C:\Program Files\RadarSync [2008-09-01|17:24] C:\Program Files\RadarSyncBar [2008-09-01|14:19] C:\Program Files\ReflexiveArcade [2008-09-03|16:28] C:\Program Files\SafeNet Sentinel [2008-08-08|18:49] C:\Program Files\Secured eMule [2008-08-02|15:11] C:\Program Files\Secured_eMule [2008-03-16|19:00] C:\Program Files\Services en ligne [2008-06-14|00:16] C:\Program Files\shockwave.com [2008-11-02|08:49] C:\Program Files\Sony Corporation [2008-11-19|09:01] C:\Program Files\Spybot - Search & Destroy [2008-09-03|18:25] C:\Program Files\Sudoku XP [2008-06-13|23:59] C:\Program Files\The Treasures Of Montezuma [2008-07-21|18:44] C:\Program Files\TomTom DesktopSuite [2008-05-27|14:30] C:\Program Files\Trymedia [2008-02-24|17:10] C:\Program Files\Uninstall Information [2008-03-21|10:45] C:\Program Files\VideoLAN [2008-11-03|20:54] C:\Program Files\Web Hottest Videos Personal Player [2008-02-25|09:02] C:\Program Files\Windows Desktop Search [2008-04-12|11:39] C:\Program Files\Windows Live [2008-07-20|16:47] C:\Program Files\Windows Media Connect 2 [2008-03-02|17:35] C:\Program Files\Windows Media Player [2008-02-24|17:25] C:\Program Files\Windows NT [2008-02-24|19:46] C:\Program Files\WindowsUpdate [2008-02-24|17:03] C:\Program Files\xerox [2008-03-27|17:10] C:\Program Files\Yvert & Tellier [2008-06-17|19:16] C:\Program Files\Zumma deluxe [2008-07-21|18:44] C:\Program Files\Zylom Games --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [2008-04-01|08:44] C:\Program Files\Fichiers communs\Adobe [2008-03-17|17:16] C:\Program Files\Fichiers communs\Ahead [2008-04-09|17:52] C:\Program Files\Fichiers communs\BOONTY Shared [2008-02-24|17:52] C:\Program Files\Fichiers communs\DESIGNER [2008-09-03|16:35] C:\Program Files\Fichiers communs\InstallShield [2008-11-19|09:38] C:\Program Files\Fichiers communs\McAfee [2008-08-08|14:02] C:\Program Files\Fichiers communs\Microsoft Shared [2008-02-24|16:58] C:\Program Files\Fichiers communs\MSSoap [2008-03-16|15:57] C:\Program Files\Fichiers communs\Nero [2008-02-24|16:51] C:\Program Files\Fichiers communs\ODBC [2008-09-01|17:43] C:\Program Files\Fichiers communs\RbtProt [2008-09-01|17:50] C:\Program Files\Fichiers communs\RoboBAT [2008-09-03|16:28] C:\Program Files\Fichiers communs\SafeNet Sentinel [2008-02-24|16:59] C:\Program Files\Fichiers communs\Services [2008-02-24|16:51] C:\Program Files\Fichiers communs\SpeechEngines [2008-09-01|22:49] C:\Program Files\Fichiers communs\SWF Studio [2008-02-25|23:30] C:\Program Files\Fichiers communs\System [2008-04-12|11:37] C:\Program Files\Fichiers communs\WindowsLiveInstaller --------------------\\ Process ( 28 Processes ) iexplore.exe ~ [PID:420] --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop C:\DOCUME~1\ALLUSE~1\APPLIC~1\Htm Support Bait Deaf C:\DOCUME~1\Mireille\APPLIC~1\dupeob~1 C:\DOCUME~1\Sylvain\APPLIC~1\dupeob~1 C:\Program Files\BitTorrent Fastest Tool C:\Program Files\BitTorrent Fastest Tool\3wPlayer-2.0.0.0-setup.exe C:\Program Files\BitTorrent Fastest Tool\BitDownload-4.5.0.0-setup.exe C:\Program Files\BitTorrent Fastest Tool\BitP.exe C:\Program Files\BitTorrent Fastest Tool\Checklime.exe C:\Program Files\BitTorrent Fastest Tool\DWbrk03_0308.exe C:\Program Files\BitTorrent Fastest Tool\INSTALL.LOG C:\Program Files\Multi_Media C:\Program Files\Multi_Media\INSTALL.LOG C:\Program Files\Multi_Media\Multi_MediaToolbarHelper.exe C:\Program Files\Multi_Media\tbMult.dll C:\Program Files\Multi_Media\toolbar.cfg C:\Program Files\Multi_Media\UNWISE.EXE C:\DOCUME~1\Mireille\Cookies\mireille@advertising[1].txt C:\DOCUME~1\Mireille\Cookies\mireille@adin.bigpoint[1].txt C:\DOCUME~1\Mireille\Cookies\mireille@fr.seafight.bigpoint[2].txt C:\DOCUME~1\Mireille\Cookies\mireille@adopt.euroclick[2].txt C:\DOCUME~1\Mireille\Cookies\mireille@partypoker[2].txt C:\DOCUME~1\Mireille\Cookies\mireille@fr.seafight.bigpoint[2].txt C:\DOCUME~1\Mireille\Cookies\mireille@push.2xmoinscher[2].txt C:\WINDOWS\Tasks\A2AF9D86918C1156.job --------------------\\ Verification du Registre [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-11-22 23:00:12 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 13 --------------------\\ Recherche d'autres infections C:\WINDOWS\Tasks\At1.job C:\WINDOWS\Tasks\At10.job C:\WINDOWS\Tasks\At11.job C:\WINDOWS\Tasks\At12.job C:\WINDOWS\Tasks\At13.job C:\WINDOWS\Tasks\At14.job C:\WINDOWS\Tasks\At15.job C:\WINDOWS\Tasks\At16.job C:\WINDOWS\Tasks\At17.job C:\WINDOWS\Tasks\At18.job C:\WINDOWS\Tasks\At19.job C:\WINDOWS\Tasks\At2.job C:\WINDOWS\Tasks\At20.job C:\WINDOWS\Tasks\At21.job C:\WINDOWS\Tasks\At22.job C:\WINDOWS\Tasks\At23.job C:\WINDOWS\Tasks\At24.job C:\WINDOWS\Tasks\At25.job C:\WINDOWS\Tasks\At26.job C:\WINDOWS\Tasks\At27.job C:\WINDOWS\Tasks\At28.job C:\WINDOWS\Tasks\At29.job C:\WINDOWS\Tasks\At3.job C:\WINDOWS\Tasks\At30.job C:\WINDOWS\Tasks\At31.job C:\WINDOWS\Tasks\At32.job C:\WINDOWS\Tasks\At33.job C:\WINDOWS\Tasks\At34.job C:\WINDOWS\Tasks\At35.job C:\WINDOWS\Tasks\At36.job C:\WINDOWS\Tasks\At37.job C:\WINDOWS\Tasks\At38.job C:\WINDOWS\Tasks\At39.job C:\WINDOWS\Tasks\At4.job C:\WINDOWS\Tasks\At40.job C:\WINDOWS\Tasks\At41.job C:\WINDOWS\Tasks\At42.job C:\WINDOWS\Tasks\At43.job C:\WINDOWS\Tasks\At44.job C:\WINDOWS\Tasks\At45.job C:\WINDOWS\Tasks\At46.job C:\WINDOWS\Tasks\At47.job C:\WINDOWS\Tasks\At48.job C:\WINDOWS\Tasks\At5.job C:\WINDOWS\Tasks\At6.job C:\WINDOWS\Tasks\At7.job C:\WINDOWS\Tasks\At8.job C:\WINDOWS\Tasks\At9.job --------------------\\ ROOTKIT !! Rootkit Bagle ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA] --------------------\\ ROGUES .. C:\DOCUME~1\Sylvain\APPLIC~1\WinButler C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\VirusRemover2008 [F:475][D:0]-> C:\DOCUME~1\Mireille\Cookies [F:339][D:4]-> C:\DOCUME~1\Mireille\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 2008-11-22|23:01 - Option : [1] --------------------\\ Fin du rapport a 23:01:11

voila le rapport ComboFix 08-11-22.01 - Mireille 2008-11-22 22:30:47.6 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.707 [GMT 1:00] Lancé depuis: c:\documents and settings\Administrateur\Bureau\CF.exe Commutateurs utilisés :: c:\documents and settings\Mireille\Bureau\CFscript.txt * Un nouveau point de restauration a été créé . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_PNDIS5 -------\Service_8daee481-4510-4cd5-8ba1-dea0b2588289 -------\Service_axvbusx -------\Service_axvscsi -------\Service_hpt3xx -------\Service_PNDIS5 ((((((((((((((((((((((((((((( Fichiers créés du 2008-10-22 au 2008-11-22 )))))))))))))))))))))))))))))))))))) . 2008-11-22 17:03 . 2008-11-22 17:03 <REP> d-------- c:\program files\AxBx 2008-11-22 16:58 . 2008-11-22 16:58 <REP> d-------- c:\program files\Avira GmbH 2008-11-22 16:10 . 2008-11-22 16:10 <REP> d--h----- c:\windows\system32\GroupPolicy 2008-11-19 09:38 . 2008-11-19 09:38 <REP> d-------- c:\program files\McAfee.com 2008-11-19 09:37 . 2008-11-19 09:39 <REP> d-------- c:\program files\McAfee 2008-11-19 09:37 . 2008-11-19 09:38 <REP> d-------- c:\program files\Fichiers communs\McAfee 2008-11-18 20:27 . 2008-11-18 20:27 <REP> d-------- c:\documents and settings\Sylvain\Application Data\TmpRecentIcons 2008-11-18 20:27 . 2008-11-18 00:07 102,400 --a------ c:\windows\tskerxag.exe 2008-11-18 19:33 . 2008-11-19 09:49 <REP> d-------- c:\program files\GenoPro 2008-11-18 08:51 . 2008-11-18 08:51 119 --a------ C:\Delme.bat 2008-11-17 15:38 . 2008-11-18 08:50 12 --a------ c:\windows\WPOSTAL.INI 2008-11-17 15:38 . 2008-11-17 15:38 0 --a------ c:\windows\WD.INI 2008-11-17 15:37 . 2008-11-18 08:51 <REP> d-------- C:\WPOSTAL 2008-11-17 14:56 . 2008-11-17 14:56 <REP> d-------- C:\lccp 2008-11-17 12:22 . 2008-11-17 14:30 <REP> d-------- c:\program files\Codutil 59 2008-11-13 11:31 . 2008-11-13 12:14 <REP> d-------- c:\program files\Iminent 2008-11-04 15:18 . 2008-11-04 15:18 225 --a------ c:\windows\wininit.ini 2008-11-02 09:04 . 2008-11-02 09:04 <REP> d-------- C:\MWASPI 2008-11-02 09:04 . 1997-06-11 19:01 30,208 --------- c:\windows\system32\WNASPI32.DLL 2008-11-02 09:04 . 2000-03-29 17:11 8,096 --------- c:\windows\system32\drivers\MASPINT.SYS 2008-11-02 09:04 . 1999-10-22 17:58 4,030 --------- c:\windows\system\WINASPI.DLL 2008-11-02 09:04 . 1997-02-28 03:00 2,486 --------- c:\windows\system\AS16POST.BIN 2008-11-02 09:04 . 2008-11-02 09:04 291 --a------ c:\windows\msfsetup.ini 2008-11-02 08:49 . 2008-11-02 08:49 <REP> d-------- c:\program files\Sony Corporation 2008-11-02 08:25 . 2008-11-02 09:20 420 --a------ c:\windows\PCPHOTO.INI 2008-11-02 08:10 . 2008-11-02 08:10 <REP> d-------- c:\program files\PIXELA 2008-10-26 23:29 . 2008-11-14 13:31 <REP> d-------- c:\documents and settings\Sylvain\Application Data\dvdcss . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-11-22 15:58 --------- d--h--w c:\program files\InstallShield Installation Information 2008-11-21 16:45 --------- d-----w c:\program files\Jewel Quest 2008-11-20 11:14 --------- d-----w c:\program files\Dl_cats 2008-11-19 09:26 --------- d-----w c:\documents and settings\Sylvain\Application Data\WinButler 2008-11-19 08:53 --------- d-----w c:\program files\Malwarebytes' Anti-Malware 2008-11-19 08:04 --------- d-----w c:\documents and settings\All Users\Application Data\McAfee 2008-11-19 08:01 --------- d-----w c:\program files\Spybot - Search & Destroy 2008-11-19 08:01 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2008-11-18 16:38 --------- d-----w c:\program files\Code Postal 2008-11-18 10:50 --------- d-----w c:\program files\CDex_150 2008-11-12 23:11 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help 2008-11-12 18:36 --------- d-----w c:\documents and settings\Mireille\Application Data\AdobeUM 2008-11-07 08:00 --------- d-----w c:\documents and settings\LocalService\Application Data\SACore 2008-11-04 14:18 --------- d-----w c:\program files\Everest Poker 2008-11-03 19:54 --------- d-----w c:\program files\Web Hottest Videos Personal Player 2008-10-24 11:10 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys 2008-10-24 09:30 --------- d-----w c:\documents and settings\Sylvain\Application Data\AdobeUM 2008-10-22 15:10 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys 2008-10-22 15:10 15,504 ----a-w c:\windows\system32\drivers\mbam.sys 2008-10-22 07:47 --------- d-----w c:\program files\Abbyy FineReader 6.0 Sprint 2008-10-20 16:21 --------- d-----w c:\documents and settings\Sylvain\Application Data\DeepBurner 2008-10-20 16:11 --------- d-----w c:\program files\Astonsoft 2008-09-27 08:25 --------- d-----w c:\program files\Mario Forever 2008-09-26 08:40 --------- d-----w c:\program files\BufferZone 2008-09-01 21:50 45,056 ----a-w c:\windows\NCUNINST.EXE 2008-06-11 10:11 0 ----a-w c:\program files\temp01 2008-08-04 14:08 2 --shatr c:\windows\winstart.bat . (((((((((((((((((((((((((((((((((((((((((((( Look ))))))))))))))))))))))))))))))))))))))))))))))))))))))))) . ---- Directory of c:\documents and settings\Sylvain\Application Data\TmpRecentIcons ---- 2008-11-19 22:56 2535 --a------ c:\documents and settings\Sylvain\Application Data\TmpRecentIcons\Microsoft Office Excel 2007.lnk 2008-11-18 17:38 655 --a------ c:\documents and settings\Sylvain\Application Data\TmpRecentIcons\Code Postal.lnk 2008-11-17 14:56 466 --a------ c:\documents and settings\Sylvain\Application Data\TmpRecentIcons\LcCp.lnk 2008-11-04 23:18 2623 --a------ c:\documents and settings\Sylvain\Application Data\TmpRecentIcons\Microsoft Office Outlook 2007.lnk 2008-11-04 11:27 510 --a------ c:\documents and settings\Sylvain\Application Data\TmpRecentIcons\eChanblard.lnk 2008-10-20 17:32 658 --a------ c:\documents and settings\Sylvain\Application Data\TmpRecentIcons\CDex.lnk 2008-10-20 17:11 746 --a------ c:\documents and settings\Sylvain\Application Data\TmpRecentIcons\DeepBurner.lnk 2008-09-27 09:25 742 --a------ c:\documents and settings\Sylvain\Application Data\TmpRecentIcons\Mario Forever.lnk 2008-09-27 09:25 737 --a------ c:\documents and settings\Sylvain\Application Data\TmpRecentIcons\Mario Worker.lnk 2008-09-25 12:48 1589 --a------ c:\documents and settings\Sylvain\Application Data\TmpRecentIcons\Jewel Quest.lnk 2008-09-06 08:39 545 --a------ c:\documents and settings\Sylvain\Application Data\TmpRecentIcons\Raccourci vers MP2008A.lnk 2008-06-27 14:49 1702 --a------ c:\documents and settings\Sylvain\Application Data\TmpRecentIcons\Abracadabra.lnk 2008-06-27 09:45 2232 --a------ c:\documents and settings\Sylvain\Application Data\TmpRecentIcons\McAfee Virtual Technician.lnk 2008-05-23 09:24 525 --a------ c:\documents and settings\Sylvain\Application Data\TmpRecentIcons\Raccourci vers mj_40en.lnk 2008-05-22 07:33 656 --a------ c:\documents and settings\Sylvain\Application Data\TmpRecentIcons\Raccourci vers Briques.lnk 2008-04-05 15:46 491 --a------ c:\documents and settings\Sylvain\Application Data\TmpRecentIcons\SUPER-MARIO PC.lnk 2008-03-28 19:59 482 --a------ c:\documents and settings\Sylvain\Application Data\TmpRecentIcons\Maxi Puzzles.lnk 2008-02-25 09:27 104 --a------ c:\documents and settings\Sylvain\Application Data\TmpRecentIcons\Internet.lnk ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SxBzBufferZoneOverlay] @="{37ADBD0B-11EC-4A2C-9F93-5C3ACC7994DF}" [HKEY_CLASSES_ROOT\CLSID\{37ADBD0B-11EC-4A2C-9F93-5C3ACC7994DF}] 2007-08-06 14:20 1222576 --a------ c:\windows\system32\RlShellExt.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SxBzConfidentialOverlay] @="{F594B094-8768-4632-8143-12852EBBD688}" [HKEY_CLASSES_ROOT\CLSID\{F594B094-8768-4632-8143-12852EBBD688}] 2007-08-06 14:20 1222576 --a------ c:\windows\system32\RlShellExt.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SxBzForbiddenOverlay] @="{F1A1DA12-E651-4AD0-A1A0-6214546B2F9D}" [HKEY_CLASSES_ROOT\CLSID\{F1A1DA12-E651-4AD0-A1A0-6214546B2F9D}] 2007-08-06 14:20 1222576 --a------ c:\windows\system32\RlShellExt.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SxBzUnknownOverlay] @="{E4FC4B31-8A4F-45E6-BDAC-28F612371FE3}" [HKEY_CLASSES_ROOT\CLSID\{E4FC4B31-8A4F-45E6-BDAC-28F612371FE3}] 2007-08-06 14:20 1222576 --a------ c:\windows\system32\RlShellExt.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-19 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-03-27 98304] "DLBXCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLBXtime.dll" [2004-12-07 69632] "dlbxmon.exe"="c:\program files\Dell Photo AIO Printer 962\dlbxmon.exe" [2005-01-18 425984] "NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ WiFi Station.lnk - c:\program files\Hercules\WiFi Station\WifiStation.exe [2008-02-24 650240] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] --a------ 2004-08-19 16:09 15360 c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dlbxmon.exe] --a------ 2005-01-18 15:58 425984 c:\program files\Dell Photo AIO Printer 962\dlbxmon.exE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck] -ra------ 2001-07-09 10:50 155648 c:\windows\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a------ 2006-01-12 15:40 155648 c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2008-03-27 17:10 98304 c:\program files\QuickTime\qttask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C-Media Mixer] -ra------ 2001-11-15 19:08 1216512 c:\windows\mixer.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "d:\\eChanblard\\emule.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "%windir%\\explorer.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "6662:TCP"= 6662:TCP:kieffer "6672:UDP"= 6672:UDP:kieffer R2 Hinsrv;Hinsrv Service;c:\windows\system32\hinsrv.exe [2008-09-01 81920] R2 SG_Service;SoftGuard Service;c:\program files\Fichiers communs\RbtProt\sgsrv.exe [2005-04-25 155648] . Contenu du dossier 'Tâches planifiées' 2008-11-22 c:\windows\Tasks\A2AF9D86918C1156.job - c:\docume~1\sylvain\applic~1\dupeob~1\eggs program win.exe [] 2008-11-21 c:\windows\Tasks\At1.job - c:\windows\system32\41W0527I.exe [] 2008-11-21 c:\windows\Tasks\At10.job - c:\windows\system32\41W0527I.exe [] 2008-11-21 c:\windows\Tasks\At11.job - c:\windows\system32\41W0527I.exe [] 2008-11-21 c:\windows\Tasks\At12.job - c:\windows\system32\41W0527I.exe [] 2008-11-21 c:\windows\Tasks\At13.job - c:\windows\system32\41W0527I.exe [] 2008-11-21 c:\windows\Tasks\At14.job - c:\windows\system32\41W0527I.exe [] 2008-11-21 c:\windows\Tasks\At15.job - c:\windows\system32\41W0527I.exe [] 2008-11-22 c:\windows\Tasks\At16.job - c:\windows\system32\41W0527I.exe [] 2008-11-22 c:\windows\Tasks\At17.job - c:\windows\system32\41W0527I.exe [] 2008-11-21 c:\windows\Tasks\At18.job - c:\windows\system32\41W0527I.exe [] 2008-11-21 c:\windows\Tasks\At19.job - c:\windows\system32\41W0527I.exe [] 2008-11-22 c:\windows\Tasks\At2.job - c:\windows\system32\41W0527I.exe [] 2008-11-21 c:\windows\Tasks\At20.job - c:\windows\system32\41W0527I.exe [] 2008-11-21 c:\windows\Tasks\At21.job - c:\windows\system32\41W0527I.exe [] 2008-11-21 c:\windows\Tasks\At22.job - c:\windows\system32\41W0527I.exe [] 2008-11-22 c:\windows\Tasks\At23.job - c:\windows\system32\41W0527I.exe [] 2008-11-21 c:\windows\Tasks\At24.job - c:\windows\system32\41W0527I.exe [] 2008-11-21 c:\windows\Tasks\At25.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-22 c:\windows\Tasks\At26.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-18 c:\windows\Tasks\At27.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-18 c:\windows\Tasks\At28.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-18 c:\windows\Tasks\At29.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-18 c:\windows\Tasks\At3.job - c:\windows\system32\41W0527I.exe [] 2008-11-18 c:\windows\Tasks\At30.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-18 c:\windows\Tasks\At31.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-19 c:\windows\Tasks\At32.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-21 c:\windows\Tasks\At33.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-21 c:\windows\Tasks\At34.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-21 c:\windows\Tasks\At35.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-21 c:\windows\Tasks\At36.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-21 c:\windows\Tasks\At37.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-21 c:\windows\Tasks\At38.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-21 c:\windows\Tasks\At39.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-18 c:\windows\Tasks\At4.job - c:\windows\system32\41W0527I.exe [] 2008-11-22 c:\windows\Tasks\At40.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-22 c:\windows\Tasks\At41.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-21 c:\windows\Tasks\At42.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-21 c:\windows\Tasks\At43.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-21 c:\windows\Tasks\At44.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-21 c:\windows\Tasks\At45.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-21 c:\windows\Tasks\At46.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-22 c:\windows\Tasks\At47.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-21 c:\windows\Tasks\At48.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-18 c:\windows\Tasks\At5.job - c:\windows\system32\41W0527I.exe [] 2008-11-18 c:\windows\Tasks\At6.job - c:\windows\system32\41W0527I.exe [] 2008-11-18 c:\windows\Tasks\At7.job - c:\windows\system32\41W0527I.exe [] 2008-11-19 c:\windows\Tasks\At8.job - c:\windows\system32\41W0527I.exe [] 2008-11-21 c:\windows\Tasks\At9.job - c:\windows\system32\41W0527I.exe [] . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-11-22 22:33:40 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\WgaTray.exe c:\windows\system32\netdde.exe c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe c:\program files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe c:\windows\system32\wscntfy.exe c:\windows\system32\dlbxcoms.exe . ************************************************************************** . Heure de fin: 2008-11-22 22:36:31 - La machine a redémarré ComboFix-quarantined-files.txt 2008-11-22 21:36:25 ComboFix2.txt 2008-11-22 20:20:29 ComboFix3.txt 2008-08-21 18:58:20 ComboFix4.txt 2008-08-21 14:10:24 ComboFix5.txt 2008-11-22 21:30:19 Avant-CF: 28,647,043,072 octets libres Après-CF: 28,640,997,376 octets libres 283 --- E O F --- 2008-11-14 09:42:14

oui, je l'avais utilisé au mois d'aout (je crois que ct au mois d'aout) aussi suite a une infection bagle

