verification apres probleme iexplorer.exe [résolu]

Tom's Guide > Forum > Sécurité - Virus > verification apres probleme iexplorer.exe [résolu]

verification apres probleme iexplorer.exe [résolu] - Sécurité - Virus

TomsGuide.com : 800 000 inscrits répondent à toutes vos questions high-tech et informatique. Pour obtenir de l'aide, inscrivez-vous gratuitement !

Répondre

Bas de page Chercher dans ce sujet

Bonjour à tous,
J'avais un probleme avec iexplorer.exe. Est ce que vous pouvez analyser les logs HIJACKTHIS pour voir si c'est OK???
Merci de votre aide

les logs :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:11:00, on 29/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
c:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Network Associates\McAfee Desktop Firewall for Windows XP\FireSvc.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\program files\lotus\notes\ntmulti.exe
C:\WINNT\system32\HPZipm12.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\TPHDEXLG.EXE
C:\WINNT\system32\TpKmpSVC.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\WINNT\system32\Ati2evxx.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\lotus\organize\easyclip.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Internet Explorer\iehook.exe
C:\WINNT\system32\rundll32.exe
C:\WINNT\system32\taskmgr.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINNT\explorer.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by ABB
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [884d88f4] rundll32.exe "C:\WINNT\system32\ubflmqxy.dll",b
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Babylon Translator] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINNT\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINNT\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Lotus Organizer EasyClip.lnk = ?
O4 - Global Startup: Lotus QuickStart.lnk = ?
O4 - Global Startup: VPN Client.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - c:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O14 - IERESET.INF: START_PAGE_URL=http://inside.abb.com
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activ [...] stubie.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mi [...] 7006427421
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINNT\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: McAfee Desktop Firewall Service (FireSvc) - McAfee, Inc. - C:\Program Files\Network Associates\McAfee Desktop Firewall for Windows XP\FireSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINNT\system32\ibmpmsvc.exe
O23 - Service: Tivoli Endpoint (lcfd) - Unknown owner - C:\Tivoli\lcf\bin\w32-ix86\mrt\lcfd.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
O23 - Service: Multi-user Cleanup Service - IBM Corp - C:\program files\lotus\notes\ntmulti.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINNT\System32\TPHDEXLG.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINNT\system32\TpKmpSVC.exe

--
End of file - 8899 bytes

Message édité par elg_49 le 10-09-2008 à 00:27:56

Répondre

Inscrivez-vous ou connectez-vous pour masquer ceci.

Bonjour,

Apparemment Vundo.

Télécharge ComboFix (de sUBs) sur ton Bureau.

Désactive temporairement toute protection résidente ! (Antivirus, antispywares..)
Double clique sur ComboFix.exe.
Accepte la licence en cliquant sur Oui.
Lorsque l'opération sera terminée, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

Le rapport se trouve ici : %systemdrive%\ComboFix.txt (%systemdrive% étant la partition où est installée Windows; C:\ en général)

Aide : Comment utiliser ComboFix.

------------------------------ >> Centre de Formation Helpers <<
Répondre à XmichouX

Bonjour,
Voici le rapport conbofix. Au moment du scan, j'ai eu plusieurs fois le message suivant "The application or DLL c:\WINNT\System32\clbdll.dll i snot a valid windows image. Please check this against your installation diskette"

Les logs:
ComboFix 08-07-29.1 - A ELLOUGANI 2008-07-30 15:35:53.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.517 [GMT 0:00]
Running from: C:\Documents and Settings\Administrator\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINNT\system32\clbdll.dll
C:\WINNT\system32\clbdll.old
C:\WINNT\system32\clbinit.dll
C:\WINNT\system32\drivers\clbdriver.sys
C:\WINNT\system32\drivers\Winxf75.sys
C:\WINNT\system32\ehilRXbc.ini
C:\WINNT\system32\ehilRXbc.ini2
C:\WINNT\system32\fijflgei.dll
C:\WINNT\system32\jshfjhqr.ini
C:\WINNT\system32\llalfeky.dll
C:\WINNT\system32\mcrh.tmp
C:\WINNT\system32\nnnlkHyv.dll
C:\WINNT\system32\rwnekgkg.ini
C:\WINNT\system32\smnqnmag.ini
C:\WINNT\system32\urqOFuRl.dll
C:\WINNT\system32\vav.cpl
C:\WINNT\system32\WinCtrl32.dll
C:\WINNT\system32\ydboxvoi.ini
C:\WINNT\system32\yxqmlfbu.ini

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_CLBDRIVER
-------\Legacy_WINXF75
-------\Service_Winxf75

((((((((((((((((((((((((( Files Created from 2008-06-28 to 2008-07-30 )))))))))))))))))))))))))))))))
.

2008-07-30 15:50 . 2008-07-30 15:50 53,248 --a------ C:\temp\catchme.dll
2008-07-30 14:23 . 2008-07-30 14:23 <DIR> d-------- C:\temp\72DF
2008-07-30 14:13 . 2008-07-30 14:13 <DIR> d-------- C:\temp\6B62
2008-07-30 13:52 . 2008-07-30 13:52 <DIR> d-------- C:\temp\BTN%Copy%1
2008-07-30 11:44 . 2008-07-30 11:53 <DIR> d-------- C:\temp\hsperfdata_A ELLOUGANI
2008-07-30 11:08 . 2008-07-30 11:08 99,456 --a------ C:\WINNT\system32\rqhjfhsj.dll
2008-07-29 19:59 . 2008-07-29 19:59 <DIR> d-------- C:\temp\smkits
2008-07-29 19:28 . 2008-07-29 19:29 <DIR> d-------- C:\Program Files\Software by Design
2008-07-29 19:28 . 2005-05-25 05:00 90,112 --------- C:\WINNT\SDUnInst.exe
2008-07-29 17:56 . 2008-07-29 17:56 <DIR> d-------- C:\temp\VBE
2008-07-29 15:01 . 2008-07-29 15:01 <DIR> d-------- C:\temp\41FA
2008-07-29 14:47 . 2008-07-29 14:47 <DIR> d-------- C:\temp\Google Toolbar
2008-07-29 14:47 . 2008-07-29 14:47 <DIR> d-------- C:\temp\BabylonData
2008-07-29 14:44 . 2008-07-30 15:50 <DIR> d-------- C:\temp\WERdf6a.dir00
2008-07-29 14:44 . 2008-07-30 15:50 <DIR> d-------- C:\temp\WERcd0a.dir00
2008-07-29 14:44 . 2008-07-30 15:50 <DIR> d-------- C:\temp\WERc8c6.dir00
2008-07-29 14:23 . 2008-07-29 20:04 <DIR> d-------- C:\temp\notesAE2D45
2008-07-29 14:10 . 2008-07-29 14:10 <DIR> d-------- C:\Program Files\Trend Micro
2008-07-29 14:05 . 2008-07-29 14:05 <DIR> d-------- C:\Program Files\Panda Security
2008-07-29 14:05 . 2008-06-19 17:24 28,544 --a------ C:\WINNT\system32\drivers\pavboot.sys
2008-07-29 13:15 . 2008-07-30 15:50 <DIR> d-------- C:\temp\Word8.0
2008-07-29 12:22 . 2008-07-30 15:50 <DIR> d-------- C:\temp\a2temp
2008-07-29 12:21 . 2008-07-29 13:21 <DIR> d-------- C:\Program Files\a-squared Anti-Malware
2008-07-29 00:51 . 2008-07-30 15:50 <DIR> d-------- C:\temp\jkos-A ELLOUGANI
2008-07-29 00:50 . 2008-06-10 02:32 73,728 --a------ C:\WINNT\system32\javacpl.cpl
2008-07-28 23:54 . 2008-07-28 23:54 <DIR> d---s---- C:\temp\Temporary Internet Files
2008-07-28 23:54 . 2008-07-28 23:54 <DIR> d---s---- C:\temp\History
2008-07-28 23:54 . 2008-07-30 15:50 <DIR> d---s---- C:\temp\Cookies
2008-07-28 23:35 . 2008-07-30 15:50 <DIR> d-------- C:\temp\WER2cc4.dir00
2008-07-26 06:36 . 2008-07-26 06:36 94,848 --a------ C:\WINNT\system32\gamnqnms.dll
2008-07-25 19:45 . 1996-08-20 20:37 15,840 --a------ C:\WINNT\system32\Machnm1.exe
2008-07-25 19:45 . 2005-09-25 16:37 5,632 --a------ C:\WINNT\system32\Machnm64.sys
2008-07-25 19:45 . 2008-07-25 19:45 3,120 --a------ C:\WINNT\system32\118290.54
2008-07-25 19:45 . 2008-07-25 19:45 3,120 --a------ C:\WINNT\118294.78
2008-07-25 19:45 . 2003-08-13 00:27 2,304 --a------ C:\WINNT\system32\Machnm32.sys
2008-07-25 17:10 . 2008-07-27 23:17 <DIR> d-------- C:\Program Files\AVM
2008-07-25 17:10 . 2008-07-25 08:17 120,320 --a------ C:\WINNT\system32\avm.cpl
2008-07-25 16:50 . 2008-07-25 16:51 30,672 --a------ C:\a
2008-07-25 15:01 . 2008-07-25 15:02 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-07-25 14:19 . 2008-07-30 15:50 <DIR> d-------- C:\temp\NSU_b77b2a565b734e3913dbdc
2008-07-25 11:59 . 2004-08-03 23:08 25,600 --a------ C:\WINNT\system32\drivers\usbser.sys
2008-07-25 11:59 . 2004-08-03 23:08 25,600 --a--c--- C:\WINNT\system32\dllcache\usbser.sys
2008-07-25 11:59 . 2008-07-25 11:59 0 --ah----- C:\WINNT\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-07-25 11:59 . 2008-07-25 11:59 0 --ah----- C:\WINNT\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-07-25 00:32 . 2008-07-25 00:32 323,584 --a------ C:\WINNT\system32\cbXRlihe.dll
2008-07-25 00:27 . 2008-07-30 14:27 <DIR> d-------- C:\temp\__SkypeIEToolbar_Cache
2008-07-25 00:27 . 2008-07-25 00:27 34,816 --a------ C:\WINNT\system32\clbdll.dll.vir
2008-07-25 00:27 . 2004-08-04 08:00 4,224 --a------ C:\WINNT\system32\beep.sys
2008-07-25 00:08 . 2008-05-07 07:39 1,419,232 --a------ C:\WINNT\system32\wdfcoinstaller01005.dll
2008-07-25 00:08 . 2008-05-07 07:38 659,968 --a------ C:\WINNT\system32\nmwcdcocls.dll
2008-07-25 00:08 . 2008-05-07 07:38 20,864 --a------ C:\WINNT\system32\drivers\ccdcmbo.sys
2008-07-25 00:08 . 2008-05-07 07:38 17,536 --a------ C:\WINNT\system32\drivers\ccdcmb.sys
2008-07-25 00:08 . 2008-05-07 07:38 8,064 --a------ C:\WINNT\system32\drivers\usbser_lowerfltj.sys
2008-07-25 00:08 . 2008-06-06 09:24 8,064 --a------ C:\WINNT\system32\drivers\usbser_lowerflt.sys
2008-07-25 00:07 . 2008-07-25 00:07 <DIR> d-------- C:\Program Files\MSXML 6.0
2008-07-24 16:41 . 2008-07-24 16:41 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\NSeries
2008-07-18 22:01 . 2008-07-18 22:01 <DIR> d-------- C:\Program Files\HSDPA USB MODEM
2008-07-18 22:01 . 2007-11-01 15:35 103,424 --a------ C:\WINNT\system32\MyDIT_GenClassCoInst.dll
2008-07-18 22:01 . 2007-10-16 11:40 97,408 --a------ C:\WINNT\system32\drivers\cmusbser.sys
2008-07-13 11:22 . 2007-08-24 19:45 101,120 -ra------ C:\WINNT\system32\drivers\ewusbmdm.sys
2008-07-13 11:22 . 2007-08-24 19:45 24,448 -ra------ C:\WINNT\system32\drivers\ewdcsc.sys
2008-07-13 11:21 . 2008-07-13 11:23 <DIR> d-------- C:\Program Files\Internet Mobile
2008-07-13 11:20 . 2004-08-03 23:08 17,024 --a------ C:\WINNT\system32\drivers\usbohci.sys
2008-07-13 11:20 . 2004-08-03 23:08 17,024 --a--c--- C:\WINNT\system32\dllcache\usbohci.sys
2008-07-10 19:58 . 2008-07-13 12:15 <DIR> d-------- C:\LOGIAPRO
2008-07-10 19:31 . 2008-07-10 19:58 <DIR> d-------- C:\Program Files\Common Files\PC SOFT
2008-07-10 19:31 . 2008-07-13 12:16 <DIR> d-------- C:\logiasyndic
2008-06-11 23:56 . 2008-06-12 00:07 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\U3

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-30 15:50 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Skype
2008-07-30 14:27 --------- d-----w C:\Documents and Settings\Administrator\Application Data\skypePM
2008-07-29 00:50 --------- d-----w C:\Program Files\Java
2008-07-25 19:44 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-25 00:08 --------- d-----w C:\Program Files\Nokia
2008-07-25 00:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Installations
2008-07-25 00:06 --------- d-----w C:\Program Files\Common Files\Nokia
2008-07-24 16:42 --------- d-----w C:\Documents and Settings\Administrator\Application Data\PC Suite
2008-07-24 16:29 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Nokia
2008-06-27 19:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\Babylon
2008-03-28 21:52 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
2008-02-09 22:19 2,293,848 -c--a-w C:\Program Files\FLV PlayerFCSetup.exe
2008-02-09 22:17 3,955,352 -c--a-w C:\Program Files\FLV PlayerRCATSetup.exe
2008-02-09 21:34 411,248 -c--a-w C:\Program Files\FLV PlayerRCSetup.exe
2007-03-09 08:12 27,648 -csha-w C:\WINNT\system32\AVSredirect.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2A32C803-1CB0-495A-8381-928837187B2E}]
2008-07-25 00:32 323584 --a------ C:\WINNT\system32\cbXRlihe.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINNT\system32\ctfmon.exe" [2004-08-04 08:00 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-11-17 09:57 68856]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-02-01 17:22 21898024]
"Babylon Translator"="C:\Program Files\Babylon\Babylon-Pro\Babylon.exe" [2004-04-01 11:43 2400323]
"PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" [2007-12-10 10:12 695808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-12-15 10:18 49152]
"NSLauncher"="C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe" [2007-08-02 14:30 3096576]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-02-23 16:37 185896]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"884d88f4"="C:\WINNT\system32\rqhjfhsj.dll" [2008-07-30 11:08 99456]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINNT\system32\CTFMON.EXE" [2004-08-04 08:00 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 17:35 1294336]

C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\
Yahoo! Widget Engine.lnk - C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe [2007-05-04 19:39:42 2913840]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Bluetooth.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe [2005-11-01 14:10:32 581693]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2006-05-16 09:54:22 24576]
Lotus Organizer EasyClip.lnk - C:\lotus\organize\easyclip.exe [2002-08-08 20:49:20 87040]
Lotus QuickStart.lnk - C:\lotus\wordpro\ltsstart.exe [2002-08-08 08:23:48 32768]
VPN Client.lnk - C:\WINNT\Installer\{24C67B54-0718-445E-B663-3138D9246BD1}\Icon3E5562ED7.ico [2006-05-16 10:40:19 6144]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"disablecad"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoMSAppLogo5ChannelNotify"= 0 (0x0)
"NoBandCustomize"= 0 (0x0)
"NoSMMyPictures"= 1 (0x1)
"NoSimpleStartMenu"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"Btn_Back"= 0 (0x0)
"Btn_Forward"= 0 (0x0)
"Btn_Stop"= 0 (0x0)
"Btn_Refresh"= 0 (0x0)
"Btn_Home"= 0 (0x0)
"Btn_Search"= 0 (0x0)
"Btn_History"= 0 (0x0)
"Btn_Favorites"= 0 (0x0)
"Btn_Media"= 2 (0x2)
"SpecifyDefaultButtons"= 1 (0x1)
"Btn_Folders"= 0 (0x0)
"Btn_Fullscreen"= 0 (0x0)
"Btn_Tools"= 0 (0x0)
"Btn_MailNews"= 0 (0x0)
"Btn_Size"= 0 (0x0)
"Btn_Print"= 0 (0x0)
"Btn_Edit"= 0 (0x0)
"Btn_Discussions"= 0 (0x0)
"Btn_Cut"= 0 (0x0)
"Btn_Copy"= 0 (0x0)
"Btn_Paste"= 0 (0x0)
"Btn_Encoding"= 0 (0x0)
"Btn_PrintPreview"= 0 (0x0)
"NoFavoritesMenu"= 0 (0x0)
"NoLogoff"= 0 (0x0)
"EnforceShellExtensionSecurity"= 0 (0x0)
"NoDeletePrinter"= 0 (0x0)
"NoAddPrinter"= 0 (0x0)
"NoPrinterTabs"= 0 (0x0)
"NoSimpleStartMenu"= 1 (0x1)
"ForceClassicControlPanel"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ACNotify]
2006-04-17 12:01 32768 C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpfnf2]
2005-07-05 22:45 28672 C:\WINNT\system32\notifyf2.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]
2005-11-30 19:16 24576 C:\WINNT\system32\tphklock.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.iac2"= C:\PROGRA~1\REPLAY~1\iac25_32.ax
"msacm.dvacm"= C:\PROGRA~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 TivoliAP

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=C:\WINNT\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2005-10-28 16:25 94208 C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sametime Connect]
--a------ 2005-05-04 13:56 1310720 C:\Program Files\lotus\Sametime Client\connect.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShStatEXE]
--a------ 2004-08-18 08:00 94208 C:\Program Files\Network Associates\VirusScan\shstat.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2008-02-23 16:37 185896 C:\Program Files\Common Files\Real\Update_OB\realsched.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 pavboot;pavboot;C:\WINNT\system32\drivers\pavboot.sys [2008-06-19 17:24]
R0 Shockprf;Shockprf;C:\WINNT\system32\drivers\Shockprf.sys [2005-11-30 14:58]
R1 ANC;ANC;C:\WINNT\system32\drivers\ANC.SYS [2005-11-08 08:27]
R1 IBMTPCHK;IBMTPCHK;C:\WINNT\system32\Drivers\IBMBLDID.sys [2006-01-12 23:33]
R1 ShockMgr;ShockMgr;C:\WINNT\system32\drivers\ShockMgr.sys [2005-06-20 11:18]
R1 TPPWRIF;TPPWRIF;C:\WINNT\system32\drivers\Tppwrif.sys [2005-12-07 00:12]
S3 lcfd;Tivoli Endpoint;C:\Tivoli\lcf\bin\w32-ix86\mrt\lcfd.exe [2005-05-22 01:15]
S3 qcusbser;Mobile Connector USB Device for Legacy Serial Communication;C:\WINNT\system32\DRIVERS\cmusbser.sys [2007-10-16 11:40]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - D:\aamsstp\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{53632f97-3285-11dd-9c78-0015587fd50b}]
\Shell\AutoRun\command - E:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aa86e88e-50cd-11dd-9c83-0019d22a4f22}]
\Shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aa86e891-50cd-11dd-9c83-0019d22a4f22}]
\Shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fb79fa6e-5259-11dd-9c86-0015587fd50b}]
\Shell\AutoRun\command - E:\.\ShowModem.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{EEBF9CA6-567B-41cd-B5F6-EF2C7FEF37B5}]
rundll32.exe advpack.dll,LaunchINFSectionEx C:\WINNT\INF\wmactedp.inf,PerUserStub,,4
.
Contents of the 'Scheduled Tasks' folder

2008-03-04 C:\WINNT\Tasks\PMTask.job
- C:\PROGRA~1\ThinkPad\UTILIT~1\PWMIDTSK.EXE [2005-12-07 00:12]

2008-07-30 C:\WINNT\Tasks\SDMsgUpdate (TE).job
- C:\PROGRA~1\SMARTD~2\Messages\SDNotify.exe [2007-09-26 08:53]
.
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.google.fr/
R0 -: HKCU-Main,Search Page = hxxp://www.google.com
R0 -: HKCU-Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
R0 -: HKCU-Main,Search Bar = hxxp://www.google.com/ie
R0 -: HKLM-Main,Default_Search_URL = hxxp://www.google.com/ie
R1 -: HKCU-Internet Settings,ProxyOverride = <local>
R0 -: HKCU-Search,SearchAssistant = hxxp://www.google.com/ie
R1 -: HKCU-SearchURL,(Default) = hxxp://www.google.com/search?q=%s
R0 -: HKLM-Search,SearchAssistant = hxxp://www.google.com/ie
O8 -: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 -: Send To &Bluetooth - c:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 -: Translate with &Babylon - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm

O16 -: Microsoft XML Parser for Java - file://C:\WINNT\Java\classes\xmldso.cab
C:\WINNT\Downloaded Program Files\Microsoft XML Parser for Java.osd

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-30 15:50:56
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINNT\system32\winlogon.exe
-> C:\Program Files\ThinkPad\ConnectUtilities\AcSvcStub.dll
-> C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll
-> C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll
-> C:\WINNT\system32\tphklock.dll
.
------------------------ Other Running Processes ------------------------
.
C:\WINNT\system32\ibmpmsvc.exe
C:\WINNT\system32\ati2evxx.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Network Associates\McAfee Desktop Firewall for Windows XP\FireSvc.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\lotus\notes\ntmulti.exe
C:\WINNT\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINNT\system32\TPHDEXLG.exe
C:\WINNT\system32\TpKmpSvc.exe
C:\WINNT\system32\wdfmgr.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\WINNT\system32\wscntfy.exe
C:\WINNT\system32\ati2evxx.exe
C:\WINNT\system32\rundll32.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
.
**************************************************************************
.
Completion time: 2008-07-30 15:54:09 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-30 15:54:05

Pre-Run: 15,542,071,296 bytes free
Post-Run: 15,547,318,272 bytes free

330

Répondre à elg_49

Re,

Télécharge ZebRestore

Dézippe-le. Ouvre le dossier, lance le en double cliquant sur l’exécutable.

