Bagle / hldrrr.exe

Anonyme

25 Avril 2008 14:44:06

Bonjour,
Je suis complètement désespéréé après un million de manips pour éradiquer le le virus Bagle.
J'ai lu les posts mais je suis systématiquement bloquée à certains endroits des manips...

Ce que j'ai déjà fait :
Eligagle.exe
ComboFix.exe
FxBeagle.exe (symentec)
Antibagle-fr.exe (bit defender)

J'ai suivi l'explication de Microsoft : http://support.microsoft.com/kb/819125/fr
J'ai vérifié : le Contrôleur ATA/ATAPI IDE

Quasi tous les logiciels que je j'installe donnent (dont les antivirus Avast ou nod32) :
"X n'est pas une application Win32 valide" :pt1cable:

"HijackThis" idem

Impossible de se connecter (là je suis sur un second PC)

Je suis larguée...
:cry:

Quelqu'un peut m'aider ? je craque... :cry:

Merci à tous

Autres pages sur : bagle hldrrr exe

| Etre averti des réponses
| Alerter

Répondre à Anonyme

XmichouX

25 Avril 2008 14:55:52

Salut,

Télécharge ELIBAGLA au bas de cette page.
Il est préférable pour certains antivirus de les désactiver avant d’entâmer cette procédure !

Clique sur le Descargar Elibagla afin de télécharger le fichier, enregistre-le sur ton bureau.
Lance le en double cliquant dessus.
Vérifie que dans le menu déroulant Unidad, il y ait bien la racine de la racine de la partition où est installé Windows, généralement -> C:\
L'option Eliminar Ficheros Automaticamente doit également être cochée.
Clique sur Explorar pour lancer l'analyse.
Poste le rapport généré en fin fin d'analyse.

| Alerter

Répondre à XmichouX

Anonyme

25 Avril 2008 15:00:15

Fri Apr 04 10:23:54 2008
EliBagle v11.21 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
Por favor, envienos una muestra del fichero
C:\Muestras\HLDRRR.EXE.Muestra EliBagle v11.21
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado.

Fri Apr 04 10:35:17 2008
EliBagle v11.21 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.

Fri Apr 04 10:37:29 2008
EliBagle v11.21 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
Por favor, envienos una muestra del fichero
C:\Muestras\HLDRRR.EXE.Muestra EliBagle v11.21
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 04 10:38:01 2008
EliBagle v11.21 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\System Volume Information\_restore{52F96334-C439-4C43-AEDF-6F8AFA8F0296}\RP266\A0082635.SYS --> Eliminado Bagle (rootkit)

Nº Total de Directorios: 7029
Nº Total de Ficheros: 90189
Nº de Ficheros Analizados: 9973
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 1

Fri Apr 04 10:44:10 2008
EliBagle v11.21 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
Por favor, envienos una muestra del fichero
C:\Muestras\HLDRRR.EXE.Muestra EliBagle v11.21
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 04 10:52:37 2008
EliBagle v11.21 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
Por favor, envienos una muestra del fichero
C:\Muestras\HLDRRR.EXE.Muestra EliBagle v11.21
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 04 10:52:45 2008
EliBagle v11.21 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios: 33
Nº Total de Ficheros: 383
Nº de Ficheros Analizados: 50
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
Exploración Detenida por el Usuario.

Fri Apr 04 10:55:11 2008
EliBagle v11.21 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios: 6961
Nº Total de Ficheros: 90386
Nº de Ficheros Analizados: 10120
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0

Thu Apr 10 14:52:09 2008
EliBagle v11.21 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
Por favor, envienos una muestra del fichero
C:\Muestras\HLDRRR.EXE.Muestra EliBagle v11.21
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado.
Reinicie para Completar la Limpieza.

Thu Apr 10 14:52:40 2008
EliBagle v11.21 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios: 6941
Nº Total de Ficheros: 90075
Nº de Ficheros Analizados: 10218
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0

Fri Apr 25 11:38:34 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 25 11:38:39 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\Program Files\Google\GoogleToolbarNotifier\GOOGLETOOLBARNOTIFIER.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{52F96334-C439-4C43-AEDF-6F8AFA8F0296}\RP273\A0083930.EXE --> Eliminado Bagle.dldr

Nº Total de Directorios: 6888
Nº Total de Ficheros: 88893
Nº de Ficheros Analizados: 10065
Nº de Ficheros Infectados: 2
Nº de Ficheros Limpiados: 2

Fri Apr 25 11:45:19 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 25 11:45:53 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios: 6886
Nº Total de Ficheros: 89026
Nº de Ficheros Analizados: 10188
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0

Fri Apr 25 12:07:45 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 25 12:08:00 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad K:\

Nº Total de Directorios: 0
Nº Total de Ficheros: 4
Nº de Ficheros Analizados: 2
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0

Fri Apr 25 12:08:17 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad D:\

Nº Total de Directorios: 2153
Nº Total de Ficheros: 30425
Nº de Ficheros Analizados: 103
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0

Fri Apr 25 12:13:50 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 25 12:21:18 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 25 12:21:47 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios: 6881
Nº Total de Ficheros: 89162
Nº de Ficheros Analizados: 10262
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0

Fri Apr 25 12:31:43 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 25 14:04:06 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 25 14:20:34 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 25 14:31:44 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 25 14:49:27 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 25 16:02:10 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 25 16:02:32 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios: 6811
Nº Total de Ficheros: 89382
Nº de Ficheros Analizados: 10488
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0

Fri Apr 25 16:12:03 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 25 16:33:49 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 25 16:56:07 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 25 16:57:24 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.

| Alerter

Répondre à Anonyme

Anonyme

25 Avril 2008 15:01:28

Merci pour ta présence XmichouX

| Alerter

Répondre à Anonyme

Anonyme

25 Avril 2008 15:36:58

| Alerter

Répondre à Anonyme

XmichouX

25 Avril 2008 15:52:39

Re,

On continue.
Essaie de démarrer ton ordinateur en mode sans échec avec prise en charge réseau, puis relance Elibagla. Dans le cas échéant (si pas de mode sans échec [Ne démarre surtout pas avec MSConfig !!]),

Télécharge ComboFix (de sUBs) sur ton Bureau. (Tuto)

Désactive temporairement toute protection résidente ! (Antivirus, antispywares..)
Double clique sur ComboFix.exe.
Accepte la licence en cliquant sur Oui.
Lorsque l'opération sera terminée, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

Le rapport se trouve ici : %systemdrive%\ComboFix.txt (%systemdrive% étant la partition où est installée Windows; C:\ en général)

Renomme ComboFix en Combo-Fix avant le téléchargement comme suit:
http://forum.pcastuces.com/sujet.asp?f=25&s=37315

| Alerter

Répondre à XmichouX

Anonyme

25 Avril 2008 16:20:24

Ok, ça a pris du temps...
Merci si tu es encore là

Rapport :

ComboFix 08-04-24.1 - Nous 2008-04-25 18:05:49.2 - FAT32x86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.528 [GMT 2:00]
Endroit: C:\Documents and Settings\Nous\Bureau\ComboFie.exe
* Création d'un nouveau point de restauration
* Resident AV is active

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system\msvbvm60.dll
C:\WINDOWS\system32\drivers\downld
C:\WINDOWS\system32\drivers\hldrrr.exe . . . . Echec de suppression
C:\WINDOWS\system32\drivers\mdelk.exe . . . . Echec de suppression
C:\WINDOWS\system32\drivers\srosa.sys . . . . Echec de suppression

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SROSA

((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-03-25 to 2008-04-25 ))))))))))))))))))))))))))))))))))))
.

2008-04-25 17:25 . 2008-04-25 17:25 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-04-25 17:12 . 2008-04-25 17:12 <REP> d-------- C:\72567de11a311329d4e44d
2008-04-25 16:55 . 2008-04-25 16:55 502,368 --a------ C:\WINDOWS\system32\drivers\amon.sys
2008-04-25 16:55 . 2008-04-25 16:55 274,432 --a------ C:\WINDOWS\system32\imon.dll
2008-04-25 16:55 . 2005-06-03 03:20 13 -ra------ C:\WINDOWS\system32\drivers\verfile.tic
2008-04-25 16:54 . 2004-08-12 08:44 234,496 --a------ C:\WINDOWS\system32\drivers\iwca.sys
2008-04-25 16:54 . 2004-08-12 08:43 21,504 --a------ C:\WINDOWS\system32\drivers\iwca2k.sys
2008-04-25 16:54 . 2004-08-12 08:44 16,384 --a------ C:\WINDOWS\system32\iwca.dll
2008-04-25 16:54 . 2004-08-11 19:55 3,101 --a------ C:\WINDOWS\system32\drivers\netsiwca.inf
2008-04-25 16:54 . 2004-08-11 19:55 1,960 --a------ C:\WINDOWS\system32\drivers\netiwca.inf
2008-04-25 16:21 . 2005-11-10 12:48 <REP> d-------- C:\Documents and Settings\Administrateur\WINDOWS
2008-04-25 16:21 . 2005-11-10 12:32 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage r‚seau
2008-04-25 16:21 . 2005-11-10 12:32 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-04-25 16:21 . 2005-11-10 12:32 <REP> d--h----- C:\Documents and Settings\Administrateur\ModŠles
2008-04-25 16:21 . 2005-11-10 12:59 <REP> dr------- C:\Documents and Settings\Administrateur\Mes documents
2008-04-25 16:21 . 2005-11-10 12:32 <REP> dr------- C:\Documents and Settings\Administrateur\Menu D‚marrer
2008-04-25 16:21 . 2005-11-10 12:59 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
2008-04-25 16:21 . 2005-11-10 12:32 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-04-25 16:21 . 2005-11-10 12:56 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Symantec
2008-04-25 16:21 . 2005-11-10 13:04 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Intel
2008-04-25 16:21 . 2008-04-25 16:21 <REP> d-------- C:\Documents and Settings\Administrateur
2008-04-25 16:21 . 2008-04-25 18:05 1,024 --ah----- C:\Documents and Settings\Administrateur\ntuser.dat.LOG
2008-04-25 15:18 . 2008-04-25 15:18 <REP> d-------- C:\Documents and Settings\Nous\DoctorWeb
2008-04-25 15:11 . 2008-04-25 15:11 <REP> d-------- C:\Program Files\Trend Micro
2008-04-25 14:51 . 2008-04-25 14:51 0 --a------ C:\Documents and Settings\Nous\RUNDLL32.EXE
2008-04-25 14:51 . 2008-04-25 14:51 0 --a------ C:\Documents and Settings\Nous\RTHDCPL.EXE
2008-04-25 14:51 . 2008-04-25 14:51 0 --a------ C:\Documents and Settings\Nous\.EXE
2008-04-25 14:47 . 2008-04-25 14:47 <REP> d-------- C:\Program Files\Alwil Software
2008-04-25 14:44 . 2008-04-25 14:44 <REP> d-------- C:\Program Files\Winsos
2008-04-25 12:42 . 2008-04-25 12:42 <REP> d-------- C:\_OTMoveIt
2008-04-25 12:17 . 2008-04-25 12:18 <REP> d-------- C:\!KillBox
2008-04-25 09:05 . 2008-04-25 09:05 <REP> d-------- C:\Program Files\Securitoo
2008-04-25 09:05 . 2008-04-25 09:05 <REP> d-------- C:\Documents and Settings\Nous\Application Data\InstallShield
2008-04-04 10:25 . 2008-04-04 10:25 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-04-04 10:23 . 2008-04-04 10:23 <REP> d-------- C:\Muestras
2008-04-03 17:25 . 2008-04-03 17:25 <REP> d-------- C:\ThumbNail