C'est si mauvais que ca????

dsl pour le mode, mais cf m'a fait redémaré apres et now je suis en mode normal voila le rapport ComboFix 08-11-22.01 - Administrateur 2008-11-22 21:12:36.5 - NTFSx86 NETWORK Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.824 [GMT 1:00] Lancé depuis: c:\documents and settings\Administrateur\Bureau\CF.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Menu Démarrer\Programmes\AntiSpywareExpert c:\documents and settings\All Users\Menu Démarrer\Programmes\AntiSpywareExpert\AntiSpywareExpert.lnk c:\documents and settings\All Users\Menu Démarrer\Programmes\AntiSpywareExpert\Uninstall AntiSpywareExpert.lnk c:\documents and settings\All Users\Menu Démarrer\Programmes\PCPrivacyCleaner c:\documents and settings\All Users\Menu Démarrer\Programmes\PCPrivacyCleaner\PCPrivacyCleaner.lnk c:\documents and settings\All Users\Menu Démarrer\Programmes\PCPrivacyCleaner\Uninstall PCPrivacyCleaner.lnk c:\documents and settings\Mireille\Menu Démarrer\Programmes\Démarrage\Deewoo.lnk c:\documents and settings\Mireille\Menu Démarrer\Programmes\Démarrage\DW_Start.lnk c:\documents and settings\Sylvain\Application Data\PCPrivacyCleaner c:\documents and settings\Sylvain\Application Data\PCPrivacyCleaner\Logs\scns.log C:\InfoSat.txt c:\windows\bptswvdf.dll c:\windows\clofghls.dll c:\windows\IE4 Error Log.txt c:\windows\qxdepnbs.dll c:\windows\system32\Ati2evxx.dll c:\windows\system32\drivers\srosa2.sys c:\windows\system32\XwxHOnnn.ini c:\windows\system32\XwxHOnnn.ini2 c:\windows\Tasks\flpdtunl.job c:\windows\Tasks\sfyciggl.job . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_BOONTY_GAMES -------\Legacy_SROSA -------\Service_Boonty Games ((((((((((((((((((((((((((((( Fichiers créés du 2008-10-22 au 2008-11-22 )))))))))))))))))))))))))))))))))))) . 2008-11-22 17:03 . 2008-11-22 17:03 <REP> d-------- c:\program files\AxBx 2008-11-22 16:58 . 2008-11-22 16:58 <REP> d-------- c:\program files\Avira GmbH 2008-11-22 16:10 . 2008-11-22 16:10 <REP> d--h----- c:\windows\system32\GroupPolicy 2008-11-19 09:38 . 2008-11-19 09:38 <REP> d-------- c:\program files\McAfee.com 2008-11-19 09:37 . 2008-11-19 09:39 <REP> d-------- c:\program files\McAfee 2008-11-19 09:37 . 2008-11-19 09:38 <REP> d-------- c:\program files\Fichiers communs\McAfee 2008-11-18 20:27 . 2008-11-18 20:27 <REP> d-------- c:\documents and settings\Sylvain\Application Data\TmpRecentIcons 2008-11-18 20:27 . 2008-11-18 00:07 102,400 --a------ c:\windows\tskerxag.exe 2008-11-18 19:33 . 2008-11-19 09:49 <REP> d-------- c:\program files\GenoPro 2008-11-18 08:51 . 2008-11-18 08:51 119 --a------ C:\Delme.bat 2008-11-17 15:38 . 2008-11-18 08:50 12 --a------ c:\windows\WPOSTAL.INI 2008-11-17 15:38 . 2008-11-17 15:38 0 --a------ c:\windows\WD.INI 2008-11-17 15:37 . 2008-11-18 08:51 <REP> d-------- C:\WPOSTAL 2008-11-17 14:56 . 2008-11-17 14:56 <REP> d-------- C:\lccp 2008-11-17 12:22 . 2008-11-17 14:30 <REP> d-------- c:\program files\Codutil 59 2008-11-13 11:31 . 2008-11-13 12:14 <REP> d-------- c:\program files\Iminent 2008-11-04 15:18 . 2008-11-04 15:18 225 --a------ c:\windows\wininit.ini 2008-11-02 09:04 . 2008-11-02 09:04 <REP> d-------- C:\MWASPI 2008-11-02 09:04 . 1997-06-11 19:01 30,208 --------- c:\windows\system32\WNASPI32.DLL 2008-11-02 09:04 . 2000-03-29 17:11 8,096 --------- c:\windows\system32\drivers\MASPINT.SYS 2008-11-02 09:04 . 1999-10-22 17:58 4,030 --------- c:\windows\system\WINASPI.DLL 2008-11-02 09:04 . 1997-02-28 03:00 2,486 --------- c:\windows\system\AS16POST.BIN 2008-11-02 09:04 . 2008-11-02 09:04 291 --a------ c:\windows\msfsetup.ini 2008-11-02 08:49 . 2008-11-02 08:49 <REP> d-------- c:\program files\Sony Corporation 2008-11-02 08:25 . 2008-11-02 09:20 420 --a------ c:\windows\PCPHOTO.INI 2008-11-02 08:10 . 2008-11-02 08:10 <REP> d-------- c:\program files\PIXELA 2008-10-26 23:29 . 2008-11-14 13:31 <REP> d-------- c:\documents and settings\Sylvain\Application Data\dvdcss . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-11-22 15:58 --------- d--h--w c:\program files\InstallShield Installation Information 2008-11-21 16:45 --------- d-----w c:\program files\Jewel Quest 2008-11-20 11:14 --------- d-----w c:\program files\Dl_cats 2008-11-19 09:26 --------- d-----w c:\documents and settings\Sylvain\Application Data\WinButler 2008-11-19 08:53 --------- d-----w c:\program files\Malwarebytes' Anti-Malware 2008-11-19 08:04 --------- d-----w c:\documents and settings\All Users\Application Data\McAfee 2008-11-19 08:01 --------- d-----w c:\program files\Spybot - Search & Destroy 2008-11-19 08:01 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2008-11-18 16:38 --------- d-----w c:\program files\Code Postal 2008-11-18 10:50 --------- d-----w c:\program files\CDex_150 2008-11-12 23:11 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help 2008-11-12 18:36 --------- d-----w c:\documents and settings\Mireille\Application Data\AdobeUM 2008-11-07 08:00 --------- d-----w c:\documents and settings\LocalService\Application Data\SACore 2008-11-04 14:18 --------- d-----w c:\program files\Everest Poker 2008-11-03 19:54 --------- d-----w c:\program files\Web Hottest Videos Personal Player 2008-10-24 11:10 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys 2008-10-24 09:30 --------- d-----w c:\documents and settings\Sylvain\Application Data\AdobeUM 2008-10-22 15:10 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys 2008-10-22 15:10 15,504 ----a-w c:\windows\system32\drivers\mbam.sys 2008-10-22 07:47 --------- d-----w c:\program files\Abbyy FineReader 6.0 Sprint 2008-10-20 16:21 --------- d-----w c:\documents and settings\Sylvain\Application Data\DeepBurner 2008-10-20 16:11 --------- d-----w c:\program files\Astonsoft 2008-09-27 08:25 --------- d-----w c:\program files\Mario Forever 2008-09-26 08:40 --------- d-----w c:\program files\BufferZone 2008-09-01 21:50 45,056 ----a-w c:\windows\NCUNINST.EXE 2008-06-11 10:11 0 ----a-w c:\program files\temp01 2008-08-04 14:08 2 --shatr c:\windows\winstart.bat . ((((((((((((((((((((((((((((( snapshot@2008-08-21_16.09.17.96 ))))))))))))))))))))))))))))))))))))))))) . - 2008-08-19 15:29:32 666,624 ----a-w c:\windows\$hf_mig$\KB873339\update\update.exe + 2008-11-21 17:15:50 666,624 ----a-w c:\windows\$hf_mig$\KB873339\update\update.exe - 2008-08-19 15:29:32 666,624 ----a-w c:\windows\$hf_mig$\KB885835\update\update.exe + 2008-11-21 17:15:51 666,624 ----a-w c:\windows\$hf_mig$\KB885835\update\update.exe - 2008-08-19 15:29:32 666,624 ----a-w c:\windows\$hf_mig$\KB885836\update\update.exe + 2008-11-21 17:15:51 666,624 ----a-w c:\windows\$hf_mig$\KB885836\update\update.exe - 2008-08-19 15:29:32 666,624 ----a-w c:\windows\$hf_mig$\KB886185\update\update.exe + 2008-11-21 17:15:52 666,624 ----a-w c:\windows\$hf_mig$\KB886185\update\update.exe - 2008-08-19 15:29:32 666,624 ----a-w c:\windows\$hf_mig$\KB887472\update\update.exe + 2008-11-21 17:15:53 666,624 ----a-w c:\windows\$hf_mig$\KB887472\update\update.exe - 2008-08-19 15:29:32 666,624 ----a-w c:\windows\$hf_mig$\KB888302\update\update.exe + 2008-11-21 17:15:54 666,624 ----a-w c:\windows\$hf_mig$\KB888302\update\update.exe - 2008-08-19 15:29:33 730,336 ----a-w c:\windows\$hf_mig$\KB890046\update\update.exe + 2008-11-21 17:15:55 730,336 ----a-w c:\windows\$hf_mig$\KB890046\update\update.exe - 2008-08-19 15:29:33 730,336 ----a-w c:\windows\$hf_mig$\KB890859\update\update.exe + 2008-11-21 17:15:56 730,336 ----a-w c:\windows\$hf_mig$\KB890859\update\update.exe - 2008-08-19 15:29:33 666,624 ----a-w c:\windows\$hf_mig$\KB891781\update\update.exe + 2008-11-21 17:15:57 666,624 ----a-w c:\windows\$hf_mig$\KB891781\update\update.exe - 2008-08-19 15:29:33 730,336 ----a-w c:\windows\$hf_mig$\KB893756\update\update.exe + 2008-11-21 17:15:58 730,336 ----a-w c:\windows\$hf_mig$\KB893756\update\update.exe - 2008-08-19 15:29:33 730,336 ----a-w c:\windows\$hf_mig$\KB894391\update\update.exe + 2008-11-21 17:15:59 730,336 ----a-w c:\windows\$hf_mig$\KB894391\update\update.exe - 2008-08-19 15:29:33 730,336 ----a-w c:\windows\$hf_mig$\KB896358\update\update.exe + 2008-11-21 17:16:00 730,336 ----a-w c:\windows\$hf_mig$\KB896358\update\update.exe - 2008-08-19 15:29:34 730,336 ----a-w c:\windows\$hf_mig$\KB896423\update\update.exe + 2008-11-21 17:16:01 730,336 ----a-w c:\windows\$hf_mig$\KB896423\update\update.exe - 2008-08-19 15:29:34 730,336 ----a-w c:\windows\$hf_mig$\KB896428\update\update.exe + 2008-11-21 17:16:02 730,336 ----a-w c:\windows\$hf_mig$\KB896428\update\update.exe - 2008-08-19 15:29:34 730,336 ----a-w c:\windows\$hf_mig$\KB898461\update\update.exe + 2008-11-21 17:16:02 730,336 ----a-w c:\windows\$hf_mig$\KB898461\update\update.exe - 2008-08-19 15:29:34 730,336 ----a-w c:\windows\$hf_mig$\KB899587\update\update.exe + 2008-11-21 17:16:04 730,336 ----a-w c:\windows\$hf_mig$\KB899587\update\update.exe - 2008-08-19 15:29:34 730,336 ----a-w c:\windows\$hf_mig$\KB899591\update\update.exe + 2008-11-21 17:16:04 730,336 ----a-w c:\windows\$hf_mig$\KB899591\update\update.exe - 2008-08-19 15:29:34 727,776 ----a-w c:\windows\$hf_mig$\KB900485\update\update.exe + 2008-11-21 17:16:05 727,776 ----a-w c:\windows\$hf_mig$\KB900485\update\update.exe - 2008-08-19 15:29:34 730,336 ----a-w c:\windows\$hf_mig$\KB900725\update\update.exe + 2008-11-21 17:16:07 730,336 ----a-w c:\windows\$hf_mig$\KB900725\update\update.exe - 2008-08-19 15:29:35 730,336 ----a-w c:\windows\$hf_mig$\KB901017\update\update.exe + 2008-11-21 17:16:08 730,336 ----a-w c:\windows\$hf_mig$\KB901017\update\update.exe - 2008-08-19 15:29:35 730,336 ----a-w c:\windows\$hf_mig$\KB901214\update\update.exe + 2008-11-21 17:16:08 730,336 ----a-w c:\windows\$hf_mig$\KB901214\update\update.exe - 2008-08-19 15:29:35 730,336 ----a-w c:\windows\$hf_mig$\KB902400\update\update.exe + 2008-11-21 17:16:10 730,336 ----a-w c:\windows\$hf_mig$\KB902400\update\update.exe - 2008-08-19 15:29:35 730,336 ----a-w c:\windows\$hf_mig$\KB905414\update\update.exe + 2008-11-21 17:16:11 730,336 ----a-w c:\windows\$hf_mig$\KB905414\update\update.exe - 2008-08-19 15:29:35 730,336 ----a-w c:\windows\$hf_mig$\KB905749\update\update.exe + 2008-11-21 17:16:12 730,336 ----a-w c:\windows\$hf_mig$\KB905749\update\update.exe - 2008-08-19 15:29:35 727,776 ----a-w c:\windows\$hf_mig$\KB908519\update\update.exe + 2008-11-21 17:16:13 727,776 ----a-w c:\windows\$hf_mig$\KB908519\update\update.exe - 2008-08-19 15:29:35 727,776 ----a-w c:\windows\$hf_mig$\KB908531\update\update.exe + 2008-11-21 17:16:14 727,776 ----a-w c:\windows\$hf_mig$\KB908531\update\update.exe - 2008-08-19 15:29:35 727,776 ----a-w c:\windows\$hf_mig$\KB910437\update\update.exe + 2008-11-21 17:16:14 727,776 ----a-w c:\windows\$hf_mig$\KB910437\update\update.exe - 2008-08-19 15:29:35 727,776 ----a-w c:\windows\$hf_mig$\KB911280\update\update.exe + 2008-11-21 17:16:15 727,776 ----a-w c:\windows\$hf_mig$\KB911280\update\update.exe - 2008-08-19 15:29:36 727,776 ----a-w c:\windows\$hf_mig$\KB911562\update\update.exe + 2008-11-21 17:16:16 727,776 ----a-w c:\windows\$hf_mig$\KB911562\update\update.exe - 2008-08-19 15:29:36 727,776 ----a-w c:\windows\$hf_mig$\KB911927\update\update.exe + 2008-11-21 17:16:17 727,776 ----a-w c:\windows\$hf_mig$\KB911927\update\update.exe - 2008-08-19 15:29:36 727,776 ----a-w c:\windows\$hf_mig$\KB913580\update\update.exe + 2008-11-21 17:16:18 727,776 ----a-w c:\windows\$hf_mig$\KB913580\update\update.exe - 2008-08-19 15:29:36 727,776 ----a-w c:\windows\$hf_mig$\KB914388\update\update.exe + 2008-11-21 17:16:19 727,776 ----a-w c:\windows\$hf_mig$\KB914388\update\update.exe - 2008-08-19 15:29:36 727,776 ----a-w c:\windows\$hf_mig$\KB914389\update\update.exe + 2008-11-21 17:16:20 727,776 ----a-w c:\windows\$hf_mig$\KB914389\update\update.exe - 2008-08-19 15:29:36 716,000 ----a-w c:\windows\$hf_mig$\KB915865\update\update.exe + 2008-11-21 17:16:21 716,000 ----a-w c:\windows\$hf_mig$\KB915865\update\update.exe - 2008-08-19 15:29:36 727,776 ----a-w c:\windows\$hf_mig$\KB916595\update\update.exe + 2008-11-21 17:16:21 727,776 ----a-w c:\windows\$hf_mig$\KB916595\update\update.exe - 2008-08-19 15:29:36 727,776 ----a-w c:\windows\$hf_mig$\KB917344\update\update.exe + 2008-11-21 17:15:47 727,776 ----a-w c:\windows\$hf_mig$\KB917344\update\update.exe - 2008-08-19 15:29:36 727,776 ----a-w c:\windows\$hf_mig$\KB918118\update\update.exe + 2008-11-21 17:16:22 727,776 ----a-w c:\windows\$hf_mig$\KB918118\update\update.exe - 2008-08-19 15:29:37 727,776 ----a-w c:\windows\$hf_mig$\KB918439\update\update.exe + 2008-11-21 17:16:23 727,776 ----a-w c:\windows\$hf_mig$\KB918439\update\update.exe - 2008-08-19 15:29:37 727,776 ----a-w c:\windows\$hf_mig$\KB919007\update\update.exe + 2008-11-21 17:16:24 727,776 ----a-w c:\windows\$hf_mig$\KB919007\update\update.exe - 2008-08-19 15:29:37 727,776 ----a-w c:\windows\$hf_mig$\KB920213\update\update.exe + 2008-11-21 17:16:25 727,776 ----a-w c:\windows\$hf_mig$\KB920213\update\update.exe - 2008-08-19 15:29:37 727,776 ----a-w c:\windows\$hf_mig$\KB920670\update\update.exe + 2008-11-21 17:16:26 727,776 ----a-w c:\windows\$hf_mig$\KB920670\update\update.exe - 2008-08-19 15:29:37 727,776 ----a-w c:\windows\$hf_mig$\KB920683\update\update.exe + 2008-11-21 17:16:27 727,776 ----a-w c:\windows\$hf_mig$\KB920683\update\update.exe - 2008-08-19 15:29:37 727,776 ----a-w c:\windows\$hf_mig$\KB920685\update\update.exe + 2008-11-21 17:16:28 727,776 ----a-w c:\windows\$hf_mig$\KB920685\update\update.exe - 2008-08-19 15:29:37 727,776 ----a-w c:\windows\$hf_mig$\KB920872\update\update.exe + 2008-11-21 17:16:29 727,776 ----a-w c:\windows\$hf_mig$\KB920872\update\update.exe - 2008-08-19 15:29:37 727,776 ----a-w c:\windows\$hf_mig$\KB922582\update\update.exe + 2008-11-21 17:16:30 727,776 ----a-w c:\windows\$hf_mig$\KB922582\update\update.exe - 2008-08-19 15:29:38 727,776 ----a-w c:\windows\$hf_mig$\KB922819\update\update.exe + 2008-11-21 17:16:31 727,776 ----a-w c:\windows\$hf_mig$\KB922819\update\update.exe - 2008-08-19 15:29:38 727,776 ----a-w c:\windows\$hf_mig$\KB923414\update\update.exe + 2008-11-21 17:16:32 727,776 ----a-w c:\windows\$hf_mig$\KB923414\update\update.exe - 2008-08-19 15:29:38 727,776 ----a-w c:\windows\$hf_mig$\KB923980\update\update.exe + 2008-11-21 17:16:33 727,776 ----a-w c:\windows\$hf_mig$\KB923980\update\update.exe - 2008-08-19 15:29:38 727,776 ----a-w c:\windows\$hf_mig$\KB924270\update\update.exe + 2008-11-21 17:16:33 727,776 ----a-w c:\windows\$hf_mig$\KB924270\update\update.exe - 2008-08-19 15:29:38 727,776 ----a-w c:\windows\$hf_mig$\KB924496\update\update.exe + 2008-11-21 17:16:34 727,776 ----a-w c:\windows\$hf_mig$\KB924496\update\update.exe - 2008-08-19 15:29:38 727,776 ----a-w c:\windows\$hf_mig$\KB925902\update\update.exe + 2008-11-21 17:16:35 727,776 ----a-w c:\windows\$hf_mig$\KB925902\update\update.exe - 2008-08-19 15:29:38 727,776 ----a-w c:\windows\$hf_mig$\KB926255\update\update.exe + 2008-11-21 17:16:36 727,776 ----a-w c:\windows\$hf_mig$\KB926255\update\update.exe - 2008-08-19 15:29:38 727,776 ----a-w c:\windows\$hf_mig$\KB926436\update\update.exe + 2008-11-21 17:16:37 727,776 ----a-w c:\windows\$hf_mig$\KB926436\update\update.exe - 2008-08-19 15:29:38 727,776 ----a-w c:\windows\$hf_mig$\KB927779\update\update.exe + 2008-11-21 17:16:38 727,776 ----a-w c:\windows\$hf_mig$\KB927779\update\update.exe - 2008-08-19 15:29:38 727,776 ----a-w c:\windows\$hf_mig$\KB927802\update\update.exe + 2008-11-21 17:16:39 727,776 ----a-w c:\windows\$hf_mig$\KB927802\update\update.exe - 2008-08-19 15:29:39 727,776 ----a-w c:\windows\$hf_mig$\KB927891\update\update.exe + 2008-11-21 17:16:40 727,776 ----a-w c:\windows\$hf_mig$\KB927891\update\update.exe - 2008-08-19 15:29:39 727,776 ----a-w c:\windows\$hf_mig$\KB928255\update\update.exe + 2008-11-21 17:16:41 727,776 ----a-w c:\windows\$hf_mig$\KB928255\update\update.exe - 2008-08-19 15:29:39 727,776 ----a-w c:\windows\$hf_mig$\KB928843\update\update.exe + 2008-11-21 17:16:42 727,776 ----a-w c:\windows\$hf_mig$\KB928843\update\update.exe - 2008-08-19 15:29:39 727,776 ----a-w c:\windows\$hf_mig$\KB929123\update\update.exe + 2008-11-21 17:16:43 727,776 ----a-w c:\windows\$hf_mig$\KB929123\update\update.exe - 2008-08-19 15:29:39 727,776 ----a-w c:\windows\$hf_mig$\KB930178\update\update.exe + 2008-11-21 17:16:44 727,776 ----a-w c:\windows\$hf_mig$\KB930178\update\update.exe - 2008-08-19 15:29:39 727,776 ----a-w c:\windows\$hf_mig$\KB930916\update\update.exe + 2008-11-21 17:16:45 727,776 ----a-w c:\windows\$hf_mig$\KB930916\update\update.exe - 2008-08-19 15:29:39 727,776 ----a-w c:\windows\$hf_mig$\KB931261\update\update.exe + 2008-11-21 17:15:48 727,776 ----a-w c:\windows\$hf_mig$\KB931261\update\update.exe - 2008-08-19 15:29:40 727,776 ----a-w c:\windows\$hf_mig$\KB931784\update\update.exe + 2008-11-21 17:16:47 727,776 ----a-w c:\windows\$hf_mig$\KB931784\update\update.exe - 2008-08-19 15:29:40 727,776 ----a-w c:\windows\$hf_mig$\KB932168\update\update.exe + 2008-11-21 17:16:47 727,776 ----a-w c:\windows\$hf_mig$\KB932168\update\update.exe - 2008-08-19 15:29:40 727,776 ----a-w c:\windows\$hf_mig$\KB933729\update\update.exe + 2008-11-21 17:16:48 727,776 ----a-w c:\windows\$hf_mig$\KB933729\update\update.exe - 2008-08-19 15:29:40 727,776 ----a-w c:\windows\$hf_mig$\KB935839\update\update.exe + 2008-11-21 17:16:49 727,776 ----a-w c:\windows\$hf_mig$\KB935839\update\update.exe - 2008-08-19 15:29:40 727,776 ----a-w c:\windows\$hf_mig$\KB935840\update\update.exe + 2008-11-21 17:16:50 727,776 ----a-w c:\windows\$hf_mig$\KB935840\update\update.exe - 2008-08-19 15:29:41 727,776 ----a-w c:\windows\$hf_mig$\KB936021\update\update.exe + 2008-11-21 17:16:51 727,776 ----a-w c:\windows\$hf_mig$\KB936021\update\update.exe - 2008-08-19 15:29:41 727,776 ----a-w c:\windows\$hf_mig$\KB937894\update\update.exe + 2008-11-21 17:16:52 727,776 ----a-w c:\windows\$hf_mig$\KB937894\update\update.exe - 2008-08-19 15:29:41 727,776 ----a-w c:\windows\$hf_mig$\KB938127\update\update.exe + 2008-11-21 17:16:53 727,776 ----a-w c:\windows\$hf_mig$\KB938127\update\update.exe + 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB938464\spmsg.dll + 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB938464\spuninst.exe + 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB938464\update\spcustom.dll + 2008-11-21 17:16:54 767,352 ----a-w c:\windows\$hf_mig$\KB938464\update\update.exe + 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB938464\update\updspapi.dll - 2008-08-19 15:29:41 727,776 ----a-w c:\windows\$hf_mig$\KB938828\update\update.exe + 2008-11-21 17:16:55 727,776 ----a-w c:\windows\$hf_mig$\KB938828\update\update.exe - 2008-08-19 15:29:41 727,776 ----a-w c:\windows\$hf_mig$\KB938829\update\update.exe + 2008-11-21 17:16:56 727,776 ----a-w c:\windows\$hf_mig$\KB938829\update\update.exe - 2008-08-19 15:29:42 727,776 ----a-w c:\windows\$hf_mig$\KB941202\update\update.exe + 2008-11-21 17:16:57 727,776 ----a-w c:\windows\$hf_mig$\KB941202\update\update.exe - 2008-08-19 15:29:42 727,776 ----a-w c:\windows\$hf_mig$\KB941568\update\update.exe + 2008-11-21 17:16:58 727,776 ----a-w c:\windows\$hf_mig$\KB941568\update\update.exe - 2008-08-19 15:29:42 727,776 ----a-w c:\windows\$hf_mig$\KB941644\update\update.exe + 2008-11-21 17:16:59 727,776 ----a-w c:\windows\$hf_mig$\KB941644\update\update.exe - 2008-08-19 15:29:42 727,776 ----a-w c:\windows\$hf_mig$\KB941693\update\update.exe + 2008-11-21 17:17:00 727,776 ----a-w c:\windows\$hf_mig$\KB941693\update\update.exe - 2008-08-19 15:29:43 727,776 ----a-w c:\windows\$hf_mig$\KB942763\update\update.exe + 2008-11-21 17:17:00 727,776 ----a-w c:\windows\$hf_mig$\KB942763\update\update.exe - 2008-08-19 15:29:43 727,776 ----a-w c:\windows\$hf_mig$\KB942840\update\update.exe + 2008-11-21 17:17:02 727,776 ----a-w c:\windows\$hf_mig$\KB942840\update\update.exe - 2008-08-19 15:29:43 727,776 ----a-w c:\windows\$hf_mig$\KB943055\update\update.exe + 2008-11-21 17:17:03 727,776 ----a-w c:\windows\$hf_mig$\KB943055\update\update.exe - 2008-08-19 15:29:43 727,776 ----a-w c:\windows\$hf_mig$\KB943460\update\update.exe + 2008-11-21 17:17:04 727,776 ----a-w c:\windows\$hf_mig$\KB943460\update\update.exe - 2008-08-19 15:29:43 727,776 ----a-w c:\windows\$hf_mig$\KB943485\update\update.exe + 2008-11-21 17:17:05 727,776 ----a-w c:\windows\$hf_mig$\KB943485\update\update.exe - 2008-08-19 15:29:43 727,776 ----a-w c:\windows\$hf_mig$\KB944338\update\update.exe + 2008-11-21 17:15:49 727,776 ----a-w c:\windows\$hf_mig$\KB944338\update\update.exe - 2008-08-19 15:29:43 727,776 ----a-w c:\windows\$hf_mig$\KB944533\update\update.exe + 2008-11-21 17:17:06 727,776 ----a-w c:\windows\$hf_mig$\KB944533\update\update.exe - 2008-08-19 15:29:43 727,776 ----a-w c:\windows\$hf_mig$\KB944653\update\update.exe + 2008-11-21 17:17:07 727,776 ----a-w c:\windows\$hf_mig$\KB944653\update\update.exe - 2008-08-19 15:29:43 727,776 ----a-w c:\windows\$hf_mig$\KB945553\update\update.exe + 2008-11-21 17:17:08 727,776 ----a-w c:\windows\$hf_mig$\KB945553\update\update.exe - 2008-08-19 15:29:44 727,776 ----a-w c:\windows\$hf_mig$\KB946026\update\update.exe + 2008-11-21 17:17:09 727,776 ----a-w c:\windows\$hf_mig$\KB946026\update\update.exe - 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB946648\update\update.exe + 2008-11-21 17:17:10 767,352 ----a-w c:\windows\$hf_mig$\KB946648\update\update.exe - 2008-08-19 15:29:44 727,776 ----a-w c:\windows\$hf_mig$\KB947864\update\update.exe + 2008-11-21 17:17:12 727,776 ----a-w c:\windows\$hf_mig$\KB947864\update\update.exe - 2008-08-19 15:29:44 727,776 ----a-w c:\windows\$hf_mig$\KB948590\update\update.exe + 2008-11-21 17:17:13 727,776 ----a-w c:\windows\$hf_mig$\KB948590\update\update.exe - 2008-08-19 15:29:44 727,776 ----a-w c:\windows\$hf_mig$\KB948881\update\update.exe + 2008-11-21 17:17:14 727,776 ----a-w c:\windows\$hf_mig$\KB948881\update\update.exe - 2008-08-19 15:29:44 727,776 ----a-w c:\windows\$hf_mig$\KB950749\update\update.exe + 2008-11-21 17:17:15 727,776 ----a-w c:\windows\$hf_mig$\KB950749\update\update.exe - 2008-08-19 15:29:44 767,352 ----a-w c:\windows\$hf_mig$\KB950759\update\update.exe + 2008-11-21 