Coche :
- RegEdit
- Clés RUN
- Bouton Arrêter
- Windows Update
- Gestionnaire des tâches
- Panneau de configuration
- Ajout/Suppression de programmes
- Policies

Clique sur Restaurer. Ferme le programme.

-------------

Sélectionne l'intégralité du cadre ci-dessous :

Collect::
C:\WINNT\system32\cbXRlihe.dll
C:\WINNT\system32\rqhjfhsj.dll
C:\WINNT\system32\gamnqnms.dll

File::
C:\WINNT\system32\clbdll.dll.vir

Folder::
C:\temp

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2A32C803-1CB0-495A-8381-928837187B2E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"=-
"884d88f4"=-

Copie/colle le dans le Bloc Notes (Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Enregistre le sous sur ton bureau sous le nom de CFScript.txt
Glisse maintenant le fichier CFScript.txt dans ComboFix.exe comme ci-dessous :

Cela va relancer Combofix.
ComboFix créera ces fichiers sur ton Bureau :

- Un fichier zippé nommé Submit [Date Time].zip
- Un second fichier nommé - CF-Submit.htm

ComboFix peut exiger un redémarrage pour compléter son travail. Accepte.
Lorsque l'outil aura terminé, un rapport ComboFix.log apparaîtra à l'écran.
Une nouvelle fenêtre avec invite "Submit Files for further analysis" s'ouvrira. Clique "OK"
Ton navigateur se lancera automatiquement avec le fichier CF-Submit.htm et une fenêtre s'ouvrira :

- Clique sur le bouton "Browse"("Parcourir" ) et navigue vers le fichier
Submit [Date Time].zip qui est sur ton Bureau.
- Clique sur le fichier afin de le sélectionner.

Soumets le fichier en cliquant "OK"
Lorsque cette opération sera complétée, tu peux supprimer ces deux fichiers qui se trouvent sur ton Bureau.

Poste le contenu du rapport ComboFix.txt après redémarrage s'il y en a un.

------------------------------ >> Centre de Formation Helpers <<
Répondre à XmichouX

Bonjour XmichouX,
J'ai suivi la procédure. Au moment de l'envoi du fichier zip, j'ai eu le message suivant "improper usage" donc je ne sais pas si l'envoi est bon.

Les logs combofix:

ComboFix 08-07-29.1 - A ELLOUGANI 2008-07-31 13:11:23.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.487 [GMT 0:00]
Running from: C:\Documents and Settings\Administrator\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Administrator\Desktop\CFScript.txt
* Created a new restore point

FILE ::
C:\WINNT\system32\clbdll.dll.vir
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\temp
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\session\menu.external.css
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\session\menu.external.html
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\session\menu.external.js
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\session\menu.graph.compat.css
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\session\menu.graph.compat.js
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\session\menu.graph.modern.css
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\session\menu.graph.modern.js
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\session\menu.text.css
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\session\menu.text.js
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\active_a.compat.flex.w11.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\active_a.compat.flex.w16.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\active_a.compat.stat.w11.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\active_a.compat.stat.w16.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\active_a.modern.flex.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\active_a.modern.stat.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\active_m.compat.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\active_m.modern.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\active_r.compat.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\active_r.modern.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\active_ra.compat.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\active_ra.modern.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\active_s.compat.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\active_s.modern.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\active_s_noflag.compat.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\active_s_noflag.modern.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\active_s_stat.compat.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\active_s_stat.modern.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\active_s_stat_noflag.compat.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\active_s_stat_noflag.modern.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\AC.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\AD.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\AE.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\AF.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\AG.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\AI.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\AL.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\AM.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\AN.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\AO.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\AR.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\AS.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\AT.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\AU.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\AW.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\AZ.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\BA.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\BB.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\BD.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\BE.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\BF.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\BG.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\BH.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\BI.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\BJ.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\BM.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\BN.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\BO.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\BR.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\BS.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\BT.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\BW.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\BY.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\BZ.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\CA.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\CD.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\CF.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\CG.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\CH.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\CI.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\CK.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\CL.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\CM.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\CN.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\CO.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\CR.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\CU.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\CV.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\CY.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\CZ.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\DE.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\DG.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\DJ.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\DK.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\DM.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\DO.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\DZ.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\EC.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\EE.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\EG.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\ER.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\ES.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\ET.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\FI.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\FJ.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\FK.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\FM.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\FO.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\FR.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\GA.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\GB.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\GD.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\GE.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\GF.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\GH.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\GI.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\GL.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\GM.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\GN.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\GP.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\GQ.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\GR.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\GT.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\GU.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\GW.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\GY.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\HK.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\HN.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\HR.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\HT.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\HU.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\ID.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\IE.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\IL.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\IN.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\IQ.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\IR.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\IS.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\IT.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\JM.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\JO.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\JP.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\KE.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\KG.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\KH.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\KI.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\KM.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\KN.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\KP.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\KR.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\KW.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\KY.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\KZ.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\LA.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\LB.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\LC.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\LI.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\LK.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\LR.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\LS.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\LT.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\LU.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\LV.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\LY.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\MA.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\MC.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\MD.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\ME.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\MG.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\MH.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\MK.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\ML.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\MM.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\MN.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\MO.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\MP.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\MQ.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\MR.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\MS.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\MT.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\MU.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\MV.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\MW.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\MX.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\MY.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\MZ.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\NA.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\NC.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\NE.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\NG.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\NI.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\NL.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\NO.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\NP.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\NR.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\NU.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\NZ.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\OM.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\PA.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\PE.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\PF.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\PG.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\PH.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\PK.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\PL.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\PM.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\PR.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\PS.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\PT.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\PW.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\PY.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\QA.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\RE.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\RO.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\RS.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\RU.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\RW.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\SA.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\SB.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\SC.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\SD.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\SE.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\SG.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\SH.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\SI.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\SK.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\SL.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\SM.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\SN.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\SO.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\SR.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\ST.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\SV.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\SY.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\SZ.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\TC.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\TD.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\TG.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\TH.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\TJ.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\TK.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\TL.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\TM.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\TN.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\TO.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\TR.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\TT.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\TV.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\TW.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\TZ.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\UA.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\UG.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\US.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\UY.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\UZ.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\VA.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\VC.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\VE.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\VG.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\VI.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\VN.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\VU.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\WF.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\WS.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\YE.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\YT.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\ZA.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\ZM.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\famfamfam\ZW.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\inactive_a.compat.flex.w11.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\inactive_a.compat.flex.w16.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\inactive_a.compat.stat.w11.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\inactive_a.compat.stat.w16.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\inactive_a.modern.flex.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\inactive_a.modern.stat.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\inactive_m.compat.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\inactive_m.modern.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\inactive_r.compat.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\inactive_r.modern.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\inactive_s.compat.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\inactive_s.modern.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\inactive_s_noflag.compat.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\inactive_s_noflag.modern.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\inactive_s_stat.compat.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\inactive_s_stat.modern.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\inactive_s_stat_noflag.compat.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\inactive_s_stat_noflag.modern.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\injection.graph.compat.flex.tmpl
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\injection.graph.compat.stat.tmpl
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\injection.graph.modern.flex.tmpl
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\injection.graph.modern.stat.tmpl
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\injection.text.flex.tmpl
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\injection.text.stat.tmpl
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\menu.external.css
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\menu.external.html
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\menu.external.js
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\menu.graph.compat.css
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\menu.graph.compat.js
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\menu.graph.modern.css
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\menu.graph.modern.js
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\menu.text.css
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\menu.text.js
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\pushed_a.compat.flex.w11.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\pushed_a.compat.flex.w16.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\pushed_a.compat.stat.w11.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\pushed_a.compat.stat.w16.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\pushed_a.modern.flex.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\pushed_a.modern.stat.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\pushed_m.compat.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\pushed_m.modern.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\pushed_r.compat.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\pushed_r.modern.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\pushed_s.compat.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\pushed_s.modern.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\pushed_s_noflag.compat.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\pushed_s_noflag.modern.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\pushed_s_stat.compat.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\pushed_s_stat.modern.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\pushed_s_stat_noflag.compat.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\pushed_s_stat_noflag.modern.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\webicon_add.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\webicon_call.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\webicon_copy.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\webicon_find.gif
C:\temp\__SkypeIEToolbar_Cache\e70d95847a8f5723cfca6b3fd9946506\static\webicon_sms.gif
C:\temp\~DF14F1.tmp
C:\temp\~DF32A4.tmp
C:\temp\~DF3469.tmp
C:\temp\~DF3775.tmp
C:\temp\~DFBF39.tmp
C:\temp\11376280.TMP
C:\temp\Av-test.txt
C:\temp\cc_20080730_1636.reg
C:\temp\cnvB5.tmp
C:\temp\jusched.log
C:\temp\log.txt
C:\temp\pcsuitecheck_new.xml
C:\WINNT\system32\cbXRlihe.dll
C:\WINNT\system32\clbdll.dll.vir
C:\WINNT\system32\ehilRXbc.ini
C:\WINNT\system32\ehilRXbc.ini2
C:\WINNT\system32\gamnqnms.dll
C:\WINNT\system32\rmemfoop.ini

.
((((((((((((((((((((((((( Files Created from 2008-06-28 to 2008-07-31 )))))))))))))))))))))))))))))))
.

2008-07-31 13:18 . 2008-07-31 13:18 <DIR> d-------- C:\Temp\BabylonData
2008-07-31 13:18 . 2008-07-31 13:19 <DIR> d-------- C:\Temp
2008-07-31 13:18 . 2008-07-31 13:18 53,248 --a------ C:\Temp\catchme.dll
2008-07-30 19:07 . 2007-07-30 19:19 43,352 --a------ C:\WINNT\system32\wups2.dll
2008-07-30 19:07 . 2007-07-30 19:18 34,136 --a------ C:\WINNT\system32\wucltui.dll.mui
2008-07-30 19:07 . 2007-07-30 19:19 25,944 --a------ C:\WINNT\system32\wuaucpl.cpl.mui
2008-07-30 19:07 . 2007-07-30 19:18 20,312 --a------ C:\WINNT\system32\wuaueng.dll.mui
2008-07-30 15:57 . 2008-07-30 15:57 99,456 --a------ C:\WINNT\system32\poofmemr.dll
2008-07-30 15:54 . 2008-07-30 15:54 294 --ahs---- C:\WINNT\system32\jshfjhqr.ini
2008-07-29 19:28 . 2008-07-29 19:29 <DIR> d-------- C:\Program Files\Software by Design
2008-07-29 19:28 . 2005-05-25 05:00 90,112 --------- C:\WINNT\SDUnInst.exe
2008-07-29 14:10 . 2008-07-29 14:10 <DIR> d-------- C:\Program Files\Trend Micro
2008-07-29 14:05 . 2008-07-29 14:05 <DIR> d-------- C:\Program Files\Panda Security
2008-07-29 14:05 . 2008-06-19 17:24 28,544 --a------ C:\WINNT\system32\drivers\pavboot.sys
2008-07-29 12:21 . 2008-07-29 13:21 <DIR> d-------- C:\Program Files\a-squared Anti-Malware
2008-07-29 00:50 . 2008-06-10 02:32 73,728 --a------ C:\WINNT\system32\javacpl.cpl
2008-07-25 19:45 . 1996-08-20 20:37 15,840 --a------ C:\WINNT\system32\Machnm1.exe
2008-07-25 19:45 . 2005-09-25 16:37 5,632 --a------ C:\WINNT\system32\Machnm64.sys
2008-07-25 19:45 . 2008-07-25 19:45 3,120 --a------ C:\WINNT\system32\118290.54
2008-07-25 19:45 . 2008-07-25 19:45 3,120 --a------ C:\WINNT\118294.78
2008-07-25 19:45 . 2003-08-13 00:27 2,304 --a------ C:\WINNT\system32\Machnm32.sys
2008-07-25 17:10 . 2008-07-27 23:17 <DIR> d-------- C:\Program Files\AVM
2008-07-25 17:10 . 2008-07-25 08:17 120,320 --a------ C:\WINNT\system32\avm.cpl
2008-07-25 16:50 . 2008-07-25 16:51 30,672 --a------ C:\a
2008-07-25 15:01 . 2008-07-25 15:02 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-07-25 11:59 . 2004-08-03 23:08 25,600 --a------ C:\WINNT\system32\drivers\usbser.sys
2008-07-25 11:59 . 2004-08-03 23:08 25,600 --a--c--- C:\WINNT\system32\dllcache\usbser.sys
2008-07-25 11:59 . 2008-07-25 11:59 0 --ah----- C:\WINNT\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-07-25 11:59 . 2008-07-25 11:59 0 --ah----- C:\WINNT\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-07-25 00:27 . 2004-08-04 08:00 4,224 --a------ C:\WINNT\system32\beep.sys
2008-07-25 00:08 . 2008-05-07 07:39 1,419,232 --a------ C:\WINNT\system32\wdfcoinstaller01005.dll
2008-07-25 00:08 . 2008-05-07 07:38 659,968 --a------ C:\WINNT\system32\nmwcdcocls.dll
2008-07-25 00:08 . 2008-05-07 07:38 20,864 --a------ C:\WINNT\system32\drivers\ccdcmbo.sys
2008-07-25 00:08 . 2008-05-07 07:38 17,536 --a------ C:\WINNT\system32\drivers\ccdcmb.sys
2008-07-25 00:08 . 2008-05-07 07:38 8,064 --a------ C:\WINNT\system32\drivers\usbser_lowerfltj.sys
2008-07-25 00:08 . 2008-06-06 09:24 8,064 --a------ C:\WINNT\system32\drivers\usbser_lowerflt.sys
2008-07-25 00:07 . 2008-07-25 00:07 <DIR> d-------- C:\Program Files\MSXML 6.0
2008-07-24 16:41 . 2008-07-24 16:41 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\NSeries
2008-07-18 22:01 . 2008-07-18 22:01 <DIR> d-------- C:\Program Files\HSDPA USB MODEM
2008-07-18 22:01 . 2007-11-01 15:35 103,424 --a------ C:\WINNT\system32\MyDIT_GenClassCoInst.dll
2008-07-18 22:01 . 2007-10-16 11:40 97,408 --a------ C:\WINNT\system32\drivers\cmusbser.sys
2008-07-13 11:22 . 2007-08-24 19:45 101,120 -ra------ C:\WINNT\system32\drivers\ewusbmdm.sys
2008-07-13 11:22 . 2007-08-24 19:45 24,448 -ra------ C:\WINNT\system32\drivers\ewdcsc.sys
2008-07-13 11:21 . 2008-07-13 11:23 <DIR> d-------- C:\Program Files\Internet Mobile
2008-07-13 11:20 . 2004-08-03 23:08 17,024 --a------ C:\WINNT\system32\drivers\usbohci.sys
2008-07-13 11:20 . 2004-08-03 23:08 17,024 --a--c--- C:\WINNT\system32\dllcache\usbohci.sys
2008-07-10 19:58 . 2008-07-13 12:15 <DIR> d-------- C:\LOGIAPRO
2008-07-10 19:31 . 2008-07-10 19:58 <DIR> d-------- C:\Program Files\Common Files\PC SOFT
2008-07-10 19:31 . 2008-07-13 12:16 <DIR> d-------- C:\logiasyndic
2008-06-11 23:56 . 2008-06-12 00:07 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\U3

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-31 13:19 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Skype
2008-07-31 08:03 --------- d-----w C:\Documents and Settings\Administrator\Application Data\skypePM
2008-07-30 18:22 --------- d-----w C:\Program Files\lotus
2008-07-29 00:50 --------- d-----w C:\Program Files\Java
2008-07-25 19:44 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-25 00:08 --------- d-----w C:\Program Files\Nokia
2008-07-25 00:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Installations
2008-07-25 00:06 --------- d-----w C:\Program Files\Common Files\Nokia
2008-07-24 16:42 --------- d-----w C:\Documents and Settings\Administrator\Application Data\PC Suite
2008-07-24 16:29 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Nokia
2008-06-27 19:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\Babylon
2008-03-28 21:52 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
2008-02-09 22:19 2,293,848 -c--a-w C:\Program Files\FLV PlayerFCSetup.exe
2008-02-09 22:17 3,955,352 -c--a-w C:\Program Files\FLV PlayerRCATSetup.exe
2008-02-09 21:34 411,248 -c--a-w C:\Program Files\FLV PlayerRCSetup.exe
2007-03-09 08:12 27,648 -csha-w C:\WINNT\system32\AVSredirect.dll
.

((((((((((((((((((((((((((((( snapshot@2008-07-30_15.53.53.43 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-07-30 19:19:20 92,504 ------w C:\WINNT\SoftwareDistribution\WebSetup\cdm.dll
+ 2007-07-30 19:19:36 549,720 ------w C:\WINNT\SoftwareDistribution\WebSetup\wuapi.dll
+ 2007-07-30 19:19:16 53,080 ------w C:\WINNT\SoftwareDistribution\WebSetup\wuauclt.exe
+ 2007-07-30 19:19:42 1,712,984 ------w C:\WINNT\SoftwareDistribution\WebSetup\wuaueng.dll
+ 2007-07-30 19:19:32 325,976 ------w C:\WINNT\SoftwareDistribution\WebSetup\wucltui.dll
+ 2007-07-30 19:18:40 33,624 ------w C:\WINNT\SoftwareDistribution\WebSetup\wups.dll
+ 2007-07-30 19:19:12 43,352 ------w C:\WINNT\SoftwareDistribution\WebSetup\wups2.dll
- 2004-08-04 08:00:00 66,560 ----a-w C:\WINNT\system32\cdm.dll
+ 2007-07-30 19:19:20 92,504 ----a-w C:\WINNT\system32\cdm.dll
- 2004-08-04 08:00:00 66,560 -c--a-w C:\WINNT\system32\dllcache\cdm.dll
+ 2007-07-30 19:19:20 92,504 -c--a-w C:\WINNT\system32\dllcache\cdm.dll
- 2004-08-04 08:00:00 111,104 -c--a-w C:\WINNT\system32\dllcache\wuauclt.exe
+ 2007-07-30 19:19:16 53,080 -c--a-w C:\WINNT\system32\dllcache\wuauclt.exe
- 2004-08-04 08:00:00 1,134,592 -c--a-w C:\WINNT\system32\dllcache\wuaueng.dll
+ 2007-07-30 19:19:42 1,712,984 -c--a-w C:\WINNT\system32\dllcache\wuaueng.dll
- 2004-08-04 08:00:00 112,640 -c--a-w C:\WINNT\system32\dllcache\wucltui.dll
+ 2007-07-30 19:19:32 325,976 -c--a-w C:\WINNT\system32\dllcache\wucltui.dll
+ 2007-07-30 19:19:36 549,720 ----a-w C:\WINNT\system32\SoftwareDistribution\Setup\ServiceStartup\wuapi.dll\7.0.6000.381\wuapi.dll
+ 2007-07-30 19:18:40 33,624 ----a-w C:\WINNT\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.0.6000.381\wups.dll
- 2004-08-04 08:00:00 111,104 ----a-w C:\WINNT\system32\wuauclt.exe
+ 2007-07-30 19:19:16 53,080 ----a-w C:\WINNT\system32\wuauclt.exe
- 2004-08-04 08:00:00 1,134,592 ----a-w C:\WINNT\system32\wuaueng.dll
+ 2007-07-30 19:19:42 1,712,984 ----a-w C:\WINNT\system32\wuaueng.dll
- 2004-08-04 08:00:00 112,640 -c--a-w C:\WINNT\system32\wucltui.dll
+ 2007-07-30 19:19:32 325,976 ----a-w C:\WINNT\system32\wucltui.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINNT\system32\ctfmon.exe" [2004-08-04 08:00 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-11-17 09:57 68856]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-02-01 17:22 21898024]
"Babylon Translator"="C:\Program Files\Babylon\Babylon-Pro\Babylon.exe" [2004-04-01 11:43 2400323]
"PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" [2007-12-10 10:12 695808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-12-15 10:18 49152]
"NSLauncher"="C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe" [2007-08-02 14:30 3096576]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"ShStatEXE"="C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" [2004-08-18 08:00 94208]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINNT\system32\CTFMON.EXE" [2004-08-04 08:00 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 17:35 1294336]

C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\
Yahoo! Widget Engine.lnk - C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe [2007-05-04 19:39:42 2913840]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Bluetooth.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe [2005-11-01 14:10:32 581693]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2006-05-16 09:54:22 24576]
Lotus Organizer EasyClip.lnk - C:\lotus\organize\easyclip.exe [2002-08-08 20:49:20 87040]
Lotus QuickStart.lnk - C:\lotus\wordpro\ltsstart.exe [2002-08-08 08:23:48 32768]
VPN Client.lnk - C:\WINNT\Installer\{24C67B54-0718-445E-B663-3138D9246BD1}\Icon3E5562ED7.ico [2006-05-16 10:40:19 6144]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ACNotify]
2006-04-17 12:01 32768 C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpfnf2]
2005-07-05 22:45 28672 C:\WINNT\system32\notifyf2.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]
2005-11-30 19:16 24576 C:\WINNT\system32\tphklock.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.iac2"= C:\PROGRA~1\REPLAY~1\iac25_32.ax
"msacm.dvacm"= C:\PROGRA~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 TivoliAP

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=C:\WINNT\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2005-10-28 16:25 94208 C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sametime Connect]
--a------ 2005-05-04 13:56 1310720 C:\Program Files\lotus\Sametime Client\connect.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2008-02-23 16:37 185896 C:\Program Files\Common Files\Real\Update_OB\realsched.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 pavboot;pavboot;C:\WINNT\system32\drivers\pavboot.sys [2008-06-19 17:24]
R0 Shockprf;Shockprf;C:\WINNT\system32\drivers\Shockprf.sys [2005-11-30 14:58]
R1 ANC;ANC;C:\WINNT\system32\drivers\ANC.SYS [2005-11-08 08:27]
R1 IBMTPCHK;IBMTPCHK;C:\WINNT\system32\Drivers\IBMBLDID.sys [2006-01-12 23:33]
R1 ShockMgr;ShockMgr;C:\WINNT\system32\drivers\ShockMgr.sys [2005-06-20 11:18]
R1 TPPWRIF;TPPWRIF;C:\WINNT\system32\drivers\Tppwrif.sys [2005-12-07 00:12]
S3 lcfd;Tivoli Endpoint;C:\Tivoli\lcf\bin\w32-ix86\mrt\lcfd.exe [2005-05-22 01:15]
S3 qcusbser;Mobile Connector USB Device for Legacy Serial Communication;C:\WINNT\system32\DRIVERS\cmusbser.sys [2007-10-16 11:40]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - D:\aamsstp\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{53632f97-3285-11dd-9c78-0015587fd50b}]
\Shell\AutoRun\command - E:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aa86e88e-50cd-11dd-9c83-0019d22a4f22}]
\Shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aa86e891-50cd-11dd-9c83-0019d22a4f22}]
\Shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fb79fa6e-5259-11dd-9c86-0015587fd50b}]
\Shell\AutoRun\command - E:\.\ShowModem.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{EEBF9CA6-567B-41cd-B5F6-EF2C7FEF37B5}]
rundll32.exe advpack.dll,LaunchINFSectionEx C:\WINNT\INF\wmactedp.inf,PerUserStub,,4
.
Contents of the 'Scheduled Tasks' folder

2008-03-04 C:\WINNT\Tasks\PMTask.job
- C:\PROGRA~1\ThinkPad\UTILIT~1\PWMIDTSK.EXE [2005-12-07 00:12]

2008-07-31 C:\WINNT\Tasks\SDMsgUpdate (TE).job
- C:\PROGRA~1\SMARTD~2\Messages\SDNotify.exe [2007-09-26 08:53]
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-31 13:18:10
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINNT\system32\winlogon.exe
-> C:\Program Files\ThinkPad\ConnectUtilities\AcSvcStub.dll
-> C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll
-> C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll
-> C:\WINNT\system32\tphklock.dll
.
------------------------ Other Running Processes ------------------------
.
C:\WINNT\system32\ibmpmsvc.exe
C:\WINNT\system32\ati2evxx.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Network Associates\McAfee Desktop Firewall for Windows XP\FireSvc.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\mcshield.exe
C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\lotus\notes\ntmulti.exe
C:\WINNT\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINNT\system32\TPHDEXLG.exe
C:\WINNT\system32\TpKmpSvc.exe
C:\WINNT\system32\wdfmgr.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\WINNT\system32\ati2evxx.exe
C:\WINNT\system32\wscntfy.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\ComboFix\catchme.cfexe
.
**************************************************************************
.
Completion time: 2008-07-31 13:22:36 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-31 13:22:32

Pre-Run: 15,486,984,192 bytes free
Post-Run: 15,486,873,600 bytes free

592

Répondre à elg_49

Re,

Supprime C:\WINNT\system32\jshfjhqr.ini

Télécharge MalwareByte's Anti-Malware sur ton Bureau.

Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées :

Fais redémarrer ton ordinateur en mode sans échec

- Au démarrage, après le chargement du bios, appuie successivement sur la touche F8 (ou F5) de ton clavier jusqu'à l'apparition d'un menu sur fond noir. Une fois arrivé à ce stade, sélectionne à l'aide du clavier Mode sans Echec.
-- Dans ce mode, tu n'as pas accès à Internet, et tu te retrouves avec une configuration visuelle différente (pas de fond d'écran, icônes très grosses). Ne sois donc pas étonné.
--- C'est pour ces différentes raisons que je t'invite à imprimer, noter, ou enregistrer dans un document texte les informations suivantes afin de ne pas être perdu.
---- ! Ne fais pas démarrer ton ordinateur en mode sans échec via MSConfig ! Pourquoi ? Certaines infections cassent les clefs du mode sans échec, ce qui ferait crasher ton ordinateur.

Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
Afin de lancer la recherche, clic sur"Rechercher".
Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :

~ Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
~~ Si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau.
~~~~ Fais redémarrer ton ordinateur normalement et poste le rapport dans ta prochaine réponse.

REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.

Note : Si tu ne parviens à télécharger MBAM à part de MajorGeeks, tu peux le télécharger ici!

Aide :

------------------------------ >> Centre de Formation Helpers <<
Répondre à XmichouX

Re,
J'ai cherche le fichier en question C:\WINNT\system32\jshfjhqr.ini pour le supprimer mais il n'y etait pas. J'ai donc lance le scan en mode sans echec, il a trouve 18 infections mais apparement aucune action n'a été effectuée. ci-apres le rapport :

Malwarebytes' Anti-Malware 1.24
Version de la base de données: 1012
Windows 5.1.2600 Service Pack 2

20:44:14 2008-07-31
mbam-log-7-31-2008 (20-44-07).txt

Type de recherche: Examen complet (C:\|D:\|F:\|)
Eléments examinés: 121083
Temps écoulé: 35 minute(s), 41 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 16

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> No action taken.

Dossier(s) infecté(s):
C:\Program Files\AVM (Rogue.AntivirusMaster) -> No action taken.

Fichier(s) infecté(s):
C:\a (Rogue.Multiple) -> No action taken.
C:\Documents and Settings\Administrator\Desktop\AV2009Install_77052209.exe (Rogue.Installer) -> No action taken.
C:\QooBox\Quarantine\C\WINNT\system32\nnnlkHyv.dll.vir (Trojan.Vundo) -> No action taken.
C:\QooBox\Quarantine\C\WINNT\system32\urqOFuRl.dll.vir (Trojan.Vundo) -> No action taken.
C:\QooBox\Quarantine\C\WINNT\system32\vav.cpl.vir (Rogue.Antispyware) -> No action taken.
C:\System Volume Information\_restore{93C73AA4-079D-447E-88AE-FD9A4AAB2E5B}\RP2\A0000006.cpl (Rogue.Antispyware) -> No action taken.
C:\System Volume Information\_restore{93C73AA4-079D-447E-88AE-FD9A4AAB2E5B}\RP2\A0000011.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{93C73AA4-079D-447E-88AE-FD9A4AAB2E5B}\RP2\A0000012.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{93C73AA4-079D-447E-88AE-FD9A4AAB2E5B}\RP4\A0000244.dll (Trojan.Vundo) -> No action taken.
C:\Program Files\AVM\avm.cpl (Rogue.AntivirusMaster) -> No action taken.
C:\Program Files\AVM\avm.old (Rogue.AntivirusMaster) -> No action taken.
C:\Program Files\AVM\avm0.dat (Rogue.AntivirusMaster) -> No action taken.
C:\Program Files\AVM\avm1.dat (Rogue.AntivirusMaster) -> No action taken.
C:\Documents and Settings\Administrator\Desktop\Vista Antivirus 2008.url (Rogue.VistaAntivirus2008) -> No action taken.
C:\ibmugcd.bat (Trojan.Agent) -> No action taken.
C:\WINNT\system32\avm.cpl (Trojan.FakeAlert) -> No action taken.

Répondre à elg_49

Re,

Poste un nouveau rapport HijackTHis;

------------------------------ >> Centre de Formation Helpers <<
Répondre à XmichouX

Re,
Voici le nouveau rapport HijackTHis.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:50, on 2008-08-04
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\ibmpmsvc.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
c:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Network Associates\McAfee Desktop Firewall for Windows XP\FireSvc.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\mcshield.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\program files\lotus\notes\ntmulti.exe
C:\WINNT\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\TPHDEXLG.EXE
C:\WINNT\system32\TpKmpSVC.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\Network Associates\Common Framework\McScript_InUse.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\wscntfy.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\WINNT\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Babylon\Babylon-Pro\Babylon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\lotus\organize\easyclip.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINNT\system32\wuauclt.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINNT\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iehook.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINNT\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Babylon Translator] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Lotus Organizer EasyClip.lnk = ?
O4 - Global Startup: Lotus QuickStart.lnk = ?
O4 - Global Startup: VPN Client.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - c:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O14 - IERESET.INF: START_PAGE_URL=http://inside.abb.com
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activ [...] stubie.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mi [...] 7006427421
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINNT\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: McAfee Desktop Firewall Service (FireSvc) - McAfee, Inc. - C:\Program Files\Network Associates\McAfee Desktop Firewall for Windows XP\FireSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINNT\system32\ibmpmsvc.exe
O23 - Service: Tivoli Endpoint (lcfd) - Unknown owner - C:\Tivoli\lcf\bin\w32-ix86\mrt\lcfd.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
O23 - Service: Multi-user Cleanup Service - IBM Corp - C:\program files\lotus\notes\ntmulti.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINNT\System32\TPHDEXLG.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINNT\system32\TpKmpSVC.exe

--
End of file - 10007 bytes

Répondre à elg_49

Re,

Je pars en vacances demain.
Merci d'envoyer un MP à un autre Helper ou membre affilié pour obtenir de l'aide.

------------------------------ >> Centre de Formation Helpers <<
Répondre à XmichouX

Re,

Poste un nouveau log ComboFix pour vérification stp.

------------------------------ >> Centre de Formation Helpers <<
Répondre à XmichouX

Salut XmichouX,
Ci-dessous le dernier rapport combofix.
logs:
ComboFix 08-07-29.1 - A ELLOUGANI 2008-09-02 22:56:27.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.481 [GMT 0:00]
Running from: C:\Documents and Settings\Administrator\Desktop\forum\ComboFix.exe
.
- REDUCED FUNCTIONALITY MODE -
.

((((((((((((((((((((((((( Files Created from 2008-08-02 to 2008-09-02 )))))))))))))))))))))))))))))))
.

2008-09-02 22:57 . 2008-09-02 22:57 53,248 --a------ C:\Temp\catchme.dll
2008-09-02 21:37 . 2008-09-02 21:37 <DIR> d-------- C:\Temp\smkits
2008-09-02 19:30 . 2008-09-02 19:30 <DIR> d-------- C:\Temp\3E0B
2008-09-02 19:25 . 2008-09-02 19:25 <DIR> d-------- C:\Temp\3A34
2008-08-31 22:04 . 2008-08-31 22:04 <DIR> d-------- C:\Temp\1811
2008-08-30 20:06 . 2008-08-30 20:06 <DIR> d-------- C:\Temp\6FBF
2008-08-13 13:17 . 2008-08-13 13:17 <DIR> d-------- C:\Temp\60A
2008-08-13 13:12 . 2008-08-13 13:12 <DIR> d-------- C:\Temp\251
2008-08-07 20:02 . 2008-08-07 20:02 <DIR> d-------- C:\Temp\671A
2008-08-07 19:55 . 2008-08-07 19:55 <DIR> d-------- C:\Temp\6214
2008-08-07 12:17 . 2008-08-07 12:17 <DIR> d-------- C:\Temp\32E
2008-08-07 12:12 . 2008-08-07 12:12 <DIR> d-------- C:\Temp\7F85
2008-08-04 18:54 . 2008-08-04 18:54 <DIR> d-------- C:\Temp\48ED
2008-08-04 18:49 . 2008-08-04 18:49 <DIR> d-------- C:\Temp\451A

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-02 22:55 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Skype
2008-09-02 21:36 --------- d-----w C:\Documents and Settings\Administrator\Application Data\skypePM
2008-08-01 20:10 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-08-01 20:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Babylon
2008-07-31 19:59 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-07-31 19:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-31 19:59 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Malwarebytes
2008-07-30 20:07 38,472 ----a-w C:\WINNT\system32\drivers\mbamswissarmy.sys
2008-07-30 20:07 17,144 ----a-w C:\WINNT\system32\drivers\mbam.sys
2008-07-30 18:22 --------- d-----w C:\Program Files\lotus
2008-07-30 15:57 99,456 ----a-w C:\WINNT\system32\poofmemr.dll
2008-07-29 19:29 --------- d-----w C:\Program Files\Software by Design
2008-07-29 14:10 --------- d-----w C:\Program Files\Trend Micro
2008-07-29 14:05 --------- d-----w C:\Program Files\Panda Security
2008-07-29 13:21 --------- d-----w C:\Program Files\a-squared Anti-Malware
2008-07-29 00:50 --------- d-----w C:\Program Files\Java
2008-07-25 19:44 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-25 15:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-07-25 11:59 0 ---ha-w C:\WINNT\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-07-25 11:59 0 ---ha-w C:\WINNT\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-07-25 00:08 --------- d-----w C:\Program Files\Nokia
2008-07-25 00:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Installations
2008-07-25 00:07 --------- d-----w C:\Program Files\MSXML 6.0
2008-07-25 00:06 --------- d-----w C:\Program Files\Common Files\Nokia
2008-07-24 16:42 --------- d-----w C:\Documents and Settings\Administrator\Application Data\PC Suite
2008-07-24 16:41 --------- d-----w C:\Documents and Settings\Administrator\Application Data\NSeries
2008-07-24 16:29 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Nokia
2008-07-18 22:01 --------- d-----w C:\Program Files\HSDPA USB MODEM
2008-07-13 11:23 --------- d-----w C:\Program Files\Internet Mobile
2008-07-10 19:58 --------- d-----w C:\Program Files\Common Files\PC SOFT
2008-07-07 20:32 253,952 ----a-w C:\WINNT\system32\es.dll
2008-06-24 16:23 74,240 ----a-w C:\WINNT\system32\mscms.dll
2008-06-23 16:12 667,136 ----a-w C:\WINNT\system32\wininet.dll
2008-06-20 17:41 245,248 ----a-w C:\WINNT\system32\mswsock.dll
2008-03-28 21:52 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
2008-02-09 22:19 2,293,848 -c--a-w C:\Program Files\FLV PlayerFCSetup.exe
2008-02-09 22:17 3,955,352 -c--a-w C:\Program Files\FLV PlayerRCATSetup.exe
2008-02-09 21:34 411,248 -c--a-w C:\Program Files\FLV PlayerRCSetup.exe
2007-03-09 08:12 27,648 -csha-w C:\WINNT\system32\AVSredirect.dll
.

((((((((((((((((((((((((((((( snapshot@2008-07-30_15.53.53.43 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-02-25 03:35:05 14,048 ----a-w C:\WINNT\$hf_mig$\KB898461\spmsg.dll
+ 2005-02-25 03:35:05 209,632 ----a-w C:\WINNT\$hf_mig$\KB898461\spuninst.exe
+ 2005-02-25 03:35:05 22,752 ----a-w C:\WINNT\$hf_mig$\KB898461\spupdsvc.exe
+ 2005-02-25 03:35:05 22,240 ----a-w C:\WINNT\$hf_mig$\KB898461\update\spcustom.dll
+ 2005-02-25 03:35:05 718,048 ----a-w C:\WINNT\$hf_mig$\KB898461\update\update.exe
+ 2005-02-25 03:35:06 371,936 ----a-w C:\WINNT\$hf_mig$\KB898461\update\updspapi.dll
+ 2008-03-27 09:22:32 60,416 ----a-w C:\WINNT\$hf_mig$\KB942763\SP2QFE\tzchange.exe
+ 2008-03-27 10:40:24 60,416 ----a-w C:\WINNT\$hf_mig$\KB942763\SP3GDR\tzchange.exe
+ 2008-03-27 10:46:15 60,416 ----a-w C:\WINNT\$hf_mig$\KB942763\SP3QFE\tzchange.exe
+ 2007-11-30 11:18:51 17,272 ----a-w C:\WINNT\$hf_mig$\KB942763\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w C:\WINNT\$hf_mig$\KB942763\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w C:\WINNT\$hf_mig$\KB942763\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w C:\WINNT\$hf_mig$\KB942763\update\update.exe
+ 2007-11-30 11:18:51 382,840 ----a-w C:\WINNT\$hf_mig$\KB942763\update\updspapi.dll
+ 2007-12-18 14:32:13 450,560 ----a-w C:\WINNT\$hf_mig$\KB944338-v2\SP2QFE\jscript.dll
+ 2007-12-18 14:32:13 417,792 ----a-w C:\WINNT\$hf_mig$\KB944338-v2\SP2QFE\vbscript.dll
+ 2007-03-06 01:22:36 14,048 ----a-w C:\WINNT\$hf_mig$\KB944338-v2\spmsg.dll
+ 2007-03-06 01:22:41 213,216 ----a-w C:\WINNT\$hf_mig$\KB944338-v2\spuninst.exe
+ 2007-03-06 01:22:34 22,752 ----a-w C:\WINNT\$hf_mig$\KB944338-v2\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w C:\WINNT\$hf_mig$\KB944338-v2\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w C:\WINNT\$hf_mig$\KB944338-v2\update\updspapi.dll
+ 2008-01-23 04:56:21 554,008 ----a-w C:\WINNT\$hf_mig$\KB950749\SP2QFE\dao360.dll
+ 2007-12-10 12:41:11 518,944 ----a-w C:\WINNT\$hf_mig$\KB950749\SP2QFE\msexch40.dll
+ 2007-12-10 12:41:11 326,432 ----a-w C:\WINNT\$hf_mig$\KB950749\SP2QFE\msexcl40.dll
+ 2007-12-10 12:41:11 1,516,568 ----a-w C:\WINNT\$hf_mig$\KB950749\SP2QFE\msjet40.dll
+ 2007-12-10 12:41:11 355,112 ----a-w C:\WINNT\$hf_mig$\KB950749\SP2QFE\msjetol1.dll
+ 2008-03-27 07:39:13 151,583 ----a-w C:\WINNT\$hf_mig$\KB950749\SP2QFE\msjint40.dll
+ 2007-12-10 12:41:12 60,192 ----a-w C:\WINNT\$hf_mig$\KB950749\SP2QFE\msjter40.dll
+ 2007-12-10 12:41:12 248,608 ----a-w C:\WINNT\$hf_mig$\KB950749\SP2QFE\msjtes40.dll
+ 2007-12-10 12:41:12 219,936 ----a-w C:\WINNT\$hf_mig$\KB950749\SP2QFE\msltus40.dll
+ 2007-12-10 12:41:12 355,104 ----a-w C:\WINNT\$hf_mig$\KB950749\SP2QFE\mspbde40.dll
+ 2007-12-10 12:41:13 432,928 ----a-w C:\WINNT\$hf_mig$\KB950749\SP2QFE\msrd2x40.dll
+ 2007-12-10 12:41:13 322,336 ----a-w C:\WINNT\$hf_mig$\KB950749\SP2QFE\msrd3x40.dll
+ 2007-12-10 12:41:13 559,904 ----a-w C:\WINNT\$hf_mig$\KB950749\SP2QFE\msrepl40.dll
+ 2007-12-10 12:41:13 264,992 ----a-w C:\WINNT\$hf_mig$\KB950749\SP2QFE\mstext40.dll
+ 2007-12-10 12:41:13 838,432 ----a-w C:\WINNT\$hf_mig$\KB950749\SP2QFE\mswdat10.dll
+ 2007-12-10 12:41:14 621,344 ----a-w C:\WINNT\$hf_mig$\KB950749\SP2QFE\mswstr10.dll
+ 2007-12-10 12:41:14 355,104 ----a-w C:\WINNT\$hf_mig$\KB950749\SP2QFE\msxbde40.dll
+ 2007-03-06 01:22:36 14,048 ----a-w C:\WINNT\$hf_mig$\KB950749\spmsg.dll
+ 2007-03-06 01:22:41 213,216 ----a-w C:\WINNT\$hf_mig$\KB950749\spuninst.exe
+ 2007-03-06 01:22:34 22,752 ----a-w C:\WINNT\$hf_mig$\KB950749\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w C:\WINNT\$hf_mig$\KB950749\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w C:\WINNT\$hf_mig$\KB950749\update\updspapi.dll
+ 2008-04-21 06:44:29 3,066,880 ----a-w C:\WINNT\$hf_mig$\KB950759\SP3GDR\mshtml.dll
+ 2008-04-21 06:44:29 666,112 ----a-w C:\WINNT\$hf_mig$\KB950759\SP3GDR\wininet.dll
+ 2008-04-21 06:24:01 3,067,392 ----a-w C:\WINNT\$hf_mig$\KB950759\SP3QFE\mshtml.dll
+ 2008-04-21 06:24:02 666,624 ----a-w C:\WINNT\$hf_mig$\KB950759\SP3QFE\wininet.dll
+ 2007-11-30 12:39:22 17,272 ----a-w C:\WINNT\$hf_mig$\KB950759\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w C:\WINNT\$hf_mig$\KB950759\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w C:\WINNT\$hf_mig$\KB950759\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w C:\WINNT\$hf_mig$\KB950759\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w C:\WINNT\$hf_mig$\KB950759\update\updspapi.dll
+ 2007-11-30 12:39:22 17,272 ----a-w C:\WINNT\$hf_mig$\KB950760\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w C:\WINNT\$hf_mig$\KB950760\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w C:\WINNT\$hf_mig$\KB950760\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w C:\WINNT\$hf_mig$\KB950760\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w C:\WINNT\$hf_mig$\KB950760\update\updspapi.dll
+ 2008-05-08 12:14:51 203,008 ----a-w C:\WINNT\$hf_mig$\KB950762\SP2QFE\rmcast.sys
+ 2008-05-08 14:02:52 203,136 ----a-w C:\WINNT\$hf_mig$\KB950762\SP3GDR\rmcast.sys
+ 2008-05-08 13:58:17 203,136 ----a-w C:\WINNT\$hf_mig$\KB950762\SP3QFE\rmcast.sys
+ 2007-11-30 12:39:22 17,272 ----a-w C:\WINNT\$hf_mig$\KB950762\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w C:\WINNT\$hf_mig$\KB950762\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w C:\WINNT\$hf_mig$\KB950762\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w C:\WINNT\$hf_mig$\KB950762\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w C:\WINNT\$hf_mig$\KB950762\update\updspapi.dll
+ 2008-07-07 20:06:43 253,952 ----a-w C:\WINNT\$hf_mig$\KB950974\SP2QFE\es.dll
+ 2008-07-07 20:26:58 253,952 ----a-w C:\WINNT\$hf_mig$\KB950974\SP3GDR\es.dll
+ 2008-07-07 20:23:18 253,952 ----a-w C:\WINNT\$hf_mig$\KB950974\SP3QFE\es.dll
+ 2007-11-30 12:39:22 17,272 ----a-w C:\WINNT\$hf_mig$\KB950974\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w C:\WINNT\$hf_mig$\KB950974\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w C:\WINNT\$hf_mig$\KB950974\update\spcustom.dll
+ 2007-11-30 12:39:18 755,576 ----a-w C:\WINNT\$hf_mig$\KB950974\update\update.exe
+ 2007-11-30 12:39:19 382,840 ----a-w C:\WINNT\$hf_mig$\KB950974\update\updspapi.dll
+ 2008-07-14 11:03:00 62,976 ----a-w C:\WINNT\$hf_mig$\KB951072-v2\SP2QFE\tzchange.exe
+ 2008-07-11 12:42:28 62,976 ----a-w C:\WINNT\$hf_mig$\KB951072-v2\SP3GDR\tzchange.exe
+ 2008-07-11 12:51:51 62,976 ----a-w C:\WINNT\$hf_mig$\KB951072-v2\SP3QFE\tzchange.exe