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-25 15:38 15,360 ----a-w C:\WINDOWS\system32\dllcache\register.exe
2008-04-01 17:51 94,208 ----a-w C:\WINDOWS\DUMP6d60.tmp
2006-10-09 09:41 23,008 ----a-w C:\Documents and Settings\Nous\Application Data\GDIPFONTCACHEV1.DAT
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-25 14:51 0]
"googletalk"="C:\Program Files\Google\Google Talk\googletalk.exe" [2007-04-19 07:39 3297280]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSConfig"="C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.exe" [2004-08-05 14:00 160768]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-02-26 15:26 185896]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-12-22 01:23 98394]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-12-22 01:23 688218]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"RTHDCPL"="RTHDCPL.EXE" [2005-05-25 03:37 14477312 C:\WINDOWS\RTHDCPL.EXE]
"Power_Gear"="C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe" [2004-09-21 16:55 81920]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"HControl"="C:\WINDOWS\ATK0100\HControl.exe" [2005-05-12 03:15 102400]
"CreativeMouse "="C:\Program Files\Mouse Driver\MouseDrv.exe" [2004-06-27 15:38 503808]
"CloneCDTray"="C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" [2004-09-02 22:57 57344]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-05 14:00 110592 C:\WINDOWS\system32\bthprops.cpl]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-03-22 21:05 339968]
"Acrobat Assistant 7.0"="C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2004-12-14 02:12 483328]
"Wireless Console"="C:\Program Files\ASUS\Wireless Console\wcourier.exe" [2005-03-02 21:52 57344]
"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2005-05-31 22:46 401408]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2005-06-03 01:31 385024]
"EOUApp"="C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe" [2005-05-31 22:50 356352]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008-04-25 18:07 921600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"ReEXEc"="C:\Documents and Settings\Nous\Bureau\ELIBAGLA.ØDØEBØØH.EXE" [ ]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 14:00 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]
C:\Program Files\Intel\Wireless\Bin\LgNotify.dll 2005-05-31 22:46 110592 C:\Program Files\Intel\Wireless\Bin\LgNotify.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.asv2"= asusasv2.dll
"vidc.yv12"= yv12vfw.dll
"msacm.divxa32"= msaud32_divx.acm

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^NETGEAR WG111v3 Smart Wizard.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\NETGEAR WG111v3 Smart Wizard.lnk
backup=C:\WINDOWS\pss\NETGEAR WG111v3 Smart Wizard.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINSOS VERIFY]
--a------ 2008-03-28 13:31 2116102 C:\Program Files\Winsos\WINSOS.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\Winsos\\winsos.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*

isabled:@xpsp2res.dll,-22009

R0 ppa;Pilote de filtre de port parallèle Iomega;C:\WINDOWS\system32\DRIVERS\ppa.sys [2001-08-17 21:53]
R0 R592;R592;C:\WINDOWS\system32\DRIVERS\R592.sys [2004-10-15 19:26]
R0 risdpntk;risdpntk;C:\WINDOWS\system32\DRIVERS\risdpntk.sys [2004-10-15 19:26]
R2 LF30FS;LF30FS;C:\Program Files\Everstrike Software\Lock Folder XP 3.3\LF30XP.sys [2004-02-25 11:48]
R3 Video3D;ASUS Video3D Service;C:\WINDOWS\system32\Drivers\Video3D.sys [2004-07-06 19:56]
S3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;C:\WINDOWS\system32\DRIVERS\wg111v3.sys []
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]
S3 usbstor;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 14:00]
S3 wampapache;wampapache;"C:\Program Files\wamp\apache2\bin\Apache.exe" -k runservice []
S3 wampmysqld;wampmysqld;"C:\Program Files\wamp\mysql\bin\mysqld-nt.exe" "--defaults-file=C:\Program Files\wamp\mysql\my.ini" wampmysqld []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c40c3158-7589-11dc-bcd5-001500302773}]
\Shell\AutoRun\command - K:\LaunchU3.exe

*Newly Created Service* - SROSA
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-25 18:14:17
Windows 5.1.2600 Service Pack 2 FAT NTAPI

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"drvsyskit"="C:\\WINDOWS\\system32\\drivers\\hldrrr.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\srosa]
"ImagePath"="\??\C:\WINDOWS\system32\drivers\srosa.sys"
.
--------------------- DLLs a charg‚ sous des processus courants ---------------------

PROCESS: C:\WINDOWS\system32\lsass.exe
-> C:\Program Files\Eset\pr_imon.dll
.
------------------------ Other Running Processes ------------------------
.
C:\PROGRAM FILES\INTEL\WIRELESS\BIN\EVTENG.EXE
C:\PROGRAM FILES\INTEL\WIRELESS\BIN\S24EVMON.EXE
C:\PROGRAM FILES\FICHIERS COMMUNS\MICROSOFT SHARED\VS7DEBUG\MDM.EXE
C:\PROGRAM FILES\INTEL\WIRELESS\BIN\1XCONFIG.EXE
C:\PROGRAM FILES\INTEL\WIRELESS\BIN\OPROTSVC.EXE
C:\PROGRAM FILES\INTEL\WIRELESS\BIN\REGSRVC.EXE
C:\PROGRAM FILES\ALCOHOL SOFT\ALCOHOL 120\STARWIND\STARWINDSERVICE.EXE
C:\WINDOWS\SYSTEM32\WWSECURE.EXE
.
**************************************************************************
.
Temps d'accomplissement: 2008-04-25 18:16:34 - machine was rebooted
ComboFix-quarantined-files.txt 2008-04-25 16:16:30

Pre-Run: 32,039,763,968 octets libres
Post-Run: 32,073,515,008 octets libres

165 --- E O F --- 2007-12-28 09:56:19

| Alerter

Répondre à Anonyme

XmichouX

25 Avril 2008 17:18:52

Re,

Elle s'accroche dans les clefs RUN ..

Tu n'as donc pas accès au mode sans échec ?

Copie le texte se situant dans le cadre ci-dessous :

Driver::
SROSA
Legacy_SROSA

File::
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\drivers\hldrrr.exe
C:\WINDOWS\DUMP6d60.tmp
C:\Documents and Settings\Nous\RUNDLL32.EXE
C:\Documents and Settings\Nous\RTHDCPL.EXE
C:\Documents and Settings\Nous\.EXE
C:\WINDOWS\system32\drivers\mdelk.exe

Folder::
C:\Program Files\Winsos

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"=-
"googletalk"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"=-
"NeroFilterCheck"=-
"Acrobat Assistant 7.0"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINSOS VERIFY]

Ouvre le Bloc-notes puis colle le texte copié.
(Démarrer\Tous les programmes\Accessoires\Bloc-notes.)
Sauvegarde ce fichier sous le nom de CFScript.txt sur ton Bureau.

Glisse maintenant le fichier CFScript.txt dans ComboFix.exe comme ci-dessous :

Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt.
S'il n'y a pas de rédémarrage, poste quand même le rapport.

| Alerter

Répondre à XmichouX

Anonyme

25 Avril 2008 17:49:14

Ca m'énerve, il me met maintenant toujours "l'utilitaire de configuration système au démarrage" :pfff:

Bon... Voilà le rapport :

ComboFix 08-04-24.1 - Nous 2008-04-25 19:34:29.3 - FAT32x86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.600 [GMT 2:00]
Endroit: C:\Documents and Settings\Nous\Bureau\ComboFie.exe
Command switches used :: C:\Documents and Settings\Nous\Bureau\CFScript.txt
* Création d'un nouveau point de restauration
* Resident AV is active

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!

FILE ::
C:\Documents and Settings\Nous\.EXE
C:\Documents and Settings\Nous\RTHDCPL.EXE
C:\Documents and Settings\Nous\RUNDLL32.EXE
C:\WINDOWS\DUMP6d60.tmp
C:\WINDOWS\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\drivers\mdelk.exe
C:\WINDOWS\system32\drivers\srosa.sys
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Nous\.EXE
C:\Documents and Settings\Nous\RTHDCPL.EXE
C:\Documents and Settings\Nous\RUNDLL32.EXE
C:\Program Files\Winsos
C:\Program Files\Winsos\WD120ACTION.DLL
C:\Program Files\Winsos\WD120COM.DLL
C:\Program Files\Winsos\WD120IMG.DLL
C:\Program Files\Winsos\WD120MAT.DLL
C:\Program Files\Winsos\WD120OBJ.DLL
C:\Program Files\Winsos\WD120OLE.DLL
C:\Program Files\Winsos\WD120STD.DLL
C:\Program Files\Winsos\WD120VM.DLL
C:\Program Files\Winsos\Winsos.exe
C:\WINDOWS\DUMP6d60.tmp
C:\WINDOWS\system32\drivers\hldrrr.exe . . . . Echec de suppression
C:\WINDOWS\system32\drivers\mdelk.exe . . . . Echec de suppression
C:\WINDOWS\system32\drivers\srosa.sys . . . . Echec de suppression

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SROSA

((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-03-25 to 2008-04-25 ))))))))))))))))))))))))))))))))))))
.

2008-04-25 17:25 . 2008-04-25 17:25 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-04-25 17:12 . 2008-04-25 17:12 <REP> d-------- C:\72567de11a311329d4e44d
2008-04-25 16:55 . 2008-04-25 16:55 502,368 --a------ C:\WINDOWS\system32\drivers\amon.sys
2008-04-25 16:55 . 2008-04-25 16:55 274,432 --a------ C:\WINDOWS\system32\imon.dll
2008-04-25 16:55 . 2005-06-03 03:20 13 -ra------ C:\WINDOWS\system32\drivers\verfile.tic
2008-04-25 16:54 . 2004-08-12 08:44 234,496 --a------ C:\WINDOWS\system32\drivers\iwca.sys
2008-04-25 16:54 . 2004-08-12 08:43 21,504 --a------ C:\WINDOWS\system32\drivers\iwca2k.sys
2008-04-25 16:54 . 2004-08-12 08:44 16,384 --a------ C:\WINDOWS\system32\iwca.dll
2008-04-25 16:54 . 2004-08-11 19:55 3,101 --a------ C:\WINDOWS\system32\drivers\netsiwca.inf
2008-04-25 16:54 . 2004-08-11 19:55 1,960 --a------ C:\WINDOWS\system32\drivers\netiwca.inf
2008-04-25 16:21 . 2005-11-10 12:48 <REP> d-------- C:\Documents and Settings\Administrateur\WINDOWS
2008-04-25 16:21 . 2005-11-10 12:32 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage r‚seau
2008-04-25 16:21 . 2005-11-10 12:32 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-04-25 16:21 . 2005-11-10 12:32 <REP> d--h----- C:\Documents and Settings\Administrateur\ModŠles
2008-04-25 16:21 . 2005-11-10 12:59 <REP> dr------- C:\Documents and Settings\Administrateur\Mes documents
2008-04-25 16:21 . 2005-11-10 12:32 <REP> dr------- C:\Documents and Settings\Administrateur\Menu D‚marrer
2008-04-25 16:21 . 2005-11-10 12:59 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
2008-04-25 16:21 . 2005-11-10 12:32 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-04-25 16:21 . 2005-11-10 12:56 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Symantec
2008-04-25 16:21 . 2005-11-10 13:04 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Intel
2008-04-25 16:21 . 2008-04-25 16:21 <REP> d-------- C:\Documents and Settings\Administrateur
2008-04-25 16:21 . 2008-04-25 18:05 1,024 --ah----- C:\Documents and Settings\Administrateur\ntuser.dat.LOG
2008-04-25 15:18 . 2008-04-25 15:18 <REP> d-------- C:\Documents and Settings\Nous\DoctorWeb
2008-04-25 15:11 . 2008-04-25 15:11 <REP> d-------- C:\Program Files\Trend Micro
2008-04-25 14:47 . 2008-04-25 14:47 <REP> d-------- C:\Program Files\Alwil Software
2008-04-25 12:42 . 2008-04-25 12:42 <REP> d-------- C:\_OTMoveIt
2008-04-25 12:17 . 2008-04-25 12:18 <REP> d-------- C:\!KillBox
2008-04-25 09:05 . 2008-04-25 09:05 <REP> d-------- C:\Program Files\Securitoo
2008-04-25 09:05 . 2008-04-25 09:05 <REP> d-------- C:\Documents and Settings\Nous\Application Data\InstallShield
2008-04-04 10:25 . 2008-04-04 10:25 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-04-04 10:23 . 2008-04-04 10:23 <REP> d-------- C:\Muestras
2008-04-03 17:25 . 2008-04-03 17:25 <REP> d-------- C:\ThumbNail

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-25 17:17 15,360 ----a-w C:\WINDOWS\system32\dllcache\register.exe
2006-10-09 09:41 23,008 ----a-w C:\Documents and Settings\Nous\Application Data\GDIPFONTCACHEV1.DAT
.