17:17:17 767,352 ----a-w c:\windows\$hf_mig$\KB950759\update\update.exe - 2008-08-19 15:29:44 767,352 ----a-w c:\windows\$hf_mig$\KB950760\update\update.exe + 2008-11-21 17:17:18 767,352 ----a-w c:\windows\$hf_mig$\KB950760\update\update.exe - 2008-08-19 15:29:44 767,352 ----a-w c:\windows\$hf_mig$\KB950762\update\update.exe + 2008-11-21 17:17:19 767,352 ----a-w c:\windows\$hf_mig$\KB950762\update\update.exe - 2007-11-30 12:39:26 767,352 ----a-w c:\windows\$hf_mig$\KB950974\update\update.exe + 2008-11-21 17:17:20 767,352 ----a-w c:\windows\$hf_mig$\KB950974\update\update.exe - 2007-12-03 15:25:43 767,352 ----a-w c:\windows\$hf_mig$\KB951066\update\update.exe + 2008-11-21 17:17:22 767,352 ----a-w c:\windows\$hf_mig$\KB951066\update\update.exe - 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\update.exe + 2008-11-21 17:17:23 767,352 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\update.exe - 2008-08-19 15:29:45 767,352 ----a-w c:\windows\$hf_mig$\KB951376-v2\update\update.exe + 2008-11-21 17:17:26 767,352 ----a-w c:\windows\$hf_mig$\KB951376-v2\update\update.exe - 2008-08-19 15:29:44 767,352 ----a-w c:\windows\$hf_mig$\KB951376\update\update.exe + 2008-11-21 17:17:24 767,352 ----a-w c:\windows\$hf_mig$\KB951376\update\update.exe - 2008-08-19 15:29:45 767,352 ----a-w c:\windows\$hf_mig$\KB951698\update\update.exe + 2008-11-21 17:17:27 767,352 ----a-w c:\windows\$hf_mig$\KB951698\update\update.exe - 2008-08-19 15:29:45 767,352 ----a-w c:\windows\$hf_mig$\KB951748\update\update.exe + 2008-11-21 17:17:28 767,352 ----a-w c:\windows\$hf_mig$\KB951748\update\update.exe - 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB952287\update\update.exe + 2008-11-21 17:17:29 767,352 ----a-w c:\windows\$hf_mig$\KB952287\update\update.exe - 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB952954\update\update.exe + 2008-11-21 17:17:31 767,352 ----a-w c:\windows\$hf_mig$\KB952954\update\update.exe - 2007-11-30 12:39:26 767,352 ----a-w c:\windows\$hf_mig$\KB953838\update\update.exe + 2008-11-21 17:17:33 767,352 ----a-w c:\windows\$hf_mig$\KB953838\update\update.exe - 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB953839\update\update.exe + 2008-11-21 17:17:34 767,352 ----a-w c:\windows\$hf_mig$\KB953839\update\update.exe + 2008-09-15 15:14:42 1,847,040 ----a-w c:\windows\$hf_mig$\KB954211\SP2QFE\win32k.sys + 2008-09-15 15:26:07 1,846,528 ----a-w c:\windows\$hf_mig$\KB954211\SP3GDR\win32k.sys + 2008-09-15 15:20:39 1,847,040 ----a-w c:\windows\$hf_mig$\KB954211\SP3QFE\win32k.sys + 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB954211\spmsg.dll + 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB954211\spuninst.exe + 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB954211\update\spcustom.dll + 2008-11-21 17:17:36 767,352 ----a-w c:\windows\$hf_mig$\KB954211\update\update.exe + 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB954211\update\updspapi.dll + 2008-08-20 05:33:47 1,024,512 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\browseui.dll + 2008-08-20 05:33:44 152,064 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\cdfview.dll + 2008-08-20 05:33:44 1,056,768 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\danim.dll + 2008-08-20 05:33:45 357,888 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\dxtmsft.dll + 2008-08-20 05:33:45 205,312 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\dxtrans.dll + 2008-08-20 05:33:45 55,808 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\extmgr.dll + 2008-08-19 09:38:57 18,432 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\iedw.exe + 2008-08-20 05:33:45 251,904 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\iepeers.dll + 2008-08-20 05:33:45 96,768 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\inseng.dll + 2008-08-20 05:33:46 16,384 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\jsproxy.dll + 2008-08-20 05:33:48 3,088,384 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\mshtml.dll + 2008-08-20 05:33:46 449,024 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\mshtmled.dll + 2008-08-20 05:33:45 146,432 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\msrating.dll + 2008-08-20 05:33:45 532,480 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\mstime.dll + 2008-08-20 05:33:45 39,424 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\pngfilt.dll + 2008-08-20 05:33:46 1,499,648 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\shdocvw.dll + 2008-08-20 05:33:46 474,624 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\shlwapi.dll + 2008-08-19 09:51:37 370,176 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\spru040c.dll + 2008-08-20 05:33:47 621,056 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\urlmon.dll + 2008-08-20 05:33:46 671,744 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\wininet.dll + 2008-08-20 05:10:12 3,088,896 ----a-w c:\windows\$hf_mig$\KB956390\SP3GDR\mshtml.dll + 2008-08-20 05:10:11 1,499,648 ----a-w c:\windows\$hf_mig$\KB956390\SP3GDR\shdocvw.dll + 2008-08-20 05:10:11 620,544 ----a-w c:\windows\$hf_mig$\KB956390\SP3GDR\urlmon.dll + 2008-08-20 05:10:11 670,208 ----a-w c:\windows\$hf_mig$\KB956390\SP3GDR\wininet.dll + 2008-08-20 05:07:31 3,088,896 ----a-w c:\windows\$hf_mig$\KB956390\SP3QFE\mshtml.dll + 2008-08-20 05:07:27 1,499,648 ----a-w c:\windows\$hf_mig$\KB956390\SP3QFE\shdocvw.dll + 2008-08-20 05:07:28 621,056 ----a-w c:\windows\$hf_mig$\KB956390\SP3QFE\urlmon.dll + 2008-08-20 05:07:28 670,720 ----a-w c:\windows\$hf_mig$\KB956390\SP3QFE\wininet.dll + 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB956390\spmsg.dll + 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB956390\spuninst.exe + 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB956390\update\spcustom.dll + 2008-11-21 17:17:40 767,352 ----a-w c:\windows\$hf_mig$\KB956390\update\update.exe + 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB956390\update\updspapi.dll + 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB956391\spmsg.dll + 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB956391\spuninst.exe + 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB956391\update\spcustom.dll + 2008-11-21 17:17:41 767,352 ----a-w c:\windows\$hf_mig$\KB956391\update\update.exe + 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB956391\update\updspapi.dll + 2008-08-14 09:48:52 138,368 ----a-w c:\windows\$hf_mig$\KB956803\SP2QFE\afd.sys + 2008-08-14 10:04:36 138,496 ----a-w c:\windows\$hf_mig$\KB956803\SP3GDR\afd.sys + 2008-08-14 10:34:26 138,496 ----a-w c:\windows\$hf_mig$\KB956803\SP3QFE\afd.sys + 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB956803\spmsg.dll + 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB956803\spuninst.exe + 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB956803\update\spcustom.dll + 2008-11-21 17:17:42 767,352 ----a-w c:\windows\$hf_mig$\KB956803\update\update.exe + 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB956803\update\updspapi.dll + 2008-08-14 13:39:07 2,144,768 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrnlmp.exe + 2008-08-14 13:39:12 2,065,024 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrnlpa.exe + 2008-08-14 13:39:03 2,022,912 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrpamp.exe + 2008-08-14 13:39:11 2,188,032 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE\ntoskrnl.exe + 2008-08-14 13:23:44 2,147,328 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlmp.exe + 2008-08-14 13:23:49 2,068,096 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe + 2008-08-14 13:23:44 2,025,984 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrpamp.exe + 2008-08-14 13:23:49 2,191,232 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe + 2008-08-14 13:55:54 2,147,328 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlmp.exe + 2008-08-14 17:26:00 2,068,096 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe + 2008-08-14 13:55:47 2,025,984 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrpamp.exe + 2008-08-14 17:26:02 2,191,232 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe + 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB956841\spmsg.dll + 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB956841\spuninst.exe + 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB956841\update\spcustom.dll + 2008-11-21 17:17:45 767,352 ----a-w c:\windows\$hf_mig$\KB956841\update\update.exe + 2008-07-09 07:40:35 406,392 ----a-w c:\windows\$hf_mig$\KB956841\update\updspapi.dll + 2008-08-28 10:35:33 333,056 ----a-w c:\windows\$hf_mig$\KB957095\SP2QFE\srv.sys + 2008-09-08 10:41:42 333,824 ----a-w c:\windows\$hf_mig$\KB957095\SP3GDR\srv.sys + 2008-09-08 11:37:19 333,824 ----a-w c:\windows\$hf_mig$\KB957095\SP3QFE\srv.sys + 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB957095\spmsg.dll + 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB957095\spuninst.exe + 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB957095\update\spcustom.dll + 2008-11-21 17:17:46 767,352 ----a-w c:\windows\$hf_mig$\KB957095\update\update.exe + 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB957095\update\updspapi.dll + 2007-11-30 12:39:29 234,872 -c----w c:\windows\$NtUninstallKB938464$\spuninst\spuninst.exe + 2007-11-30 12:39:31 406,392 -c----w c:\windows\$NtUninstallKB938464$\spuninst\updspapi.dll + 2007-07-27 06:28:58 234,872 -c----w c:\windows\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe + 2007-07-27 08:41:48 382,840 -c----w c:\windows\$NtUninstallKB954154_WM11$\spuninst\updspapi.dll + 2006-10-18 20:47:20 295,936 -c----w c:\windows\$NtUninstallKB954154_WM11$\wmpeffects.dll + 2007-11-30 12:39:29 234,872 -c----w c:\windows\$NtUninstallKB954211$\spuninst\spuninst.exe + 2007-11-30 12:39:31 406,392 -c----w c:\windows\$NtUninstallKB954211$\spuninst\updspapi.dll + 2008-03-20 08:09:22 1,845,376 -c----w c:\windows\$NtUninstallKB954211$\win32k.sys + 2008-06-23 15:39:58 1,024,000 -c----w c:\windows\$NtUninstallKB956390$\browseui.dll + 2008-06-23 15:39:58 152,064 -c----w c:\windows\$NtUninstallKB956390$\cdfview.dll + 2008-06-23 15:39:59 1,056,768 -c----w c:\windows\$NtUninstallKB956390$\danim.dll + 2008-06-23 15:40:00 357,888 -c----w c:\windows\$NtUninstallKB956390$\dxtmsft.dll + 2008-06-23 15:40:00 205,312 -c----w c:\windows\$NtUninstallKB956390$\dxtrans.dll + 2008-06-23 15:40:00 55,808 -c----w c:\windows\$NtUninstallKB956390$\extmgr.dll + 2008-06-23 09:49:29 18,432 -c----w c:\windows\$NtUninstallKB956390$\iedw.exe + 2008-06-23 15:40:00 251,392 -c----w c:\windows\$NtUninstallKB956390$\iepeers.dll + 2008-06-23 15:40:00 96,768 -c----w c:\windows\$NtUninstallKB956390$\inseng.dll + 2008-06-23 15:40:00 16,384 -c----w c:\windows\$NtUninstallKB956390$\jsproxy.dll + 2008-06-23 15:40:02 3,080,704 -c----w c:\windows\$NtUninstallKB956390$\mshtml.dll + 2008-06-23 15:40:03 449,024 -c----w c:\windows\$NtUninstallKB956390$\mshtmled.dll + 2008-06-23 15:40:03 146,432 -c----w c:\windows\$NtUninstallKB956390$\msrating.dll + 2008-06-23 15:40:04 532,480 -c----w c:\windows\$NtUninstallKB956390$\mstime.dll + 2008-06-23 15:40:04 39,424 -c----w c:\windows\$NtUninstallKB956390$\pngfilt.dll + 2008-06-23 15:40:05 1,495,040 -c----w c:\windows\$NtUninstallKB956390$\shdocvw.dll + 2008-06-23 15:40:06 474,624 -c----w c:\windows\$NtUninstallKB956390$\shlwapi.dll + 2007-11-30 11:19:06 234,872 -c----w c:\windows\$NtUninstallKB956390$\spuninst\spuninst.exe + 2007-11-30 12:39:31 406,392 -c----w c:\windows\$NtUninstallKB956390$\spuninst\updspapi.dll + 2008-06-23 15:40:06 617,984 -c----w c:\windows\$NtUninstallKB956390$\urlmon.dll + 2008-06-23 15:40:08 663,552 -c----w c:\windows\$NtUninstallKB956390$\wininet.dll + 2008-07-03 09:42:35 370,176 -c----w c:\windows\$NtUninstallKB956390$\xpsp3res.dll + 2007-11-30 12:39:29 234,872 -c----w c:\windows\$NtUninstallKB956391$\spuninst\spuninst.exe + 2007-11-30 12:39:31 406,392 -c----w c:\windows\$NtUninstallKB956391$\spuninst\updspapi.dll + 2008-06-20 10:44:38 138,368 -c----w c:\windows\$NtUninstallKB956803$\afd.sys + 2007-11-30 11:19:06 234,872 -c----w c:\windows\$NtUninstallKB956803$\spuninst\spuninst.exe + 2007-11-30 11:19:10 406,392 -c----w c:\windows\$NtUninstallKB956803$\spuninst\updspapi.dll + 2007-02-28 16:02:21 2,138,112 -c----w c:\windows\$NtUninstallKB956841$\ntkrnlmp.exe + 2007-02-28 16:02:36 2,059,648 -c----w c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe + 2007-02-28 16:02:21 2,017,792 -c----w c:\windows\$NtUninstallKB956841$\ntkrpamp.exe + 2007-02-28 16:02:36 2,182,400 -c----w c:\windows\$NtUninstallKB956841$\ntoskrnl.exe + 2007-11-30 11:19:06 234,872 -c----w c:\windows\$NtUninstallKB956841$\spuninst\spuninst.exe + 2008-07-09 07:40:35 406,392 -c----w c:\windows\$NtUninstallKB956841$\spuninst\updspapi.dll + 2007-11-30 11:19:06 234,872 -c----w c:\windows\$NtUninstallKB957095$\spuninst\spuninst.exe + 2007-11-30 11:19:10 406,392 -c----w c:\windows\$NtUninstallKB957095$\spuninst\updspapi.dll + 2006-08-14 10:34:41 332,928 -c----w c:\windows\$NtUninstallKB957095$\srv.sys + 2008-09-03 16:02:58 7,680 ----a-w c:\windows\assembly\GAC\Accessibility\1.0.5000.0__b03f5f7f11d50a3a\Accessibility.dll + 2008-09-03 16:02:49 12,288 ----a-w c:\windows\assembly\GAC\cscompmgd\7.0.5000.0__b03f5f7f11d50a3a\cscompmgd.dll + 2008-09-03 16:02:58 33,792 ----a-w c:\windows\assembly\GAC\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2008-09-03 16:10:30 8,192 ----a-w c:\windows\assembly\GAC\IEExecRemote\1.0.5000.0__b03f5f7f11d50a3a\IEExecRemote.dll + 2008-09-03 16:10:33 32,768 ----a-w c:\windows\assembly\GAC\IEHost\1.0.5000.0__b03f5f7f11d50a3a\IEHost.dll + 2008-09-03 16:02:58 4,608 ----a-w c:\windows\assembly\GAC\IIEHost\1.0.5000.0__b03f5f7f11d50a3a\IIEHost.dll + 2008-09-03 16:02:58 26,112 ----a-w c:\windows\assembly\GAC\ISymWrapper\1.0.5000.0__b03f5f7f11d50a3a\ISymWrapper.dll + 2008-09-03 16:10:44 720,896 ----a-w c:\windows\assembly\GAC\Microsoft.JScript\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.JScript.dll + 2008-09-03 16:02:48 28,672 ----a-w c:\windows\assembly\GAC\Microsoft.VisualBasic.Vsa\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll + 2008-09-03 16:10:33 299,008 ----a-w c:\windows\assembly\GAC\Microsoft.VisualBasic\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll + 2008-09-03 16:02:50 6,144 ----a-w c:\windows\assembly\GAC\Microsoft.VisualC\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualC.dll + 2008-09-03 16:02:48 11,264 ----a-w c:\windows\assembly\GAC\Microsoft.Vsa.Vb.CodeDOMProcessor\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2008-09-03 16:02:48 32,768 ----a-w c:\windows\assembly\GAC\Microsoft.Vsa\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll + 2008-09-03 16:02:48 6,656 ----a-w c:\windows\assembly\GAC\Microsoft_VsaVb\7.0.5000.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll + 2008-09-03 16:02:58 1,564,672 ----a-w c:\windows\assembly\GAC\mscorcfg\1.0.5000.0__b03f5f7f11d50a3a\mscorcfg.dll + 2008-09-03 16:10:41 32,768 ----a-w c:\windows\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\RegCode.dll + 2008-09-03 16:02:58 77,824 ----a-w c:\windows\assembly\GAC\System.Configuration.Install\1.0.5000.0__b03f5f7f11d50a3a\System.Configuration.Install.dll + 2008-09-03 16:10:38 303,104 ----a-w c:\windows\assembly\GAC\System.Data.OracleClient\1.0.5000.0__b77a5c561934e089\System.Data.OracleClient.dll + 2008-09-03 16:10:41 1,294,336 ----a-w c:\windows\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll + 2008-09-03 16:10:31 1,703,936 ----a-w c:\windows\assembly\GAC\System.Design\1.0.5000.0__b03f5f7f11d50a3a\System.Design.dll + 2008-09-03 16:10:43 90,112 ----a-w c:\windows\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\System.DirectoryServices.dll + 2008-09-03 16:02:59 65,536 ----a-w c:\windows\assembly\GAC\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.Design.dll + 2008-09-03 16:10:37 466,944 ----a-w c:\windows\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll + 2008-09-03 16:10:35 241,664 ----a-w c:\windows\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll + 2008-09-03 16:10:35 66,560 ----a-w c:\windows\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll + 2008-09-03 16:10:40 372,736 ----a-w c:\windows\assembly\GAC\System.Management\1.0.5000.0__b03f5f7f11d50a3a\System.Management.dll + 2008-09-03 16:10:45 241,664 ----a-w c:\windows\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\System.Messaging.dll + 2008-09-03 16:10:39 323,584 ----a-w c:\windows\assembly\GAC\System.Runtime.Remoting\1.0.5000.0__b77a5c561934e089\System.Runtime.Remoting.dll + 2008-09-03 16:10:36 131,072 ----a-w c:\windows\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll + 2008-09-03 16:10:37 77,824 ----a-w c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll + 2008-09-03 16:10:42 126,976 ----a-w c:\windows\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\System.ServiceProcess.dll + 2008-09-03 16:10:29 819,200 ----a-w c:\windows\assembly\GAC\System.Web.Mobile\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Mobile.dll + 2008-09-03 16:10:34 57,344 ----a-w c:\windows\assembly\GAC\System.Web.RegularExpressions\1.0.5000.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll + 2008-09-03 16:10:32 573,440 ----a-w c:\windows\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Services.dll + 2008-09-07 10:01:08 1,265,664 ----a-w c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll + 2008-09-03 16:10:36 2,052,096 ----a-w c:\windows\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll + 2008-09-03 16:10:39 1,339,392 ----a-w c:\windows\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll + 2008-09-07 10:01:09 1,232,896 ----a-w c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll + 2008-11-13 10:27:28 68,608 ----a-w c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2008-11-13 10:27:39 72,192 ----a-w c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll + 2008-11-13 10:27:40 4,308,992 ----a-w c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll + 2008-11-13 10:27:40 482,304 ----a-w c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll + 2008-11-13 10:27:35 2,878,976 ----a-w c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll + 2008-11-13 10:27:23 258,048 ----a-w c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll + 2008-11-13 10:27:23 114,176 ----a-w c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll + 2008-11-13 10:27:48 260,096 ----a-w c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll + 2008-11-13 10:27:31 5,025,792 ----a-w c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll + 2008-11-13 10:27:27 10,752 ----a-w c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll + 2008-11-13 10:27:22 503,808 ----a-w c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll + 2008-11-13 10:27:24 13,312 ----a-w c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll + 2008-11-13 10:27:37 8,192 ----a-w c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll + 2008-11-13 10:27:38 36,864 ----a-w c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll + 2008-11-13 10:27:38 5,632 ----a-w c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll + 2008-11-13 10:27:25 413,696 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll + 2008-11-13 10:27:26 36,864 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll + 2008-11-13 10:27:26 647,168 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll + 2008-11-13 10:27:27 73,728 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll + 2008-11-13 10:27:25 745,472 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll + 2008-11-13 10:27:51 110,592 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll + 2008-11-13 10:27:50 372,736 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll + 2008-11-13 10:27:20 28,672 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll + 2008-11-13 10:27:49 667,648 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll + 2008-11-13 10:27:52 5,632 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll + 2008-11-13 10:27:22 12,800 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2008-11-13 10:27:21 32,768 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll + 2008-11-13 10:27:21 7,168 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll + 2008-11-13 10:27:44 110,592 ----a-w c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll + 2008-11-13 10:27:29 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll + 2008-11-13 10:27:45 389,120 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll + 2008-11-13 10:27:41 716,800 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll + 2008-11-13 10:27:23 884,736 ----a-w c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll + 2008-11-13 10:27:36 5,050,368 ----a-w c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll + 2008-11-13 10:27:30 188,416 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll + 2008-11-13 10:27:29 397,312 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll + 2008-11-13 10:27:30 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll + 2008-11-13 10:27:46 700,416 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll + 2008-11-13 10:27:42 368,640 ----a-w c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll + 2008-11-13 10:27:47 258,048 ----a-w c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll + 2008-11-13 10:27:42 299,008 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll + 2008-11-13 10:27:43 131,072 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll + 2008-11-13 10:27:28 258,048 ----a-w c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll + 2008-11-13 10:27:31 114,688 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll + 2008-11-13 10:27:48 835,584 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll + 2008-11-13 10:27:32 86,016 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll + 2008-11-13 10:27:33 823,296 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll + 2008-11-13 10:27:33 5,316,608 ----a-w c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll + 2008-11-13 10:27:34 2,035,712 ----a-w c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll + 2008-11-13 10:27:45 