+ 2007-11-30 11:18:51 17,272 ----a-w C:\WINNT\$hf_mig$\KB951072-v2\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w C:\WINNT\$hf_mig$\KB951072-v2\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w C:\WINNT\$hf_mig$\KB951072-v2\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w C:\WINNT\$hf_mig$\KB951072-v2\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w C:\WINNT\$hf_mig$\KB951072-v2\update\updspapi.dll
+ 2008-06-13 09:52:16 272,128 ----a-w C:\WINNT\$hf_mig$\KB951376-v2\SP2QFE\bthport.sys
+ 2008-06-13 11:05:51 272,128 ----a-w C:\WINNT\$hf_mig$\KB951376-v2\SP3GDR\bthport.sys
+ 2008-06-13 11:27:43 272,128 ----a-w C:\WINNT\$hf_mig$\KB951376-v2\SP3QFE\bthport.sys
+ 2007-11-30 11:18:51 17,272 ----a-w C:\WINNT\$hf_mig$\KB951376-v2\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w C:\WINNT\$hf_mig$\KB951376-v2\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w C:\WINNT\$hf_mig$\KB951376-v2\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w C:\WINNT\$hf_mig$\KB951376-v2\update\update.exe
+ 2007-11-30 11:18:51 382,840 ----a-w C:\WINNT\$hf_mig$\KB951376-v2\update\updspapi.dll
+ 2008-05-07 04:55:40 1,288,192 ----a-w C:\WINNT\$hf_mig$\KB951698\SP2QFE\quartz.dll
+ 2008-05-07 05:12:40 1,288,192 ----a-w C:\WINNT\$hf_mig$\KB951698\SP3GDR\quartz.dll
+ 2008-05-07 05:04:15 1,288,192 ----a-w C:\WINNT\$hf_mig$\KB951698\SP3QFE\quartz.dll
+ 2007-11-30 11:18:51 17,272 ----a-w C:\WINNT\$hf_mig$\KB951698\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w C:\WINNT\$hf_mig$\KB951698\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w C:\WINNT\$hf_mig$\KB951698\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w C:\WINNT\$hf_mig$\KB951698\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w C:\WINNT\$hf_mig$\KB951698\update\updspapi.dll
+ 2006-08-16 12:08:32 100,352 ----a-w C:\WINNT\$hf_mig$\KB951748\SP2QFE\6to4svc.dll
+ 2008-06-20 10:44:08 138,368 ----a-w C:\WINNT\$hf_mig$\KB951748\SP2QFE\afd.sys
+ 2008-06-20 17:36:11 147,968 ----a-w C:\WINNT\$hf_mig$\KB951748\SP2QFE\dnsapi.dll
+ 2008-06-20 17:36:11 245,248 ----a-w C:\WINNT\$hf_mig$\KB951748\SP2QFE\mswsock.dll
+ 2008-06-20 10:44:42 360,960 ----a-w C:\WINNT\$hf_mig$\KB951748\SP2QFE\tcpip.sys
+ 2008-06-20 09:32:39 225,920 ----a-w C:\WINNT\$hf_mig$\KB951748\SP2QFE\tcpip6.sys
+ 2008-06-20 11:40:08 138,496 ----a-w C:\WINNT\$hf_mig$\KB951748\SP3GDR\afd.sys
+ 2008-06-20 17:46:57 147,968 ----a-w C:\WINNT\$hf_mig$\KB951748\SP3GDR\dnsapi.dll
+ 2008-06-20 17:46:57 245,248 ----a-w C:\WINNT\$hf_mig$\KB951748\SP3GDR\mswsock.dll
+ 2008-06-20 11:51:12 361,600 ----a-w C:\WINNT\$hf_mig$\KB951748\SP3GDR\tcpip.sys
+ 2008-06-20 11:08:27 225,856 ----a-w C:\WINNT\$hf_mig$\KB951748\SP3GDR\tcpip6.sys
+ 2008-06-20 11:48:03 138,496 ----a-w C:\WINNT\$hf_mig$\KB951748\SP3QFE\afd.sys
+ 2008-06-20 17:43:05 147,968 ----a-w C:\WINNT\$hf_mig$\KB951748\SP3QFE\dnsapi.dll
+ 2008-06-20 17:43:05 245,248 ----a-w C:\WINNT\$hf_mig$\KB951748\SP3QFE\mswsock.dll
+ 2008-06-20 11:59:02 361,600 ----a-w C:\WINNT\$hf_mig$\KB951748\SP3QFE\tcpip.sys
+ 2008-06-20 11:16:44 225,856 ----a-w C:\WINNT\$hf_mig$\KB951748\SP3QFE\tcpip6.sys
+ 2007-11-30 12:39:22 17,272 ----a-w C:\WINNT\$hf_mig$\KB951748\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w C:\WINNT\$hf_mig$\KB951748\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w C:\WINNT\$hf_mig$\KB951748\update\spcustom.dll
+ 2007-11-30 12:39:18 755,576 ----a-w C:\WINNT\$hf_mig$\KB951748\update\update.exe
+ 2007-11-30 12:39:19 382,840 ----a-w C:\WINNT\$hf_mig$\KB951748\update\updspapi.dll
+ 2008-06-24 16:28:00 74,240 ----a-w C:\WINNT\$hf_mig$\KB952954\SP2QFE\mscms.dll
+ 2008-06-24 16:43:16 74,240 ----a-w C:\WINNT\$hf_mig$\KB952954\SP3GDR\mscms.dll
+ 2008-06-24 16:53:10 74,240 ----a-w C:\WINNT\$hf_mig$\KB952954\SP3QFE\mscms.dll
+ 2007-11-30 12:39:22 17,272 ----a-w C:\WINNT\$hf_mig$\KB952954\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w C:\WINNT\$hf_mig$\KB952954\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w C:\WINNT\$hf_mig$\KB952954\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w C:\WINNT\$hf_mig$\KB952954\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w C:\WINNT\$hf_mig$\KB952954\update\updspapi.dll
+ 2008-06-23 15:09:27 3,067,392 ----a-w C:\WINNT\$hf_mig$\KB953838\SP3GDR\mshtml.dll
+ 2008-06-26 08:15:29 1,499,136 ----a-w C:\WINNT\$hf_mig$\KB953838\SP3GDR\shdocvw.dll
+ 2008-06-26 08:15:30 619,520 ----a-w C:\WINNT\$hf_mig$\KB953838\SP3GDR\urlmon.dll
+ 2008-06-23 15:09:27 666,112 ----a-w C:\WINNT\$hf_mig$\KB953838\SP3GDR\wininet.dll
+ 2008-06-25 04:24:48 3,067,904 ----a-w C:\WINNT\$hf_mig$\KB953838\SP3QFE\mshtml.dll
+ 2008-06-26 08:00:52 1,499,136 ----a-w C:\WINNT\$hf_mig$\KB953838\SP3QFE\shdocvw.dll
+ 2008-06-26 08:00:52 619,520 ----a-w C:\WINNT\$hf_mig$\KB953838\SP3QFE\urlmon.dll
+ 2008-06-23 14:54:47 666,624 ----a-w C:\WINNT\$hf_mig$\KB953838\SP3QFE\wininet.dll
+ 2007-11-30 12:39:22 17,272 ----a-w C:\WINNT\$hf_mig$\KB953838\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w C:\WINNT\$hf_mig$\KB953838\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w C:\WINNT\$hf_mig$\KB953838\update\spcustom.dll
+ 2007-11-30 12:39:18 755,576 ----a-w C:\WINNT\$hf_mig$\KB953838\update\update.exe
+ 2007-11-30 12:39:19 382,840 ----a-w C:\WINNT\$hf_mig$\KB953838\update\updspapi.dll
+ 2005-02-25 03:35:05 209,632 -c----w C:\WINNT\$NtUninstallKB898461$\spuninst\spuninst.exe
+ 2005-02-25 03:35:06 371,936 -c----w C:\WINNT\$NtUninstallKB898461$\spuninst\updspapi.dll
+ 2005-06-28 17:23:24 213,216 -c----w C:\WINNT\$NtUninstallKB923689$\spuninst\spuninst.exe
+ 2005-06-28 17:23:53 371,424 -c----w C:\WINNT\$NtUninstallKB923689$\spuninst\updspapi.dll
+ 2005-01-28 12:44:28 2,370,296 -c----w C:\WINNT\$NtUninstallKB923689$\wmvcore.dll
+ 2005-06-28 10:23:26 213,216 -c----w C:\WINNT\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe
+ 2005-06-28 10:23:54 371,424 -c----w C:\WINNT\$NtUninstallKB936782_WMP10$\spuninst\updspapi.dll
+ 2006-03-10 05:09:14 5,533,696 -c----w C:\WINNT\$NtUninstallKB936782_WMP10$\wmp.dll
+ 2007-10-27 16:39:36 213,216 -c----w C:\WINNT\$NtUninstallKB941569$\spuninst\spuninst.exe
+ 2007-10-27 16:39:46 371,424 -c----w C:\WINNT\$NtUninstallKB941569$\spuninst\updspapi.dll
+ 2005-01-28 12:44:28 224,768 -c----w C:\WINNT\$NtUninstallKB941569$\wmasf.dll
+ 2007-11-30 11:18:51 231,288 -c----w C:\WINNT\$NtUninstallKB942763$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w C:\WINNT\$NtUninstallKB942763$\spuninst\updspapi.dll
+ 2004-08-04 08:00:00 561,179 -c----w C:\WINNT\$NtUninstallKB950749$\dao360.dll
+ 2004-08-04 08:00:00 512,029 -c----w C:\WINNT\$NtUninstallKB950749$\msexch40.dll
+ 2004-08-04 08:00:00 319,517 -c----w C:\WINNT\$NtUninstallKB950749$\msexcl40.dll
+ 2004-08-04 08:00:00 1,507,356 -c----w C:\WINNT\$NtUninstallKB950749$\msjet40.dll
+ 2004-08-04 08:00:00 358,976 -c----w C:\WINNT\$NtUninstallKB950749$\msjetol1.dll
+ 2004-08-04 08:00:00 358,976 -c----w C:\WINNT\$NtUninstallKB950749$\msjetoledb40.dll
+ 2004-08-04 08:00:00 151,583 -c----w C:\WINNT\$NtUninstallKB950749$\msjint40.dll
+ 2004-08-04 08:00:00 53,279 -c----w C:\WINNT\$NtUninstallKB950749$\msjter40.dll
+ 2004-08-04 08:00:00 241,693 -c----w C:\WINNT\$NtUninstallKB950749$\msjtes40.dll
+ 2004-08-04 08:00:00 213,023 -c----w C:\WINNT\$NtUninstallKB950749$\msltus40.dll
+ 2004-08-04 08:00:00 348,189 -c----w C:\WINNT\$NtUninstallKB950749$\mspbde40.dll
+ 2004-08-04 08:00:00 421,919 -c----w C:\WINNT\$NtUninstallKB950749$\msrd2x40.dll
+ 2004-08-04 08:00:00 315,423 -c----w C:\WINNT\$NtUninstallKB950749$\msrd3x40.dll
+ 2004-08-04 08:00:00 552,989 -c----w C:\WINNT\$NtUninstallKB950749$\msrepl40.dll
+ 2004-08-04 08:00:00 258,077 -c----w C:\WINNT\$NtUninstallKB950749$\mstext40.dll
+ 2004-08-04 08:00:00 831,519 -c----w C:\WINNT\$NtUninstallKB950749$\mswdat10.dll
+ 2004-08-04 08:00:00 614,429 -c----w C:\WINNT\$NtUninstallKB950749$\mswstr10.dll
+ 2004-08-04 08:00:00 348,189 -c----w C:\WINNT\$NtUninstallKB950749$\msxbde40.dll
+ 2007-03-06 01:22:41 213,216 -c----w C:\WINNT\$NtUninstallKB950749$\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w C:\WINNT\$NtUninstallKB950749$\spuninst\updspapi.dll
+ 2006-03-04 03:58:42 1,022,976 -c----w C:\WINNT\$NtUninstallKB950759$\browseui.dll
+ 2006-03-04 03:58:42 151,040 -c----w C:\WINNT\$NtUninstallKB950759$\cdfview.dll
+ 2006-03-04 03:58:44 1,054,208 -c----w C:\WINNT\$NtUninstallKB950759$\danim.dll
+ 2004-08-04 08:00:00 357,888 -c----w C:\WINNT\$NtUninstallKB950759$\dxtmsft.dll
+ 2006-03-04 03:58:44 205,312 -c----w C:\WINNT\$NtUninstallKB950759$\dxtrans.dll
+ 2006-03-04 03:58:44 55,808 -c----w C:\WINNT\$NtUninstallKB950759$\extmgr.dll
+ 2004-08-04 08:00:00 18,432 -c----w C:\WINNT\$NtUninstallKB950759$\iedw.exe
+ 2006-03-04 03:58:44 251,904 -c----w C:\WINNT\$NtUninstallKB950759$\iepeers.dll
+ 2006-03-04 03:58:44 96,256 -c----w C:\WINNT\$NtUninstallKB950759$\inseng.dll
+ 2004-08-04 08:00:00 15,872 -c----w C:\WINNT\$NtUninstallKB950759$\jsproxy.dll
+ 2006-03-23 20:31:39 3,055,616 -c----w C:\WINNT\$NtUninstallKB950759$\mshtml.dll
+ 2006-03-04 03:58:48 448,512 -c----w C:\WINNT\$NtUninstallKB950759$\mshtmled.dll
+ 2006-03-04 03:58:48 146,432 -c----w C:\WINNT\$NtUninstallKB950759$\msrating.dll
+ 2006-03-04 03:58:48 532,480 -c----w C:\WINNT\$NtUninstallKB950759$\mstime.dll
+ 2006-03-04 03:58:48 39,424 -c----w C:\WINNT\$NtUninstallKB950759$\pngfilt.dll
+ 2006-03-30 09:27:01 1,495,040 -c----w C:\WINNT\$NtUninstallKB950759$\shdocvw.dll
+ 2006-03-04 03:58:50 474,112 -c----w C:\WINNT\$NtUninstallKB950759$\shlwapi.dll
+ 2007-11-30 12:39:22 231,288 -c----w C:\WINNT\$NtUninstallKB950759$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w C:\WINNT\$NtUninstallKB950759$\spuninst\updspapi.dll
+ 2006-03-18 11:04:10 614,400 -c----w C:\WINNT\$NtUninstallKB950759$\urlmon.dll
+ 2006-03-04 03:58:52 663,552 -c----w C:\WINNT\$NtUninstallKB950759$\wininet.dll
+ 2006-03-30 01:31:04 23,040 -c----w C:\WINNT\$NtUninstallKB950759$\xpsp3res.dll
+ 2007-11-30 12:39:22 231,288 -c----w C:\WINNT\$NtUninstallKB950760$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w C:\WINNT\$NtUninstallKB950760$\spuninst\updspapi.dll
+ 2004-08-04 08:00:00 200,064 -c----w C:\WINNT\$NtUninstallKB950762$\rmcast.sys
+ 2007-11-30 12:39:22 231,288 -c----w C:\WINNT\$NtUninstallKB950762$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w C:\WINNT\$NtUninstallKB950762$\spuninst\updspapi.dll
+ 2004-08-03 23:10:38 274,304 -c----w C:\WINNT\$NtUninstallKB951376-v2$\bthport.sys
+ 2007-11-30 11:18:51 231,288 -c----w C:\WINNT\$NtUninstallKB951376-v2$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w C:\WINNT\$NtUninstallKB951376-v2$\spuninst\updspapi.dll
+ 2005-08-30 03:54:26 1,287,168 -c----w C:\WINNT\$NtUninstallKB951698$\quartz.dll
+ 2007-11-30 11:18:51 231,288 -c----w C:\WINNT\$NtUninstallKB951698$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w C:\WINNT\$NtUninstallKB951698$\spuninst\updspapi.dll
+ 2004-08-04 08:00:00 100,352 -c----w C:\WINNT\$NtUninstallKB951748$\6to4svc.dll
+ 2004-08-04 08:00:00 138,496 -c----w C:\WINNT\$NtUninstallKB951748$\afd.sys
+ 2004-08-04 08:00:00 148,480 -c----w C:\WINNT\$NtUninstallKB951748$\dnsapi.dll
+ 2004-08-04 08:00:00 245,248 -c----w C:\WINNT\$NtUninstallKB951748$\mswsock.dll
+ 2007-11-30 12:39:22 231,288 -c----w C:\WINNT\$NtUninstallKB951748$\spuninst\spuninst.exe
+ 2007-11-30 12:39:19 382,840 -c----w C:\WINNT\$NtUninstallKB951748$\spuninst\updspapi.dll
+ 2006-01-13 02:28:14 359,808 -c----w C:\WINNT\$NtUninstallKB951748$\tcpip.sys
+ 2004-08-04 08:00:00 223,616 -c----w C:\WINNT\$NtUninstallKB951748$\tcpip6.sys
- 2006-05-16 10:22:42 997,992 -c--a-w C:\WINNT\assembly\GAC\Microsoft.Office.Interop.Access\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Access.dll
+ 2008-09-02 21:23:15 1,000,848 ----a-w C:\WINNT\assembly\GAC\Microsoft.Office.Interop.Access\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Access.dll
- 2006-05-16 10:22:42 1,100,392 -c--a-w C:\WINNT\assembly\GAC\Microsoft.Office.Interop.Excel\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll
+ 2008-09-02 21:24:03 1,103,248 ----a-w C:\WINNT\assembly\GAC\Microsoft.Office.Interop.Excel\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll
- 2006-05-16 10:22:43 141,928 -c--a-w C:\WINNT\assembly\GAC\Microsoft.Office.Interop.Graph\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll
+ 2008-09-02 21:23:35 144,784 ----a-w C:\WINNT\assembly\GAC\Microsoft.Office.Interop.Graph\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll
- 2006-05-16 10:25:44 88,776 -c--a-w C:\WINNT\assembly\GAC\Microsoft.Office.Interop.InfoPath.Xml\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.Xml.dll
+ 2008-09-02 21:24:22 91,488 ----a-w C:\WINNT\assembly\GAC\Microsoft.Office.Interop.InfoPath.Xml\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.Xml.dll
- 2006-05-16 10:25:43 101,064 -c--a-w C:\WINNT\assembly\GAC\Microsoft.Office.Interop.InfoPath\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.dll
+ 2008-09-02 21:24:21 103,776 ----a-w C:\WINNT\assembly\GAC\Microsoft.Office.Interop.InfoPath\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.dll
- 2006-05-16 10:22:43 461,416 -c--a-w C:\WINNT\assembly\GAC\Microsoft.Office.Interop.Owc11\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Owc11.dll
+ 2008-09-02 21:23:59 464,272 ----a-w C:\WINNT\assembly\GAC\Microsoft.Office.Interop.Owc11\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Owc11.dll
- 2006-05-16 10:22:43 223,856 -c--a-w C:\WINNT\assembly\GAC\Microsoft.Office.Interop.PowerPoint\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
+ 2008-09-02 21:24:17 226,712 ----a-w C:\WINNT\assembly\GAC\Microsoft.Office.Interop.PowerPoint\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
- 2006-05-16 10:22:43 20,080 -c--a-w C:\WINNT\assembly\GAC\Microsoft.Office.Interop.SmartTag\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.SmartTag.dll
+ 2008-09-02 21:23:57 22,928 ----a-w C:\WINNT\assembly\GAC\Microsoft.Office.Interop.SmartTag\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.SmartTag.dll
- 2006-05-16 10:22:43 662,120 -c--a-w C:\WINNT\assembly\GAC\Microsoft.Office.Interop.Word\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
+ 2008-09-02 21:24:12 664,968 ----a-w C:\WINNT\assembly\GAC\Microsoft.Office.Interop.Word\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
- 2006-05-16 10:22:42 371,296 -c--a-w C:\WINNT\assembly\GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.Forms.dll
+ 2008-09-02 21:23:34 374,152 ----a-w C:\WINNT\assembly\GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.Forms.dll
- 2006-05-16 10:22:43 64,088 -c--a-w C:\WINNT\assembly\GAC\Microsoft.Vbe.Interop\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
+ 2008-09-02 21:23:29 66,936 ----a-w C:\WINNT\assembly\GAC\Microsoft.Vbe.Interop\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
- 2006-05-16 10:22:43 223,800 -c--a-w C:\WINNT\assembly\GAC\office\11.0.0.0__71e9bce111e9429c\OFFICE.DLL
+ 2008-09-02 21:23:21 226,656 ----a-w C:\WINNT\assembly\GAC\office\11.0.0.0__71e9bce111e9429c\OFFICE.DLL
- 2006-05-16 10:19:40 1,257,472 -c--a-w C:\WINNT\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2008-08-01 20:09:59 1,265,664 ----a-w C:\WINNT\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
- 2006-05-16 10:16:12 1,224,704 -c--a-w C:\WINNT\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2008-08-01 20:10:00 1,232,896 ----a-w C:\WINNT\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2008-08-01 20:10:11 61,440 ----a-w C:\WINNT\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_088bb0be\CustomMarshalers.dll
+ 2008-08-01 20:10:42 118,784 ----a-w C:\WINNT\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_63382fd7\CustomMarshalers.dll
+ 2008-08-01 20:10:54 8,908,800 ----a-w C:\WINNT\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_179b4db8\mscorlib.dll
+ 2008-08-01 20:10:38 3,391,488 ----a-w C:\WINNT\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_36f42c92\mscorlib.dll
+ 2008-08-01 20:10:49 3,395,584 ----a-w C:\WINNT\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_69a05c41\System.Design.dll
+ 2008-08-01 20:10:32 1,470,464 ----a-w C:\WINNT\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_7489f320\System.Design.dll
+ 2008-08-01 20:10:12 90,112 ----a-w C:\WINNT\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_14703a85\System.Drawing.Design.dll
+ 2008-08-01 20:10:43 192,512 ----a-w C:\WINNT\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_aed2df02\System.Drawing.Design.dll
+ 2008-08-01 20:10:35 835,584 ----a-w C:\WINNT\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_45d63502\System.Drawing.dll
+ 2008-08-01 20:10:50 2,244,608 ----a-w C:\WINNT\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_e13c3ab3\System.Drawing.dll
+ 2008-08-01 20:10:20 3,018,752 ----a-w C:\WINNT\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_08c9b946\System.Windows.Forms.dll
+ 2008-08-01 20:10:46 7,884,800 ----a-w C:\WINNT\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_69874c05\System.Windows.Forms.dll
+ 2008-08-01 20:10:26 2,088,960 ----a-w C:\WINNT\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_12a8ad77\System.Xml.dll
+ 2008-08-01 20:10:48 5,513,216 ----a-w C:\WINNT\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_e74b763f\System.Xml.dll
+ 2008-08-01 20:10:10 1,966,080 ----a-w C:\WINNT\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_4d338382\System.dll
+ 2008-08-01 20:10:42 4,788,224 ----a-w C:\WINNT\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_ed33ec3c\System.dll
+ 2008-06-13 13:10:50 272,128 ------w C:\WINNT\Driver Cache\i386\bthport.sys
+ 2006-05-16 10:22:42 997,992 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\ACCESS.DLL