((((((((((((((((((((((((((((( snapshot@2008-04-25_18.16.01.95 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-25 15:09:06 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB873339\update\update.exe
+ 2008-04-25 17:17:40 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB873339\update\update.exe
- 2008-04-25 15:09:06 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB885250\update\update.exe
+ 2008-04-25 17:17:42 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB885250\update\update.exe
- 2008-04-25 15:09:06 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB885835\update\update.exe
+ 2008-04-25 17:17:42 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB885835\update\update.exe
- 2008-04-25 15:09:08 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB885836\update\update.exe
+ 2008-04-25 17:17:44 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB885836\update\update.exe
- 2008-04-25 15:09:08 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB886185\update\update.exe
+ 2008-04-25 17:17:44 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB886185\update\update.exe
- 2008-04-25 15:09:06 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB887472\update\update.exe
+ 2008-04-25 17:17:40 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB887472\update\update.exe
- 2008-04-25 15:09:06 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB887742\update\update.exe
+ 2008-04-25 17:17:40 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB887742\update\update.exe
- 2008-04-25 15:09:06 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB888113\update\update.exe
+ 2008-04-25 17:17:40 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB888113\update\update.exe
- 2008-04-25 15:09:04 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB888302\update\update.exe
+ 2008-04-25 17:17:40 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB888302\update\update.exe
- 2008-04-25 09:56:08 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB890046\update\update.exe
+ 2008-04-25 17:17:44 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB890046\update\update.exe
- 2008-04-25 09:56:04 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB890859\update\update.exe
+ 2008-04-25 17:17:38 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB890859\update\update.exe
- 2008-04-25 15:09:04 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB891781\update\update.exe
+ 2008-04-25 17:17:40 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB891781\update\update.exe
- 2008-04-25 09:56:06 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB893756\update\update.exe
+ 2008-04-25 17:17:40 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB893756\update\update.exe
- 2008-04-25 09:56:04 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB894391\update\update.exe
+ 2008-04-25 17:17:40 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB894391\update\update.exe
- 2008-04-25 09:56:06 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB896358\update\update.exe
+ 2008-04-25 17:17:40 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB896358\update\update.exe
- 2008-04-25 09:56:08 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB896422\update\update.exe
+ 2008-04-25 17:17:42 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB896422\update\update.exe
- 2008-04-25 09:56:04 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB896423\update\update.exe
+ 2008-04-25 17:17:38 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB896423\update\update.exe
- 2008-04-25 09:56:06 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB896424\update\update.exe
+ 2008-04-25 17:17:42 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB896424\update\update.exe
- 2008-04-25 09:56:08 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB896428\update\update.exe
+ 2008-04-25 17:17:42 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB896428\update\update.exe
- 2008-04-25 09:56:04 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB898461\update\update.exe
+ 2008-04-25 17:17:38 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB898461\update\update.exe
- 2008-04-25 09:56:08 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB899587\update\update.exe
+ 2008-04-25 17:17:42 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB899587\update\update.exe
- 2008-04-25 09:56:06 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB899591\update\update.exe
+ 2008-04-25 17:17:42 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB899591\update\update.exe
- 2008-04-25 09:56:10 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB900485\update\update.exe
+ 2008-04-25 17:17:44 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB900485\update\update.exe
- 2008-04-25 09:56:08 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB900725\update\update.exe
+ 2008-04-25 17:17:44 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB900725\update\update.exe
- 2008-04-25 09:56:06 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB901017\update\update.exe
+ 2008-04-25 17:17:42 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB901017\update\update.exe
- 2008-04-25 09:56:04 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB901214\update\update.exe
+ 2008-04-25 17:17:40 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB901214\update\update.exe
- 2008-04-25 09:56:08 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB902400\update\update.exe
+ 2008-04-25 17:17:44 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB902400\update\update.exe
- 2008-04-25 09:56:08 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB904706\update\update.exe
+ 2008-04-25 17:17:42 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB904706\update\update.exe
- 2008-04-25 09:56:06 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB905414\update\update.exe
+ 2008-04-25 17:17:40 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB905414\update\update.exe
- 2008-04-25 09:56:08 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB905749\update\update.exe
+ 2008-04-25 17:17:42 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB905749\update\update.exe
- 2008-04-25 09:56:06 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB905915\update\update.exe
+ 2008-04-25 17:17:40 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB905915\update\update.exe
- 2008-04-25 09:56:04 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB908519\update\update.exe
+ 2008-04-25 17:17:40 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB908519\update\update.exe
- 2008-04-25 09:56:10 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB908531\update\update.exe
+ 2008-04-25 17:17:44 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB908531\update\update.exe
- 2008-04-25 09:56:08 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB910437\update\update.exe
+ 2008-04-25 17:17:44 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB910437\update\update.exe
- 2008-04-25 09:56:14 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB911280\update\update.exe
+ 2008-04-25 17:17:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB911280\update\update.exe
- 2008-04-25 09:56:10 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB911562\update\update.exe
+ 2008-04-25 17:17:44 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB911562\update\update.exe
- 2008-04-25 09:56:10 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB911567\update\update.exe
+ 2008-04-25 17:17:44 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB911567\update\update.exe
- 2008-04-25 09:56:06 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB911927\update\update.exe
+ 2008-04-25 17:17:42 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB911927\update\update.exe
- 2008-04-25 09:56:10 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB912812\update\update.exe
+ 2008-04-25 17:17:44 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB912812\update\update.exe
- 2008-04-25 09:56:04 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB912919\update\update.exe
+ 2008-04-25 17:17:40 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB912919\update\update.exe
- 2008-04-25 09:56:08 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB913446\update\update.exe
+ 2008-04-25 17:17:44 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB913446\update\update.exe
- 2008-04-25 09:56:10 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB913580\update\update.exe
+ 2008-04-25 17:17:44 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB913580\update\update.exe
- 2008-04-25 09:56:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB914388\update\update.exe
+ 2008-04-25 17:17:48 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB914388\update\update.exe
- 2008-04-25 09:56:10 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB914389\update\update.exe
+ 2008-04-25 17:17:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB914389\update\update.exe
- 2008-04-25 09:56:10 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB916281\update\update.exe
+ 2008-04-25 17:17:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB916281\update\update.exe
- 2008-04-25 09:56:24 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB916595\update\update.exe
+ 2008-04-25 17:17:48 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB916595\update\update.exe
- 2008-04-25 09:56:18 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB917159\update\update.exe
+ 2008-04-25 17:17:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB917159\update\update.exe
- 2008-04-25 09:56:12 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB917344\update\update.exe
+ 2008-04-25 17:17:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB917344\update\update.exe
- 2008-04-25 09:56:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB917422\update\update.exe
+ 2008-04-25 17:17:48 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB917422\update\update.exe
- 2008-04-25 09:56:12 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB917953\update\update.exe
+ 2008-04-25 17:17:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB917953\update\update.exe
- 2008-04-25 09:56:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB918118\update\update.exe
+ 2008-04-25 17:17:52 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB918118\update\update.exe
- 2008-04-25 09:56:14 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB918439\update\update.exe
+ 2008-04-25 17:17:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB918439\update\update.exe
- 2008-04-25 09:56:16 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB918899\update\update.exe
+ 2008-04-25 17:17:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB918899\update\update.exe
- 2008-04-25 09:56:30 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB919007\update\update.exe
+ 2008-04-25 17:17:48 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB919007\update\update.exe
- 2008-04-25 09:56:40 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB920213\update\update.exe
+ 2008-04-25 17:17:50 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB920213\update\update.exe
- 2008-04-25 09:56:20 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB920214\update\update.exe
+ 2008-04-25 17:17:48 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB920214\update\update.exe
- 2008-04-25 09:56:16 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB920670\update\update.exe
+ 2008-04-25 17:17:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB920670\update\update.exe
- 2008-04-25 09:56:22 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB920683\update\update.exe
+ 2008-04-25 17:17:48 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB920683\update\update.exe
- 2008-04-25 09:56:30 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB920685\update\update.exe
+ 2008-04-25 17:17:48 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB920685\update\update.exe
- 2008-04-25 09:56:30 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB920872\update\update.exe
+ 2008-04-25 17:17:48 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB920872\update\update.exe
- 2008-04-25 09:56:30 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB921398\update\update.exe
+ 2008-04-25 17:17:48 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB921398\update\update.exe
- 2008-04-25 09:57:00 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB921503\update\update.exe
+ 2008-04-25 17:17:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB921503\update\update.exe
- 2008-04-25 09:56:14 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB921883\update\update.exe
+ 2008-04-25 17:17:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB921883\update\update.exe
- 2008-04-25 09:56:32 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB922582\update\update.exe
+ 2008-04-25 17:17:50 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB922582\update\update.exe
- 2008-04-25 09:56:18 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB922616\update\update.exe
+ 2008-04-25 17:17:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB922616\update\update.exe
- 2008-04-25 09:56:36 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB922760\update\update.exe
+ 2008-04-25 17:17:50 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB922760\update\update.exe
- 2008-04-25 09:56:34 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB922819\update\update.exe
+ 2008-04-25 17:17:50 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB922819\update\update.exe
- 2008-04-25 09:56:34 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB923414\update\update.exe
+ 2008-04-25 17:17:50 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB923414\update\update.exe
- 2008-04-25 09:56:42 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB923694\update\update.exe
+ 2008-04-25 17:17:52 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB923694\update\update.exe
- 2008-04-25 09:56:40 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB923980\update\update.exe
+ 2008-04-25 17:17:52 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB923980\update\update.exe
- 2008-04-25 09:56:36 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB924191\update\update.exe
+ 2008-04-25 17:17:50 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB924191\update\update.exe
- 2008-04-25 09:56:40 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB924270\update\update.exe
+ 2008-04-25 17:17:50 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB924270\update\update.exe
- 2008-04-25 09:56:32 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB924496\update\update.exe
+ 2008-04-25 17:17:50 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB924496\update\update.exe
- 2008-04-25 09:56:44 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB925454\update\update.exe
+ 2008-04-25 17:17:52 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB925454\update\update.exe
- 2008-04-25 09:56:32 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB925486\update\update.exe
+ 2008-04-25 17:17:50 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB925486\update\update.exe
- 2008-04-25 09:56:48 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB925902\update\update.exe
+ 2008-04-25 17:17:54 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB925902\update\update.exe
- 2008-04-25 09:56:42 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB926255\update\update.exe
+ 2008-04-25 17:17:52 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB926255\update\update.exe
- 2008-04-25 09:56:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB926436\update\update.exe
+ 2008-04-25 17:17:52 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB926436\update\update.exe
- 2008-04-25 09:56:48 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB927779\update\update.exe
+ 2008-04-25 17:17:52 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB927779\update\update.exe
- 2008-04-25 09:56:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB927802\update\update.exe
+ 2008-04-25 17:17:52 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB927802\update\update.exe
- 2008-04-25 09:56:54 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB927891\update\update.exe
+ 2008-04-25 17:17:54 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB927891\update\update.exe
- 2008-04-25 09:56:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB928090\update\update.exe
+ 2008-04-25 17:17:52 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB928090\update\update.exe
- 2008-04-25 09:56:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB928255\update\update.exe
+ 2008-04-25 17:17:52 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB928255\update\update.exe
- 2008-04-25 09:56:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB928843\update\update.exe
+ 2008-04-25 17:17:52 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB928843\update\update.exe
- 2008-04-25 09:56:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB929123\update\update.exe
+ 2008-04-25 17:17:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB929123\update\update.exe