3,018,752 ----a-w c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll + 2008-11-13 10:33:05 26,624 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\7527619a8527124493b75df432f678ec\Accessibility.ni.dll + 2008-11-13 10:33:18 958,464 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\agsXMPP\f2a674f4971b8b408c721eb8bd534bb0\agsXMPP.ni.dll + 2008-11-13 10:47:44 860,160 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\0dcf76bf3805674ebba922446ff935e1\AspNetMMCExt.ni.dll + 2008-11-13 10:47:45 237,568 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\e91b028d4fc7274e94ad582424f54f6a\CustomMarshalers.ni.dll + 2008-11-13 10:47:44 15,360 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\f3329b73547c844fa823b9334f2de5c9\dfsvc.ni.exe + 2008-11-13 10:32:00 671,744 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\IMBooster\9040ef9e3f314f439b826e0a8ac8e14e\IMBooster.ni.exe + 2008-11-13 10:33:23 561,152 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Iminent.AxImp\31fb71173182614db446f981891746fe\Iminent.AxImp.ni.dll + 2008-11-13 10:33:13 442,368 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Iminent.Business\2a6747a25642164faa24cd08e73de851\Iminent.Business.ni.dll + 2008-11-13 10:33:22 2,760,704 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Iminent.Services\a1d889f42123204ba2f0c005204250ee\Iminent.Services.ni.dll + 2008-11-13 10:32:05 888,832 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Iminent.Windows\b97894f63b6d8041acc156de1402267e\Iminent.Windows.ni.dll + 2008-11-13 10:33:15 692,224 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Iminent.Workflow\59a24c3d364d2347bad346159a146e47\Iminent.Workflow.ni.dll + 2008-11-13 10:47:47 880,640 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\bdbdcd4dcb2cd64fae17c1bcc6715b12\Microsoft.Build.Engine.ni.dll + 2008-11-13 10:47:47 81,920 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\56b5329463f6554aaa678d5301f4605c\Microsoft.Build.Framework.ni.dll + 2008-11-13 10:47:51 1,691,648 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\d8d4835b54f01a4ea805c1ec0aefb7da\Microsoft.Build.Tasks.ni.dll + 2008-11-13 10:47:51 163,840 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\2420b95bf8ad73409eaa4de914563cab\Microsoft.Build.Utilities.ni.dll + 2008-11-13 10:33:24 208,896 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.DirectX.A#\2db1ed91104e324d97ca3b846376c3fd\Microsoft.DirectX.AudioVideoPlayback.ni.dll + 2008-11-13 10:33:26 1,036,288 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.DirectX.D#\6f2bec2204163948946ccb3194fee581\Microsoft.DirectX.Direct3D.ni.dll + 2008-11-13 10:33:27 237,568 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.DirectX\d537dc4d5d646345a59fe212232141fa\Microsoft.DirectX.ni.dll + 2008-11-13 10:47:56 1,724,416 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\c3729472bc21364cbd1e43c094253c29\Microsoft.VisualBasic.ni.dll + 2008-11-13 10:32:17 17,920 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\02bacde773f7474b92816fc5f6d92100\Microsoft.VisualC.ni.dll + 2008-11-13 10:28:39 11,411,456 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\f627e31ff1d4fa4993935bb35144d16d\mscorlib.ni.dll + 2008-11-13 10:33:24 44,544 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\stdole\9e2e32c7e2b1ef45874d0dc34fde3feb\stdole.ni.dll + 2008-11-13 10:33:03 167,936 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\1ebbf31b5f81054485de16d6be007958\System.Configuration.Install.ni.dll + 2008-11-13 10:32:07 962,560 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\6c7fb6ed8486c741b9ea229a1ae13b2e\System.Configuration.ni.dll + 2008-11-13 10:33:11 1,183,744 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\e0127a5cc9197447960051f144fcfad1\System.Data.OracleClient.ni.dll + 2008-11-13 10:32:14 2,703,360 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\07d92ad2dfe8d642840bb88a9efb4635\System.Data.SqlXml.ni.dll + 2008-11-13 10:30:13 6,688,768 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\07bd339c0ac6bd43940389a876867bfa\System.Data.ni.dll + 2008-11-13 10:33:08 1,712,128 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\067b000155e116439b0beed643f38af4\System.Deployment.ni.dll + 2008-11-13 10:31:08 10,723,328 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\84122489d339534c8b906499cf6711a1\System.Design.ni.dll + 2008-11-13 10:33:02 512,000 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\6f93fd26530b384ca1e6928be20db4de\System.DirectoryServices.Protocols.ni.dll + 2008-11-13 10:32:24 1,220,608 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\ff105785fb642d42ac35e6bf63e1102d\System.DirectoryServices.ni.dll + 2008-11-13 10:29:08 229,376 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\bdea27b85df937428ec7e4ee6d6cbc4d\System.Drawing.Design.ni.dll + 2008-11-13 10:29:14 1,626,112 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\156ca32e17ed57429041551de0d61d3a\System.Drawing.ni.dll + 2008-11-13 10:32:21 659,456 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\7d3d866f80b3e54cacf986410abb6210\System.EnterpriseServices.ni.dll + 2008-11-13 10:32:21 294,912 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\7d3d866f80b3e54cacf986410abb6210\System.EnterpriseServices.Wrapper.dll + 2008-11-13 10:32:26 815,104 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\1f030996ed73be4e8aa688062daf56c6\System.Runtime.Remoting.ni.dll + 2008-11-13 10:33:04 339,968 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\0a7f897c7f488f4a866ccb9ffaae6268\System.Runtime.Serialization.Formatters.Soap.ni.dll + 2008-11-13 10:32:16 729,088 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\43d2c3c1f20f6247b012246f73ebfc43\System.Security.ni.dll + 2008-11-13 10:33:03 233,472 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\a53c614c8cc7f04fbf9677f6575f866e\System.ServiceProcess.ni.dll + 2008-11-13 10:32:19 684,032 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\4706d836616eec43b5e309d67027b13e\System.Transactions.ni.dll + 2008-11-13 10:48:02 2,310,144 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\4a4b90d17ae9aa4a9c39b7f4e4b89ea5\System.Web.Mobile.ni.dll + 2008-11-13 10:33:08 237,568 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\b3b59c44902a804083df27f0b23876b6\System.Web.RegularExpressions.ni.dll + 2008-11-13 10:33:00 1,945,600 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\f7df5e448710b7448b9e88e6f0267a0b\System.Web.Services.ni.dll + 2008-11-13 10:32:54 11,808,768 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\2085e28b90c4e94caf8760a731083982\System.Web.ni.dll + 2008-11-13 10:29:41 13,107,200 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\2e9514fec985444da732c61eaf0bbec0\System.Windows.Forms.ni.dll + 2008-11-13 10:29:54 5,640,192 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\01ba4ab822edff4f9f115d559caec019\System.Xml.ni.dll + 2008-11-13 10:29:05 8,093,696 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System\40eb45e0cb16bd4fafae2cadea212b08\System.ni.dll + 2008-09-07 10:01:24 61,440 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_6c10a18e\CustomMarshalers.dll + 2008-09-07 10:01:58 118,784 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_d5b7da66\CustomMarshalers.dll + 2008-09-07 10:01:52 3,391,488 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_1ab1eb87\mscorlib.dll + 2008-09-07 10:02:19 8,908,800 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_a3f1d3e2\mscorlib.dll + 2008-09-07 10:02:12 3,395,584 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_2e0ba750\System.Design.dll + 2008-09-07 10:01:45 1,470,464 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_6cfbd4af\System.Design.dll + 2008-09-07 10:01:59 192,512 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_b6456224\System.Drawing.Design.dll + 2008-09-07 10:01:26 90,112 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_e2fda4fa\System.Drawing.Design.dll + 2008-09-07 10:02:14 2,244,608 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_93cf9a54\System.Drawing.dll + 2008-09-07 10:01:47 835,584 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_d4d06b10\System.Drawing.dll + 2008-09-07 10:01:33 3,018,752 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_4366c04d\System.Windows.Forms.dll + 2008-09-07 10:02:05 7,884,800 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_a4e66254\System.Windows.Forms.dll + 2008-09-07 10:02:09 5,513,216 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_1264eb63\System.Xml.dll + 2008-09-07 10:01:40 2,088,960 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_41f7e7c5\System.Xml.dll + 2008-09-07 10:01:58 4,788,224 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_202b9e1b\System.dll + 2008-09-07 10:01:21 1,966,080 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_331bf0ca\System.dll + 2002-07-25 17:13:18 24,576 ----a-w c:\windows\Downloaded Program Files\dwusplay.dll + 2002-07-25 17:13:12 196,608 ----a-w c:\windows\Downloaded Program Files\dwusplay.exe + 2004-06-16 05:02:10 323,584 ----a-w c:\windows\Downloaded Program Files\isusweb.dll - 2006-05-05 09:41:45 453,120 ------w c:\windows\Driver Cache\i386\mrxsmb.sys + 2008-10-24 11:10:42 453,632 ------w c:\windows\Driver Cache\i386\mrxsmb.sys - 2007-02-28 16:02:21 2,138,112 ------w c:\windows\Driver Cache\i386\ntkrnlmp.exe + 2008-08-14 13:44:35 2,138,112 ------w c:\windows\Driver Cache\i386\ntkrnlmp.exe - 2007-02-28 16:02:36 2,059,648 ------w c:\windows\Driver Cache\i386\ntkrnlpa.exe + 2008-08-14 13:44:39 2,059,776 ------w c:\windows\Driver Cache\i386\ntkrnlpa.exe - 2007-02-28 16:02:21 2,017,792 ------w c:\windows\Driver Cache\i386\ntkrpamp.exe + 2008-08-14 13:44:33 2,017,792 ------w c:\windows\Driver Cache\i386\ntkrpamp.exe - 2007-02-28 16:02:36 2,182,400 ------w c:\windows\Driver Cache\i386\ntoskrnl.exe + 2008-08-14 13:44:37 2,182,400 ------w c:\windows\Driver Cache\i386\ntoskrnl.exe - 2005-10-20 18:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE + 2005-10-20 19:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE + 2005-10-20 19:02:28 163,328 ----a-w c:\windows\erdnt\subs\ERDNT.EXE + 2008-08-07 14:27:04 163,328 ----a-w c:\windows\ERUNT\SDFIX\ERDNT.EXE + 2008-08-22 15:16:48 3,457,024 ----a-w c:\windows\ERUNT\SDFIX\Users\00000001\ntuser.dat + 2008-08-22 15:16:48 61,440 ----a-w c:\windows\ERUNT\SDFIX\Users\00000002\UsrClass.dat + 2008-08-07 14:27:04 163,328 ----a-w c:\windows\ERUNT\SDFIX_First_Run\ERDNT.EXE + 2008-08-22 15:16:35 3,457,024 ----a-w c:\windows\ERUNT\SDFIX_First_Run\Users\00000001\ntuser.dat + 2008-08-22 15:16:35 61,440 ----a-w c:\windows\ERUNT\SDFIX_First_Run\Users\00000002\UsrClass.dat + 2007-09-14 19:45:58 16,901,168 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.6215\MSO.DLL + 2007-08-28 22:19:24 1,654,648 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.6215\OGL.DLL + 2008-11-12 23:07:48 32,768 ----a-r c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe - 2006-08-20 16:18:18 1,165,584 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\accicons.exe + 2008-11-12 23:12:00 1,165,584 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\accicons.exe - 2006-08-20 16:18:19 20,240 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\cagicon.exe + 2008-11-12 23:12:00 20,240 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\cagicon.exe - 2006-08-20 16:18:18 159,504 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\inficon.exe + 2008-11-12 23:12:00 159,504 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\inficon.exe - 2006-08-20 16:18:19 217,864 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\misc.exe + 2008-11-12 23:12:00 217,864 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\misc.exe - 2006-08-20 16:18:19 18,704 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\mspicons.exe + 2008-11-12 23:12:00 18,704 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\mspicons.exe - 2006-08-20 16:18:19 35,088 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\oisicon.exe + 2008-11-12 23:12:00 35,088 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\oisicon.exe - 2006-08-20 16:18:18 845,584 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe + 2008-11-12 23:12:00 845,584 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe - 2006-08-20 16:18:18 922,384 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe + 2008-11-12 23:12:00 922,384 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe - 2006-08-20 16:18:19 272,648 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pubs.exe + 2008-11-12 23:12:00 272,648 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pubs.exe - 2006-08-20 16:18:19 888,080 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe + 2008-11-12 23:12:00 888,080 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe - 2006-08-20 16:18:18 1,172,240 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe + 2008-11-12 23:12:00 1,172,240 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe + 2008-09-03 15:29:02 32,768 ----a-r c:\windows\Installer\{97407E09-4EA8-49F0-A513-2C1776A6DEC0}\_2646854DA5F3_11D4_8326_00D0B72E1DB9.exe + 2008-09-03 15:29:02 25,214 ----a-r c:\windows\Installer\{97407E09-4EA8-49F0-A513-2C1776A6DEC0}\ARPPRODUCTICON.exe - 2008-02-25 10:31:32 69,632 ----a-r c:\windows\Installer\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}\_SHCT_Sprint.exe.exe + 2008-08-26 13:42:46 69,632 ----a-r c:\windows\Installer\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}\_SHCT_Sprint.exe.exe - 2008-02-25 10:31:32 69,632 ----a-r c:\windows\Installer\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}\ARPPRODUCTICON.exe + 2008-08-26 13:42:46 69,632 ----a-r c:\windows\Installer\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}\ARPPRODUCTICON.exe + 2005-09-23 06:28:52 72,704 ----a-w c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe + 2002-05-14 07:42:38 5,120 ----a-w c:\windows\Microsoft.NET\Framework\sbs_diasymreader.dll + 2002-05-14 07:42:38 5,120 ----a-w c:\windows\Microsoft.NET\Framework\sbs_iehost.dll + 2002-05-14 07:42:38 5,120 ----a-w c:\windows\Microsoft.NET\Framework\sbs_microsoft.jscript.dll + 2002-05-14 07:42:38 5,632 ----a-w c:\windows\Microsoft.NET\Framework\sbs_microsoft.vsa.vb.codedomprocessor.dll + 2002-05-14 07:42:38 5,120 ----a-w c:\windows\Microsoft.NET\Framework\sbs_mscordbi.dll + 2002-07-19 09:52:48 5,120 ----a-w c:\windows\Microsoft.NET\Framework\sbs_mscorrc.dll + 2002-05-14 07:42:38 5,120 ----a-w c:\windows\Microsoft.NET\Framework\sbs_mscorsec.dll + 2002-05-14 07:42:38 5,120 ----a-w c:\windows\Microsoft.NET\Framework\sbs_system.configuration.install.dll + 2002-05-14 07:42:38 5,120 ----a-w c:\windows\Microsoft.NET\Framework\sbs_system.data.dll + 2002-05-14 07:42:38 5,120 ----a-w c:\windows\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll + 2002-06-27 10:45:32 5,120 ----a-w c:\windows\Microsoft.NET\Framework\sbs_VsaVb7rt.dll + 2002-05-14 07:42:38 5,120 ----a-w c:\windows\Microsoft.NET\Framework\sbs_wminet_utils.dll + 2005-09-23 06:28:52 7,680 ----a-w c:\windows\Microsoft.NET\Framework\sbscmp10.dll + 2005-09-23 06:28:56 7,680 ----a-w c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll + 2005-09-23 06:28:58 7,680 ----a-w c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll + 2005-09-23 06:28:56 7,680 ----a-w c:\windows\Microsoft.NET\Framework\SharedReg12.dll + 2005-09-23 06:28:52 86,528 ----a-w c:\windows\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll + 2003-02-21 00:59:44 16,896 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\1033\alinkui.dll + 2003-02-21 01:55:06 94,208 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\1033\cscompui.dll + 2003-02-21 01:02:16 131,072 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\1033\vbc7ui.dll + 2003-02-21 03:04:20 155,648 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\1033\Vsavb7rtUI.dll + 2003-02-21 05:24:08 7,680 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\Accessibility.dll + 2003-02-21 03:00:36 98,304 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\alink.dll + 2003-02-20 17:19:42 24,576 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll + 2007-04-13 19:30:52 258,048 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll + 2003-02-20 17:19:22 40,960 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_rc.dll + 2004-07-14 23:49:18 20,480 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_regiis.exe + 2004-07-14 23:49:26 32,768 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe + 2007-04-13 19:30:52 32,768 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe + 2002-07-29 09:11:50 219,136 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\c_g18030.dll + 2003-02-21 05:24:10 94,208 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\CasPol.exe + 2003-02-21 05:24:32 49,152 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\ConfigWizards.exe + 2007-04-13 18:57:52 81,920 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll + 2004-07-15 09:23:28 49,152 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\csc.exe + 2004-07-15 09:23:44 626,688 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\cscomp.dll + 2003-02-21 05:24:34 12,288 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\cscompmgd.dll + 2003-02-21 05:24:36 33,792 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\CustomMarshalers.dll + 2003-02-21 02:12:24 28,672 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\cvtres.exe + 2003-02-21 08:21:40 524,288 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\diasymreader.dll + 2003-02-20 17:16:32 798,720 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\EventLogMessages.dll + 2004-07-14 22:24:30 282,624 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\fusion.dll + 2003-10-08 12:30:14 81,920 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\gacutil.exe + 2003-02-21 05:24:38 7,680 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\IEExec.exe + 2004-07-15 12:31:00 8,192 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\IEExecRemote.dll + 2004-07-15 12:31:04 32,768 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\IEHost.dll + 2003-02-21 05:24:40 4,608 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\IIEHost.dll + 2004-07-14 22:35:30 196,608 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\ilasm.exe + 2003-02-21 05:24:42 15,872 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\InstallUtil.exe + 2003-02-20 17:22:24 40,960 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\InstallUtilLib.dll + 2003-02-21 05:24:44 26,112 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\ISymWrapper.dll + 2003-02-21 05:24:52 40,960 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\jsc.exe + 2004-07-15 12:28:58 720,896 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.JScript.dll + 2004-07-15 12:28:56 299,008 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.dll + 2003-02-21 05:24:54 28,672 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.Vsa.dll + 2003-02-21 05:25:02 6,144 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualC.Dll + 2003-02-21 05:24:58 32,768 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.Vsa.dll + 2003-02-21 05:25:06 11,264 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2003-02-21 05:25:02 6,656 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft_VsaVb.dll + 2004-07-15 12:28:50 49,152 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\MigPol.exe + 2004-07-15 12:28:50 49,152 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\MigPolWin.exe + 2003-02-21 05:25:06 1,564,672 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorcfg.dll + 2004-07-14 22:32:44 86,016 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscordbc.dll + 2004-07-14 22:32:46 233,472 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscordbi.dll + 2007-04-13 18:57:58 86,016 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll + 2007-04-13 18:56:30 315,392 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll + 2007-04-13 18:58:00 102,400 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll + 2007-04-13 18:50:46 2,142,208 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll + 2003-02-20 16:43:52 131,072 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscormmc.dll + 2003-02-20 17:06:34 65,536 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorpe.dll + 2004-07-14 22:33:22 143,360 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorrc.dll + 2004-07-14 22:33:24 81,920 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsec.dll + 2007-04-13 18:58:02 77,824 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll + 2007-04-13 18:57:00 2,523,136 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll + 2003-02-20 17:09:24 9,216 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscortim.dll + 2007-04-13 18:57:28 2,514,944 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll + 2003-02-21 02:42:22 348,160 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll + 2003-02-20 17:18:34 20,480 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mtxoci8.dll + 2003-02-20 16:43:36 22,528 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\MUI\0409\mscorsecr.dll + 2007-01-15 14:11:26 73,728 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe + 2003-02-20 17:09:46 73,728 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\ngen.exe + 2004-07-14 22:34:50 94,208 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\PerfCounter.dll + 2003-02-21 05:25:24 28,672 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\RegAsm.exe + 2004-07-15 12:28:48 32,768 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\RegCode.dll + 2003-02-21 05:25:30 12,288 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\RegSvcs.exe + 2004-07-14 23:49:16 258,048 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW3024\_aspnet_isapi.dll + 2004-07-14 22:32:22 81,920 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW3024\_CORPerfMonExt.dll + 2004-07-14 22:24:30 282,624 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW3024\_fusion.dll + 2004-07-14 22:25:06 315,392 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW3024\_mscorjit.dll + 2004-07-15 12:29:02 2,138,112 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW3024\_mscorlib.dll + 2003-02-20 17:09:18 77,824 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW3024\_mscorsn.dll + 2004-07-14 22:26:52 2,510,848 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW3024\_mscorsvr.dll + 2004-07-14 22:28:34 2,502,656 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW3024\_mscorwks.dll + 2003-02-21 02:42:22 348,160 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW3024\_msvcr71.dll + 2004-07-14 22:34:50 94,208 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW3024\_PerfCounter.dll + 2003-02-20 17:09:34 253,952 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\shfusion.dll + 2003-02-20 17:09:34 122,880 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\shfusres.dll + 2004-07-14 22:35:04 319,488 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SOS.dll + 2003-02-21 05:26:38 77,824 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Configuration.Install.dll + 2004-07-15 12:32:00 1,294,336 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Data.dll + 2004-07-15 12:31:14 303,104 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Data.OracleClient.dll + 2004-07-15 12:29:02 1,703,936 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Design.dll + 2004-07-15 12:28:54 90,112 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\System.DirectoryServices.dll + 2007-04-13 19:35:38 1,232,896 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll + 2003-02-21 05:26:48 65,536 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Drawing.Design.dll + 2004-07-15 12:28:58 466,944 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Drawing.dll + 2004-07-15 12:28:56 241,664 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.dll + 2004-07-14 22:35:12 66,560 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.Thunk.dll + 2004-07-15 12:31:58 372,736 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Management.dll + 2004-07-15 12:31:12 241,664 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Messaging.dll + 2004-07-15 12:28:58 323,584 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Remoting.dll + 2004-07-15 12:31:54 131,072 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll + 2004-07-15 12:28:52 77,824 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll + 2004-07-15 12:28:54 126,976 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\System.ServiceProcess.dll + 2007-04-13 19:35:46 1,265,664 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll + 2004-07-15 12:28:58 819,200 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.Mobile.dll + 2004-07-15 12:28:52 57,344 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.RegularExpressions.dll + 2004-07-15 12:31:16 573,440 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.Services.dll + 2004-07-15 12:32:02 2,052,096 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Windows.Forms.dll + 2004-07-15 12:29:00 1,339,392 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\System.XML.dll + 2004-06-22 11:51:38 53,248 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe + 2004-07-15 09:23:20 737,280 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\vbc.exe + 2004-07-15 06:15:14 1,032,192 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\VsaVb7rt.dll + 2004-07-15 00:11:56 31,744 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\WMINet_Utils.dll + 2005-09-23 06:28:36 18,944 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll + 2005-09-23 06:28:42 136,192 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll + 2005-09-23 06:28:44 4,608 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll + 2005-09-23 06:29:04 183,808 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll + 2005-09-23 06:28:28 208,896 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll + 2005-09-23 06:28:56 10,752 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll + 2005-09-23 06:28:58 138,240 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll + 2005-09-23 06:28:36 87,552 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\alink.dll + 2005-09-23 06:28:58 55,488 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe + 2005-09-23 06:28:32 36,864 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe + 2005-09-23 06:28:32 10,752 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll + 2005-09-23 06:28:32 8,192 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll + 2005-09-23 06:28:32 23,552 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll + 2005-09-23 06:28:32 70,656 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll + 2005-09-23 06:28:32 13,824 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe + 2005-09-23 06:28:32 26,824 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe + 2005-09-23 06:28:32 106,496 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe + 2005-09-23 06:28:32 29,896 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe + 2005-09-23 06:28:32 29,888 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe + 2005-09-23 06:28:32 503,808 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll + 2005-09-23 06:28:56 106,496 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe + 2005-09-23 06:28:56 88,576 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll + 2005-09-23 06:28:42 76,984 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe + 2005-09-23 06:28:42 1,144,832 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll + 2005-09-23 06:28:42 13,312 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll + 2005-09-23 06:28:58 17,920 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll + 2005-09-23 06:28:56 68,608 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll + 2005-09-23 06:28:44 31,936 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe + 2005-09-23 06:28:38 52,736 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\dfdll.dll + 2005-09-23 06:28:38 4,608 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe + 2005-09-23 06:29:12 547,840 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll + 2005-09-23 06:28:56 788,992 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll + 2005-09-23 06:28:50 9,216 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll + 2005-09-23 06:28:56 9,728 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe + 2005-09-23 06:28:56 8,192 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll + 2005-09-23 06:28:56 36,864 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll + 2005-09-23 06:28:56 5,632 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll + 2005-09-23 06:28:56 224,952 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe + 2005-09-23 06:28:56 28,672 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe + 2005-09-23 06:28:56 55,296 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll + 2005-09-23 06:28:56 72,192 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll + 2005-09-23 06:28:48 40,960 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe + 2005-09-23 05:01:16 609,472 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe + 2005-09-23 04:29:48 80,896 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1025.dll + 2005-09-23 04:32:24 80,896 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1028.dll + 2005-09-23 04:34:10 82,944 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1029.dll + 2005-09-23 04:34:12 81,920 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1030.dll + 2005-09-23 04:34:44 85,504 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1031.dll + 2005-09-23 04:36:24 87,552 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1032.dll + 2005-09-23 01:46:14 80,896 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1033.dll + 2005-09-23 04:38:26 81,408 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1035.dll + 2005-09-23 04:38:52 86,016 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1036.dll + 2005-09-23 04:40:30 80,896 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1037.dll + 2005-09-23 04:40:32 83,968 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1038.dll + 2005-09-23 04:40:56 84,480 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1040.dll + 2005-09-23 04:42:58 80,896 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1041.dll + 2005-09-23 04:44:58 80,896 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1042.dll + 2005-09-23 04:46:38 83,456 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1043.dll + 2005-09-23 04:46:38 81,920 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1044.dll + 2005-09-23 04:46:40 83,456 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1045.dll + 2005-09-23 04:47:04 82,432 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1046.dll + 2005-09-23 04:47:30 82,432 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1049.dll + 2005-09-23 04:47:32 81,920 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1053.dll + 2005-09-23 04:47:32 80,896 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1055.dll + 2005-09-23 04:30:18 80,896 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.2052.dll + 2005-09-23 04:47:06 84,480 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.2070.dll + 2005-09-23 04:29:50 80,896 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.3076.dll + 2005-09-23 04:36:48 85,504 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.3082.dll + 2005-09-23 05:57:06 245,408 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\unicows.dll + 2005-09-23 06:28:48 413,696 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll + 2005-09-23 06:28:48 36,864 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll + 2005-09-23 06:28:48 647,168 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll + 2005-09-23 06:28:48 73,728 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll + 2005-09-23 06:28:48 745,472 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll + 2005-09-23 06:29:10 110,592 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll + 2005-09-23 06:29:10 372,736 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll + 2005-09-23 06:29:08 667,648 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll + 2005-09-23 06:28:30 28,672 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll + 2005-09-23 06:29:10 5,632 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll + 2005-09-23 06:28:30 32,768 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll + 2005-09-23 06:28:30 12,800 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2005-09-23 06:28:30 7,168 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll + 2005-09-23 06:28:32 87,552 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll + 2005-09-23 06:28:48 69,632 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe + 2005-09-23 06:28:56 800,768 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll + 2005-09-23 06:28:56 73,216 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll + 2005-09-23 06:28:56 288,768 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll + 2005-09-23 06:28:56 36,864 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorie.dll + 2005-09-23 06:28:56 326,144 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll + 2005-09-23 06:28:56 81,408 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll + 2005-09-23 06:28:56 4,308,992 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll + 2005-09-23 06:28:56 102,400 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll + 2005-09-23 06:29:00 330,752 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll + 2005-09-23 06:28:56 67,072 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll + 2005-09-23 06:28:50 9,216 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll + 2005-09-23 06:28:56 226,816 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll + 2005-09-23 06:28:56 66,240 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe + 2005-09-23 06:28:56 10,240 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll + 2005-09-23 06:28:50 5,615,616 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll + 2005-09-23 06:29:00 22,528 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll + 2005-09-23 06:28:56 96,440 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe + 2005-09-23 06:28:56 14,848 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll + 2005-09-23 06:28:56 78,336 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll + 2005-09-23 06:28:50 136,192 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\peverify.dll + 2005-09-23 06:28:56 53,248 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe + 2005-09-23 06:28:56 32,768 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe + 2005-09-23 06:29:02 59,072 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe + 2005-09-23 06:28:58 7,680 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll + 2005-09-23 06:28:56 107,520 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll + 2005-09-23 06:29:00 85,504 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll + 2005-09-23 06:28:56 377,344 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll + 2005-09-23 06:28:56 110,592 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll + 2005-09-23 06:28:58 389,120 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll + 2005-09-23 06:28:56 81,920 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll + 2005-09-23 06:28:56 2,878,976 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.dll + 2005-09-23 06:28:56 482,304 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll + 2005-09-23 06:28:56 716,800 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll + 2005-09-23 06:28:38 884,736 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll + 2005-09-23 06:28:56 5,050,368 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll + 2005-09-23 06:28:56 397,312 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll + 2005-09-23 06:28:56 188,416 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll + 2005-09-23 06:28:56 3,018,752 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll + 2005-09-23 06:28:56 81,920 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll + 2005-09-23 06:28:56 700,416 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll + 2005-09-23 06:28:56 258,048 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll + 2005-09-23 06:28:56 47,616 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll + 2005-09-23 06:28:56 114,176 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll + 2005-09-23 06:28:56 368,640 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll + 2005-09-23 06:28:56 258,048 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll + 2005-09-23 06:28:56 299,008 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll + 2005-09-23 06:28:56 131,072 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll + 2005-09-23 06:28:56 258,048 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll + 2005-09-23 06:28:56 114,688 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll + 2005-09-23 06:28:56 260,096 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll + 2005-09-23 06:28:56 5,025,792 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll + 2005-09-23 06:28:56 835,584 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll + 2005-09-23 06:28:56 86,016 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll + 2005-09-23 06:28:56 823,296 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll + 2005-09-23 06:28:56 5,316,608 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll + 2005-09-23 06:28:56 2,035,712 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll + 2005-09-23 06:28:56 71,680 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL + 2005-09-23 06:29:06 1,140,920 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe + 2005-09-23 06:28:30 1,306,624 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll + 2005-09-23 06:28:32 298,496 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll + 2005-09-23 06:28:56 28,160 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll - 2000-08-31 06:00:00 28,672 ----a-w c:\windows\Nircmd.exe + 2000-08-31 07:00:00 28,672 ----a-w c:\windows\Nircmd.exe + 2008-08-02 09:28:46 241,856 ----a-w c:\windows\PCHEALTH\HELPCTR\Config\Cache\Professional_32_1036.dat + 2008-08-02 09:28:46 241,856 ----a-w c:\windows\PCHEALTH\HELPCTR\Config\Cache\Professional_32_1036.dat.bak - 2000-08-31 06:00:00 161,792 ----a-w c:\windows\swreg.exe + 2000-08-31 07:00:00 161,792 ----a-w c:\windows\swreg.exe - 2008-06-23 15:39:58 1,024,000 ----a-w c:\windows\system32\browseui.dll + 2008-08-20 05:37:16 1,024,000 ----a-w c:\windows\system32\browseui.dll + 2005-02-04 04:00:40 28,672 ----a-w c:\windows\system32\callrun.dll - 2008-06-23 15:39:58 152,064 ----a-w c:\windows\system32\cdfview.dll + 2008-08-20 05:37:14 152,064 ----a-w c:\windows\system32\cdfview.dll - 2008-08-19 19:04:02 32,768 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat + 2008-11-17 13:07:58 32,768 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat - 2008-08-19 19:04:02 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat + 2008-11-17 13:07:58 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat - 2008-08-19 19:04:02 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat + 2008-11-17 13:07:58 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat - 2008-06-23 15:39:59 1,056,768 ----a-w c:\windows\system32\danim.dll + 2008-08-20 05:37:14 1,056,768 ----a-w c:\windows\system32\danim.dll + 2005-09-23 06:28:38 83,456 ----a-w c:\windows\system32\dfshim.dll - 2008-06-20 10:44:38 138,368 -c----w c:\windows\system32\dllcache\afd.sys + 2008-08-14 09:51:43 138,368 -c----w c:\windows\system32\dllcache\afd.sys - 2008-06-23 15:39:58 1,024,000 -c----w c:\windows\system32\dllcache\browseui.dll + 2008-08-20 05:37:16 1,024,000 -c----w c:\windows\system32\dllcache\browseui.dll - 2008-06-23 15:39:58 152,064 -c----w c:\windows\system32\dllcache\cdfview.dll + 2008-08-20 05:37:14 152,064 -c----w c:\windows\system32\dllcache\cdfview.dll - 2008-06-23 15:39:59 1,056,768 -c----w c:\windows\system32\dllcache\danim.dll + 2008-08-20 05:37:14 1,056,768 -c----w c:\windows\system32\dllcache\danim.dll - 2008-06-23 15:40:00 357,888 -c----w c:\windows\system32\dllcache\dxtmsft.dll + 2008-08-20 05:37:14 357,888 -c----w c:\windows\system32\dllcache\dxtmsft.dll - 2008-06-23 15:40:00 205,312 -c----w c:\windows\system32\dllcache\dxtrans.dll + 2008-08-20 05:37:14 205,312 -c----w c:\windows\system32\dllcache\dxtrans.dll - 2008-06-23 15:40:00 55,808 -c----w c:\windows\system32\dllcache\extmgr.dll + 2008-08-20 05:37:14 55,808 -c----w c:\windows\system32\dllcache\extmgr.dll - 2008-06-23 09:49:29 18,432 -c----w c:\windows\system32\dllcache\iedw.exe + 2008-08-19 09:30:39 18,432 -c----w c:\windows\system32\dllcache\iedw.exe - 2008-06-23 15:40:00 251,392 -c----w c:\windows\system32\dllcache\iepeers.dll + 2008-08-20 05:37:14 251,392 -c----w c:\windows\system32\dllcache\iepeers.dll - 2008-06-23 15:40:00 96,768 -c----w c:\windows\system32\dllcache\inseng.dll + 2008-08-20 05:37:14 96,768 -c----w c:\windows\system32\dllcache\inseng.dll - 2008-06-23 15:40:00 16,384 -c----w c:\windows\system32\dllcache\jsproxy.dll + 2008-08-20 05:37:15 16,384 -c----w c:\windows\system32\dllcache\jsproxy.dll - 2006-05-05 09:41:45 453,120 -c----w c:\windows\system32\dllcache\mrxsmb.sys + 2008-10-24 11:10:42 453,632 -c----w c:\windows\system32\dllcache\mrxsmb.sys - 2008-06-23 15:40:02 3,080,704 -c----w c:\windows\system32\dllcache\mshtml.dll + 2008-08-20 05:37:21 3,081,216 -c----w c:\windows\system32\dllcache\mshtml.dll - 2008-06-23 15:40:03 449,024 -c----w c:\windows\system32\dllcache\mshtmled.dll + 2008-08-20 05:37:15 449,024 -c----w c:\windows\system32\dllcache\mshtmled.dll - 2008-06-23 15:40:03 146,432 -c----w c:\windows\system32\dllcache\msrating.dll + 2008-08-20 05:37:14 146,432 -c----w c:\windows\system32\dllcache\msrating.dll - 2008-06-23 15:40:04 532,480 -c----w c:\windows\system32\dllcache\mstime.dll + 2008-08-20 05:37:14 532,480 -c----w c:\windows\system32\dllcache\mstime.dll - 2007-06-26 06:09:14 1,104,896 -c----w c:\windows\system32\dllcache\msxml3.dll + 2008-09-04 16:45:11 1,106,944 -c----w c:\windows\system32\dllcache\msxml3.dll - 2006-08-17 12:29:49 332,288 -c----w c:\windows\system32\dllcache\netapi32.dll + 2008-10-15 16:59:28 332,800 -c----w c:\windows\system32\dllcache\netapi32.dll - 2007-02-28 16:02:21 2,138,112 -c----w c:\windows\system32\dllcache\ntkrnlmp.exe + 2008-08-14 13:44:35 2,138,112 -c----w c:\windows\system32\dllcache\ntkrnlmp.exe - 2007-02-28 16:02:36 2,059,648 -c----w c:\windows\system32\dllcache\ntkrnlpa.exe + 2008-08-14 13:44:39 2,059,776 -c----w c:\windows\system32\dllcache\ntkrnlpa.exe - 2007-02-28 16:02:21 2,017,792 -c----w c:\windows\system32\dllcache\ntkrpamp.exe + 2008-08-14 13:44:33 2,017,792 -c----w c:\windows\system32\dllcache\ntkrpamp.exe - 2007-02-28 16:02:36 2,182,400 -c----w c:\windows\system32\dllcache\ntoskrnl.exe + 2008-08-14 13:44:37 2,182,400 -c----w c:\windows\system32\dllcache\ntoskrnl.exe - 2008-06-23 15:40:04 39,424 -c----w c:\windows\system32\dllcache\pngfilt.dll + 2008-08-20 05:37:14 39,424 -c----w c:\windows\system32\dllcache\pngfilt.dll - 2008-08-19 15:30:15 15,360 -c--a-w c:\windows\system32\dllcache\register.exe + 2008-11-21 17:13:13 15,360 -c--a-w c:\windows\system32\dllcache\register.exe - 2008-06-23 15:40:05 1,495,040 -c----w c:\windows\system32\dllcache\shdocvw.dll + 2008-08-20 05:37:15 1,495,040 -c----w c:\windows\system32\dllcache\shdocvw.dll - 2008-06-23 15:40:06 474,624 -c----w c:\windows\system32\dllcache\shlwapi.dll + 2008-08-20 05:37:15 474,624 -c----w c:\windows\system32\dllcache\shlwapi.dll - 2006-08-14 10:34:41 332,928 -c----w c:\windows\system32\dllcache\srv.sys + 2008-08-28 10:04:17 333,056 -c----w c:\windows\system32\dllcache\srv.sys - 2008-08-19 15:30:15 70,656 -c--a-w c:\windows\system32\dllcache\sysinfo.exe + 2008-11-21 17:13:16 70,656 -c--a-w c:\windows\system32\dllcache\sysinfo.exe - 2008-06-23 15:40:06 617,984 -c----w c:\windows\system32\dllcache\urlmon.dll + 2008-08-20 05:37:16 617,984 -c----w c:\windows\system32\dllcache\urlmon.dll - 2004-08-03 21:58:46 15,104 -c--a-w c:\windows\system32\dllcache\usbscan.sys + 2004-08-03 20:58:46 15,104 -c--a-w c:\windows\system32\dllcache\usbscan.sys - 2007-04-10 13:00:52 236,928 -c----w c:\windows\system32\dllcache\WgaLogon.dll + 2008-09-05 22:30:46 267,304 -c----w c:\windows\system32\dllcache\wgaLogon.dll - 2007-04-10 13:01:40 337,280 -c----w c:\windows\system32\dllcache\WgaTray.exe + 2008-09-05 22:30:04 952,360 -c----w c:\windows\system32\dllcache\WgaTray.exe - 2001-08-23 16:47:22 87,040 -c--a-w c:\windows\system32\dllcache\wiafbdrv.dll + 2001-08-23 15:47:22 87,040 -c--a-w c:\windows\system32\dllcache\wiafbdrv.dll - 2008-03-20 08:09:22 1,845,376 -c----w c:\windows\system32\dllcache\win32k.sys + 2008-09-15 15:39:16 1,846,144 -c----w c:\windows\system32\dllcache\win32k.sys - 2008-06-23 15:40:08 663,552 -c----w c:\windows\system32\dllcache\wininet.dll + 2008-08-20 05:37:15 663,552 -c----w c:\windows\system32\dllcache\wininet.dll - 2007-07-30 18:18:40 33,624 -c--a-w c:\windows\system32\dllcache\wups.dll + 2008-07-18 20:10:20 36,552 -c--a-w c:\windows\system32\dllcache\wups.dll - 2008-06-20 10:44:38 138,368 ----a-w c:\windows\system32\drivers\afd.sys + 2008-08-14 09:51:43 138,368 ----a-w c:\windows\system32\drivers\afd.sys + 2007-03-22 08:36:24 43,584 ------w c:\windows\system32\drivers\avipbb.sys + 2005-11-04 17:20:07 55,168 ------w c:\windows\system32\drivers\sdcplh.sys + 2005-11-10 05:21:00 88,800 ----a-w c:\windows\system32\drivers\sentinel.sys - 2006-08-14 10:34:41 332,928 ----a-w c:\windows\system32\drivers\srv.sys + 2008-08-28 10:04:17 333,056 ----a-w c:\windows\system32\drivers\srv.sys + 2007-03-05 09:20:02 28,352 ------w c:\windows\system32\drivers\ssmdrv.sys - 2004-08-03 21:58:46 15,104 ----a-w c:\windows\system32\drivers\usbscan.sys + 2004-08-03 20:58:46 15,104 ----a-w c:\windows\system32\drivers\usbscan.sys + 2006-03-03 06:07:02 143,360 ----a-w c:\windows\system32\dunzip32.dll - 2008-06-23 15:40:00 357,888 ----a-w c:\windows\system32\dxtmsft.dll + 2008-08-20 05:37:14 357,888 ----a-w c:\windows\system32\dxtmsft.dll - 2008-06-23 15:40:00 205,312 ----a-w c:\windows\system32\dxtrans.dll + 2008-08-20 05:37:14 205,312 ----a-w c:\windows\system32\dxtrans.dll - 2008-06-23 15:40:00 55,808 ------w c:\windows\system32\extmgr.dll + 2008-08-20 05:37:14 55,808 ------w c:\windows\system32\extmgr.dll - 2008-04-10 06:27:45 264,616 ----a-w c:\windows\system32\FNTCACHE.DAT + 2008-10-19 06:26:55 267,800 ----a-w c:\windows\system32\FNTCACHE.DAT + 1999-09-09 11:28:18 446,464 ----a-w c:\windows\system32\HHActiveX.dll + 2005-02-05 04:01:12 81,920 ----a-w c:\windows\system32\hinsrv.exe - 2008-06-23 15:40:00 251,392 ----a-w c:\windows\system32\iepeers.dll + 2008-08-20 05:37:14 251,392 ----a-w c:\windows\system32\iepeers.dll - 2004-07-26 16:16:10 1,568,768 ----a-w c:\windows\system32\imagX7.dll + 2004-07-26 15:16:10 1,568,768 ----a-w c:\windows\system32\imagX7.dll - 2004-07-26 16:16:10 476,320 ----a-w c:\windows\system32\imagXpr7.dll + 2004-07-26 15:16:10 476,320 ----a-w c:\windows\system32\imagXpr7.dll - 2004-07-26 16:16:10 262,144 ----a-w c:\windows\system32\imagXR7.dll + 2004-07-26 15:16:10 262,144 ----a-w c:\windows\system32\imagXR7.dll - 2004-07-26 16:16:10 471,040 ----a-w c:\windows\system32\imagXRA7.dll + 2004-07-26 15:16:10 471,040 ----a-w c:\windows\system32\imagXRA7.dll - 2008-06-23 15:40:00 96,768 ----a-w c:\windows\system32\inseng.dll + 2008-08-20 05:37:14 96,768 ----a-w c:\windows\system32\inseng.dll + 1998-05-05 10:36:08 39,424 ----a-w c:\windows\system32\JETCOMP.exe - 2008-06-23 15:40:00 16,384 ----a-w c:\windows\system32\jsproxy.dll + 2008-08-20 05:37:15 16,384 ----a-w c:\windows\system32\jsproxy.dll - 2007-04-10 13:02:50 1,476,992 ------w c:\windows\system32\LegitCheckControl.dll + 2008-09-05 22:30:06 1,480,232 ------w c:\windows\system32\LegitCheckControl.dll + 2001-03-23 16:22:10 314,880 ----a-w c:\windows\system32\LFCMP12n.DLL + 2001-03-23 16:15:48 78,336 ----a-w c:\windows\system32\LFFAX12n.DLL + 2001-03-23 16:17:32 43,008 ----a-w c:\windows\system32\lfgif12n.dll + 2001-03-23 16:18:30 121,856 ----a-w c:\windows\system32\lfmpg12n.dll + 2001-03-23 16:19:22 155,648 ----a-w c:\windows\system32\LFTIF12n.DLL + 2001-03-23 16:13:20 278,528 ----a-w c:\windows\system32\LTDIS12n.DLL + 2001-03-20 11:54:40 227,840 ----a-w c:\windows\system32\LTEFX12n.DLL + 2001-03-23 16:13:36 122,368 ----a-w c:\windows\system32\LTFIL12n.DLL + 2001-03-23 16:14:12 166,400 ----a-w c:\windows\system32\LTIMG12n.DLL + 2001-03-23 16:13:14 406,528 ----a-w c:\windows\system32\LTKRN12n.DLL + 2001-03-20 11:55:00 41,472 ----a-w c:\windows\system32\LTTWN12n.DLL + 2008-10-05 03:16:26 235,936 ----a-r c:\windows\system32\Macromed\Flash\FlashUtil10a.exe - 2008-02-24 18:58:10 74,649 ----a-w c:\windows\system32\Macromed\Flash\uninstall_activeX.exe + 2008-10-24 05:47:15 88,590 ----a-w c:\windows\system32\Macromed\Flash\uninstall_activeX.exe - 2008-05-29 23:35:11 17,486,968 ----a-w c:\windows\system32\MRT.exe + 2008-11-04 00:10:25 17,318,336 ----a-w c:\windows\system32\MRT.exe + 2001-08-28 12:00:00 2,864 ----a-w c:\windows\system32\MSCICH32.DLL + 2006-12-22 10:28:14 271,360 ----a-w c:\windows\system32\mscoree.dll + 2005-09-23 06:28:52 150,016 ----a-w c:\windows\system32\mscorier.dll + 2005-09-23 06:28:52 74,240 ----a-w c:\windows\system32\mscories.dll + 1998-06-01 13:37:00 344,064 ----a-w c:\windows\system32\msexch35.dll + 1999-09-09 21:06:38 252,688 ----a-w c:\windows\system32\msexcl35.dll - 2008-06-23 15:40:02 3,080,704 ----a-w c:\windows\system32\mshtml.dll + 2008-08-20 05:37:21 3,081,216 ----a-w c:\windows\system32\mshtml.dll - 2008-06-23 15:40:03 449,024 ----a-w c:\windows\system32\mshtmled.dll + 2008-08-20 05:37:15 449,024 ----a-w c:\windows\system32\mshtmled.dll + 1999-09-28 20:42:48 1,050,896 ----a-w c:\windows\system32\msjet35.dll + 1999-06-10 08:34:04 123,664 ----a-w c:\windows\system32\msjint35.dll + 1999-09-29 19:04:06 1,238,288 ----a-w c:\windows\system32\msjt4jlt.dll + 1999-06-10 08:34:04 24,848 ----a-w c:\windows\system32\msjter35.dll + 1999-09-09 21:06:38 168,720 ----a-w c:\windows\system32\msltus35.dll + 1999-06-07 17:59:34 250,128 ----a-w c:\windows\system32\mspdox35.dll - 2008-06-23 15:40:03 146,432 ----a-w c:\windows\system32\msrating.dll + 2008-08-20 05:37:14 146,432 ----a-w c:\windows\system32\msrating.dll + 1998-06-01 13:37:00 262,144 ----a-w c:\windows\system32\msrd2x35.dll + 1999-08-25 13:57:26 415,504 ----a-w c:\windows\system32\msrepl35.dll + 1999-04-26 19:08:20 44,304 ----a-w c:\windows\system32\msrpfs35.dll + 1999-09-30 18:21:24 166,672 ----a-w c:\windows\system32\mstext35.dll - 2008-06-23 15:40:04 532,480 ----a-w c:\windows\system32\mstime.dll + 2008-08-20 05:37:14 532,480 ----a-w c:\windows\system32\mstime.dll + 1998-06-01 13:37:00 294,912 ----a-w c:\windows\system32\msxbse35.dll - 2007-06-26 06:09:14 1,104,896 ----a-w c:\windows\system32\msxml3.dll + 2008-09-04 16:45:11 1,106,944 ----a-w c:\windows\system32\msxml3.dll - 2007-05-08 14:03:04 1,275,392 ----a-w c:\windows\system32\msxml4.dll + 2008-09-30 15:43:34 1,286,152 ----a-w c:\windows\system32\msxml4.dll - 2007-07-30 17:19:10 271,224 ----a-w c:\windows\system32\mucltui.dll + 2008-07-18 20:07:34 270,880 ----a-w c:\windows\system32\mucltui.dll + 2003-02-20 16:43:36 4,096 ----a-w c:\windows\system32\mui\0409\mscoreer.dll + 2006-12-22 11:02:36 6,144 ----a-w c:\windows\system32\mui\0409\mscorees.dll - 2007-07-30 17:19:04 207,736 ----a-w c:\windows\system32\muweb.dll + 2008-07-18 20:07:32 210,976 ----a-w c:\windows\system32\muweb.dll - 2006-08-17 12:29:49 332,288 ----a-w c:\windows\system32\netapi32.dll + 2008-10-15 16:59:28 332,800 ----a-w c:\windows\system32\netapi32.dll + 2003-02-20 17:16:34 32,768 ----a-w c:\windows\system32\netfxperf.dll - 2007-02-28 16:02:36 2,059,648 ----a-w c:\windows\system32\ntkrnlpa.exe + 2008-08-14 13:44:39 2,059,776 ----a-w c:\windows\system32\ntkrnlpa.exe - 2007-02-28 16:02:36 2,182,400 ----a-w c:\windows\system32\ntoskrnl.exe + 2008-08-14 13:44:37 2,182,400 ----a-w c:\windows\system32\ntoskrnl.exe - 2008-03-30 07:01:33 40,836 ----a-w c:\windows\system32\perfc009.dat + 2008-11-13 10:31:15 63,188 ----a-w c:\windows\system32\perfc009.dat - 2008-03-30 07:01:33 49,494 ----a-w c:\windows\system32\perfc00C.dat + 2008-11-13 10:31:15 76,144 ----a-w c:\windows\system32\perfc00C.dat - 2008-03-30 07:01:33 314,508 ----a-w c:\windows\system32\perfh009.dat + 2008-11-13 10:31:15 403,968 ----a-w c:\windows\system32\perfh009.dat - 2008-03-30 07:01:33 370,414 ----a-w c:\windows\system32\perfh00C.dat + 2008-11-13 10:31:15 470,828 ----a-w c:\windows\system32\perfh00C.dat - 2008-06-23 15:40:04 39,424 ----a-w c:\windows\system32\pngfilt.dll + 2008-08-20 05:37:14 39,424 ----a-w c:\windows\system32\pngfilt.dll - 2008-06-23 15:40:05 1,495,040 ----a-w c:\windows\system32\shdocvw.dll + 2008-08-20 05:37:15 1,495,040 ----a-w c:\windows\system32\shdocvw.dll - 2008-06-23 15:40:06 474,624 ----a-w c:\windows\system32\shlwapi.dll + 2008-08-20 05:37:15 474,624 ----a-w c:\windows\system32\shlwapi.dll + 2005-11-10 05:21:00 48,352 ----a-w c:\windows\system32\snti386.dll - 2007-11-30 11:19:06 18,296 ------w c:\windows\system32\spmsg.dll + 2008-07-08 13:03:54 18,296 ------w c:\windows\system32\spmsg.dll + 2002-03-11 15:32:16 2,560 ------w c:\windows\system32\spool\drivers\w32x86\lxwf2000.dll + 2004-08-19 14:09:48 264,704 ----a-w c:\windows\system32\spool\drivers\w32x86\unidrv.dll + 2004-08-19 14:09:48 199,168 ----a-w c:\windows\system32\spool\drivers\w32x86\unidrvui.dll + 2004-08-19 14:09:06 620,544 ----a-w c:\windows\system32\spool\drivers\w32x86\unires.dll - 2003-01-16 19:37:14 11,264 ------w c:\windows\system32\spool\prtprocs\w32x86\lxprint2000.dll + 2003-01-16 18:37:14 11,264 ------w c:\windows\system32\spool\prtprocs\w32x86\lxprint2000.dll - 2004-07-09 08:43:56 364,544 ----a-w c:\windows\system32\TwnLib4.dll + 2004-07-09 07:43:56 364,544 ----a-w c:\windows\system32\TwnLib4.dll - 2008-06-23 15:40:06 617,984 ----a-w c:\windows\system32\urlmon.dll + 2008-08-20 05:37:16 617,984 ----a-w c:\windows\system32\urlmon.dll + 2003-02-20 17:06:20 282,624 ----a-w c:\windows\system32\URTTemp\fusion.dll + 2003-02-20 17:06:24 155,648 ----a-w c:\windows\system32\URTTemp\mscoree.dll + 2003-02-20 17:09:18 77,824 ----a-w c:\windows\system32\URTTemp\mscorsn.dll + 2003-02-20 17:08:32 2,482,176 ----a-w c:\windows\system32\URTTemp\mscorwks.dll + 2003-02-21 02:42:22 348,160 ----a-w c:\windows\system32\URTTemp\msvcr71.dll + 2003-02-21 03:16:08 49,152 ----a-w c:\windows\system32\URTTemp\regtlib.exe + 1998-06-17 23:00:00 89,360 ----a-w c:\windows\system32\VB5DB.DLL + 1998-05-18 01:06:32 368,912 ----a-w c:\windows\system32\VBAR332.DLL - 2007-04-10 13:00:52 236,928 ------w c:\windows\system32\WgaLogon.dll + 2008-09-05 22:30:46 267,304 ----a-w c:\windows\system32\WgaLogon.dll - 2007-04-10 13:01:40 337,280 ------w c:\windows\system32\WgaTray.exe + 2008-09-05 22:30:04 952,360 ------w c:\windows\system32\WgaTray.exe - 2001-08-23 16:47:22 87,040 ----a-w c:\windows\system32\wiafbdrv.dll + 2001-08-23 15:47:22 87,040 ----a-w c:\windows\system32\wiafbdrv.dll - 2008-03-20 08:09:22 1,845,376 ----a-w c:\windows\system32\win32k.sys + 2008-09-15 15:39:16 1,846,144 ----a-w c:\windows\system32\win32k.sys - 2008-06-23 15:40:08 663,552 ----a-w c:\windows\system32\wininet.dll + 2008-08-20 05:37:15 663,552 ----a-w c:\windows\system32\wininet.dll - 2006-10-18 20:47:20 295,936 ------w c:\windows\system32\wmpeffects.dll + 2008-06-24 16:12:58 295,936 ----a-w c:\windows\system32\wmpeffects.dll - 2007-07-30 18:18:40 33,624 ----a-w c:\windows\system32\wups.dll + 2008-07-18 20:10:20 36,552 ----a-w c:\windows\system32\wups.dll - 2007-07-30 18:19:12 43,352 ----a-w c:\windows\system32\wups2.dll + 2008-07-18 20:10:40 45,768 ----a-w c:\windows\system32\wups2.dll - 2008-07-03 09:42:35 370,176 ----a-w c:\windows\system32\xpsp3res.dll + 2008-08-19 09:51:37 370,176 ----a-w c:\windows\system32\xpsp3res.dll - 2005-09-12 15:13:46 233,472 ----a-w c:\windows\UNNeroBackItUp.exe + 2005-09-12 14:13:46 233,472 ----a-w c:\windows\UNNeroBackItUp.exe - 2005-09-12 15:13:46 233,472 ----a-w c:\windows\UNNeroMediaHome.exe + 2005-09-12 14:13:46 233,472 ----a-w c:\windows\UNNeroMediaHome.exe - 2005-09-12 15:13:46 233,472 ----a-w c:\windows\UNNeroShowTime.exe + 2005-09-12 14:13:46 233,472 ----a-w c:\windows\UNNeroShowTime.exe - 2005-09-12 15:13:46 233,472 ----a-w c:\windows\UNNeroVision.exe + 2005-09-12 14:13:46 233,472 ----a-w c:\windows\UNNeroVision.exe - 2005-09-12 15:13:46 233,472 ----a-w c:\windows\UNRecode.exe + 2005-09-12 14:13:46 233,472 ----a-w c:\windows\UNRecode.exe + 2008-09-30 15:42:08 1,286,152 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9870.0_x-ww_a32d74cf\msxml4.dll + 2008-09-30 15:45:12 91,656 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.1.0_x-ww_2a41bceb\msxml4r.dll + 2008-04-15 17:56:59 1,724,416 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.3352_x-ww_81af8e88\GdiPlus.dll + 2008-11-13 10:27:23 258,048 ----a-w c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll + 2008-11-13 10:27:23 114,176 ----a-w c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll . -- Instantané actualisé -- . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SxBzBufferZoneOverlay] @="{37ADBD0B-11EC-4A2C-9F93-5C3ACC7994DF}" [HKEY_CLASSES_ROOT\CLSID\{37ADBD0B-11EC-4A2C-9F93-5C3ACC7994DF}] 2007-08-06 14:20 1222576 --a------ c:\windows\system32\RlShellExt.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SxBzConfidentialOverlay] @="{F594B094-8768-4632-8143-12852EBBD688}" [HKEY_CLASSES_ROOT\CLSID\{F594B094-8768-4632-8143-12852EBBD688}] 2007-08-06 14:20 1222576 --a------ c:\windows\system32\RlShellExt.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SxBzForbiddenOverlay] @="{F1A1DA12-E651-4AD0-A1A0-6214546B2F9D}" [HKEY_CLASSES_ROOT\CLSID\{F1A1DA12-E651-4AD0-A1A0-6214546B2F9D}] 2007-08-06 14:20 1222576 --a------ c:\windows\system32\RlShellExt.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SxBzUnknownOverlay] @="{E4FC4B31-8A4F-45E6-BDAC-28F612371FE3}" [HKEY_CLASSES_ROOT\CLSID\{E4FC4B31-8A4F-45E6-BDAC-28F612371FE3}] 2007-08-06 14:20 1222576 --a------ c:\windows\system32\RlShellExt.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-19 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-03-27 98304] "DLBXCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLBXtime.dll" [2004-12-07 69632] "dlbxmon.exe"="c:\program files\Dell Photo AIO Printer 962\dlbxmon.exe" [2005-01-18 425984] "NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ WiFi Station.lnk - c:\program files\Hercules\WiFi Station\WifiStation.exe [2008-02-24 650240] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] --a------ 2004-08-19 16:09 15360 c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dlbxmon.exe] --a------ 2005-01-18 15:58 425984 c:\program files\Dell Photo AIO Printer 962\dlbxmon.exE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck] -ra------ 2001-07-09 10:50 155648 c:\windows\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a------ 2006-01-12 15:40 155648 c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2008-03-27 17:10 98304 c:\program files\QuickTime\qttask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C-Media Mixer] -ra------ 2001-11-15 19:08 1216512 c:\windows\mixer.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "d:\\eChanblard\\emule.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "%windir%\\explorer.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "6662:TCP"= 6662:TCP:kieffer "6672:UDP"= 6672:UDP:kieffer R2 Hinsrv;Hinsrv Service;c:\windows\system32\hinsrv.exe [2008-09-01 81920] R2 SG_Service;SoftGuard Service;c:\program files\Fichiers communs\RbtProt\sgsrv.exe [2005-04-25 155648] S3 8daee481-4510-4cd5-8ba1-dea0b2588289;8daee481-4510-4cd5-8ba1-dea0b2588289;\??\g:\player\cds300.dll [] S3 axvbusx;axvbusx;c:\windows\system32\DRIVERS\axvbusx.sys [] S3 axvscsi;axvscsi;c:\windows\system32\DRIVERS\axvscsi.sys [] S3 PNDIS5;PNDIS5 NDIS Protocol Driver;\??\F:\PNDIS5.SYS [] S4 hpt3xx;hpt3xx; [] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2ed971c8-78b0-11dd-9939-0008d328a685}] \Shell\AutoRun\command - rthrw.com \Shell\explore\Command - rthrw.com \Shell\open\Command - rthrw.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{700d6dfc-4cd5-11dd-98be-0008d328a685}] \Shell\AutoRun\command - rthrw.com \Shell\explore\Command - rthrw.com \Shell\open\Command - rthrw.com . Contenu du dossier 'Tâches planifiées' 2008-11-22 c:\windows\Tasks\A2AF9D86918C1156.job - c:\docume~1\sylvain\applic~1\dupeob~1\eggs program win.exe [] 2008-11-21 c:\windows\Tasks\At1.job - c:\windows\system32\41W0527I.exe [] 2008-11-21 c:\windows\Tasks\At10.job - c:\windows\system32\41W0527I.exe [] 2008-11-21 c:\windows\Tasks\At11.job - c:\windows\system32\41W0527I.exe [] 2008-11-21 c:\windows\Tasks\At12.job - c:\windows\system32\41W0527I.exe [] 2008-11-21 c:\windows\Tasks\At13.job - c:\windows\system32\41W0527I.exe [] 2008-11-21 c:\windows\Tasks\At14.job - c:\windows\system32\41W0527I.exe [] 2008-11-21 c:\windows\Tasks\At15.job - c:\windows\system32\41W0527I.exe [] 2008-11-22 c:\windows\Tasks\At16.job - c:\windows\system32\41W0527I.exe [] 2008-11-22 c:\windows\Tasks\At17.job - c:\windows\system32\41W0527I.exe [] 2008-11-21 c:\windows\Tasks\At18.job - c:\windows\system32\41W0527I.exe [] 2008-11-21 c:\windows\Tasks\At19.job - c:\windows\system32\41W0527I.exe [] 2008-11-22 c:\windows\Tasks\At2.job - c:\windows\system32\41W0527I.exe [] 2008-11-21 c:\windows\Tasks\At20.job - c:\windows\system32\41W0527I.exe [] 2008-11-21 c:\windows\Tasks\At21.job - c:\windows\system32\41W0527I.exe [] 2008-11-21 c:\windows\Tasks\At22.job - c:\windows\system32\41W0527I.exe [] 2008-11-21 c:\windows\Tasks\At23.job - c:\windows\system32\41W0527I.exe [] 2008-11-21 c:\windows\Tasks\At24.job - c:\windows\system32\41W0527I.exe [] 2008-11-21 c:\windows\Tasks\At25.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-22 c:\windows\Tasks\At26.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-18 c:\windows\Tasks\At27.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-18 c:\windows\Tasks\At28.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-18 c:\windows\Tasks\At29.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-18 c:\windows\Tasks\At3.job - c:\windows\system32\41W0527I.exe [] 2008-11-18 c:\windows\Tasks\At30.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-18 c:\windows\Tasks\At31.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-19 c:\windows\Tasks\At32.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-21 c:\windows\Tasks\At33.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-21 c:\windows\Tasks\At34.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-21 c:\windows\Tasks\At35.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-21 c:\windows\Tasks\At36.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-21 c:\windows\Tasks\At37.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-21 c:\windows\Tasks\At38.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-21 c:\windows\Tasks\At39.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-18 c:\windows\Tasks\At4.job - c:\windows\system32\41W0527I.exe [] 2008-11-22 c:\windows\Tasks\At40.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-22 c:\windows\Tasks\At41.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-21 c:\windows\Tasks\At42.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-21 c:\windows\Tasks\At43.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-21 c:\windows\Tasks\At44.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-21 c:\windows\Tasks\At45.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-21 c:\windows\Tasks\At46.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-21 c:\windows\Tasks\At47.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-21 c:\windows\Tasks\At48.job - c:\windows\system32\NcUfFrHN.exe [] 2008-11-18 c:\windows\Tasks\At5.job - c:\windows\system32\41W0527I.exe [] 2008-11-18 c:\windows\Tasks\At6.job - c:\windows\system32\41W0527I.exe [] 2008-11-18 c:\windows\Tasks\At7.job - c:\windows\system32\41W0527I.exe [] 2008-11-19 c:\windows\Tasks\At8.job - c:\windows\system32\41W0527I.exe [] 2008-11-21 c:\windows\Tasks\At9.job - c:\windows\system32\41W0527I.exe [] . - - - - ORPHELINS SUPPRIMES - - - - BHO-{F7E8D47F-FD21-4DC9-AE4B-C903AFF43613} - c:\windows\system32\nnnOHxwX.dll HKU-Default-RunOnce-FlashPlayerUpdate - c:\windows\system32\Macromed\Flash\FlashUtil9e.exe ShellExecuteHooks-{35460667-381B-4D43-8E45-1CF213B39DCA} - c:\windows\system32\rqRLFxYs.dll SSODL-qxdepnbs-{C8A909B8-6950-4468-9DA1-BD8DBC800098} - c:\windows\qxdepnbs.dll SSODL-bptswvdf-{EDBF88D8-EA26-4055-8AA8-D2D439F584D8} - c:\windows\bptswvdf.dll Notify-rqRLFxYs - rqRLFxYs.dll MSConfigStartUp-a-squared - c:\program files\a-squared Anti-Malware\a2guard.exe MSConfigStartUp-SpybotSD TeaTimer - c:\program files\Spybot - Search & Destroy\TeaTimer.exe . ------- Examen supplémentaire ------- . FireFox -: Profile - c:\documents and settings\Mireille\Application Data\Mozilla\Firefox\Profiles\xny2ljj5.default\ FF -: plugin - c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll FF -: plugin - c:\program files\Adobe\Acrobat 6.0\Reader\browser\nppdf32.dll FF -: plugin - c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-11-22 21:15:38 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\WgaTray.exe c:\windows\system32\netdde.exe c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe c:\program files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe c:\windows\system32\wscntfy.exe c:\windows\system32\dlbxcoms.exe . ************************************************************************** . Heure de fin: 2008-11-22 21:20:27 - La machine a redémarré [Mireille] ComboFix-quarantined-files.txt 2008-11-22 20:20:23 ComboFix2.txt 2008-08-21 18:58:20 ComboFix3.txt 2008-08-21 14:10:24 ComboFix4.txt 2008-08-19 19:51:01 Avant-CF: 27 912 794 112 octets libres Après-CF: 28,661,846,016 octets libres WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /fastdetect /NoExecute=OptIn 1386 --- E O F --- 2008-11-14 09:42:14