+ 2003-07-14 21:57:34 38,968 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\AUTHZAX.DLL
+ 2003-07-14 21:53:06 94,768 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\AW.DLL
+ 2003-07-14 21:53:22 46,144 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\BLNMGRPS.DLL
+ 2003-07-14 21:56:54 14,904 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\DSITF.DLL
+ 2003-07-14 21:57:14 98,360 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\DSSM.EXE
+ 2006-05-16 10:22:42 1,100,392 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\EXCELPIA.DLL
+ 2002-10-07 08:49:36 192,573 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\FORM.DLL
+ 2006-05-16 10:22:42 371,296 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\FORMSPIA.DLL
+ 2003-07-14 21:40:12 179,768 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\FPERSON.DLL
+ 2003-07-14 21:40:12 165,944 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\FPLACE.DLL
+ 2006-05-16 10:22:43 141,928 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\GRAPHPIA.DLL
+ 2003-07-14 21:45:14 58,944 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\INLAUNCH.DLL
+ 2003-06-18 16:31:10 252,928 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MDIINK.DLL
+ 2003-07-14 21:57:14 124,480 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSB1CORE.DLL
+ 2003-07-14 22:12:22 47,872 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSB1XTOR.DLL
+ 2003-07-14 21:56:14 40,504 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSE7.EXE
+ 2003-07-14 21:51:44 87,104 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSENCODE.DLL
+ 2003-07-14 21:52:52 17,464 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSMH.DLL
+ 2003-07-14 21:57:16 120,888 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOAUTH.DLL
+ 2003-07-14 21:52:52 27,704 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSODCW.DLL
+ 2003-07-14 21:44:06 25,144 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOEURO.DLL
+ 2003-07-14 21:52:56 55,360 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOHTMED.EXE
+ 2003-07-14 21:56:16 54,328 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOMSE.DLL
+ 2003-07-11 01:15:48 1,292,872 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSONSEXT.DLL
+ 2003-07-15 02:18:52 376,888 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSORUN.DLL
+ 2003-07-14 21:52:54 28,224 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOSTYLE.DLL
+ 2003-07-14 21:52:52 35,896 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOSV.DLL
+ 2003-07-14 21:46:16 42,040 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOXEV.DLL
+ 2003-07-14 21:45:12 55,360 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOXMLED.EXE
+ 2003-07-14 21:45:12 39,488 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOXMLMF.DLL
+ 2003-06-18 16:31:54 788,480 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSPFILT.DLL
+ 2003-06-18 16:31:50 16,384 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSPGIMME.DLL
+ 2003-06-19 15:05:52 128,104 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSPSCAN.EXE
+ 2003-06-19 15:05:50 364,648 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSPVIEW.EXE
+ 2003-07-14 22:02:42 637,496 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSQRY32.EXE
+ 2003-07-14 21:52:58 41,528 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSSH.DLL
+ 2006-05-16 10:22:43 20,080 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSTAGPIA.DLL
+ 2003-07-14 22:00:54 145,984 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSWEBCAP.DLL
+ 2003-07-14 21:57:10 56,888 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\NAME.DLL
+ 2003-07-14 21:56:52 13,888 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\NPOFFICE.DLL
+ 2003-06-18 16:31:58 6,144 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OCRPS.DLL
+ 2006-05-16 10:22:43 223,800 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OFFICE.DLL
+ 2003-07-15 02:14:26 242,240 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OISGRAPH.DLL
+ 2003-07-14 22:05:24 1,054,264 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OMFC.DLL
+ 2003-07-14 22:05:24 1,054,264 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OMFC.DLL_0002
+ 2006-05-16 10:22:43 461,416 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OWC11PIA.DLL
+ 2003-07-15 02:18:44 93,752 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\PP7X32.DLL
+ 2006-05-16 10:22:43 223,856 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\PPTPIA.DLL
+ 2002-10-07 09:11:00 167,997 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\PSOM.DLL
+ 2003-05-08 20:54:00 77,824 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\REFEDIT.DLL
+ 2003-07-14 21:57:08 40,512 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\REFIEBAR.DLL
+ 2002-10-07 08:49:42 81,984 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\REVERSE.DLL
+ 2003-07-14 21:57:18 349,248 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\SELFCERT.EXE
+ 2003-07-14 21:57:08 58,944 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\SEQCHK10.DLL
+ 2003-07-14 21:53:14 11,848 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\SMARTTAGINSTALL.EXE
+ 2002-10-07 08:53:04 106,561 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\THOCRAPI.DLL
+ 2002-10-07 08:50:44 241,729 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\TWCUTCHR.DLL
+ 2002-10-07 08:51:04 180,289 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\TWCUTLIN.DLL
+ 2002-10-07 08:51:14 147,520 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\TWLAY32.DLL
+ 2002-10-07 08:51:20 102,467 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\TWORIENT.DLL
+ 2002-10-07 08:50:04 118,847 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\TWRECE.DLL
+ 2002-10-07 08:49:56 81,983 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\TWRECS.DLL
+ 2002-10-07 08:51:44 221,252 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\TWSTRUCT.DLL
+ 2003-07-14 21:57:40 59,960 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\UNBIND.EXE
+ 2006-05-16 10:22:43 64,088 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\VBIDEPIA.DLL
+ 2006-05-16 10:22:43 662,120 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\WORDPIA.DLL
+ 2002-10-07 09:03:34 1,794,113 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\XIMAGE3B.DLL
+ 2003-04-30 10:52:32 1,581,120 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\XPAGE3C.DLL
+ 2003-01-17 13:03:34 59,466 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\XSCAN32.DAT
+ 2001-06-05 07:13:22 289,926 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\ENGDIC.DAT
+ 2001-06-05 07:13:22 34,168 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\ENGIDX.DAT
+ 2001-06-05 07:13:24 18,844 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\JFONT.DAT
+ 2001-06-05 07:13:26 65,536 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\LOOKUP.DAT
+ 2005-05-03 23:06:28 465,640 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\MSDMENG.DLL
+ 2005-05-03 23:06:32 1,411,816 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\MSDMINE.DLL
+ 2005-05-03 23:06:26 199,408 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\MSMDUN80.DLL
+ 2001-10-22 23:13:42 53,260 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\OCRHC.DAT
+ 2001-06-05 07:13:26 40,972 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\OCRVC.DAT
+ 2007-05-31 13:35:22 6,420,320 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\POWERPNT.EXE
- 2006-05-16 10:27:42 593,920 ----a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2008-09-02 21:27:38 593,920 ----a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2006-05-16 10:27:42 12,288 -c--a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2008-09-02 21:27:38 12,288 ----a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2006-05-16 10:27:42 86,016 -c--a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2008-09-02 21:27:38 86,016 ----a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2006-05-16 10:27:42 135,168 ----a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-09-02 21:27:38 135,168 ----a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2006-05-16 10:27:42 11,264 -c--a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-09-02 21:27:38 11,264 ----a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2006-05-16 10:27:42 27,136 -c--a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-09-02 21:27:38 27,136 ----a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2006-05-16 10:27:42 4,096 -c--a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-09-02 21:27:38 4,096 ----a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2006-05-16 10:27:42 794,624 -c--a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-09-02 21:27:39 794,624 ----a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2006-05-16 10:27:42 249,856 ----a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-09-02 21:27:38 249,856 ----a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2006-05-16 10:27:42 61,440 -c--a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2008-09-02 21:27:38 61,440 ----a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2006-05-16 10:27:42 23,040 -c--a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-09-02 21:27:39 23,040 ----a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2006-05-16 10:27:42 286,720 ----a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-09-02 21:27:38 286,720 ----a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2006-05-16 10:27:42 409,600 ----a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-09-02 21:27:38 409,600 ----a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-08-01 20:07:14 32,768 ----a-r C:\WINNT\Installer\{C04E32E0-0416-434D-AFB9-6969D703A9EF}\icon.exe
- 2004-07-15 00:49:16 258,048 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2007-04-13 21:30:52 258,048 ----a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
- 2004-07-15 00:49:22 32,768 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2007-04-13 21:30:52 32,768 ----a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2004-07-14 23:32:22 81,920 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2007-04-13 20:57:52 81,920 ----a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2003-02-20 18:09:14 86,016 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2007-04-13 20:57:58 86,016 ----a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2004-07-14 23:25:06 315,392 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2007-04-13 20:56:30 315,392 ----a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2004-07-14 23:33:04 102,400 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2007-04-13 20:58:00 102,400 ----a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2004-07-15 13:29:02 2,138,112 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2007-04-13 20:50:46 2,142,208 ----a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
- 2003-02-20 18:09:18 77,824 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2007-04-13 20:58:02 77,824 ----a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2004-07-14 23:26:52 2,510,848 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2007-04-13 20:57:00 2,523,136 ----a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2004-07-14 23:28:34 2,502,656 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2007-04-13 20:57:28 2,514,944 ----a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
- 2004-08-10 15:20:00 106,496 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe
+ 2007-01-15 16:11:26 73,728 ----a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe
+ 2004-07-15 00:49:16 258,048 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\SHADOW2912\_aspnet_isapi.dll
+ 2004-07-14 23:32:22 81,920 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\SHADOW2912\_CORPerfMonExt.dll
+ 2004-07-14 23:24:30 282,624 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\SHADOW2912\_fusion.dll
+ 2004-07-14 23:25:06 315,392 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\SHADOW2912\_mscorjit.dll
+ 2004-07-15 13:29:02 2,138,112 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\SHADOW2912\_mscorlib.dll
+ 2003-02-20 18:09:18 77,824 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\SHADOW2912\_mscorsn.dll
+ 2004-07-14 23:26:52 2,510,848 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\SHADOW2912\_mscorsvr.dll
+ 2004-07-14 23:28:34 2,502,656 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\SHADOW2912\_mscorwks.dll
+ 2003-02-21 03:42:22 348,160 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\SHADOW2912\_msvcr71.dll
+ 2004-07-14 23:34:50 94,208 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\SHADOW2912\_PerfCounter.dll
- 2004-07-15 13:31:16 1,224,704 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2007-04-13 21:35:38 1,232,896 ----a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2004-10-08 05:20:12 1,257,472 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2007-04-13 21:35:46 1,265,664 ----a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2007-07-30 19:19:20 92,504 ------w C:\WINNT\SoftwareDistribution\WebSetup\cdm.dll
+ 2007-07-30 19:19:36 549,720 ------w C:\WINNT\SoftwareDistribution\WebSetup\wuapi.dll
+ 2007-07-30 19:19:16 53,080 ------w C:\WINNT\SoftwareDistribution\WebSetup\wuauclt.exe
+ 2007-07-30 19:19:42 1,712,984 ------w C:\WINNT\SoftwareDistribution\WebSetup\wuaueng.dll
+ 2007-07-30 19:19:32 325,976 ------w C:\WINNT\SoftwareDistribution\WebSetup\wucltui.dll
+ 2007-07-30 19:18:40 33,624 ------w C:\WINNT\SoftwareDistribution\WebSetup\wups.dll
+ 2007-07-30 19:19:12 43,352 ------w C:\WINNT\SoftwareDistribution\WebSetup\wups2.dll
- 2004-08-04 08:00:00 100,352 -c--a-w C:\WINNT\system32\6to4svc.dll
+ 2006-08-16 11:58:05 100,352 ----a-w C:\WINNT\system32\6to4svc.dll
- 2006-03-04 03:58:42 1,022,976 ----a-w C:\WINNT\system32\browseui.dll
+ 2008-06-23 16:11:40 1,024,000 ----a-w C:\WINNT\system32\browseui.dll
- 2006-03-04 03:58:42 151,040 ----a-w C:\WINNT\system32\cdfview.dll
+ 2008-06-23 16:11:40 151,040 ----a-w C:\WINNT\system32\cdfview.dll
- 2004-08-04 08:00:00 66,560 ----a-w C:\WINNT\system32\cdm.dll
+ 2007-07-30 19:19:20 92,504 ----a-w C:\WINNT\system32\cdm.dll
- 2006-03-04 03:58:44 1,054,208 -c--a-w C:\WINNT\system32\danim.dll
+ 2008-06-23 16:11:42 1,054,208 ----a-w C:\WINNT\system32\danim.dll
- 2004-08-04 08:00:00 100,352 -c--a-w C:\WINNT\system32\dllcache\6to4svc.dll
+ 2006-08-16 11:58:05 100,352 -c--a-w C:\WINNT\system32\dllcache\6to4svc.dll
- 2004-08-04 08:00:00 138,496 -c--a-w C:\WINNT\system32\dllcache\afd.sys
+ 2008-06-20 10:44:38 138,368 -c--a-w C:\WINNT\system32\dllcache\afd.sys
- 2006-03-04 03:58:42 1,022,976 -c--a-w C:\WINNT\system32\dllcache\browseui.dll
+ 2008-06-23 16:11:40 1,024,000 -c--a-w C:\WINNT\system32\dllcache\browseui.dll
- 2004-08-03 23:10:38 274,304 -c--a-w C:\WINNT\system32\dllcache\bthport.sys
+ 2008-06-13 13:10:50 272,128 -c--a-w C:\WINNT\system32\dllcache\bthport.sys
- 2006-03-04 03:58:42 151,040 -c--a-w C:\WINNT\system32\dllcache\cdfview.dll
+ 2008-06-23 16:11:40 151,040 -c--a-w C:\WINNT\system32\dllcache\cdfview.dll
- 2004-08-04 08:00:00 66,560 -c--a-w C:\WINNT\system32\dllcache\cdm.dll
+ 2007-07-30 19:19:20 92,504 -c--a-w C:\WINNT\system32\dllcache\cdm.dll
- 2006-03-04 03:58:44 1,054,208 -c--a-w C:\WINNT\system32\dllcache\danim.dll
+ 2008-06-23 16:11:42 1,054,208 -c--a-w C:\WINNT\system32\dllcache\danim.dll
- 2004-08-04 08:00:00 561,179 -c--a-w C:\WINNT\system32\dllcache\dao360.dll
+ 2008-03-25 04:50:25 554,008 -c--a-w C:\WINNT\system32\dllcache\dao360.dll
- 2004-08-04 08:00:00 148,480 -c--a-w C:\WINNT\system32\dllcache\dnsapi.dll
+ 2008-06-20 17:41:10 148,992 -c--a-w C:\WINNT\system32\dllcache\dnsapi.dll
- 2004-08-04 08:00:00 357,888 -c--a-w C:\WINNT\system32\dllcache\dxtmsft.dll
+ 2008-06-23 16:11:43 357,888 -c--a-w C:\WINNT\system32\dllcache\dxtmsft.dll
- 2006-03-04 03:58:44 205,312 -c--a-w C:\WINNT\system32\dllcache\dxtrans.dll
+ 2008-06-23 16:11:43 205,312 -c--a-w C:\WINNT\system32\dllcache\dxtrans.dll
- 2005-07-26 04:39:45 243,200 -c--a-w C:\WINNT\system32\dllcache\es.dll
+ 2008-07-07 20:32:22 253,952 -c--a-w C:\WINNT\system32\dllcache\es.dll
- 2006-03-04 03:58:44 55,808 -c--a-w C:\WINNT\system32\dllcache\extmgr.dll
+ 2008-06-23 16:11:43 55,808 -c--a-w C:\WINNT\system32\dllcache\extmgr.dll
- 2004-08-04 08:00:00 18,432 -c--a-w C:\WINNT\system32\dllcache\iedw.exe
+ 2008-06-23 09:53:58 18,432 -c--a-w C:\WINNT\system32\dllcache\iedw.exe
- 2006-03-04 03:58:44 251,904 -c--a-w C:\WINNT\system32\dllcache\iepeers.dll
+ 2008-06-23 16:11:52 251,904 -c--a-w C:\WINNT\system32\dllcache\iepeers.dll
- 2006-03-17 09:07:17 679,424 -c--a-w C:\WINNT\system32\dllcache\inetcomm.dll
+ 2008-04-11 18:50:43 683,520 -c--a-w C:\WINNT\system32\dllcache\inetcomm.dll
- 2006-03-04 03:58:44 96,256 -c--a-w C:\WINNT\system32\dllcache\inseng.dll
+ 2008-06-23 16:11:52 96,256 -c--a-w C:\WINNT\system32\dllcache\inseng.dll
- 2004-08-04 08:00:00 450,560 -c--a-w C:\WINNT\system32\dllcache\jscript.dll
+ 2007-12-18 14:40:58 450,560 -c--a-w C:\WINNT\system32\dllcache\jscript.dll
- 2004-08-04 08:00:00 15,872 -c--a-w C:\WINNT\system32\dllcache\jsproxy.dll
+ 2008-06-23 16:11:52 16,384 -c--a-w C:\WINNT\system32\dllcache\jsproxy.dll
- 2004-08-04 08:00:00 331,776 -c--a-w C:\WINNT\system32\dllcache\msadce.dll
+ 2008-05-01 14:30:33 331,776 -c--a-w C:\WINNT\system32\dllcache\msadce.dll
- 2005-06-29 01:46:00 74,240 -c--a-w C:\WINNT\system32\dllcache\mscms.dll