- 2008-04-25 09:56:48 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB929338\update\update.exe
+ 2008-04-25 17:17:54 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB929338\update\update.exe
- 2008-04-25 09:56:44 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB929969\update\update.exe
+ 2008-04-25 17:17:52 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB929969\update\update.exe
- 2008-04-25 09:56:50 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB930178\update\update.exe
+ 2008-04-25 17:17:54 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB930178\update\update.exe
- 2008-04-25 09:56:50 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB930916\update\update.exe
+ 2008-04-25 17:17:54 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB930916\update\update.exe
- 2008-04-25 09:56:50 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB931261\update\update.exe
+ 2008-04-25 17:17:54 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB931261\update\update.exe
- 2008-04-25 09:56:52 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB931768\update\update.exe
+ 2008-04-25 17:17:54 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB931768\update\update.exe
- 2008-04-25 09:56:50 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB931784\update\update.exe
+ 2008-04-25 17:17:54 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB931784\update\update.exe
- 2008-04-25 09:56:48 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB931836\update\update.exe
+ 2008-04-25 17:17:52 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB931836\update\update.exe
- 2008-04-25 09:56:48 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB932168\update\update.exe
+ 2008-04-25 17:17:54 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB932168\update\update.exe
- 2008-04-25 09:56:58 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB933360\update\update.exe
+ 2008-04-25 17:17:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB933360\update\update.exe
- 2008-04-25 09:56:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB933566\update\update.exe
+ 2008-04-25 17:17:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB933566\update\update.exe
- 2008-04-25 09:56:48 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB935448\update\update.exe
+ 2008-04-25 17:17:54 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB935448\update\update.exe
- 2008-04-25 09:56:54 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB935839\update\update.exe
+ 2008-04-25 17:17:54 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB935839\update\update.exe
- 2008-04-25 09:56:54 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB935840\update\update.exe
+ 2008-04-25 17:17:54 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB935840\update\update.exe
- 2008-04-25 09:57:00 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB936021\update\update.exe
+ 2008-04-25 17:17:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB936021\update\update.exe
- 2008-04-25 09:57:00 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB936357\update\update.exe
+ 2008-04-25 17:17:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB936357\update\update.exe
- 2008-04-25 09:56:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB937143\update\update.exe
+ 2008-04-25 17:17:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB937143\update\update.exe
- 2008-04-25 09:56:58 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB938127\update\update.exe
+ 2008-04-25 17:17:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB938127\update\update.exe
- 2008-04-25 09:57:00 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB938828\update\update.exe
+ 2008-04-25 17:17:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB938828\update\update.exe
- 2008-04-25 09:57:00 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB938829\update\update.exe
+ 2008-04-25 17:17:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB938829\update\update.exe
- 2007-09-03 15:51:06 68,608 ----a-w C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2008-04-25 16:36:34 69,120 ----a-w C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2007-09-03 15:51:14 72,192 ----a-w C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2008-04-25 16:36:38 72,192 ----a-w C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2007-09-03 15:51:14 4,308,992 ----a-w C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2008-04-25 16:36:20 4,444,160 ----a-w C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2007-09-03 15:51:16 482,304 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2008-04-25 16:36:40 483,840 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2007-09-03 15:51:12 2,902,016 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2008-04-25 16:36:30 3,036,160 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2007-09-03 15:51:04 258,048 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2008-04-25 16:36:42 258,048 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2007-09-03 15:51:04 114,176 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2008-04-25 16:36:42 113,664 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2007-09-03 15:51:18 260,096 ----a-w C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2008-04-25 16:36:38 261,120 ----a-w C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2007-09-03 15:51:08 5,156,864 ----a-w C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2008-04-25 16:36:28 5,431,296 ----a-w C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2007-09-03 15:51:06 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2008-04-25 16:36:32 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2007-09-03 15:51:04 507,904 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2008-04-25 16:36:30 507,904 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2007-09-03 15:51:04 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2008-04-25 16:36:34 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2007-09-03 15:51:12 8,192 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2008-04-25 16:36:36 8,192 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2007-09-03 15:51:14 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2008-04-25 16:36:36 77,824 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2007-09-03 15:51:14 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2008-04-25 16:36:38 6,656 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2007-09-03 15:51:04 413,696 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2008-04-25 16:36:42 348,160 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2007-09-03 15:51:06 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2008-04-25 16:36:42 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2007-09-03 15:51:06 647,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2008-04-25 16:36:44 655,360 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2007-09-03 15:51:06 73,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2008-04-25 16:36:44 77,824 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2007-09-03 15:51:04 749,568 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2008-04-25 16:36:38 749,568 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2007-09-03 15:51:20 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-04-25 16:36:36 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2007-09-03 15:51:20 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2008-04-25 16:36:36 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2007-09-03 15:51:02 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2008-04-25 16:36:40 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2007-09-03 15:51:20 667,648 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2008-04-25 16:36:36 671,744 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2007-09-03 15:51:20 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2008-04-25 16:36:26 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2007-09-03 15:51:02 12,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-04-25 16:36:42 12,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2007-09-03 15:51:02 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2008-04-25 16:36:34 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2007-09-03 15:51:02 7,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2008-04-25 16:36:34 7,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2007-09-03 15:51:16 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2008-04-25 16:36:38 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2007-09-03 15:51:08 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2008-04-25 16:36:38 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2007-09-03 15:51:16 413,696 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2008-04-25 16:36:30 425,984 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2007-09-03 15:51:16 716,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2008-04-25 16:36:30 741,376 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2007-09-03 15:51:04 888,832 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2008-04-25 16:36:30 933,888 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2007-09-03 15:51:12 5,001,216 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2008-04-25 16:36:44 5,070,848 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2007-09-03 15:51:08 188,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2008-04-25 16:36:44 188,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2007-09-03 15:51:08 397,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2008-04-25 16:36:34 401,408 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2007-09-03 15:51:08 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2008-04-25 16:36:40 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2007-09-03 15:51:18 577,536 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2008-04-25 16:36:26 630,784 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2007-09-03 15:51:16 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2008-04-25 16:36:42 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2007-09-03 15:51:18 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2008-04-25 16:36:40 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2007-09-03 15:51:16 299,008 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2008-04-25 16:36:40 299,008 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2007-09-03 15:51:16 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-04-25 16:36:40 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2007-09-03 15:51:06 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2008-04-25 16:36:26 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2007-09-03 15:51:08 114,688 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2008-04-25 16:36:26 114,688 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2007-09-03 15:51:18 835,584 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2008-04-25 16:36:32 884,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2007-09-03 15:51:10 86,016 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2008-04-25 16:36:32 90,112 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2007-09-03 15:51:10 823,296 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2008-04-25 16:36:32 839,680 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2007-09-03 15:51:10 5,152,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2008-04-25 16:36:34 5,013,504 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2007-09-03 15:51:12 2,027,520 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2008-04-25 16:36:28 2,068,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2007-09-03 15:51:18 2,940,928 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2008-04-25 16:36:32 3,076,096 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2008-04-25 16:41:08 27,136 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\c6772fd12a581ad3be49e3f2a80b5622\Accessibility.ni.dll
+ 2008-04-25 16:41:10 884,736 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\a1d353edc300e3aff0784202f68a657b\AspNetMMCExt.ni.dll
+ 2008-04-25 16:41:10 237,568 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\c10ec9b4de2b366236ec83237dc31281\CustomMarshalers.ni.dll
+ 2008-04-25 16:41:10 15,360 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\dfsvc\837fe02bdcf637d5bf1e5ffb935ebb80\dfsvc.ni.exe
+ 2008-04-25 16:41:12 876,544 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\9710a3c0d11dd264c3a6b88977699e9b\Microsoft.Build.Engine.ni.dll
+ 2008-04-25 16:41:14 81,920 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e2858a45971fb30b0c0523dbb52c1d4e\Microsoft.Build.Framework.ni.dll
+ 2008-04-25 16:41:16 1,695,744 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\63d69ffdf3c640d2d104a4b74e8115f8\Microsoft.Build.Tasks.ni.dll
+ 2008-04-25 16:41:16 167,936 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\11cb5418c06e30100616fbf205588489\Microsoft.Build.Utilities.ni.dll
+ 2008-04-25 16:41:20 1,740,800 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\923bd55258380eae77353d36a5a1b08f\Microsoft.VisualBasic.ni.dll
+ 2008-04-25 16:37:56 11,722,752 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\32e6f703c114f3a971cbe706586e3655\mscorlib.ni.dll
+ 2008-04-25 16:41:20 1,011,712 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\eee9b48577689e92db5a7b5c5de98d9b\System.Configuration.ni.dll
+ 2008-04-25 16:38:14 7,049,216 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\5f669e819da7010c1dca347a25597c42\System.Data.ni.dll
+ 2008-04-25 16:41:22 1,798,144 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\c7dea4895e1fa33d65e448c03de48d26\System.Deployment.ni.dll
+ 2008-04-25 16:38:26 10,969,088 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Design\c1e16b40e30a05c39be8aee46311841c\System.Design.ni.dll
+ 2008-04-25 16:41:24 1,224,704 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\914668b240550f529e54bb772c6fc881\System.DirectoryServices.ni.dll
+ 2008-04-25 16:41:26 512,000 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\f11bc82c09955cb8438d3885a99c297d\System.DirectoryServices.Protocols.ni.dll
+ 2008-04-25 16:38:30 229,376 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\b974f6c17d17a533adf6e7710c5a62fa\System.Drawing.Design.ni.dll
+ 2008-04-25 16:38:30 1,667,072 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e83aac37b2623f1a24c70979f31dd56\System.Drawing.ni.dll
+ 2008-04-25 16:41:28 659,456 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\646131eda5f21f4e6216733d49c22c56\System.EnterpriseServices.ni.dll
+ 2008-04-25 16:41:28 294,912 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\646131eda5f21f4e6216733d49c22c56\System.EnterpriseServices.Wrapper.dll
+ 2008-04-25 16:41:30 733,184 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\2b5994269cc5b996231c9b21afea9a91\System.Security.ni.dll
+ 2008-04-25 16:41:30 233,472 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\193ac978af569ad9ee45110b359961b9\System.ServiceProcess.ni.dll
+ 2008-04-25 16:41:32 679,936 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\12e0aa1030badf4524f897e3f57b037a\System.Transactions.ni.dll
+ 2008-04-25 16:41:48 2,342,912 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\37d87b3cab1c66ec4430ebb2abeaa570\System.Web.Mobile.ni.dll
+ 2008-04-25 16:41:48 237,568 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\b5b81faf46fc63c20d5339b36edd02fa\System.Web.RegularExpressions.ni.dll
+ 2008-04-25 16:41:50 1,986,560 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\38991368499e2109ea4099a0fe29c5a3\System.Web.Services.ni.dll
+ 2008-04-25 16:41:44 12,509,184 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\67cfb70213562afe2ca9b9066764af3a\System.Web.ni.dll
+ 2008-04-25 16:38:44 13,193,216 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3d8c79c45aa674e43f075e2e66b8caf5\System.Windows.Forms.ni.dll
+ 2008-04-25 16:38:50 5,771,264 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\c98cb65a79cfccb44ea727ebe4593ede\System.Xml.ni.dll
+ 2008-04-25 16:38:06 8,265,728 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\ba0e3a22211ba7343e0116b051f2965a\System.ni.dll
- 2008-04-25 16:13:42 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-25 17:39:24 2,048 --s-a-w C:\WINDOWS\bootstat.dat
- 2005-09-23 05:28:52 72,704 ----a-w C:\WINDOWS\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2007-10-23 23:47:38 82,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\NETFXSBS10.exe
- 2005-09-23 05:28:52 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp10.dll
+ 2007-10-23 23:47:38 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp10.dll
- 2005-09-23 05:28:56 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2007-10-23 23:47:40 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
- 2005-09-23 05:28:58 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2007-10-23 23:47:42 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
- 2005-09-23 05:28:56 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\SharedReg12.dll
+ 2007-10-23 23:47:40 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\SharedReg12.dll
- 2005-09-23 05:28:52 86,528 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