Ok cette fois il se lance, il me propose de reinstaller la console de recup, j'ai accepté (pour info j'avais reussi a la retablir et suis en mode sans echec avec prise en charge reseau sur le pc en question) je poste le rapport des qu'il a fini

Tout d'abord merci d'avoir répondu si vite Ensuite les nouvelles sont mauvaises : J'ai bien suivi ta procedure J'ai bien cliqué sur ton lien puis quand il a fallu choisir l'emplacement ou enregistre combofix je l'ai renommé Combo-Fix et mis sur le bureau le téléchargement a eu lieu puis je l'ai executé une barre bleu a apparut et le msg suivant s'est affiché : Vous ne pouvez pas renommer ComboFix en Combo-Fix Veuillez choisir un autre nom, de préférence composé de caractère alphanumériques (si je précise exactement le fait d'avoir suivi la procédure, c'est que la dernière fois cela avait fait la même chose et que cela était semble t'il tres surprenant) voila ce qu'il en est

Bonjour Je suis a nouveau sur le pc de mes parents qui est pour le seconde fois infecté par bagle, Je résume la situation : mc afee a disparut de la barre des tache et je n'arrive plus a le lancer (symptome qui m'a rappelé bagle) J'ai donc essayé de faire une passe avec Drweb CureIt (solution qui avait marché la dernière fois grace à l'aide d'Apollo) : ce dernier plante a chaque fois au bout de 5-10 minute... J'ai également passé elibagla qui ne detecte rien.. Puis j'ai fais un scan en ligne avec kaspersky qui m'a detecté 91 element infecté et 15 virus (je crois) dont plusieurs win32.bagle.of et autre terminaisons je vous joins un rapport dans le prochain post. Voila je ne sais plus quoi faire et je me permets de vous appeler au secours me souvenant de l'efficacité d'apollo la derniere fois je ne doutes pas que vous me trouverez la solution adequate. merci d'avance voici le rapport de kaspesky : C:\Documents and Settings\Administrateur\Cookies\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\MSHist012008112220081123\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Administrateur\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\Administrateur\NtUser.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\Mireille\Local Settings\temp\tmp7E54.tmp/stream/data0002 Infecté : Trojan-Downloader.Win32.Zlob.zzn ignoré C:\Documents and Settings\Mireille\Local Settings\temp\tmp7E54.tmp/stream Infecté : Trojan-Downloader.Win32.Zlob.zzn ignoré C:\Documents and Settings\Mireille\Local Settings\temp\tmp7E54.tmp NSIS: infecté - 2 ignoré C:\Documents and Settings\Mireille\Local Settings\temp\tmpB4A5.tmp/stream/data0002 Infecté : Trojan-Downloader.Win32.Zlob.abaf ignoré C:\Documents and Settings\Mireille\Local Settings\temp\tmpB4A5.tmp/stream Infecté : Trojan-Downloader.Win32.Zlob.abaf ignoré C:\Documents and Settings\Mireille\Local Settings\temp\tmpB4A5.tmp NSIS: infecté - 2 ignoré C:\Documents and Settings\Mireille\Local Settings\temp\tmpBE77.tmp/stream/data0002 Infecté : Trojan-Downloader.Win32.Zlob.aaff ignoré C:\Documents and Settings\Mireille\Local Settings\temp\tmpBE77.tmp/stream Infecté : Trojan-Downloader.Win32.Zlob.aaff ignoré C:\Documents and Settings\Mireille\Local Settings\temp\tmpBE77.tmp NSIS: infecté - 2 ignoré C:\Documents and Settings\Mireille\Local Settings\temp\tmpCB48.tmp/stream/data0002 Infecté : Trojan-Downloader.Win32.Zlob.zaz ignoré C:\Documents and Settings\Mireille\Local Settings\temp\tmpCB48.tmp/stream Infecté : Trojan-Downloader.Win32.Zlob.zaz ignoré C:\Documents and Settings\Mireille\Local Settings\temp\tmpCB48.tmp NSIS: infecté - 2 ignoré C:\Documents and Settings\Mireille\Local Settings\Temporary Internet Files\Content.IE5\2WK5UK9V\index[2].js Infecté : Trojan-Downloader.JS.Agent.cln ignoré C:\Documents and Settings\Mireille\Local Settings\Temporary Internet Files\Content.IE5\GRELG5S6\index[2].js Infecté : Trojan-Downloader.JS.Agent.cln ignoré C:\Documents and Settings\Mireille\Local Settings\Temporary Internet Files\Content.IE5\GRELG5S6\index[3].js Infecté : Trojan-Downloader.JS.Agent.cln ignoré C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\6789A7UV\b64[1].jpg Infecté : Email-Worm.Win32.Bagle.of ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\6789A7UV\b64[3].jpg Infecté : Email-Worm.Win32.Bagle.of ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\6789A7UV\b64_2[1].jpg Infecté : Email-Worm.Win32.Bagle.vr ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\6789A7UV\b64_2[2].jpg Infecté : Email-Worm.Win32.Bagle.majc ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\6789A7UV\b64_3[1].jpg Infecté : Email-Worm.Win32.Bagle.of ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\6789A7UV\b64_3[2].jpg Infecté : Email-Worm.Win32.Bagle.of ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\6789A7UV\b64_3[4].jpg Infecté : Email-Worm.Win32.Bagle.of ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\6789A7UV\b64_3[5].jpg Infecté : Email-Worm.Win32.Bagle.of ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\6789A7UV\b64_3[6].jpg Infecté : Email-Worm.Win32.Bagle.of ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\81B3DNOC\b64[1].jpg Infecté : Email-Worm.Win32.Bagle.of ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\81B3DNOC\b64[2].jpg Infecté : Email-Worm.Win32.Bagle.of ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\81B3DNOC\b64[3].jpg Infecté : Email-Worm.Win32.Bagle.of ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\81B3DNOC\b64[4].jpg Infecté : Email-Worm.Win32.Bagle.of ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\81B3DNOC\b64_2[1].jpg Infecté : Email-Worm.Win32.Bagle.vr ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\81B3DNOC\b64_2[2].jpg Infecté : Email-Worm.Win32.Bagle.majc ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\81B3DNOC\b64_2[3].jpg Infecté : Email-Worm.Win32.Bagle.vr ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\81B3DNOC\b64_2[4].jpg Infecté : Email-Worm.Win32.Bagle.majc ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\81B3DNOC\b64_2[5].jpg Infecté : Email-Worm.Win32.Bagle.majc ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\81B3DNOC\b64_2[6].jpg Infecté : Email-Worm.Win32.Bagle.vr ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\81B3DNOC\b64_2[7].jpg Infecté : Email-Worm.Win32.Bagle.majc ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\81B3DNOC\b64_3[1].jpg Infecté : Email-Worm.Win32.Bagle.of ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\81B3DNOC\b64_3[4].jpg Infecté : Email-Worm.Win32.Bagle.of ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\81B3DNOC\b64_3[5].jpg Infecté : Email-Worm.Win32.Bagle.of ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\81B3DNOC\b64_3[6].jpg Infecté : Email-Worm.Win32.Bagle.of ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\81B3DNOC\b64_3[7].jpg Infecté : Email-Worm.Win32.Bagle.of ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\81B3DNOC\b64_3[8].jpg Infecté : Email-Worm.Win32.Bagle.of ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\GHWS2LDN\ASE_Setup_Free_fr[1].exe Infecté : not-a-virus:FraudTool.Win32.Agent.cg ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\GHWS2LDN\b64_2[1].jpg Infecté : Email-Worm.Win32.Bagle.majc ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\GHWS2LDN\b64_2[2].jpg Infecté : Email-Worm.Win32.Bagle.majc ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\GHWS2LDN\b64_2[3].jpg Infecté : Email-Worm.Win32.Bagle.majc ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\GHWS2LDN\b64_2[4].jpg Infecté : Email-Worm.Win32.Bagle.majc ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\GHWS2LDN\b64_2[5].jpg Infecté : Email-Worm.Win32.Bagle.majc ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\GHWS2LDN\b64_3[1].jpg Infecté : Email-Worm.Win32.Bagle.of ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\GHWS2LDN\b64_3[2].jpg Infecté : Email-Worm.Win32.Bagle.of ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\GHWS2LDN\b64_3[3].jpg Infecté : Email-Worm.Win32.Bagle.of ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\ZRABUME6\b64[1].jpg Infecté : Email-Worm.Win32.Bagle.of ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\ZRABUME6\b64[2].jpg Infecté : Email-Worm.Win32.Bagle.of ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\ZRABUME6\b64[3].jpg Infecté : Email-Worm.Win32.Bagle.of ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\ZRABUME6\b64[4].jpg Infecté : Email-Worm.Win32.Bagle.of ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\ZRABUME6\b64_2[1].jpg Infecté : Email-Worm.Win32.Bagle.majc ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\ZRABUME6\b64_2[3].jpg Infecté : Email-Worm.Win32.Bagle.majc ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\ZRABUME6\b64_3[2].jpg Infecté : Email-Worm.Win32.Bagle.of ignoré C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\ZRABUME6\index[2].js Infecté : Trojan-Downloader.JS.Agent.cln ignoré C:\Program Files\BitTorrent Fastest Tool\DWbrk03_0308.exe Infecté : Trojan-Downloader.Win32.Agent.afyh ignoré C:\System Volume Information\_restore{EC5E7376-8FDB-4BBA-B893-839341FB7AA6}\RP40\A0008015.exe/stream/Script Infecté : Trojan-Downloader.NSIS.Agent.ax ignoré C:\System Volume Information\_restore{EC5E7376-8FDB-4BBA-B893-839341FB7AA6}\RP40\A0008015.exe/stream Infecté : Trojan-Downloader.NSIS.Agent.ax ignoré C:\System Volume Information\_restore{EC5E7376-8FDB-4BBA-B893-839341FB7AA6}\RP40\A0008015.exe NSIS: infecté - 2 ignoré C:\System Volume Information\_restore{EC5E7376-8FDB-4BBA-B893-839341FB7AA6}\RP80\A0021249.exe Infecté : Trojan-Downloader.Win32.Agent.afyh ignoré C:\System Volume Information\_restore{EC5E7376-8FDB-4BBA-B893-839341FB7AA6}\RP80\A0022249.exe Infecté : Trojan-Downloader.Win32.Agent.afyh ignoré C:\System Volume Information\_restore{EC5E7376-8FDB-4BBA-B893-839341FB7AA6}\RP93\A0027330.sys Infecté : Trojan-Downloader.Win32.Bagle.afl ignoré C:\System Volume Information\_restore{EC5E7376-8FDB-4BBA-B893-839341FB7AA6}\RP93\A0027332.exe Infecté : Email-Worm.Win32.Bagle.of ignoré C:\System Volume Information\_restore{EC5E7376-8FDB-4BBA-B893-839341FB7AA6}\RP93\A0027333.exe Infecté : Email-Worm.Win32.Bagle.of ignoré C:\System Volume Information\_restore{EC5E7376-8FDB-4BBA-B893-839341FB7AA6}\RP93\A0027365.sys Infecté : Trojan-Downloader.Win32.Bagle.afl ignoré C:\System Volume Information\_restore{EC5E7376-8FDB-4BBA-B893-839341FB7AA6}\RP93\A0027402.exe Infecté : Email-Worm.Win32.Bagle.of ignoré C:\System Volume Information\_restore{EC5E7376-8FDB-4BBA-B893-839341FB7AA6}\RP94\A0027642.exe Infecté : Email-Worm.Win32.Bagle.of ignoré C:\System Volume Information\_restore{EC5E7376-8FDB-4BBA-B893-839341FB7AA6}\RP94\A0027643.exe Infecté : Email-Worm.Win32.Bagle.of ignoré C:\System Volume Information\_restore{EC5E7376-8FDB-4BBA-B893-839341FB7AA6}\RP94\A0027644.exe Infecté : Email-Worm.Win32.Bagle.of ignoré C:\System Volume Information\_restore{EC5E7376-8FDB-4BBA-B893-839341FB7AA6}\RP94\A0027702.sys Infecté : Trojan-Downloader.Win32.Bagle.afl ignoré C:\System Volume Information\_restore{EC5E7376-8FDB-4BBA-B893-839341FB7AA6}\RP94\A0028061.exe Infecté : Email-Worm.Win32.Bagle.of ignoré C:\System Volume Information\_restore{EC5E7376-8FDB-4BBA-B893-839341FB7AA6}\RP94\A0028062.exe Infecté : Email-Worm.Win32.Bagle.of ignoré C:\System Volume Information\_restore{EC5E7376-8FDB-4BBA-B893-839341FB7AA6}\RP94\A0028063.exe Infecté : Email-Worm.Win32.Bagle.of ignoré C:\System Volume Information\_restore{EC5E7376-8FDB-4BBA-B893-839341FB7AA6}\RP94\A0028064.sys Infecté : Trojan-Downloader.Win32.Bagle.afl ignoré C:\System Volume Information\_restore{EC5E7376-8FDB-4BBA-B893-839341FB7AA6}\RP94\A0028691.exe Infecté : not-a-virus:FraudTool.Win32.VirusRemover.k ignoré C:\System Volume Information\_restore{EC5E7376-8FDB-4BBA-B893-839341FB7AA6}\RP94\A0028700.sys Infecté : Trojan-Downloader.Win32.Bagle.afl ignoré C:\System Volume Information\_restore{EC5E7376-8FDB-4BBA-B893-839341FB7AA6}\RP95\A0028736.exe Infecté : Trojan-Downloader.Win32.Bagle.agb ignoré C:\System Volume Information\_restore{EC5E7376-8FDB-4BBA-B893-839341FB7AA6}\RP95\A0028911.exe Infecté : Email-Worm.Win32.Bagle.of ignoré C:\System Volume Information\_restore{EC5E7376-8FDB-4BBA-B893-839341FB7AA6}\RP95\A0028912.exe Infecté : Email-Worm.Win32.Bagle.of ignoré C:\System Volume Information\_restore{EC5E7376-8FDB-4BBA-B893-839341FB7AA6}\RP95\A0028913.exe Infecté : Email-Worm.Win32.Bagle.of ignoré C:\System Volume Information\_restore{EC5E7376-8FDB-4BBA-B893-839341FB7AA6}\RP95\A0028917.exe Infecté : Email-Worm.Win32.Bagle.of ignoré C:\System Volume Information\_restore{EC5E7376-8FDB-4BBA-B893-839341FB7AA6}\RP95\A0028918.exe Infecté : Email-Worm.Win32.Bagle.of ignoré C:\System Volume Information\_restore{EC5E7376-8FDB-4BBA-B893-839341FB7AA6}\RP95\A0028919.exe Infecté : Email-Worm.Win32.Bagle.of ignoré C:\System Volume Information\_restore{EC5E7376-8FDB-4BBA-B893-839341FB7AA6}\RP95\A0029933.sys Infecté : Trojan-Downloader.Win32.Bagle.afl ignoré C:\System Volume Information\_restore{EC5E7376-8FDB-4BBA-B893-839341FB7AA6}\RP96\A0030326.exe Infecté : Email-Worm.Win32.Bagle.of ignoré C:\System Volume Information\_restore{EC5E7376-8FDB-4BBA-B893-839341FB7AA6}\RP96\A0030327.exe Infecté : Email-Worm.Win32.Bagle.of ignoré C:\System Volume Information\_restore{EC5E7376-8FDB-4BBA-B893-839341FB7AA6}\RP96\A0030328.exe Infecté : Email-Worm.Win32.Bagle.of ignoré C:\System Volume Information\_restore{EC5E7376-8FDB-4BBA-B893-839341FB7AA6}\RP96\A0030329.sys Infecté : Trojan-Downloader.Win32.Bagle.afl ignoré C:\System Volume Information\_restore{EC5E7376-8FDB-4BBA-B893-839341FB7AA6}\RP96\A0030603.sys Infecté : Trojan-Downloader.Win32.Bagle.afl ignoré C:\System Volume Information\_restore{EC5E7376-8FDB-4BBA-B893-839341FB7AA6}\RP97\A0031766.exe Infecté : Email-Worm.Win32.Bagle.of ignoré C:\System Volume Information\_restore{EC5E7376-8FDB-4BBA-B893-839341FB7AA6}\RP97\A0031767.sys Infecté : Trojan-Downloader.Win32.Bagle.afl ignoré C:\System Volume Information\_restore{EC5E7376-8FDB-4BBA-B893-839341FB7AA6}\RP97\A0031776.exe Infecté : Trojan-Downloader.Win32.Bagle.agb ignoré C:\System Volume Information\_restore{EC5E7376-8FDB-4BBA-B893-839341FB7AA6}\RP97\A0031779.exe Infecté : not-a-virus:FraudTool.Win32.VirusRemover.k ignoré C:\WINDOWS\CSC\00000001 L'objet est verrouillé ignoré C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\ODiag.evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\OSession.evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\drivers\sptd.sys L'objet est verrouillé ignoré C:\WINDOWS\system32\drivers\sptd3661.sys L'objet est verrouillé ignoré C:\WINDOWS\system32\g4.exe/stream/data0002 Infecté : Trojan-Clicker.Win32.Agent.cfq ignoré C:\WINDOWS\system32\g4.exe/stream Infecté : Trojan-Clicker.Win32.Agent.cfq ignoré C:\WINDOWS\system32\g4.exe NSIS: infecté - 2 ignoré C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré D:\Nouveau dossier (9)\setup.exe Infecté : Trojan-Downloader.Win32.Bagle.agh ignoré D:\RECYCLER\S-1-5-21-1801674531-299502267-725345543-1003\Dd2.exe/player_setup_CL_C2P_MS_DW_1911.EXE/WISE0013.BIN Infecté : Trojan-Downloader.Win32.Agent.afyh ignoré D:\RECYCLER\S-1-5-21-1801674531-299502267-725345543-1003\Dd2.exe/player_setup_CL_C2P_MS_DW_1911.EXE/WISE0016.BIN Infecté : not-a-virus:AdWare.Win32.Agent.bzo ignoré D:\RECYCLER\S-1-5-21-1801674531-299502267-725345543-1003\Dd2.exe/player_setup_CL_C2P_MS_DW_1911.EXE Infecté : not-a-virus:AdWare.Win32.Agent.bzo ignoré D:\RECYCLER\S-1-5-21-1801674531-299502267-725345543-1003\Dd2.exe ZIP: infecté - 3 ignoré D:\RECYCLER\S-1-5-21-1801674531-299502267-725345543-1003\Dd3.zip/setup.exe Infecté : Trojan-Downloader.Win32.Bagle.agh ignoré D:\RECYCLER\S-1-5-21-1801674531-299502267-725345543-1003\Dd3.zip ZIP: infecté - 1 ignoré D:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré D:\System Volume Information\_restore{D651D4F3-45F8-4D1C-959F-7FDDA50705F1}\RP770\A0318806.exe Infecté : not-a-virus:FraudTool.Win32.Takedawnload.a ignoré E:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré

La je ne me trouves pas sur les machines en question mais cela veut dire que si sur les 3 machine je crées un compte utilisateur appelé "exemple" avec le meme mot de passe cela me permettra de limiter l'accès au dossier partager à l'utilisateur "exemple" sur le pc1 sans poser de probleme quand ce meme utilisateur du pc2 ou 3 voudra acceder au dossier du pc1 ??? Je vais essayer ca mais ca semble presque... trop facile en tout cas merci d'avoir répondu

Bonjour à tous, Je viens de créer un petit réseau sous xp pro avec 3 pc et deux imprimantes. Je n'ai rencontré que peu de problème concernant le partage des fichiers ainsi que pour la mise en réseau des imprimantes. Voulant aller plus dans la config du réseau j'ai bien entendu voulu limité l'acces a celui ci en autorisant uniquement les ip des ordinateurs du réseau dans mon pare feu. Cependant je voudrai autoriser maintenant que certains comptes utilisateur a avoir accès au dossier partagé, hors je ne sais comment faire étant donné que sur le pc1 je ne peux pas autoriser un utilisateur du pc2 ou 3 ne pouvant pas choisir d'autres groupes ou utilisateurs que ceux existant sur le pc 1 (idem sur les autres) Pour l'instant j'ai configuré les autorisations sur tout le monde afin que cela fonctionne. Comment faire pour restreindre cela??? D'avance merci PS : les 3 pc sont sous xp et protégé par mcafee

Merci encore, et non, il n'y rien que j'ai mal interpreté, mais tu m'as aidé a résoudre le plus gros, apres il faut aussi que je me demerde un peu. a+

Ok message recu... En tout cas, concernant bagle, tu as bel et bien resolu mon probleme. quant a l'image que tu as collé de regrun c'est bien ce qui s'affiche... mais je vais pas t'embeter plus longtemps, je v me debrouiller pour l'enlever. Merci beaucoup pour ton aide je v essayer de mettre (résolu) dans le titre A +

Par contre je dois partir now, j'ai un match dans 30 min et je suis un peu a la bourre, je te souahite une bonne soirée, je regarderai a mon retour ce que tu me conseil encore de faire ou bien si tu penses que c ok. En tout cas je te remercie deja pour ta rapidité et ton efficacité. Je te souhaite une bonne soirée A+ PS : j'ai redemarré pour voir j'ai toujours " regrun partizan bootwatch antirootkit" qui s'affiche

et le log HijackThis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:35:44, on 22/08/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\netdde.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\Program Files\SiteAdvisor\6172\SAService.exe C:\WINDOWS\System32\svchost.exe c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\SiteAdvisor\6172\SiteAdv.exe C:\Program Files\Hercules\WiFi Station\WifiStation.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Mireille\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file) O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey O4 - HKLM\..\Run: [siteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9e.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9e.exe (User 'Default user') O4 - Global Startup: WiFi Station.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{35B3EFF2-D176-4CD0-9363-470ED3A77F48}: NameServer = 212.27.53.252,212.27.54.252 O17 - HKLM\System\CS1\Services\Tcpip\..\{35B3EFF2-D176-4CD0-9363-470ED3A77F48}: NameServer = 212.27.53.252,212.27.54.252 O17 - HKLM\System\CS2\Services\Tcpip\..\{35B3EFF2-D176-4CD0-9363-470ED3A77F48}: NameServer = 212.27.53.252,212.27.54.252 O17 - HKLM\System\CS3\Services\Tcpip\..\{35B3EFF2-D176-4CD0-9363-470ED3A77F48}: NameServer = 212.27.53.252,212.27.54.252 O23 - Service: McAfee Application Installer Cleanup (0028881219416529) (0028881219416529mcinstcleanup) - Unknown owner - C:\DOCUME~1\Mireille\LOCALS~1\Temp\002888~1.EXE (file missing) O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: Service SiteAdvisor (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6172\SAService.exe -- End of file - 4756 bytes

Voila le rapport sdfix, SDFix: Version 1.218 Run by Mireille on 22/08/2008 at 17:19 Microsoft Windows XP [version 5.1.2600] Running From: C:\SDFix Checking Services : Restoring Default Security Values Restoring Default Hosts File Rebooting Checking Files : No Trojan Files Found Removing Temp Files ADS Check : Final Check : catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-22 17:28:56 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000000 "khjeh"=hex:19,77,36,33,5c,0a,1d,67,23,4c,51,2e,08,fc,da,85,ad,ce,c2,18,91,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000000 "khjeh"=hex:19,77,36,33,5c,0a,1d,67,23,4c,51,2e,08,fc,da,85,ad,ce,c2,18,91,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg] "s0"=dword:51eda24a "s1"=dword:59f1ac97 "s2"=dword:4c4d8dbb "h0"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000000 "khjeh"=hex:19,77,36,33,5c,0a,1d,67,23,4c,51,2e,08,fc,da,85,ad,ce,c2,18,91,.. scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "DeviceNotSelectedTimeout"="15" "GDIProcessHandleQuota"=dword:00002710 "Spooler"="yes" "swapdisk"="" "TransmissionRetryTimeout"="90" "USERProcessHandleQuota"=dword:00002710 "appinit_dlls"="" scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "D:\\eChanblard\\emule.exe"="D:\\eChanblard\\emule.exe:*:Disabled:eChanblard" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "%windir%\\explorer.exe"="%windir%\\explorer.exe:*:Enabled:Windows Explorer" "C:\\Program Files\\Fichiers communs\\McAfee\\MNA\\McNASvc.exe"="C:\\Program Files\\Fichiers communs\\McAfee\\MNA\\McNASvc.exe:*:Enabled:McAfee Network Agent" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" Remaining Files : Files with Hidden Attributes : Wed 13 Oct 2004 1,694,208 ..SH. --- "C:\Program Files\Messenger\msmsgs.exe" Tue 19 Aug 2008 4,891,472 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" Tue 19 Aug 2008 2,156,368 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" Wed 27 Feb 2008 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak" Fri 22 Aug 2008 20,487 A.SHR --- "C:\Program Files\McAfee\MQC\MRU.bak" Fri 22 Aug 2008 265 A.SHR --- "C:\Program Files\McAfee\MQC\qcconf.bak" Sun 2 Mar 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp" Finished!

Il faut croire, mais je t'en avais deja parlé précedemment mais ca semblait pas urgent ok la je vais en mode sans echec a tout a l'heure