+ 2008-06-24 16:23:05 74,240 -c--a-w C:\WINNT\system32\dllcache\mscms.dll
- 2004-08-04 08:00:00 512,029 -c--a-w C:\WINNT\system32\dllcache\msexch40.dll
+ 2008-03-25 04:50:28 518,944 -c--a-w C:\WINNT\system32\dllcache\msexch40.dll
- 2004-08-04 08:00:00 319,517 -c--a-w C:\WINNT\system32\dllcache\msexcl40.dll
+ 2008-03-25 04:50:30 326,432 -c--a-w C:\WINNT\system32\dllcache\msexcl40.dll
- 2006-03-23 20:31:39 3,055,616 -c--a-w C:\WINNT\system32\dllcache\mshtml.dll
+ 2008-06-23 16:11:58 3,067,392 -c--a-w C:\WINNT\system32\dllcache\mshtml.dll
- 2006-03-04 03:58:48 448,512 -c--a-w C:\WINNT\system32\dllcache\mshtmled.dll
+ 2008-06-23 16:12:00 449,024 -c--a-w C:\WINNT\system32\dllcache\mshtmled.dll
- 2004-08-04 08:00:00 1,507,356 -c--a-w C:\WINNT\system32\dllcache\msjet40.dll
+ 2008-03-25 04:50:34 1,516,568 -c--a-w C:\WINNT\system32\dllcache\msjet40.dll
- 2004-08-04 08:00:00 358,976 -c--a-w C:\WINNT\system32\dllcache\msjetol1.dll
+ 2008-03-25 04:50:40 355,112 -c--a-w C:\WINNT\system32\dllcache\msjetol1.dll
- 2004-08-04 08:00:00 151,583 -c--a-w C:\WINNT\system32\dllcache\msjint40.dll
+ 2008-03-27 08:12:54 151,583 -c--a-w C:\WINNT\system32\dllcache\msjint40.dll
- 2004-08-04 08:00:00 53,279 -c--a-w C:\WINNT\system32\dllcache\msjter40.dll
+ 2008-03-25 04:50:42 60,192 -c--a-w C:\WINNT\system32\dllcache\msjter40.dll
- 2004-08-04 08:00:00 241,693 -c--a-w C:\WINNT\system32\dllcache\msjtes40.dll
+ 2008-03-25 04:50:42 248,608 -c--a-w C:\WINNT\system32\dllcache\msjtes40.dll
- 2004-08-04 08:00:00 213,023 -c--a-w C:\WINNT\system32\dllcache\msltus40.dll
+ 2008-03-25 04:50:44 219,936 -c--a-w C:\WINNT\system32\dllcache\msltus40.dll
- 2004-08-04 08:00:00 348,189 -c--a-w C:\WINNT\system32\dllcache\mspbde40.dll
+ 2008-03-25 04:50:45 355,104 -c--a-w C:\WINNT\system32\dllcache\mspbde40.dll
- 2006-03-04 03:58:48 146,432 -c--a-w C:\WINNT\system32\dllcache\msrating.dll
+ 2008-06-23 16:12:02 146,432 -c--a-w C:\WINNT\system32\dllcache\msrating.dll
- 2004-08-04 08:00:00 421,919 -c--a-w C:\WINNT\system32\dllcache\msrd2x40.dll
+ 2008-03-25 04:50:47 432,928 -c--a-w C:\WINNT\system32\dllcache\msrd2x40.dll
- 2004-08-04 08:00:00 315,423 -c--a-w C:\WINNT\system32\dllcache\msrd3x40.dll
+ 2008-03-25 04:50:49 322,336 -c--a-w C:\WINNT\system32\dllcache\msrd3x40.dll
- 2004-08-04 08:00:00 552,989 -c--a-w C:\WINNT\system32\dllcache\msrepl40.dll
+ 2008-03-25 04:50:52 559,904 -c--a-w C:\WINNT\system32\dllcache\msrepl40.dll
- 2004-08-04 08:00:00 258,077 -c--a-w C:\WINNT\system32\dllcache\mstext40.dll
+ 2008-03-25 04:50:55 264,992 -c--a-w C:\WINNT\system32\dllcache\mstext40.dll
- 2006-03-04 03:58:48 532,480 -c--a-w C:\WINNT\system32\dllcache\mstime.dll
+ 2008-06-23 16:12:02 532,480 -c--a-w C:\WINNT\system32\dllcache\mstime.dll
- 2004-08-04 08:00:00 831,519 -c--a-w C:\WINNT\system32\dllcache\mswdat10.dll
+ 2008-03-25 04:50:57 838,432 -c--a-w C:\WINNT\system32\dllcache\mswdat10.dll
- 2004-08-04 08:00:00 245,248 -c--a-w C:\WINNT\system32\dllcache\mswsock.dll
+ 2008-06-20 17:41:10 245,248 -c--a-w C:\WINNT\system32\dllcache\mswsock.dll
- 2004-08-04 08:00:00 614,429 -c--a-w C:\WINNT\system32\dllcache\mswstr10.dll
+ 2008-03-25 04:50:58 621,344 -c--a-w C:\WINNT\system32\dllcache\mswstr10.dll
- 2004-08-04 08:00:00 348,189 -c--a-w C:\WINNT\system32\dllcache\msxbde40.dll
+ 2008-03-25 04:50:58 355,104 -c--a-w C:\WINNT\system32\dllcache\msxbde40.dll
- 2006-03-04 03:58:48 39,424 -c--a-w C:\WINNT\system32\dllcache\pngfilt.dll
+ 2008-06-23 16:12:02 39,424 -c--a-w C:\WINNT\system32\dllcache\pngfilt.dll
- 2005-08-30 03:54:26 1,287,168 -c--a-w C:\WINNT\system32\dllcache\quartz.dll
+ 2008-05-07 05:18:48 1,287,680 -c--a-w C:\WINNT\system32\dllcache\quartz.dll
- 2004-08-04 08:00:00 200,064 -c--a-w C:\WINNT\system32\dllcache\rmcast.sys
+ 2008-05-08 12:28:49 202,752 -c--a-w C:\WINNT\system32\dllcache\rmcast.sys
- 2006-03-30 09:27:01 1,495,040 -c--a-w C:\WINNT\system32\dllcache\shdocvw.dll
+ 2008-06-23 16:12:05 1,499,136 -c--a-w C:\WINNT\system32\dllcache\shdocvw.dll
- 2006-03-04 03:58:50 474,112 -c--a-w C:\WINNT\system32\dllcache\shlwapi.dll
+ 2008-06-23 16:12:05 474,112 -c--a-w C:\WINNT\system32\dllcache\shlwapi.dll
- 2006-01-13 02:28:14 359,808 -c--a-w C:\WINNT\system32\dllcache\tcpip.sys
+ 2008-06-20 10:45:13 360,320 -c--a-w C:\WINNT\system32\dllcache\tcpip.sys
- 2004-08-04 08:00:00 223,616 -c--a-w C:\WINNT\system32\dllcache\tcpip6.sys
+ 2008-06-20 09:52:06 225,920 -c--a-w C:\WINNT\system32\dllcache\tcpip6.sys
- 2006-03-18 11:04:10 614,400 -c--a-w C:\WINNT\system32\dllcache\urlmon.dll
+ 2008-06-23 16:12:06 618,496 -c--a-w C:\WINNT\system32\dllcache\urlmon.dll
- 2004-08-04 08:00:00 417,792 -c--a-w C:\WINNT\system32\dllcache\vbscript.dll
+ 2007-12-18 14:40:58 417,792 -c--a-w C:\WINNT\system32\dllcache\vbscript.dll
- 2006-03-04 03:58:52 663,552 -c--a-w C:\WINNT\system32\dllcache\wininet.dll
+ 2008-06-23 16:12:08 667,136 -c--a-w C:\WINNT\system32\dllcache\wininet.dll
- 2005-01-28 12:44:28 224,768 -c--a-w C:\WINNT\system32\dllcache\wmasf.dll
+ 2007-10-27 17:40:06 227,328 -c--a-w C:\WINNT\system32\dllcache\wmasf.dll
- 2006-03-10 05:09:14 5,533,696 -c--a-w C:\WINNT\system32\dllcache\wmp.dll
+ 2007-04-30 08:20:24 5,537,792 -c--a-w C:\WINNT\system32\dllcache\wmp.dll
- 2005-01-28 12:44:28 2,370,296 -c--a-w C:\WINNT\system32\dllcache\wmvcore.dll
+ 2006-12-07 05:29:34 2,374,472 -c--a-w C:\WINNT\system32\dllcache\wmvcore.dll
- 2004-08-04 08:00:00 430,592 -c--a-w C:\WINNT\system32\dllcache\wuapi.dll
+ 2007-07-30 19:19:36 549,720 -c--a-w C:\WINNT\system32\dllcache\wuapi.dll
- 2004-08-04 08:00:00 111,104 -c--a-w C:\WINNT\system32\dllcache\wuauclt.exe
+ 2007-07-30 19:19:16 53,080 -c--a-w C:\WINNT\system32\dllcache\wuauclt.exe
- 2004-08-04 08:00:00 1,134,592 -c--a-w C:\WINNT\system32\dllcache\wuaueng.dll
+ 2007-07-30 19:19:42 1,712,984 -c--a-w C:\WINNT\system32\dllcache\wuaueng.dll
- 2004-08-04 08:00:00 112,640 -c--a-w C:\WINNT\system32\dllcache\wucltui.dll
+ 2007-07-30 19:19:32 325,976 -c--a-w C:\WINNT\system32\dllcache\wucltui.dll
- 2004-08-04 08:00:00 36,864 -c--a-w C:\WINNT\system32\dllcache\wups.dll
+ 2007-07-30 19:18:40 33,624 -c--a-w C:\WINNT\system32\dllcache\wups.dll
- 2004-08-04 08:00:00 148,480 ----a-w C:\WINNT\system32\dnsapi.dll
+ 2008-06-20 17:41:10 148,992 ----a-w C:\WINNT\system32\dnsapi.dll
- 2004-08-04 08:00:00 138,496 ----a-w C:\WINNT\system32\drivers\afd.sys
+ 2008-06-20 10:44:38 138,368 ----a-w C:\WINNT\system32\drivers\afd.sys
+ 2008-06-13 13:10:50 272,128 ------w C:\WINNT\system32\drivers\bthport.sys
- 2004-08-04 08:00:00 200,064 -c--a-w C:\WINNT\system32\drivers\RMCast.sys
+ 2008-05-08 12:28:49 202,752 ----a-w C:\WINNT\system32\drivers\rmcast.sys
- 2006-01-13 02:28:14 359,808 ----a-w C:\WINNT\system32\drivers\tcpip.sys
+ 2008-06-20 10:45:13 360,320 ----a-w C:\WINNT\system32\drivers\tcpip.sys
- 2004-08-04 08:00:00 223,616 -c--a-w C:\WINNT\system32\drivers\tcpip6.sys
+ 2008-06-20 09:52:06 225,920 ----a-w C:\WINNT\system32\drivers\tcpip6.sys
- 2004-08-04 08:00:00 357,888 ----a-w C:\WINNT\system32\dxtmsft.dll
+ 2008-06-23 16:11:43 357,888 ----a-w C:\WINNT\system32\dxtmsft.dll
- 2006-03-04 03:58:44 205,312 ----a-w C:\WINNT\system32\dxtrans.dll
+ 2008-06-23 16:11:43 205,312 ----a-w C:\WINNT\system32\dxtrans.dll
- 2006-03-04 03:58:44 55,808 -c--a-w C:\WINNT\system32\extmgr.dll
+ 2008-06-23 16:11:43 55,808 ----a-w C:\WINNT\system32\extmgr.dll
- 2005-03-17 13:39:58 1,146,320 ----a-w C:\WINNT\system32\FM20.DLL
+ 2007-06-06 10:53:34 1,195,888 ----a-w C:\WINNT\system32\FM20.DLL
- 2003-07-14 21:57:04 32,584 ----a-w C:\WINNT\system32\FM20ENU.DLL
+ 2007-03-22 19:17:04 35,440 ----a-w C:\WINNT\system32\FM20ENU.DLL
- 2008-02-14 14:49:08 313,656 ----a-w C:\WINNT\system32\FNTCACHE.DAT
+ 2008-09-02 21:35:15 313,656 ----a-w C:\WINNT\system32\FNTCACHE.DAT
- 2006-03-04 03:58:44 251,904 ----a-w C:\WINNT\system32\iepeers.dll
+ 2008-06-23 16:11:52 251,904 ----a-w C:\WINNT\system32\iepeers.dll
- 2006-03-17 09:07:17 679,424 -c--a-w C:\WINNT\system32\inetcomm.dll
+ 2008-04-11 18:50:43 683,520 ----a-w C:\WINNT\system32\inetcomm.dll
- 2006-03-04 03:58:44 96,256 -c--a-w C:\WINNT\system32\inseng.dll
+ 2008-06-23 16:11:52 96,256 ----a-w C:\WINNT\system32\inseng.dll
- 2004-08-04 08:00:00 450,560 ----a-w C:\WINNT\system32\jscript.dll
+ 2007-12-18 14:40:58 450,560 ----a-w C:\WINNT\system32\jscript.dll
- 2004-08-04 08:00:00 15,872 -c--a-w C:\WINNT\system32\jsproxy.dll
+ 2008-06-23 16:11:52 16,384 ----a-w C:\WINNT\system32\jsproxy.dll
+ 2008-03-20 18:06:36 1,480,232 ------w C:\WINNT\system32\LegitCheckControl.dll
- 2004-03-22 14:17:06 24,816 ----a-w C:\WINNT\system32\mdimon.dll
+ 2007-04-09 13:23:54 28,040 ----a-w C:\WINNT\system32\mdimon.dll
- 2008-06-25 09:15:48 17,972,344 ----a-w C:\WINNT\system32\MRT.exe
+ 2008-08-05 18:11:01 15,888,504 ----a-w C:\WINNT\system32\MRT.exe
- 2005-09-23 06:28:52 270,848 ----a-w C:\WINNT\system32\mscoree.dll
+ 2006-12-22 12:28:14 271,360 ----a-w C:\WINNT\system32\mscoree.dll
- 2004-08-04 08:00:00 512,029 -c--a-w C:\WINNT\system32\msexch40.dll
+ 2008-03-25 04:50:28 518,944 ----a-w C:\WINNT\system32\msexch40.dll
- 2004-08-04 08:00:00 319,517 -c--a-w C:\WINNT\system32\msexcl40.dll
+ 2008-03-25 04:50:30 326,432 ----a-w C:\WINNT\system32\msexcl40.dll
- 2006-03-23 20:31:39 3,055,616 ----a-w C:\WINNT\system32\mshtml.dll
+ 2008-06-23 16:11:58 3,067,392 ----a-w C:\WINNT\system32\mshtml.dll
- 2006-03-04 03:58:48 448,512 ----a-w C:\WINNT\system32\mshtmled.dll
+ 2008-06-23 16:12:00 449,024 ----a-w C:\WINNT\system32\mshtmled.dll
- 2004-08-04 08:00:00 1,507,356 ----a-w C:\WINNT\system32\msjet40.dll
+ 2008-03-25 04:50:34 1,516,568 ----a-w C:\WINNT\system32\msjet40.dll
- 2004-08-04 08:00:00 358,976 ----a-w C:\WINNT\system32\msjetoledb40.dll
+ 2008-03-25 04:50:40 355,112 ----a-w C:\WINNT\system32\msjetoledb40.dll
- 2004-08-04 08:00:00 151,583 ----a-w C:\WINNT\system32\msjint40.dll
+ 2008-03-27 08:12:54 151,583 ----a-w C:\WINNT\system32\msjint40.dll
- 2004-08-04 08:00:00 53,279 ----a-w C:\WINNT\system32\msjter40.dll
+ 2008-03-25 04:50:42 60,192 ----a-w C:\WINNT\system32\msjter40.dll
- 2004-08-04 08:00:00 241,693 ----a-w C:\WINNT\system32\msjtes40.dll
+ 2008-03-25 04:50:42 248,608 ----a-w C:\WINNT\system32\msjtes40.dll
- 2004-08-04 08:00:00 213,023 -c--a-w C:\WINNT\system32\msltus40.dll
+ 2008-03-25 04:50:44 219,936 ----a-w C:\WINNT\system32\msltus40.dll
- 2004-08-04 08:00:00 348,189 -c--a-w C:\WINNT\system32\mspbde40.dll
+ 2008-03-25 04:50:45 355,104 ----a-w C:\WINNT\system32\mspbde40.dll
- 2006-03-04 03:58:48 146,432 ----a-w C:\WINNT\system32\msrating.dll
+ 2008-06-23 16:12:02 146,432 ----a-w C:\WINNT\system32\msrating.dll
- 2004-08-04 08:00:00 421,919 -c--a-w C:\WINNT\system32\msrd2x40.dll
+ 2008-03-25 04:50:47 432,928 ----a-w C:\WINNT\system32\msrd2x40.dll
- 2004-08-04 08:00:00 315,423 -c--a-w C:\WINNT\system32\msrd3x40.dll
+ 2008-03-25 04:50:49 322,336 ----a-w C:\WINNT\system32\msrd3x40.dll
- 2004-08-04 08:00:00 552,989 -c--a-w C:\WINNT\system32\msrepl40.dll
+ 2008-03-25 04:50:52 559,904 ----a-w C:\WINNT\system32\msrepl40.dll
- 2004-08-04 08:00:00 258,077 -c--a-w C:\WINNT\system32\mstext40.dll
+ 2008-03-25 04:50:55 264,992 ----a-w C:\WINNT\system32\mstext40.dll
- 2006-03-04 03:58:48 532,480 ----a-w C:\WINNT\system32\mstime.dll
+ 2008-06-23 16:12:02 532,480 ----a-w C:\WINNT\system32\mstime.dll
- 2004-08-04 08:00:00 831,519 ----a-w C:\WINNT\system32\mswdat10.dll
+ 2008-03-25 04:50:57 838,432 ----a-w C:\WINNT\system32\mswdat10.dll
- 2004-08-04 08:00:00 614,429 ----a-w C:\WINNT\system32\mswstr10.dll
+ 2008-03-25 04:50:58 621,344 ----a-w C:\WINNT\system32\mswstr10.dll
- 2004-08-04 08:00:00 348,189 -c--a-w C:\WINNT\system32\msxbde40.dll
+ 2008-03-25 04:50:58 355,104 ----a-w C:\WINNT\system32\msxbde40.dll
- 2003-04-18 16:46:22 1,233,920 ----a-w C:\WINNT\system32\msxml4.dll
+ 2007-05-08 15:03:04 1,275,392 ----a-w C:\WINNT\system32\msxml4.dll
- 2006-12-04 14:37:58 1,317,648 ----a-w C:\WINNT\system32\msxml6.dll
+ 2007-05-15 15:43:10 1,320,800 ----a-w C:\WINNT\system32\msxml6.dll
+ 2007-07-30 19:19:10 271,224 ----a-w C:\WINNT\system32\mucltui.dll
- 2005-09-23 06:29:00 6,144 -c--a-w C:\WINNT\system32\mui\0409\mscorees.dll
+ 2006-12-22 13:02:36 6,144 ----a-w C:\WINNT\system32\mui\0409\mscorees.dll
- 2006-03-04 03:58:48 39,424 ----a-w C:\WINNT\system32\pngfilt.dll
+ 2008-06-23 16:12:02 39,424 ----a-w C:\WINNT\system32\pngfilt.dll
- 2005-08-30 03:54:26 1,287,168 ----a-w C:\WINNT\system32\quartz.dll
+ 2008-05-07 05:18:48 1,287,680 ----a-w C:\WINNT\system32\quartz.dll
- 2006-03-30 09:27:01 1,495,040 ----a-w C:\WINNT\system32\shdocvw.dll
+ 2008-06-23 16:12:05 1,499,136 ----a-w C:\WINNT\system32\shdocvw.dll
- 2006-03-04 03:58:50 474,112 ----a-w C:\WINNT\system32\shlwapi.dll
+ 2008-06-23 16:12:05 474,112 ----a-w C:\WINNT\system32\shlwapi.dll
+ 2007-07-30 19:19:36 549,720 ----a-w C:\WINNT\system32\SoftwareDistribution\Setup\ServiceStartup\wuapi.dll\7.0.6000.381\wuapi.dll
+ 2007-07-30 19:18:40 33,624 ----a-w C:\WINNT\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.0.6000.381\wups.dll
- 2006-10-08 21:51:14 14,640 ----a-w C:\WINNT\system32\spmsg.dll
+ 2007-11-30 12:39:22 17,272 ------w C:\WINNT\system32\spmsg.dll
- 2004-03-22 14:17:04 765,680 ----a-w C:\WINNT\system32\spool\drivers\w32x86\3\mdigraph.dll
+ 2007-04-09 13:24:04 758,664 ----a-w C:\WINNT\system32\spool\drivers\w32x86\3\mdigraph.dll
- 2004-03-22 14:17:10 42,224 ----a-w C:\WINNT\system32\spool\drivers\w32x86\3\mdiui.dll
+ 2007-04-09 13:23:58 46,472 ----a-w C:\WINNT\system32\spool\drivers\w32x86\3\mdiui.dll
- 2004-03-22 14:17:04 765,680 -c--a-w C:\WINNT\system32\spool\drivers\w32x86\mdigraph.dll
+ 2007-04-09 13:24:04 758,664 ----a-w C:\WINNT\system32\spool\drivers\w32x86\mdigraph.dll
- 2004-03-22 14:17:10 42,224 -c--a-w C:\WINNT\system32\spool\drivers\w32x86\mdiui.dll
+ 2007-04-09 13:23:58 46,472 ----a-w C:\WINNT\system32\spool\drivers\w32x86\mdiui.dll
- 2004-03-22 14:17:08 25,840 ----a-w C:\WINNT\system32\spool\prtprocs\w32x86\mdippr.dll
+ 2007-04-09 13:23:54 28,552 ----a-w C:\WINNT\system32\spool\prtprocs\w32x86\mdippr.dll
+ 2008-07-14 11:09:18 62,976 ------w C:\WINNT\system32\tzchange.exe
- 2006-03-18 11:04:10 614,400 ----a-w C:\WINNT\system32\urlmon.dll
+ 2008-06-23 16:12:06 618,496 ----a-w C:\WINNT\system32\urlmon.dll
- 2004-08-04 08:00:00 417,792 ----a-w C:\WINNT\system32\vbscript.dll
+ 2007-12-18 14:40:58 417,792 ----a-w C:\WINNT\system32\vbscript.dll
- 2005-01-28 12:44:28 224,768 ----a-w C:\WINNT\system32\wmasf.dll
+ 2007-10-27 17:40:06 227,328 ----a-w C:\WINNT\system32\wma

Répondre à elg_49

bonjour
le rapport est incomplet

Poste le rapport :C: \Combofix.txt
clique dessus pour l'ouvrir, puis édition "sélectionner tout", édition "copier"

viens sur le forum et édition "coller"

ajoute un nouveau rapport Hijackthis.

------------------------------ Prévention et protection
/!\Marre de la pub: Firefox sécurisé/!\
Répondre à Sham_Rock

re,
Le rapport complet:
ComboFix 08-07-29.1 - A ELLOUGANI 2008-09-02 22:56:27.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.481 [GMT 0:00]
Running from: C:\Documents and Settings\Administrator\Desktop\forum\ComboFix.exe
.
- REDUCED FUNCTIONALITY MODE -
.

((((((((((((((((((((((((( Files Created from 2008-08-02 to 2008-09-02 )))))))))))))))))))))))))))))))
.

2008-09-02 22:57 . 2008-09-02 22:57 53,248 --a------ C:\Temp\catchme.dll
2008-09-02 21:37 . 2008-09-02 21:37 <DIR> d-------- C:\Temp\smkits
2008-09-02 19:30 . 2008-09-02 19:30 <DIR> d-------- C:\Temp\3E0B
2008-09-02 19:25 . 2008-09-02 19:25 <DIR> d-------- C:\Temp\3A34
2008-08-31 22:04 . 2008-08-31 22:04 <DIR> d-------- C:\Temp\1811
2008-08-30 20:06 . 2008-08-30 20:06 <DIR> d-------- C:\Temp\6FBF
2008-08-13 13:17 . 2008-08-13 13:17 <DIR> d-------- C:\Temp\60A
2008-08-13 13:12 . 2008-08-13 13:12 <DIR> d-------- C:\Temp\251
2008-08-07 20:02 . 2008-08-07 20:02 <DIR> d-------- C:\Temp\671A
2008-08-07 19:55 . 2008-08-07 19:55 <DIR> d-------- C:\Temp\6214
2008-08-07 12:17 . 2008-08-07 12:17 <DIR> d-------- C:\Temp\32E
2008-08-07 12:12 . 2008-08-07 12:12 <DIR> d-------- C:\Temp\7F85
2008-08-04 18:54 . 2008-08-04 18:54 <DIR> d-------- C:\Temp\48ED
2008-08-04 18:49 . 2008-08-04 18:49 <DIR> d-------- C:\Temp\451A

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-02 22:55 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Skype
2008-09-02 21:36 --------- d-----w C:\Documents and Settings\Administrator\Application Data\skypePM
2008-08-01 20:10 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-08-01 20:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Babylon
2008-07-31 19:59 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-07-31 19:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-31 19:59 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Malwarebytes
2008-07-30 20:07 38,472 ----a-w C:\WINNT\system32\drivers\mbamswissarmy.sys
2008-07-30 20:07 17,144 ----a-w C:\WINNT\system32\drivers\mbam.sys
2008-07-30 18:22 --------- d-----w C:\Program Files\lotus
2008-07-30 15:57 99,456 ----a-w C:\WINNT\system32\poofmemr.dll
2008-07-29 19:29 --------- d-----w C:\Program Files\Software by Design
2008-07-29 14:10 --------- d-----w C:\Program Files\Trend Micro
2008-07-29 14:05 --------- d-----w C:\Program Files\Panda Security
2008-07-29 13:21 --------- d-----w C:\Program Files\a-squared Anti-Malware
2008-07-29 00:50 --------- d-----w C:\Program Files\Java
2008-07-25 19:44 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-25 15:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-07-25 11:59 0 ---ha-w C:\WINNT\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-07-25 11:59 0 ---ha-w C:\WINNT\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-07-25 00:08 --------- d-----w C:\Program Files\Nokia