+ 2007-10-23 23:47:38 97,280 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
- 2005-09-23 05:28:36 18,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2007-10-23 23:47:26 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
- 2005-09-23 05:28:42 136,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
+ 2007-10-23 23:47:30 145,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
- 2005-09-23 05:28:44 4,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
+ 2007-10-23 23:47:32 13,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
- 2005-09-23 05:29:04 183,808 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
+ 2007-10-23 23:47:48 193,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
- 2005-09-23 05:28:28 208,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
+ 2007-10-23 23:47:20 218,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
- 2005-09-23 05:28:56 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
+ 2007-10-23 23:47:40 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
- 2005-09-23 05:28:58 138,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
+ 2007-10-23 23:47:42 147,968 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
- 2005-09-23 05:28:36 87,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll
+ 2007-10-23 23:47:26 99,320 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll
- 2007-04-13 01:21:18 58,712 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2007-10-23 23:47:42 59,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
- 2005-09-23 05:28:32 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2007-10-23 23:47:22 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
- 2007-04-13 01:20:52 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
+ 2007-10-23 23:47:22 22,024 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
- 2007-04-13 01:20:52 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
+ 2007-10-23 23:47:22 17,928 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
- 2007-04-13 01:20:52 23,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2007-10-23 23:47:22 33,288 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
- 2007-04-13 01:20:50 75,264 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2007-10-23 23:47:22 84,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
- 2005-09-23 05:28:32 13,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
+ 2007-10-23 23:47:22 24,576 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
- 2007-04-13 01:20:52 32,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
+ 2007-10-23 23:47:22 32,776 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
- 2005-09-23 05:28:32 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2007-10-23 23:47:22 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
- 2007-04-13 01:20:52 33,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2007-10-23 23:47:22 33,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
- 2007-04-13 01:20:52 32,600 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2007-10-23 23:47:22 33,280 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
- 2007-04-13 01:20:52 507,904 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
+ 2007-10-23 23:47:22 507,904 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
- 2005-09-23 05:28:56 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2007-10-23 23:47:40 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
- 2007-04-13 01:21:16 88,576 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2007-10-23 23:47:40 101,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
- 2005-09-23 05:28:42 76,984 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2007-10-23 23:47:30 80,376 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe
- 2005-09-23 05:28:42 1,144,832 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
+ 2007-10-23 23:47:30 1,162,744 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
- 2005-09-23 05:28:42 13,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
+ 2007-10-23 23:47:30 13,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
- 2005-09-23 05:28:58 17,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll
+ 2007-10-23 23:47:42 27,136 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll
- 2005-09-23 05:28:56 68,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
+ 2007-10-23 23:47:40 69,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
- 2005-09-23 05:28:44 31,936 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
+ 2007-10-23 23:47:30 35,320 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
- 2005-09-23 05:28:38 52,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
+ 2007-10-23 23:47:28 66,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
- 2007-04-13 01:20:58 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2007-10-23 23:47:28 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
- 2005-09-23 05:29:12 547,840 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
+ 2007-10-23 23:47:54 572,936 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
- 2005-09-23 05:28:56 788,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
+ 2007-10-23 23:47:40 798,224 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
- 2005-09-23 05:28:50 9,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll
+ 2007-10-23 23:47:36 18,936 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll
- 2007-04-13 01:21:16 9,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2007-10-23 23:47:40 9,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
- 2005-09-23 05:28:56 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
+ 2007-10-23 23:47:40 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
- 2005-09-23 05:28:56 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
+ 2007-10-23 23:47:40 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
- 2005-09-23 05:28:56 5,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
+ 2007-10-23 23:47:40 6,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
- 2007-04-13 01:21:16 228,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2007-10-23 23:47:40 230,904 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
- 2007-04-13 01:21:16 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
+ 2007-10-23 23:47:40 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
- 2005-09-23 05:28:56 55,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
+ 2007-10-23 23:47:40 65,032 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
- 2005-09-23 05:28:56 72,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
+ 2007-10-23 23:47:40 72,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
- 2005-09-23 05:28:48 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\jsc.exe
+ 2007-10-23 23:47:34 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\jsc.exe
- 2007-04-13 01:21:10 413,696 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2007-10-23 23:47:36 348,160 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
- 2005-09-23 05:28:48 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
+ 2007-10-23 23:47:36 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
- 2007-04-13 01:21:10 647,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2007-10-23 23:47:36 655,360 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
- 2005-09-23 05:28:48 73,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
+ 2007-10-23 23:47:36 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
- 2007-04-13 01:21:08 749,568 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2007-10-23 23:47:34 749,568 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
- 2005-09-23 05:29:10 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2007-10-23 23:47:52 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
- 2005-09-23 05:29:10 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
+ 2007-10-23 23:47:52 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
- 2005-09-23 05:29:08 667,648 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
+ 2007-10-23 23:47:50 671,744 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
- 2005-09-23 05:28:30 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2007-10-23 23:47:20 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
- 2005-09-23 05:29:10 5,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
+ 2007-10-23 23:47:52 5,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
- 2005-09-23 05:28:30 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
+ 2007-10-23 23:47:20 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
- 2005-09-23 05:28:30 12,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2007-10-23 23:47:20 12,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2005-09-23 05:28:30 7,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
+ 2007-10-23 23:47:20 7,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
- 2007-04-13 01:20:52 87,040 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
+ 2007-10-23 23:47:22 97,792 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
- 2005-09-23 05:28:48 69,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
+ 2007-10-23 23:47:36 69,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
- 2007-04-13 01:21:18 802,304 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2007-10-23 23:47:40 822,280 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2005-09-23 05:28:56 73,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
+ 2007-10-23 23:47:40 83,456 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
- 2005-09-23 05:28:56 288,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
+ 2007-10-23 23:47:40 308,224 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
- 2007-04-13 01:21:16 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
+ 2007-10-23 23:47:40 47,104 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
- 2007-04-13 01:21:16 326,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2007-10-23 23:47:40 348,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
- 2005-09-23 05:28:56 81,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2007-10-23 23:47:40 94,208 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
- 2007-04-13 01:21:16 4,308,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2007-10-23 23:47:40 4,444,160 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2007-04-13 01:21:16 102,912 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2007-10-23 23:47:40 114,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
- 2005-09-23 05:29:00 330,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
+ 2007-10-23 23:47:44 340,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
- 2005-09-23 05:28:56 67,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
+ 2007-10-23 23:47:40 77,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
- 2005-09-23 05:28:50 9,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
+ 2007-10-23 23:47:36 18,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
- 2007-04-13 01:21:18 227,328 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
+ 2007-10-23 23:47:40 242,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
- 2007-04-13 01:21:18 68,952 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
+ 2007-10-23 23:47:40 70,144 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
- 2005-09-23 05:28:56 10,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
+ 2007-10-23 23:47:40 19,456 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
- 2007-04-13 01:21:12 5,634,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2007-10-23 23:47:36 5,814,784 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2005-09-23 05:29:00 22,528 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
+ 2007-10-23 23:47:44 31,744 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
- 2007-04-13 01:21:16 99,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2007-10-23 23:47:40 101,880 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ngen.exe
- 2007-04-13 01:21:18 15,360 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2007-10-23 23:47:40 24,584 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\normalization.dll
- 2005-09-23 05:28:56 78,336 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
+ 2007-10-23 23:47:40 89,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
- 2007-04-13 01:21:12 136,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2007-10-23 23:47:36 144,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\peverify.dll
- 2005-09-23 05:28:56 53,248 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
+ 2007-10-23 23:47:40 53,248 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
- 2005-09-23 05:28:56 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
+ 2007-10-23 23:47:40 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
- 2005-09-23 05:29:02 59,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
+ 2007-10-23 23:47:46 61,952 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
- 2005-09-23 05:28:58 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2007-10-23 23:47:42 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
- 2005-09-23 05:28:56 107,520 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
+ 2007-10-23 23:47:40 119,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
- 2005-09-23 05:29:00 85,504 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
+ 2007-10-23 23:47:44 95,232 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
- 2007-04-13 01:21:18 382,464 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2007-10-23 23:47:40 392,696 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\SOS.dll
- 2007-04-13 01:21:18 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2007-10-23 23:47:40 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
- 2007-04-13 01:21:18 413,696 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
+ 2007-10-23 23:47:42 425,984 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
- 2005-09-23 05:28:56 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
+ 2007-10-23 23:47:40 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
- 2007-04-13 01:21:16 2,902,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
+ 2007-10-23 23:47:40 3,036,160 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
- 2007-04-13 01:21:18 482,304 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
+ 2007-10-23 23:47:40 483,840 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
- 2007-04-13 01:21:18 716,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2007-10-23 23:47:40 741,376 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
- 2007-04-13 01:20:58 888,832 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2007-10-23 23:47:28 933,888 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
- 2007-04-13 01:21:16 5,001,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2007-10-23 23:47:40 5,070,848 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
- 2005-09-23 05:28:56 397,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
+ 2007-10-23 23:47:40 401,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
- 2007-04-13 01:21:18 188,416 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2007-10-23 23:47:40 188,416 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
- 2007-04-13 01:21:16 2,940,928 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2007-10-23 23:47:40 3,076,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.dll
- 2005-09-23 05:28:56 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
+ 2007-10-23 23:47:40 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
- 2007-04-13 01:21:16 577,536 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2007-10-23 23:47:40 630,784 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
- 2007-04-13 01:21:16 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2007-10-23 23:47:40 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
- 2007-04-13 01:21:18 47,616 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
+ 2007-10-23 23:47:40 57,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
- 2007-04-13 01:21:18 114,176 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
+ 2007-10-23 23:47:40 113,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
- 2007-04-13 01:21:16 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
+ 2007-10-23 23:47:40 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
- 2005-09-23 05:28:56 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
+ 2007-10-23 23:47:40 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
- 2007-04-13 01:21:16 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
+ 2007-10-23 23:47:40 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
- 2005-09-23 05:28:56 131,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
+ 2007-10-23 23:47:40 131,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
- 2005-09-23 05:28:56 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2007-10-23 23:47:40 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
- 2005-09-23 05:28:56 114,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
+ 2007-10-23 23:47:40 114,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
- 2007-04-13 01:21:18 260,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
+ 2007-10-23 23:47:40 261,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
- 2007-04-13 01:21:16 5,156,

| Alerter

Répondre à Anonyme

Anonyme

25 Avril 2008 17:52:15

Et quand je lance mon antivirus, il me dit toujours "Nod32.exe n'est pas une application win32 valide"...
Je vais faire un meurtre !!!!

| Alerter

Répondre à Anonyme

XmichouX

25 Avril 2008 21:11:28

Tu as accès au mode sans échec?
Si non, relance Elibagla et essaie de redémarrer en mode sans échec.

Une fois en mode sans échec, lance :
- Elibagla
- Combofix.

Poste les deux rapports.

Si tu n'y a pas accès, dis-le moi

| Alerter

Répondre à XmichouX

Egwene

25 Avril 2008 21:18:32

Poste pour suivre

| Alerter

Répondre à Egwene

Anonyme

25 Avril 2008 22:02:43

Donc,
J'ai bien accès au mode sans echec....
(Salut Merillym)

Je commence par le rapport de ComboFix :

ComboFix 08-04-24.1 - Nous 2008-04-25 23:46:44.4 - FAT32x86 MINIMAL

Endroit: C:\Documents and Settings\Nous\Bureau\ComboFie.exe

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\drivers\mdelk.exe
C:\WINDOWS\system32\drivers\srosa.sys

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SROSA
-------\Service_srosa

((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-03-25 to 2008-04-25 ))))))))))))))))))))))))))))))))))))
.

2008-04-25 17:25 . 2008-04-25 17:25 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-04-25 17:12 . 2008-04-25 17:12 <REP> d-------- C:\72567de11a311329d4e44d
2008-04-25 16:55 . 2008-04-25 16:55 502,368 --a------ C:\WINDOWS\system32\drivers\amon.sys
2008-04-25 16:55 . 2008-04-25 16:55 274,432 --a------ C:\WINDOWS\system32\imon.dll
2008-04-25 16:55 . 2005-06-03 03:20 13 -ra------ C:\WINDOWS\system32\drivers\verfile.tic
2008-04-25 16:54 . 2004-08-12 08:44 234,496 --a------ C:\WINDOWS\system32\drivers\iwca.sys
2008-04-25 16:54 . 2004-08-12 08:43 21,504 --a------ C:\WINDOWS\system32\drivers\iwca2k.sys
2008-04-25 16:54 . 2004-08-12 08:44 16,384 --a------ C:\WINDOWS\system32\iwca.dll
2008-04-25 16:54 . 2004-08-11 19:55 3,101 --a------ C:\WINDOWS\system32\drivers\netsiwca.inf
2008-04-25 16:54 . 2004-08-11 19:55 1,960 --a------ C:\WINDOWS\system32\drivers\netiwca.inf
2008-04-25 16:21 . 2005-11-10 12:48 <REP> d-------- C:\Documents and Settings\Administrateur\WINDOWS
2008-04-25 16:21 . 2005-11-10 12:32 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage r‚seau
2008-04-25 16:21 . 2005-11-10 12:32 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-04-25 16:21 . 2005-11-10 12:32 <REP> d--h----- C:\Documents and Settings\Administrateur\ModŠles
2008-04-25 16:21 . 2005-11-10 12:59 <REP> dr------- C:\Documents and Settings\Administrateur\Mes documents
2008-04-25 16:21 . 2005-11-10 12:32 <REP> dr------- C:\Documents and Settings\Administrateur\Menu D‚marrer
2008-04-25 16:21 . 2005-11-10 12:59 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
2008-04-25 16:21 . 2005-11-10 12:32 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-04-25 16:21 . 2005-11-10 12:56 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Symantec
2008-04-25 16:21 . 2005-11-10 13:04 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Intel
2008-04-25 16:21 . 2008-04-25 16:21 <REP> d-------- C:\Documents and Settings\Administrateur
2008-04-25 16:21 . 2008-04-25 23:52 1,024 --ah----- C:\Documents and Settings\Administrateur\ntuser.dat.LOG
2008-04-25 15:18 . 2008-04-25 15:18 <REP> d-------- C:\Documents and Settings\Nous\DoctorWeb
2008-04-25 15:11 . 2008-04-25 15:11 <REP> d-------- C:\Program Files\Trend Micro
2008-04-25 14:47 . 2008-04-25 14:47 <REP> d-------- C:\Program Files\Alwil Software
2008-04-25 12:42 . 2008-04-25 12:42 <REP> d-------- C:\_OTMoveIt
2008-04-25 12:17 . 2008-04-25 12:18 <REP> d-------- C:\!KillBox
2008-04-25 09:05 . 2008-04-25 09:05 <REP> d-------- C:\Program Files\Securitoo
2008-04-25 09:05 . 2008-04-25 09:05 <REP> d-------- C:\Documents and Settings\Nous\Application Data\InstallShield
2008-04-04 10:25 . 2008-04-04 10:25 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-04-04 10:23 . 2008-04-04 10:23 <REP> d-------- C:\Muestras
2008-04-03 17:25 . 2008-04-03 17:25 <REP> d-------- C:\ThumbNail

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-25 20:09 15,360 ----a-w C:\WINDOWS\system32\dllcache\register.exe
2006-10-09 09:41 23,008 ----a-w C:\Documents and Settings\Nous\Application Data\GDIPFONTCACHEV1.DAT
.