2008-07-25 00:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Installations
2008-07-25 00:07 --------- d-----w C:\Program Files\MSXML 6.0
2008-07-25 00:06 --------- d-----w C:\Program Files\Common Files\Nokia
2008-07-24 16:42 --------- d-----w C:\Documents and Settings\Administrator\Application Data\PC Suite
2008-07-24 16:41 --------- d-----w C:\Documents and Settings\Administrator\Application Data\NSeries
2008-07-24 16:29 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Nokia
2008-07-18 22:01 --------- d-----w C:\Program Files\HSDPA USB MODEM
2008-07-13 11:23 --------- d-----w C:\Program Files\Internet Mobile
2008-07-10 19:58 --------- d-----w C:\Program Files\Common Files\PC SOFT
2008-07-07 20:32 253,952 ----a-w C:\WINNT\system32\es.dll
2008-06-24 16:23 74,240 ----a-w C:\WINNT\system32\mscms.dll
2008-06-23 16:12 667,136 ----a-w C:\WINNT\system32\wininet.dll
2008-06-20 17:41 245,248 ----a-w C:\WINNT\system32\mswsock.dll
2008-03-28 21:52 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
2008-02-09 22:19 2,293,848 -c--a-w C:\Program Files\FLV PlayerFCSetup.exe
2008-02-09 22:17 3,955,352 -c--a-w C:\Program Files\FLV PlayerRCATSetup.exe
2008-02-09 21:34 411,248 -c--a-w C:\Program Files\FLV PlayerRCSetup.exe
2007-03-09 08:12 27,648 -csha-w C:\WINNT\system32\AVSredirect.dll
.

((((((((((((((((((((((((((((( snapshot@2008-07-30_15.53.53.43 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-02-25 03:35:05 14,048 ----a-w C:\WINNT\$hf_mig$\KB898461\spmsg.dll
+ 2005-02-25 03:35:05 209,632 ----a-w C:\WINNT\$hf_mig$\KB898461\spuninst.exe
+ 2005-02-25 03:35:05 22,752 ----a-w C:\WINNT\$hf_mig$\KB898461\spupdsvc.exe
+ 2005-02-25 03:35:05 22,240 ----a-w C:\WINNT\$hf_mig$\KB898461\update\spcustom.dll
+ 2005-02-25 03:35:05 718,048 ----a-w C:\WINNT\$hf_mig$\KB898461\update\update.exe
+ 2005-02-25 03:35:06 371,936 ----a-w C:\WINNT\$hf_mig$\KB898461\update\updspapi.dll
+ 2008-03-27 09:22:32 60,416 ----a-w C:\WINNT\$hf_mig$\KB942763\SP2QFE\tzchange.exe
+ 2008-03-27 10:40:24 60,416 ----a-w C:\WINNT\$hf_mig$\KB942763\SP3GDR\tzchange.exe
+ 2008-03-27 10:46:15 60,416 ----a-w C:\WINNT\$hf_mig$\KB942763\SP3QFE\tzchange.exe
+ 2007-11-30 11:18:51 17,272 ----a-w C:\WINNT\$hf_mig$\KB942763\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w C:\WINNT\$hf_mig$\KB942763\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w C:\WINNT\$hf_mig$\KB942763\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w C:\WINNT\$hf_mig$\KB942763\update\update.exe
+ 2007-11-30 11:18:51 382,840 ----a-w C:\WINNT\$hf_mig$\KB942763\update\updspapi.dll
+ 2007-12-18 14:32:13 450,560 ----a-w C:\WINNT\$hf_mig$\KB944338-v2\SP2QFE\jscript.dll
+ 2007-12-18 14:32:13 417,792 ----a-w C:\WINNT\$hf_mig$\KB944338-v2\SP2QFE\vbscript.dll
+ 2007-03-06 01:22:36 14,048 ----a-w C:\WINNT\$hf_mig$\KB944338-v2\spmsg.dll
+ 2007-03-06 01:22:41 213,216 ----a-w C:\WINNT\$hf_mig$\KB944338-v2\spuninst.exe
+ 2007-03-06 01:22:34 22,752 ----a-w C:\WINNT\$hf_mig$\KB944338-v2\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w C:\WINNT\$hf_mig$\KB944338-v2\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w C:\WINNT\$hf_mig$\KB944338-v2\update\updspapi.dll
+ 2008-01-23 04:56:21 554,008 ----a-w C:\WINNT\$hf_mig$\KB950749\SP2QFE\dao360.dll
+ 2007-12-10 12:41:11 518,944 ----a-w C:\WINNT\$hf_mig$\KB950749\SP2QFE\msexch40.dll
+ 2007-12-10 12:41:11 326,432 ----a-w C:\WINNT\$hf_mig$\KB950749\SP2QFE\msexcl40.dll
+ 2007-12-10 12:41:11 1,516,568 ----a-w C:\WINNT\$hf_mig$\KB950749\SP2QFE\msjet40.dll
+ 2007-12-10 12:41:11 355,112 ----a-w C:\WINNT\$hf_mig$\KB950749\SP2QFE\msjetol1.dll
+ 2008-03-27 07:39:13 151,583 ----a-w C:\WINNT\$hf_mig$\KB950749\SP2QFE\msjint40.dll
+ 2007-12-10 12:41:12 60,192 ----a-w C:\WINNT\$hf_mig$\KB950749\SP2QFE\msjter40.dll
+ 2007-12-10 12:41:12 248,608 ----a-w C:\WINNT\$hf_mig$\KB950749\SP2QFE\msjtes40.dll
+ 2007-12-10 12:41:12 219,936 ----a-w C:\WINNT\$hf_mig$\KB950749\SP2QFE\msltus40.dll
+ 2007-12-10 12:41:12 355,104 ----a-w C:\WINNT\$hf_mig$\KB950749\SP2QFE\mspbde40.dll
+ 2007-12-10 12:41:13 432,928 ----a-w C:\WINNT\$hf_mig$\KB950749\SP2QFE\msrd2x40.dll
+ 2007-12-10 12:41:13 322,336 ----a-w C:\WINNT\$hf_mig$\KB950749\SP2QFE\msrd3x40.dll
+ 2007-12-10 12:41:13 559,904 ----a-w C:\WINNT\$hf_mig$\KB950749\SP2QFE\msrepl40.dll
+ 2007-12-10 12:41:13 264,992 ----a-w C:\WINNT\$hf_mig$\KB950749\SP2QFE\mstext40.dll
+ 2007-12-10 12:41:13 838,432 ----a-w C:\WINNT\$hf_mig$\KB950749\SP2QFE\mswdat10.dll
+ 2007-12-10 12:41:14 621,344 ----a-w C:\WINNT\$hf_mig$\KB950749\SP2QFE\mswstr10.dll
+ 2007-12-10 12:41:14 355,104 ----a-w C:\WINNT\$hf_mig$\KB950749\SP2QFE\msxbde40.dll
+ 2007-03-06 01:22:36 14,048 ----a-w C:\WINNT\$hf_mig$\KB950749\spmsg.dll
+ 2007-03-06 01:22:41 213,216 ----a-w C:\WINNT\$hf_mig$\KB950749\spuninst.exe
+ 2007-03-06 01:22:34 22,752 ----a-w C:\WINNT\$hf_mig$\KB950749\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w C:\WINNT\$hf_mig$\KB950749\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w C:\WINNT\$hf_mig$\KB950749\update\updspapi.dll
+ 2008-04-21 06:44:29 3,066,880 ----a-w C:\WINNT\$hf_mig$\KB950759\SP3GDR\mshtml.dll
+ 2008-04-21 06:44:29 666,112 ----a-w C:\WINNT\$hf_mig$\KB950759\SP3GDR\wininet.dll
+ 2008-04-21 06:24:01 3,067,392 ----a-w C:\WINNT\$hf_mig$\KB950759\SP3QFE\mshtml.dll
+ 2008-04-21 06:24:02 666,624 ----a-w C:\WINNT\$hf_mig$\KB950759\SP3QFE\wininet.dll
+ 2007-11-30 12:39:22 17,272 ----a-w C:\WINNT\$hf_mig$\KB950759\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w C:\WINNT\$hf_mig$\KB950759\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w C:\WINNT\$hf_mig$\KB950759\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w C:\WINNT\$hf_mig$\KB950759\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w C:\WINNT\$hf_mig$\KB950759\update\updspapi.dll
+ 2007-11-30 12:39:22 17,272 ----a-w C:\WINNT\$hf_mig$\KB950760\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w C:\WINNT\$hf_mig$\KB950760\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w C:\WINNT\$hf_mig$\KB950760\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w C:\WINNT\$hf_mig$\KB950760\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w C:\WINNT\$hf_mig$\KB950760\update\updspapi.dll
+ 2008-05-08 12:14:51 203,008 ----a-w C:\WINNT\$hf_mig$\KB950762\SP2QFE\rmcast.sys
+ 2008-05-08 14:02:52 203,136 ----a-w C:\WINNT\$hf_mig$\KB950762\SP3GDR\rmcast.sys
+ 2008-05-08 13:58:17 203,136 ----a-w C:\WINNT\$hf_mig$\KB950762\SP3QFE\rmcast.sys
+ 2007-11-30 12:39:22 17,272 ----a-w C:\WINNT\$hf_mig$\KB950762\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w C:\WINNT\$hf_mig$\KB950762\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w C:\WINNT\$hf_mig$\KB950762\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w C:\WINNT\$hf_mig$\KB950762\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w C:\WINNT\$hf_mig$\KB950762\update\updspapi.dll
+ 2008-07-07 20:06:43 253,952 ----a-w C:\WINNT\$hf_mig$\KB950974\SP2QFE\es.dll
+ 2008-07-07 20:26:58 253,952 ----a-w C:\WINNT\$hf_mig$\KB950974\SP3GDR\es.dll
+ 2008-07-07 20:23:18 253,952 ----a-w C:\WINNT\$hf_mig$\KB950974\SP3QFE\es.dll
+ 2007-11-30 12:39:22 17,272 ----a-w C:\WINNT\$hf_mig$\KB950974\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w C:\WINNT\$hf_mig$\KB950974\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w C:\WINNT\$hf_mig$\KB950974\update\spcustom.dll
+ 2007-11-30 12:39:18 755,576 ----a-w C:\WINNT\$hf_mig$\KB950974\update\update.exe
+ 2007-11-30 12:39:19 382,840 ----a-w C:\WINNT\$hf_mig$\KB950974\update\updspapi.dll
+ 2008-07-14 11:03:00 62,976 ----a-w C:\WINNT\$hf_mig$\KB951072-v2\SP2QFE\tzchange.exe
+ 2008-07-11 12:42:28 62,976 ----a-w C:\WINNT\$hf_mig$\KB951072-v2\SP3GDR\tzchange.exe
+ 2008-07-11 12:51:51 62,976 ----a-w C:\WINNT\$hf_mig$\KB951072-v2\SP3QFE\tzchange.exe
+ 2007-11-30 11:18:51 17,272 ----a-w C:\WINNT\$hf_mig$\KB951072-v2\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w C:\WINNT\$hf_mig$\KB951072-v2\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w C:\WINNT\$hf_mig$\KB951072-v2\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w C:\WINNT\$hf_mig$\KB951072-v2\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w C:\WINNT\$hf_mig$\KB951072-v2\update\updspapi.dll
+ 2008-06-13 09:52:16 272,128 ----a-w C:\WINNT\$hf_mig$\KB951376-v2\SP2QFE\bthport.sys
+ 2008-06-13 11:05:51 272,128 ----a-w C:\WINNT\$hf_mig$\KB951376-v2\SP3GDR\bthport.sys
+ 2008-06-13 11:27:43 272,128 ----a-w C:\WINNT\$hf_mig$\KB951376-v2\SP3QFE\bthport.sys
+ 2007-11-30 11:18:51 17,272 ----a-w C:\WINNT\$hf_mig$\KB951376-v2\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w C:\WINNT\$hf_mig$\KB951376-v2\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w C:\WINNT\$hf_mig$\KB951376-v2\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w C:\WINNT\$hf_mig$\KB951376-v2\update\update.exe
+ 2007-11-30 11:18:51 382,840 ----a-w C:\WINNT\$hf_mig$\KB951376-v2\update\updspapi.dll
+ 2008-05-07 04:55:40 1,288,192 ----a-w C:\WINNT\$hf_mig$\KB951698\SP2QFE\quartz.dll
+ 2008-05-07 05:12:40 1,288,192 ----a-w C:\WINNT\$hf_mig$\KB951698\SP3GDR\quartz.dll
+ 2008-05-07 05:04:15 1,288,192 ----a-w C:\WINNT\$hf_mig$\KB951698\SP3QFE\quartz.dll
+ 2007-11-30 11:18:51 17,272 ----a-w C:\WINNT\$hf_mig$\KB951698\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w C:\WINNT\$hf_mig$\KB951698\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w C:\WINNT\$hf_mig$\KB951698\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w C:\WINNT\$hf_mig$\KB951698\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w C:\WINNT\$hf_mig$\KB951698\update\updspapi.dll
+ 2006-08-16 12:08:32 100,352 ----a-w C:\WINNT\$hf_mig$\KB951748\SP2QFE\6to4svc.dll
+ 2008-06-20 10:44:08 138,368 ----a-w C:\WINNT\$hf_mig$\KB951748\SP2QFE\afd.sys
+ 2008-06-20 17:36:11 147,968 ----a-w C:\WINNT\$hf_mig$\KB951748\SP2QFE\dnsapi.dll
+ 2008-06-20 17:36:11 245,248 ----a-w C:\WINNT\$hf_mig$\KB951748\SP2QFE\mswsock.dll
+ 2008-06-20 10:44:42 360,960 ----a-w C:\WINNT\$hf_mig$\KB951748\SP2QFE\tcpip.sys
+ 2008-06-20 09:32:39 225,920 ----a-w C:\WINNT\$hf_mig$\KB951748\SP2QFE\tcpip6.sys
+ 2008-06-20 11:40:08 138,496 ----a-w C:\WINNT\$hf_mig$\KB951748\SP3GDR\afd.sys
+ 2008-06-20 17:46:57 147,968 ----a-w C:\WINNT\$hf_mig$\KB951748\SP3GDR\dnsapi.dll
+ 2008-06-20 17:46:57 245,248 ----a-w C:\WINNT\$hf_mig$\KB951748\SP3GDR\mswsock.dll
+ 2008-06-20 11:51:12 361,600 ----a-w C:\WINNT\$hf_mig$\KB951748\SP3GDR\tcpip.sys
+ 2008-06-20 11:08:27 225,856 ----a-w C:\WINNT\$hf_mig$\KB951748\SP3GDR\tcpip6.sys
+ 2008-06-20 11:48:03 138,496 ----a-w C:\WINNT\$hf_mig$\KB951748\SP3QFE\afd.sys
+ 2008-06-20 17:43:05 147,968 ----a-w C:\WINNT\$hf_mig$\KB951748\SP3QFE\dnsapi.dll
+ 2008-06-20 17:43:05 245,248 ----a-w C:\WINNT\$hf_mig$\KB951748\SP3QFE\mswsock.dll
+ 2008-06-20 11:59:02 361,600 ----a-w C:\WINNT\$hf_mig$\KB951748\SP3QFE\tcpip.sys
+ 2008-06-20 11:16:44 225,856 ----a-w C:\WINNT\$hf_mig$\KB951748\SP3QFE\tcpip6.sys
+ 2007-11-30 12:39:22 17,272 ----a-w C:\WINNT\$hf_mig$\KB951748\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w C:\WINNT\$hf_mig$\KB951748\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w C:\WINNT\$hf_mig$\KB951748\update\spcustom.dll
+ 2007-11-30 12:39:18 755,576 ----a-w C:\WINNT\$hf_mig$\KB951748\update\update.exe
+ 2007-11-30 12:39:19 382,840 ----a-w C:\WINNT\$hf_mig$\KB951748\update\updspapi.dll
+ 2008-06-24 16:28:00 74,240 ----a-w C:\WINNT\$hf_mig$\KB952954\SP2QFE\mscms.dll
+ 2008-06-24 16:43:16 74,240 ----a-w C:\WINNT\$hf_mig$\KB952954\SP3GDR\mscms.dll
+ 2008-06-24 16:53:10 74,240 ----a-w C:\WINNT\$hf_mig$\KB952954\SP3QFE\mscms.dll
+ 2007-11-30 12:39:22 17,272 ----a-w C:\WINNT\$hf_mig$\KB952954\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w C:\WINNT\$hf_mig$\KB952954\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w C:\WINNT\$hf_mig$\KB952954\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w C:\WINNT\$hf_mig$\KB952954\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w C:\WINNT\$hf_mig$\KB952954\update\updspapi.dll
+ 2008-06-23 15:09:27 3,067,392 ----a-w C:\WINNT\$hf_mig$\KB953838\SP3GDR\mshtml.dll
+ 2008-06-26 08:15:29 1,499,136 ----a-w C:\WINNT\$hf_mig$\KB953838\SP3GDR\shdocvw.dll
+ 2008-06-26 08:15:30 619,520 ----a-w C:\WINNT\$hf_mig$\KB953838\SP3GDR\urlmon.dll
+ 2008-06-23 15:09:27 666,112 ----a-w C:\WINNT\$hf_mig$\KB953838\SP3GDR\wininet.dll
+ 2008-06-25 04:24:48 3,067,904 ----a-w C:\WINNT\$hf_mig$\KB953838\SP3QFE\mshtml.dll
+ 2008-06-26 08:00:52 1,499,136 ----a-w C:\WINNT\$hf_mig$\KB953838\SP3QFE\shdocvw.dll
+ 2008-06-26 08:00:52 619,520 ----a-w C:\WINNT\$hf_mig$\KB953838\SP3QFE\urlmon.dll
+ 2008-06-23 14:54:47 666,624 ----a-w C:\WINNT\$hf_mig$\KB953838\SP3QFE\wininet.dll
+ 2007-11-30 12:39:22 17,272 ----a-w C:\WINNT\$hf_mig$\KB953838\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w C:\WINNT\$hf_mig$\KB953838\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w C:\WINNT\$hf_mig$\KB953838\update\spcustom.dll
+ 2007-11-30 12:39:18 755,576 ----a-w C:\WINNT\$hf_mig$\KB953838\update\update.exe
+ 2007-11-30 12:39:19 382,840 ----a-w C:\WINNT\$hf_mig$\KB953838\update\updspapi.dll
+ 2005-02-25 03:35:05 209,632 -c----w C:\WINNT\$NtUninstallKB898461$\spuninst\spuninst.exe
+ 2005-02-25 03:35:06 371,936 -c----w C:\WINNT\$NtUninstallKB898461$\spuninst\updspapi.dll
+ 2005-06-28 17:23:24 213,216 -c----w C:\WINNT\$NtUninstallKB923689$\spuninst\spuninst.exe
+ 2005-06-28 17:23:53 371,424 -c----w C:\WINNT\$NtUninstallKB923689$\spuninst\updspapi.dll
+ 2005-01-28 12:44:28 2,370,296 -c----w C:\WINNT\$NtUninstallKB923689$\wmvcore.dll
+ 2005-06-28 10:23:26 213,216 -c----w C:\WINNT\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe
+ 2005-06-28 10:23:54 371,424 -c----w C:\WINNT\$NtUninstallKB936782_WMP10$\spuninst\updspapi.dll
+ 2006-03-10 05:09:14 5,533,696 -c----w C:\WINNT\$NtUninstallKB936782_WMP10$\wmp.dll
+ 2007-10-27 16:39:36 213,216 -c----w C:\WINNT\$NtUninstallKB941569$\spuninst\spuninst.exe
+ 2007-10-27 16:39:46 371,424 -c----w C:\WINNT\$NtUninstallKB941569$\spuninst\updspapi.dll
+ 2005-01-28 12:44:28 224,768 -c----w C:\WINNT\$NtUninstallKB941569$\wmasf.dll
+ 2007-11-30 11:18:51 231,288 -c----w C:\WINNT\$NtUninstallKB942763$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w C:\WINNT\$NtUninstallKB942763$\spuninst\updspapi.dll
+ 2004-08-04 08:00:00 561,179 -c----w C:\WINNT\$NtUninstallKB950749$\dao360.dll
+ 2004-08-04 08:00:00 512,029 -c----w C:\WINNT\$NtUninstallKB950749$\msexch40.dll
+ 2004-08-04 08:00:00 319,517 -c----w C:\WINNT\$NtUninstallKB950749$\msexcl40.dll
+ 2004-08-04 08:00:00 1,507,356 -c----w C:\WINNT\$NtUninstallKB950749$\msjet40.dll
+ 2004-08-04 08:00:00 358,976 -c----w C:\WINNT\$NtUninstallKB950749$\msjetol1.dll
+ 2004-08-04 08:00:00 358,976 -c----w C:\WINNT\$NtUninstallKB950749$\msjetoledb40.dll
+ 2004-08-04 08:00:00 151,583 -c----w C:\WINNT\$NtUninstallKB950749$\msjint40.dll
+ 2004-08-04 08:00:00 53,279 -c----w C:\WINNT\$NtUninstallKB950749$\msjter40.dll
+ 2004-08-04 08:00:00 241,693 -c----w C:\WINNT\$NtUninstallKB950749$\msjtes40.dll
+ 2004-08-04 08:00:00 213,023 -c----w C:\WINNT\$NtUninstallKB950749$\msltus40.dll
+ 2004-08-04 08:00:00 348,189 -c----w C:\WINNT\$NtUninstallKB950749$\mspbde40.dll
+ 2004-08-04 08:00:00 421,919 -c----w C:\WINNT\$NtUninstallKB950749$\msrd2x40.dll
+ 2004-08-04 08:00:00 315,423 -c----w C:\WINNT\$NtUninstallKB950749$\msrd3x40.dll
+ 2004-08-04 08:00:00 552,989 -c----w C:\WINNT\$NtUninstallKB950749$\msrepl40.dll
+ 2004-08-04 08:00:00 258,077 -c----w C:\WINNT\$NtUninstallKB950749$\mstext40.dll
+ 2004-08-04 08:00:00 831,519 -c----w C:\WINNT\$NtUninstallKB950749$\mswdat10.dll
+ 2004-08-04 08:00:00 614,429 -c----w C:\WINNT\$NtUninstallKB950749$\mswstr10.dll
+ 2004-08-04 08:00:00 348,189 -c----w C:\WINNT\$NtUninstallKB950749$\msxbde40.dll
+ 2007-03-06 01:22:41 213,216 -c----w C:\WINNT\$NtUninstallKB950749$\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w C:\WINNT\$NtUninstallKB950749$\spuninst\updspapi.dll
+ 2006-03-04 03:58:42 1,022,976 -c----w C:\WINNT\$NtUninstallKB950759$\browseui.dll
+ 2006-03-04 03:58:42 151,040 -c----w C:\WINNT\$NtUninstallKB950759$\cdfview.dll
+ 2006-03-04 03:58:44 1,054,208 -c----w C:\WINNT\$NtUninstallKB950759$\danim.dll
+ 2004-08-04 08:00:00 357,888 -c----w C:\WINNT\$NtUninstallKB950759$\dxtmsft.dll
+ 2006-03-04 03:58:44 205,312 -c----w C:\WINNT\$NtUninstallKB950759$\dxtrans.dll
+ 2006-03-04 03:58:44 55,808 -c----w C:\WINNT\$NtUninstallKB950759$\extmgr.dll
+ 2004-08-04 08:00:00 18,432 -c----w C:\WINNT\$NtUninstallKB950759$\iedw.exe
+ 2006-03-04 03:58:44 251,904 -c----w C:\WINNT\$NtUninstallKB950759$\iepeers.dll
+ 2006-03-04 03:58:44 96,256 -c----w C:\WINNT\$NtUninstallKB950759$\inseng.dll
+ 2004-08-04 08:00:00 15,872 -c----w C:\WINNT\$NtUninstallKB950759$\jsproxy.dll
+ 2006-03-23 20:31:39 3,055,616 -c----w C:\WINNT\$NtUninstallKB950759$\mshtml.dll
+ 2006-03-04 03:58:48 448,512 -c----w C:\WINNT\$NtUninstallKB950759$\mshtmled.dll
+ 2006-03-04 03:58:48 146,432 -c----w C:\WINNT\$NtUninstallKB950759$\msrating.dll
+ 2006-03-04 03:58:48 532,480 -c----w C:\WINNT\$NtUninstallKB950759$\mstime.dll
+ 2006-03-04 03:58:48 39,424 -c----w C:\WINNT\$NtUninstallKB950759$\pngfilt.dll
+ 2006-03-30 09:27:01 1,495,040 -c----w C:\WINNT\$NtUninstallKB950759$\shdocvw.dll
+ 2006-03-04 03:58:50 474,112 -c----w C:\WINNT\$NtUninstallKB950759$\shlwapi.dll
+ 2007-11-30 12:39:22 231,288 -c----w C:\WINNT\$NtUninstallKB950759$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w C:\WINNT\$NtUninstallKB950759$\spuninst\updspapi.dll