((((((((((((((((((((((((((((( snapshot_2008-04-25_19.42.11.04 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-25 17:17:40 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB873339\update\update.exe
+ 2008-04-25 21:05:34 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB873339\update\update.exe
- 2008-04-25 17:17:42 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB885250\update\update.exe
+ 2008-04-25 21:05:44 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB885250\update\update.exe
- 2008-04-25 17:17:42 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB885835\update\update.exe
+ 2008-04-25 21:05:44 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB885835\update\update.exe
- 2008-04-25 17:17:44 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB885836\update\update.exe
+ 2008-04-25 21:06:08 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB885836\update\update.exe
- 2008-04-25 17:17:44 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB886185\update\update.exe
+ 2008-04-25 21:06:06 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB886185\update\update.exe
- 2008-04-25 17:17:40 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB887472\update\update.exe
+ 2008-04-25 21:05:32 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB887472\update\update.exe
- 2008-04-25 17:17:40 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB887742\update\update.exe
+ 2008-04-25 21:05:34 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB887742\update\update.exe
- 2008-04-25 17:17:40 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB888113\update\update.exe
+ 2008-04-25 21:05:34 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB888113\update\update.exe
- 2008-04-25 17:17:40 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB888302\update\update.exe
+ 2008-04-25 21:05:22 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB888302\update\update.exe
- 2008-04-25 17:17:44 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB890046\update\update.exe
+ 2008-04-25 21:05:58 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB890046\update\update.exe
- 2008-04-25 17:17:38 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB890859\update\update.exe
+ 2008-04-25 21:05:10 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB890859\update\update.exe
- 2008-04-25 17:17:40 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB891781\update\update.exe
+ 2008-04-25 21:05:24 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB891781\update\update.exe
- 2008-04-25 17:17:40 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB893756\update\update.exe
+ 2008-04-25 21:05:36 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB893756\update\update.exe
- 2008-04-25 17:17:40 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB894391\update\update.exe
+ 2008-04-25 21:05:18 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB894391\update\update.exe
- 2008-04-25 17:17:40 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB896358\update\update.exe
+ 2008-04-25 21:05:30 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB896358\update\update.exe
- 2008-04-25 17:17:42 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB896422\update\update.exe
+ 2008-04-25 21:05:46 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB896422\update\update.exe
- 2008-04-25 17:17:38 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB896423\update\update.exe
+ 2008-04-25 21:05:08 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB896423\update\update.exe
- 2008-04-25 17:17:42 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB896424\update\update.exe
+ 2008-04-25 21:05:38 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB896424\update\update.exe
- 2008-04-25 17:17:42 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB896428\update\update.exe
+ 2008-04-25 21:05:50 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB896428\update\update.exe
- 2008-04-25 17:17:38 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB898461\update\update.exe
+ 2008-04-25 21:05:08 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB898461\update\update.exe
- 2008-04-25 17:17:42 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB899587\update\update.exe
+ 2008-04-25 21:05:48 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB899587\update\update.exe
- 2008-04-25 17:17:42 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB899591\update\update.exe
+ 2008-04-25 21:05:40 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB899591\update\update.exe
- 2008-04-25 17:17:44 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB900485\update\update.exe
+ 2008-04-25 21:06:22 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB900485\update\update.exe
- 2008-04-25 17:17:44 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB900725\update\update.exe
+ 2008-04-25 21:05:54 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB900725\update\update.exe
- 2008-04-25 17:17:42 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB901017\update\update.exe
+ 2008-04-25 21:05:40 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB901017\update\update.exe
- 2008-04-25 17:17:40 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB901214\update\update.exe
+ 2008-04-25 21:05:22 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB901214\update\update.exe
- 2008-04-25 17:17:44 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB902400\update\update.exe
+ 2008-04-25 21:06:00 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB902400\update\update.exe
- 2008-04-25 17:17:42 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB904706\update\update.exe
+ 2008-04-25 21:05:52 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB904706\update\update.exe
- 2008-04-25 17:17:40 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB905414\update\update.exe
+ 2008-04-25 21:05:24 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB905414\update\update.exe
- 2008-04-25 17:17:42 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB905749\update\update.exe
+ 2008-04-25 21:05:50 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB905749\update\update.exe
- 2008-04-25 17:17:40 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB905915\update\update.exe
+ 2008-04-25 21:05:26 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB905915\update\update.exe
- 2008-04-25 17:17:40 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB908519\update\update.exe
+ 2008-04-25 21:05:16 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB908519\update\update.exe
- 2008-04-25 17:17:44 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB908531\update\update.exe
+ 2008-04-25 21:06:10 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB908531\update\update.exe
- 2008-04-25 17:17:44 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB910437\update\update.exe
+ 2008-04-25 21:06:06 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB910437\update\update.exe
- 2008-04-25 17:17:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB911280\update\update.exe
+ 2008-04-25 21:06:38 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB911280\update\update.exe
- 2008-04-25 17:17:44 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB911562\update\update.exe
+ 2008-04-25 21:06:10 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB911562\update\update.exe
- 2008-04-25 17:17:44 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB911567\update\update.exe
+ 2008-04-25 21:06:14 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB911567\update\update.exe
- 2008-04-25 17:17:42 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB911927\update\update.exe
+ 2008-04-25 21:05:42 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB911927\update\update.exe
- 2008-04-25 17:17:44 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB912812\update\update.exe
+ 2008-04-25 21:06:18 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB912812\update\update.exe
- 2008-04-25 17:17:40 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB912919\update\update.exe
+ 2008-04-25 21:05:20 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB912919\update\update.exe
- 2008-04-25 17:17:44 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB913446\update\update.exe
+ 2008-04-25 21:06:04 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB913446\update\update.exe
- 2008-04-25 17:17:44 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB913580\update\update.exe
+ 2008-04-25 21:06:24 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB913580\update\update.exe
- 2008-04-25 17:17:48 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB914388\update\update.exe
+ 2008-04-25 21:07:00 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB914388\update\update.exe
- 2008-04-25 17:17:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB914389\update\update.exe
+ 2008-04-25 21:06:26 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB914389\update\update.exe
- 2008-04-25 17:17:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB916281\update\update.exe
+ 2008-04-25 21:06:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB916281\update\update.exe
- 2008-04-25 17:17:48 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB916595\update\update.exe
+ 2008-04-25 21:06:54 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB916595\update\update.exe
- 2008-04-25 17:17:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB917159\update\update.exe
+ 2008-04-25 21:06:48 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB917159\update\update.exe
- 2008-04-25 17:17:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB917344\update\update.exe
+ 2008-04-25 21:06:34 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB917344\update\update.exe
- 2008-04-25 17:17:48 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB917422\update\update.exe
+ 2008-04-25 21:06:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB917422\update\update.exe
- 2008-04-25 17:17:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB917953\update\update.exe
+ 2008-04-25 21:06:34 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB917953\update\update.exe
- 2008-04-25 17:17:52 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB918118\update\update.exe
+ 2008-04-25 21:07:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB918118\update\update.exe
- 2008-04-25 17:17:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB918439\update\update.exe
+ 2008-04-25 21:06:36 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB918439\update\update.exe
- 2008-04-25 17:17:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB918899\update\update.exe
+ 2008-04-25 21:06:42 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB918899\update\update.exe
- 2008-04-25 17:17:48 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB919007\update\update.exe
+ 2008-04-25 21:07:06 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB919007\update\update.exe
- 2008-04-25 17:17:50 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB920213\update\update.exe
+ 2008-04-25 21:07:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB920213\update\update.exe
- 2008-04-25 17:17:48 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB920214\update\update.exe
+ 2008-04-25 21:06:52 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB920214\update\update.exe
- 2008-04-25 17:17:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB920670\update\update.exe
+ 2008-04-25 21:06:42 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB920670\update\update.exe
- 2008-04-25 17:17:48 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB920683\update\update.exe
+ 2008-04-25 21:06:54 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB920683\update\update.exe
- 2008-04-25 17:17:48 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB920685\update\update.exe
+ 2008-04-25 21:07:10 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB920685\update\update.exe
- 2008-04-25 17:17:48 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB920872\update\update.exe
+ 2008-04-25 21:07:08 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB920872\update\update.exe
- 2008-04-25 17:17:48 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB921398\update\update.exe
+ 2008-04-25 21:07:02 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB921398\update\update.exe
- 2008-04-25 17:17:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB921503\update\update.exe
+ 2008-04-25 21:08:52 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB921503\update\update.exe
- 2008-04-25 17:17:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB921883\update\update.exe
+ 2008-04-25 21:06:40 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB921883\update\update.exe
- 2008-04-25 17:17:50 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB922582\update\update.exe
+ 2008-04-25 21:07:12 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB922582\update\update.exe
- 2008-04-25 17:17:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB922616\update\update.exe
+ 2008-04-25 21:06:50 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB922616\update\update.exe
- 2008-04-25 17:17:50 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB922760\update\update.exe
+ 2008-04-25 21:07:22 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB922760\update\update.exe
- 2008-04-25 17:17:50 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB922819\update\update.exe
+ 2008-04-25 21:07:18 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB922819\update\update.exe
- 2008-04-25 17:17:50 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB923414\update\update.exe
+ 2008-04-25 21:07:18 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB923414\update\update.exe
- 2008-04-25 17:17:52 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB923694\update\update.exe
+ 2008-04-25 21:07:34 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB923694\update\update.exe
- 2008-04-25 17:17:52 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB923980\update\update.exe
+ 2008-04-25 21:07:32 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB923980\update\update.exe
- 2008-04-25 17:17:50 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB924191\update\update.exe
+ 2008-04-25 21:07:20 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB924191\update\update.exe
- 2008-04-25 17:17:50 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB924270\update\update.exe
+ 2008-04-25 21:07:30 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB924270\update\update.exe
- 2008-04-25 17:17:50 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB924496\update\update.exe
+ 2008-04-25 21:07:16 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB924496\update\update.exe
- 2008-04-25 17:17:52 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB925454\update\update.exe
+ 2008-04-25 21:07:36 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB925454\update\update.exe
- 2008-04-25 17:17:50 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB925486\update\update.exe
+ 2008-04-25 21:07:14 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB925486\update\update.exe
- 2008-04-25 17:17:54 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB925902\update\update.exe
+ 2008-04-25 21:08:08 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB925902\update\update.exe
- 2008-04-25 17:17:52 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB926255\update\update.exe
+ 2008-04-25 21:07:36 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB926255\update\update.exe
- 2008-04-25 17:17:52 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB926436\update\update.exe
+ 2008-04-25 21:07:58 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB926436\update\update.exe
- 2008-04-25 17:17:52 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB927779\update\update.exe
+ 2008-04-25 21:08:00 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB927779\update\update.exe
- 2008-04-25 17:17:52 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB927802\update\update.exe
+ 2008-04-25 21:07:50 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB927802\update\update.exe
- 2008-04-25 17:17:54 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB927891\update\update.exe
+ 2008-04-25 21:08:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB927891\update\update.exe
- 2008-04-25 17:17:52 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB928090\update\update.exe
+ 2008-04-25 21:07:52 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB928090\update\update.exe
- 2008-04-25 17:17:52 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB928255\update\update.exe
+ 2008-04-25 21:07:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB928255\update\update.exe
- 2008-04-25 17:17:52 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB928843\update\update.exe
+ 2008-04-25 21:07:44 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB928843\update\update.exe
- 2008-04-25 17:17:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB929123\update\update.exe
+ 2008-04-25 21:08:36 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB929123\update\update.exe
- 2008-04-25 17:17:54 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB929338\update\update.exe
+ 2008-04-25 21:08:02 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB929338\update\update.exe
- 2008-04-25 17:17:52 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB929969\update\update.exe
+ 2008-04-25 21:07:42 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB929969\update\update.exe
- 2008-04-25 17:17:54 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB930178\update\update.exe
+ 2008-04-25 21:08:14 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB930178\update\update.exe
- 2008-04-25 17:17:54 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB930916\update\update.exe
+ 2008-04-25 21:08:22 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB930916\update\update.exe
- 2008-04-25 17:17:54 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB931261\update\update.exe
+ 2008-04-25 21:08:16 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB931261\update\update.exe
- 2008-04-25 17:17:54 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB931768\update\update.exe
+ 2008-04-25 21:08:24 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB931768\update\update.exe
- 2008-04-25 17:17:54 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB931784\update\update.exe
+ 2008-04-25 21:08:16 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB931784\update\update.exe
- 2008-04-25 17:17:52 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB931836\update\update.exe
+ 2008-04-25 21:08:00 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB931836\update\update.exe
- 2008-04-25 17:17:54 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB932168\update\update.exe
+ 2008-04-25 21:08:12 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB932168\update\update.exe
- 2008-04-25 17:17:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB933360\update\update.exe
+ 2008-04-25 21:08:48 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB933360\update\update.exe
- 2008-04-25 17:17:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB933566\update\update.exe
+ 2008-04-25 21:08:38 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB933566\update\update.exe
- 2008-04-25 09:57:02 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB933729\update\update.exe
+ 2008-04-25 21:09:06 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB933729\update\update.exe
- 2008-04-25 17:17:54 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB935448\update\update.exe
+ 2008-04-25 21:08:10 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB935448\update\update.exe
- 2008-04-25 17:17:54 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB935839\update\update.exe
+ 2008-04-25 21:08:30 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB935839\update\update.exe
- 2008-04-25 17:17:54 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB935840\update\update.exe
+ 2008-04-25 21:08:34 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB935840\update\update.exe
- 2008-04-25 17:17:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB936021\update\update.exe
+ 2008-04-25 21:08:58 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB936021\update\update.exe
- 2008-04-25 17:17:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB936357\update\update.exe
+ 2008-04-25 21:08:54 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB936357\update\update.exe
- 2008-04-25 17:17:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB937143\update\update.exe
+ 2008-04-25 21:08:42 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB937143\update\update.exe
- 2008-04-25 17:17:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB938127\update\update.exe
+ 2008-04-25 21:08:50 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB938127\update\update.exe
- 2008-04-25 17:17:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB938828\update\update.exe
+ 2008-04-25 21:08:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB938828\update\update.exe
- 2008-04-25 17:17:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB938829\update\update.exe
+ 2008-04-25 21:08:50 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB938829\update\update.exe
- 2008-04-25 09:57:00 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB939653\update\update.exe
+ 2008-04-25 21:09:00 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB939653\update\update.exe
- 2008-04-25 09:57:00 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB941202\update\update.exe
+ 2008-04-25 21:09:00 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB941202\update\update.exe
- 2008-04-25 09:57:06 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\update.exe
+ 2008-04-25 21:09:14 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\update.exe
- 2008-04-25 09:57:04 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB942615\update\update.exe
+ 2008-04-25 21:09:10 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB942615\update\update.exe
- 2008-04-25 09:57:06 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\update.exe
+ 2008-04-25 21:09:16 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\update.exe
- 2008-04-25 09:57:06 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB942840\update\update.exe
+ 2008-04-25 21:09:18 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB942840\update\update.exe
- 2008-04-25 09:57:08 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB943460\update\update.exe
+ 2008-04-25 21:09:20 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB943460\update\update.exe
- 2008-04-25 09:57:04 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\update.exe
+ 2008-04-25 21:09:08 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\update.exe
- 2008-04-25 09:57:08 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB946627\update\update.exe
+ 2008-04-25 21:09:24 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB946627\update\update.exe
- 2008-04-25 17:39:24 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-25 21:51:46 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-25 21:36:40 4,700 ----a-w C:\WINDOWS\SoftwareDistribution\EventCache\{239C55A4-6985-42B0-B495-24CE2F507497}.bin
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSConfig"="C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.exe" [2004-08-05 14:00 160768]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 14:00 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]
C:\Program Files\Intel\Wireless\Bin\LgNotify.dll 2005-05-31 22:46 110592 C:\Program Files\Intel\Wireless\Bin\LgNotify.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.asv2"= asusasv2.dll
"vidc.yv12"= yv12vfw.dll
"msacm.divxa32"= msaud32_divx.acm

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk
backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^DSLMON.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\DSLMON.lnk
backup=C:\WINDOWS\pss\DSLMON.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Acrobat.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Acrobat.lnk
backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Acrobat.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^NETGEAR WG111v3 Smart Wizard.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\NETGEAR WG111v3 Smart Wizard.lnk
backup=C:\WINDOWS\pss\NETGEAR WG111v3 Smart Wizard.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
--a------ 2005-03-22 21:05 339968 C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
--a------ 2004-08-05 14:00 110592 C:\WINDOWS\system32\bthprops.cpl

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
--a------ 2004-09-02 22:57 57344 C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CreativeMouse ]
--a------ 2004-06-27 15:38 503808 C:\Program Files\Mouse Driver\MouseDrv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2004-08-05 14:00 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EOUApp]
--a------ 2005-05-31 22:50 356352 C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControl]
--a------ 2005-05-12 03:15 102400 C:\WINDOWS\ATK0100\HControl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless]
--a------ 2005-06-03 01:31 385024 C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelZeroConfig]
--a------ 2005-05-31 22:46 401408 C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nod32kui]
--a------ 2008-04-25 23:42 921600 C:\Program Files\Eset\nod32kui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power_Gear]
--a------ 2004-09-21 16:55 81920 C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
--a------ 2005-05-25 03:37 14477312 C:\WINDOWS\RTHDCPL.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2007-09-25 01:11 132496 C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
--a------ 2004-12-22 01:23 688218 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr]
--a------ 2004-12-22 01:23 98394 C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wireless Console]
--a------ 2005-03-02 21:52 57344 C:\Program Files\ASUS\Wireless Console\wcourier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"xmlprov"=3 (0x3)
"WZCSVC"=2 (0x2)
"wwSecSvc"=2 (0x2)
"wuauserv"=2 (0x2)
"wscsvc"=2 (0x2)
"WmiApSrv"=3 (0x3)
"WmdmPmSN"=3 (0x3)
"winmgmt"=2 (0x2)
"WebClient"=2 (0x2)
"wampmysqld"=3 (0x3)
"wampapache"=3 (0x3)
"W32Time"=2 (0x2)
"VSS"=3 (0x3)
"usnjsvc"=3 (0x3)
"UPS"=3 (0x3)
"upnphost"=3 (0x3)
"TrkWks"=2 (0x2)
"Themes"=2 (0x2)
"TermService"=3 (0x3)
"TapiSrv"=3 (0x3)
"SysmonLog"=3 (0x3)
"SwPrv"=3 (0x3)
"stisvc"=2 (0x2)
"StarWindService"=2 (0x2)
"SSDPSRV"=3 (0x3)
"srservice"=2 (0x2)
"Spooler"=2 (0x2)
"ShellHWDetection"=2 (0x2)
"SharedAccess"=2 (0x2)
"SENS"=2 (0x2)
"seclogon"=2 (0x2)
"Schedule"=2 (0x2)
"SCardSvr"=3 (0x3)
"SamSs"=2 (0x2)
"S24EventMonitor"=2 (0x2)
"RSVP"=3 (0x3)
"RegSrvc"=2 (0x2)
"RDSessMgr"=3 (0x3)
"RasMan"=3 (0x3)
"RasAuto"=3 (0x3)
"ProtectedStorage"=2 (0x2)
"PolicyAgent"=2 (0x2)
"PlugPlay"=2 (0x2)
"OwnershipProtocol"=2 (0x2)
"ose"=3 (0x3)
"NtmsSvc"=3 (0x3)
"NtLmSsp"=3 (0x3)
"NOD32krn"=2 (0x2)
"Nla"=3 (0x3)
"Netman"=3 (0x3)
"Netlogon"=3 (0x3)
"MSIServer"=3 (0x3)
"MSDTC"=3 (0x3)
"mnmsrvc"=3 (0x3)
"MDM"=2 (0x2)
"Macromedia Licensing Service"=3 (0x3)
"LmHosts"=2 (0x2)
"lanmanworkstation"=2 (0x2)
"lanmanserver"=2 (0x2)
"Irmon"=2 (0x2)
"ImapiService"=3 (0x3)
"HTTPFilter"=3 (0x3)
"helpsvc"=2 (0x2)
"Fax"=2 (0x2)
"FastUserSwitchingCompatibility"=3 (0x3)
"EvtEng"=2 (0x2)
"EventSystem"=3 (0x3)
"Eventlog"=2 (0x2)
"ERSvc"=2 (0x2)
"Dnscache"=2 (0x2)
"dmserver"=3 (0x3)
"dmadmin"=3 (0x3)
"Dhcp"=2 (0x2)
"CryptSvc"=2 (0x2)
"COMSysApp"=3 (0x3)
"clr_optimization_v2.0.50727_32"=3 (0x3)
"CiSvc"=3 (0x3)
"BthServ"=2 (0x2)
"Browser"=2 (0x2)
"BITS"=3 (0x3)
"AudioSrv"=2 (0x2)
"aspnet_state"=3 (0x3)
"AppMgmt"=3 (0x3)
"ALG"=3 (0x3)
"Alerter"=3 (0x3)
"Adobe LM Service"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*

isabled:@xpsp2res.dll,-22009

R0 ppa;Pilote de filtre de port parallèle Iomega;C:\WINDOWS\system32\DRIVERS\ppa.sys [2001-08-17 21:53]
R0 R592;R592;C:\WINDOWS\system32\DRIVERS\R592.sys [2004-10-15 19:26]
R0 risdpntk;risdpntk;C:\WINDOWS\system32\DRIVERS\risdpntk.sys [2004-10-15 19:26]
R3 usbstor;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 14:00]
S2 LF30FS;LF30FS;C:\Program Files\Everstrike Software\Lock Folder XP 3.3\LF30XP.sys [2004-02-25 11:48]
S3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;C:\WINDOWS\system32\DRIVERS\wg111v3.sys []
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]
S3 Video3D;ASUS Video3D Service;C:\WINDOWS\system32\Drivers\Video3D.sys [2004-07-06 19:56]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c40c3158-7589-11dc-bcd5-001500302773}]
\Shell\AutoRun\command - K:\LaunchU3.exe

.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-25 23:52:53
Windows 5.1.2600 Service Pack 2 FAT NTAPI

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
Temps d'accomplissement: 2008-04-25 23:55:38 - machine was rebooted
ComboFix-quarantined-files.txt 2008-04-25 21:55:34
ComboFix3.txt 2008-04-25 16:16:36
ComboFix2.txt 2008-04-25 17:42:50

Pre-Run: 32,291,946,496 octets libres
Post-Run: 32,282,148,864 octets libres

478 --- E O F --- 2008-04-25 16:37:40

| Alerter

Répondre à Anonyme

Anonyme

25 Avril 2008 22:04:25

Je continue avec le rapport Elibagla :

Fri Apr 04 10:23:54 2008
EliBagle v11.21 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
Por favor, envienos una muestra del fichero
C:\Muestras\HLDRRR.EXE.Muestra EliBagle v11.21
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado.

Fri Apr 04 10:35:17 2008
EliBagle v11.21 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.

Fri Apr 04 10:37:29 2008
EliBagle v11.21 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
Por favor, envienos una muestra del fichero
C:\Muestras\HLDRRR.EXE.Muestra EliBagle v11.21
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 04 10:38:01 2008
EliBagle v11.21 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\System Volume Information\_restore{52F96334-C439-4C43-AEDF-6F8AFA8F0296}\RP266\A0082635.SYS --> Eliminado Bagle (rootkit)

Nº Total de Directorios: 7029
Nº Total de Ficheros: 90189
Nº de Ficheros Analizados: 9973
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 1

Fri Apr 04 10:44:10 2008
EliBagle v11.21 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
Por favor, envienos una muestra del fichero
C:\Muestras\HLDRRR.EXE.Muestra EliBagle v11.21
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 04 10:52:37 2008
EliBagle v11.21 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
Por favor, envienos una muestra del fichero
C:\Muestras\HLDRRR.EXE.Muestra EliBagle v11.21
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 04 10:52:45 2008
EliBagle v11.21 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios: 33
Nº Total de Ficheros: 383
Nº de Ficheros Analizados: 50
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
Exploración Detenida por el Usuario.

Fri Apr 04 10:55:11 2008
EliBagle v11.21 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios: 6961
Nº Total de Ficheros: 90386
Nº de Ficheros Analizados: 10120
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0

Thu Apr 10 14:52:09 2008
EliBagle v11.21 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
Por favor, envienos una muestra del fichero
C:\Muestras\HLDRRR.EXE.Muestra EliBagle v11.21
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado.
Reinicie para Completar la Limpieza.

Thu Apr 10 14:52:40 2008
EliBagle v11.21 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios: 6941
Nº Total de Ficheros: 90075
Nº de Ficheros Analizados: 10218
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0

Fri Apr 25 11:38:34 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 25 11:38:39 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\Program Files\Google\GoogleToolbarNotifier\GOOGLETOOLBARNOTIFIER.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{52F96334-C439-4C43-AEDF-6F8AFA8F0296}\RP273\A0083930.EXE --> Eliminado Bagle.dldr

Nº Total de Directorios: 6888
Nº Total de Ficheros: 88893
Nº de Ficheros Analizados: 10065
Nº de Ficheros Infectados: 2
Nº de Ficheros Limpiados: 2

Fri Apr 25 11:45:19 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 25 11:45:53 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios: 6886
Nº Total de Ficheros: 89026
Nº de Ficheros Analizados: 10188
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0

Fri Apr 25 12:07:45 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 25 12:08:00 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad K:\

Nº Total de Directorios: 0
Nº Total de Ficheros: 4
Nº de Ficheros Analizados: 2
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0

Fri Apr 25 12:08:17 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad D:\

Nº Total de Directorios: 2153
Nº Total de Ficheros: 30425
Nº de Ficheros Analizados: 103
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0

Fri Apr 25 12:13:50 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 25 12:21:18 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 25 12:21:47 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios: 6881
Nº Total de Ficheros: 89162
Nº de Ficheros Analizados: 10262
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0

Fri Apr 25 12:31:43 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 25 14:04:06 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 25 14:20:34 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 25 14:31:44 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 25 14:49:27 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 25 16:02:10 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 25 16:02:32 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios: 6811
Nº Total de Ficheros: 89382
Nº de Ficheros Analizados: 10488
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0

Fri Apr 25 16:12:03 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 25 16:33:49 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 25 16:56:07 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 25 16:57:24 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 25 18:04:29 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 25 18:14:13 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 25 19:24:38 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 25 19:28:21 2008
EliBagle v11.30 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.

Fri Apr 25 23:56:32 2008
EliBagle v11.31 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):

Fri Apr 25 23:56:34 2008
EliBagle v11.31 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\SROSA.SYS.VIR --> Eliminado Bagle (rootkit)

Nº Total de Directorios: 7010
Nº Total de Ficheros: 91868
Nº de Ficheros Analizados: 9746
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 1

| Alerter

Répondre à Anonyme

Anonyme

25 Avril 2008 22:09:23

En même temps, j'ai l'impression qu'il a trouvé quelque chose :

C:\WINDOWS\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\drivers\mdelk.exe
C:\WINDOWS\system32\drivers\srosa.sys

Mais quand je lance mon antivirus, il me dit toujours
"Nod32.exe n'est pas une application win32 valide"

Ça va me rendre folle :rofl:

| Alerter

Répondre à Anonyme

XmichouX

25 Avril 2008 22:43:29

Oui, c'est normal.
L'infection semble être anéantie

Grâce au mode sans échec..

Désinstalle/réinstalle toutes tes applications qui ont été dégradées par l'infection (nod32 par exemple)

Puis reposte un Hijackthis

| Alerter

Répondre à XmichouX

Anonyme

26 Avril 2008 07:42:31

J'arrive plus à avoir la même forme pour hijackthis..... :pfff:

Voilà le rappots qu'il me donne :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:35:25, on 26/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-496864445-1963564811-1683872077-1005\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O17 - HKLM\System\CCS\Services\Tcpip\..\{85BA03EF-DF6D-4417-B3E4-918452A7D20B}: NameServer = 192.168.0.100
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll

--
End of file - 5860 bytes

| Alerter

Répondre à Anonyme

Anonyme

26 Avril 2008 07:50:40

XmichouX,
J'ai réinstallé Nod32 = ça fonctionne nickel
Je n'ai plus de trace de Baegle = grâce à toi qui est resté jusqu'à 0 h 43 hiers soir pour m'aider !!! :ouimaitre:

Merci ++
T'es vraiment super ! Je n'y croyais plus :mdr:

!!! Problème résolu !!!

| Alerter

Répondre à Anonyme

XmichouX

26 Avril 2008 10:58:58

Minute Papillon

On finit

Télécharge sur ton bureau : Clean (de Malekal) >Tuto<
Dézippe le sur ton bureau. Double-clic sur ce dossier clean.
Double-clic sur clean.cmd. (L’extension cmd peut ne pas apparaître) Cela va ouvrir une fenêtre noire.
Un menu va apparaître, choisis l'option 1 puis entrée. Ensuite appuies sur une touche comme il te sera demandé.
Poste le rapport se trouve ici : C:\rapport_clean.txt

Si tu obtiens un fichier C:\upload_moi.zip, merci de faire ceci.

********

Fais une analyse antivirus en ligne sur Kaspersky avec Internet Explorer. (Tuto)
Autorise les active x.
Clique sur Démarrer Online Scanner.
Sélectionne le poste de travail comme analyse. Enregistres sous le rapport en format .txt.
Colle son rapport ici.

| Alerter

Répondre à XmichouX

Tom's guide dans le monde