+ 2006-03-18 11:04:10 614,400 -c----w C:\WINNT\$NtUninstallKB950759$\urlmon.dll
+ 2006-03-04 03:58:52 663,552 -c----w C:\WINNT\$NtUninstallKB950759$\wininet.dll
+ 2006-03-30 01:31:04 23,040 -c----w C:\WINNT\$NtUninstallKB950759$\xpsp3res.dll
+ 2007-11-30 12:39:22 231,288 -c----w C:\WINNT\$NtUninstallKB950760$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w C:\WINNT\$NtUninstallKB950760$\spuninst\updspapi.dll
+ 2004-08-04 08:00:00 200,064 -c----w C:\WINNT\$NtUninstallKB950762$\rmcast.sys
+ 2007-11-30 12:39:22 231,288 -c----w C:\WINNT\$NtUninstallKB950762$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w C:\WINNT\$NtUninstallKB950762$\spuninst\updspapi.dll
+ 2004-08-03 23:10:38 274,304 -c----w C:\WINNT\$NtUninstallKB951376-v2$\bthport.sys
+ 2007-11-30 11:18:51 231,288 -c----w C:\WINNT\$NtUninstallKB951376-v2$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w C:\WINNT\$NtUninstallKB951376-v2$\spuninst\updspapi.dll
+ 2005-08-30 03:54:26 1,287,168 -c----w C:\WINNT\$NtUninstallKB951698$\quartz.dll
+ 2007-11-30 11:18:51 231,288 -c----w C:\WINNT\$NtUninstallKB951698$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w C:\WINNT\$NtUninstallKB951698$\spuninst\updspapi.dll
+ 2004-08-04 08:00:00 100,352 -c----w C:\WINNT\$NtUninstallKB951748$\6to4svc.dll
+ 2004-08-04 08:00:00 138,496 -c----w C:\WINNT\$NtUninstallKB951748$\afd.sys
+ 2004-08-04 08:00:00 148,480 -c----w C:\WINNT\$NtUninstallKB951748$\dnsapi.dll
+ 2004-08-04 08:00:00 245,248 -c----w C:\WINNT\$NtUninstallKB951748$\mswsock.dll
+ 2007-11-30 12:39:22 231,288 -c----w C:\WINNT\$NtUninstallKB951748$\spuninst\spuninst.exe
+ 2007-11-30 12:39:19 382,840 -c----w C:\WINNT\$NtUninstallKB951748$\spuninst\updspapi.dll
+ 2006-01-13 02:28:14 359,808 -c----w C:\WINNT\$NtUninstallKB951748$\tcpip.sys
+ 2004-08-04 08:00:00 223,616 -c----w C:\WINNT\$NtUninstallKB951748$\tcpip6.sys
- 2006-05-16 10:22:42 997,992 -c--a-w C:\WINNT\assembly\GAC\Microsoft.Office.Interop.Access\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Access.dll
+ 2008-09-02 21:23:15 1,000,848 ----a-w C:\WINNT\assembly\GAC\Microsoft.Office.Interop.Access\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Access.dll
- 2006-05-16 10:22:42 1,100,392 -c--a-w C:\WINNT\assembly\GAC\Microsoft.Office.Interop.Excel\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll
+ 2008-09-02 21:24:03 1,103,248 ----a-w C:\WINNT\assembly\GAC\Microsoft.Office.Interop.Excel\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll
- 2006-05-16 10:22:43 141,928 -c--a-w C:\WINNT\assembly\GAC\Microsoft.Office.Interop.Graph\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll
+ 2008-09-02 21:23:35 144,784 ----a-w C:\WINNT\assembly\GAC\Microsoft.Office.Interop.Graph\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll
- 2006-05-16 10:25:44 88,776 -c--a-w C:\WINNT\assembly\GAC\Microsoft.Office.Interop.InfoPath.Xml\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.Xml.dll
+ 2008-09-02 21:24:22 91,488 ----a-w C:\WINNT\assembly\GAC\Microsoft.Office.Interop.InfoPath.Xml\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.Xml.dll
- 2006-05-16 10:25:43 101,064 -c--a-w C:\WINNT\assembly\GAC\Microsoft.Office.Interop.InfoPath\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.dll
+ 2008-09-02 21:24:21 103,776 ----a-w C:\WINNT\assembly\GAC\Microsoft.Office.Interop.InfoPath\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.dll
- 2006-05-16 10:22:43 461,416 -c--a-w C:\WINNT\assembly\GAC\Microsoft.Office.Interop.Owc11\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Owc11.dll
+ 2008-09-02 21:23:59 464,272 ----a-w C:\WINNT\assembly\GAC\Microsoft.Office.Interop.Owc11\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Owc11.dll
- 2006-05-16 10:22:43 223,856 -c--a-w C:\WINNT\assembly\GAC\Microsoft.Office.Interop.PowerPoint\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
+ 2008-09-02 21:24:17 226,712 ----a-w C:\WINNT\assembly\GAC\Microsoft.Office.Interop.PowerPoint\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
- 2006-05-16 10:22:43 20,080 -c--a-w C:\WINNT\assembly\GAC\Microsoft.Office.Interop.SmartTag\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.SmartTag.dll
+ 2008-09-02 21:23:57 22,928 ----a-w C:\WINNT\assembly\GAC\Microsoft.Office.Interop.SmartTag\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.SmartTag.dll
- 2006-05-16 10:22:43 662,120 -c--a-w C:\WINNT\assembly\GAC\Microsoft.Office.Interop.Word\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
+ 2008-09-02 21:24:12 664,968 ----a-w C:\WINNT\assembly\GAC\Microsoft.Office.Interop.Word\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
- 2006-05-16 10:22:42 371,296 -c--a-w C:\WINNT\assembly\GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.Forms.dll
+ 2008-09-02 21:23:34 374,152 ----a-w C:\WINNT\assembly\GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.Forms.dll
- 2006-05-16 10:22:43 64,088 -c--a-w C:\WINNT\assembly\GAC\Microsoft.Vbe.Interop\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
+ 2008-09-02 21:23:29 66,936 ----a-w C:\WINNT\assembly\GAC\Microsoft.Vbe.Interop\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
- 2006-05-16 10:22:43 223,800 -c--a-w C:\WINNT\assembly\GAC\office\11.0.0.0__71e9bce111e9429c\OFFICE.DLL
+ 2008-09-02 21:23:21 226,656 ----a-w C:\WINNT\assembly\GAC\office\11.0.0.0__71e9bce111e9429c\OFFICE.DLL
- 2006-05-16 10:19:40 1,257,472 -c--a-w C:\WINNT\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2008-08-01 20:09:59 1,265,664 ----a-w C:\WINNT\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
- 2006-05-16 10:16:12 1,224,704 -c--a-w C:\WINNT\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2008-08-01 20:10:00 1,232,896 ----a-w C:\WINNT\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2008-08-01 20:10:11 61,440 ----a-w C:\WINNT\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_088bb0be\CustomMarshalers.dll
+ 2008-08-01 20:10:42 118,784 ----a-w C:\WINNT\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_63382fd7\CustomMarshalers.dll
+ 2008-08-01 20:10:54 8,908,800 ----a-w C:\WINNT\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_179b4db8\mscorlib.dll
+ 2008-08-01 20:10:38 3,391,488 ----a-w C:\WINNT\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_36f42c92\mscorlib.dll
+ 2008-08-01 20:10:49 3,395,584 ----a-w C:\WINNT\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_69a05c41\System.Design.dll
+ 2008-08-01 20:10:32 1,470,464 ----a-w C:\WINNT\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_7489f320\System.Design.dll
+ 2008-08-01 20:10:12 90,112 ----a-w C:\WINNT\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_14703a85\System.Drawing.Design.dll
+ 2008-08-01 20:10:43 192,512 ----a-w C:\WINNT\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_aed2df02\System.Drawing.Design.dll
+ 2008-08-01 20:10:35 835,584 ----a-w C:\WINNT\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_45d63502\System.Drawing.dll
+ 2008-08-01 20:10:50 2,244,608 ----a-w C:\WINNT\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_e13c3ab3\System.Drawing.dll
+ 2008-08-01 20:10:20 3,018,752 ----a-w C:\WINNT\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_08c9b946\System.Windows.Forms.dll
+ 2008-08-01 20:10:46 7,884,800 ----a-w C:\WINNT\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_69874c05\System.Windows.Forms.dll
+ 2008-08-01 20:10:26 2,088,960 ----a-w C:\WINNT\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_12a8ad77\System.Xml.dll
+ 2008-08-01 20:10:48 5,513,216 ----a-w C:\WINNT\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_e74b763f\System.Xml.dll
+ 2008-08-01 20:10:10 1,966,080 ----a-w C:\WINNT\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_4d338382\System.dll
+ 2008-08-01 20:10:42 4,788,224 ----a-w C:\WINNT\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_ed33ec3c\System.dll
+ 2008-06-13 13:10:50 272,128 ------w C:\WINNT\Driver Cache\i386\bthport.sys
+ 2006-05-16 10:22:42 997,992 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\ACCESS.DLL
+ 2003-07-14 21:57:34 38,968 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\AUTHZAX.DLL
+ 2003-07-14 21:53:06 94,768 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\AW.DLL
+ 2003-07-14 21:53:22 46,144 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\BLNMGRPS.DLL
+ 2003-07-14 21:56:54 14,904 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\DSITF.DLL
+ 2003-07-14 21:57:14 98,360 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\DSSM.EXE
+ 2006-05-16 10:22:42 1,100,392 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\EXCELPIA.DLL
+ 2002-10-07 08:49:36 192,573 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\FORM.DLL
+ 2006-05-16 10:22:42 371,296 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\FORMSPIA.DLL
+ 2003-07-14 21:40:12 179,768 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\FPERSON.DLL
+ 2003-07-14 21:40:12 165,944 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\FPLACE.DLL
+ 2006-05-16 10:22:43 141,928 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\GRAPHPIA.DLL
+ 2003-07-14 21:45:14 58,944 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\INLAUNCH.DLL
+ 2003-06-18 16:31:10 252,928 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MDIINK.DLL
+ 2003-07-14 21:57:14 124,480 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSB1CORE.DLL
+ 2003-07-14 22:12:22 47,872 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSB1XTOR.DLL
+ 2003-07-14 21:56:14 40,504 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSE7.EXE
+ 2003-07-14 21:51:44 87,104 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSENCODE.DLL
+ 2003-07-14 21:52:52 17,464 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSMH.DLL
+ 2003-07-14 21:57:16 120,888 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOAUTH.DLL
+ 2003-07-14 21:52:52 27,704 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSODCW.DLL
+ 2003-07-14 21:44:06 25,144 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOEURO.DLL
+ 2003-07-14 21:52:56 55,360 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOHTMED.EXE
+ 2003-07-14 21:56:16 54,328 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOMSE.DLL
+ 2003-07-11 01:15:48 1,292,872 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSONSEXT.DLL
+ 2003-07-15 02:18:52 376,888 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSORUN.DLL
+ 2003-07-14 21:52:54 28,224 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOSTYLE.DLL
+ 2003-07-14 21:52:52 35,896 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOSV.DLL
+ 2003-07-14 21:46:16 42,040 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOXEV.DLL
+ 2003-07-14 21:45:12 55,360 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOXMLED.EXE
+ 2003-07-14 21:45:12 39,488 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOXMLMF.DLL
+ 2003-06-18 16:31:54 788,480 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSPFILT.DLL
+ 2003-06-18 16:31:50 16,384 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSPGIMME.DLL
+ 2003-06-19 15:05:52 128,104 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSPSCAN.EXE
+ 2003-06-19 15:05:50 364,648 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSPVIEW.EXE
+ 2003-07-14 22:02:42 637,496 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSQRY32.EXE
+ 2003-07-14 21:52:58 41,528 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSSH.DLL
+ 2006-05-16 10:22:43 20,080 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSTAGPIA.DLL
+ 2003-07-14 22:00:54 145,984 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSWEBCAP.DLL
+ 2003-07-14 21:57:10 56,888 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\NAME.DLL
+ 2003-07-14 21:56:52 13,888 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\NPOFFICE.DLL
+ 2003-06-18 16:31:58 6,144 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OCRPS.DLL
+ 2006-05-16 10:22:43 223,800 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OFFICE.DLL
+ 2003-07-15 02:14:26 242,240 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OISGRAPH.DLL
+ 2003-07-14 22:05:24 1,054,264 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OMFC.DLL
+ 2003-07-14 22:05:24 1,054,264 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OMFC.DLL_0002
+ 2006-05-16 10:22:43 461,416 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OWC11PIA.DLL
+ 2003-07-15 02:18:44 93,752 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\PP7X32.DLL
+ 2006-05-16 10:22:43 223,856 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\PPTPIA.DLL
+ 2002-10-07 09:11:00 167,997 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\PSOM.DLL
+ 2003-05-08 20:54:00 77,824 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\REFEDIT.DLL
+ 2003-07-14 21:57:08 40,512 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\REFIEBAR.DLL
+ 2002-10-07 08:49:42 81,984 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\REVERSE.DLL
+ 2003-07-14 21:57:18 349,248 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\SELFCERT.EXE
+ 2003-07-14 21:57:08 58,944 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\SEQCHK10.DLL
+ 2003-07-14 21:53:14 11,848 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\SMARTTAGINSTALL.EXE
+ 2002-10-07 08:53:04 106,561 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\THOCRAPI.DLL
+ 2002-10-07 08:50:44 241,729 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\TWCUTCHR.DLL
+ 2002-10-07 08:51:04 180,289 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\TWCUTLIN.DLL
+ 2002-10-07 08:51:14 147,520 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\TWLAY32.DLL
+ 2002-10-07 08:51:20 102,467 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\TWORIENT.DLL
+ 2002-10-07 08:50:04 118,847 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\TWRECE.DLL
+ 2002-10-07 08:49:56 81,983 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\TWRECS.DLL
+ 2002-10-07 08:51:44 221,252 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\TWSTRUCT.DLL
+ 2003-07-14 21:57:40 59,960 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\UNBIND.EXE
+ 2006-05-16 10:22:43 64,088 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\VBIDEPIA.DLL
+ 2006-05-16 10:22:43 662,120 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\WORDPIA.DLL
+ 2002-10-07 09:03:34 1,794,113 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\XIMAGE3B.DLL
+ 2003-04-30 10:52:32 1,581,120 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\XPAGE3C.DLL
+ 2003-01-17 13:03:34 59,466 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\XSCAN32.DAT
+ 2001-06-05 07:13:22 289,926 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\ENGDIC.DAT
+ 2001-06-05 07:13:22 34,168 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\ENGIDX.DAT
+ 2001-06-05 07:13:24 18,844 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\JFONT.DAT
+ 2001-06-05 07:13:26 65,536 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\LOOKUP.DAT
+ 2005-05-03 23:06:28 465,640 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\MSDMENG.DLL
+ 2005-05-03 23:06:32 1,411,816 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\MSDMINE.DLL
+ 2005-05-03 23:06:26 199,408 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\MSMDUN80.DLL
+ 2001-10-22 23:13:42 53,260 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\OCRHC.DAT
+ 2001-06-05 07:13:26 40,972 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\OCRVC.DAT
+ 2007-05-31 13:35:22 6,420,320 ----a-r C:\WINNT\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\POWERPNT.EXE
- 2006-05-16 10:27:42 593,920 ----a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2008-09-02 21:27:38 593,920 ----a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2006-05-16 10:27:42 12,288 -c--a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2008-09-02 21:27:38 12,288 ----a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2006-05-16 10:27:42 86,016 -c--a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2008-09-02 21:27:38 86,016 ----a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2006-05-16 10:27:42 135,168 ----a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-09-02 21:27:38 135,168 ----a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2006-05-16 10:27:42 11,264 -c--a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-09-02 21:27:38 11,264 ----a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2006-05-16 10:27:42 27,136 -c--a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-09-02 21:27:38 27,136 ----a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2006-05-16 10:27:42 4,096 -c--a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-09-02 21:27:38 4,096 ----a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2006-05-16 10:27:42 794,624 -c--a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-09-02 21:27:39 794,624 ----a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2006-05-16 10:27:42 249,856 ----a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-09-02 21:27:38 249,856 ----a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2006-05-16 10:27:42 61,440 -c--a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2008-09-02 21:27:38 61,440 ----a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2006-05-16 10:27:42 23,040 -c--a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-09-02 21:27:39 23,040 ----a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2006-05-16 10:27:42 286,720 ----a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-09-02 21:27:38 286,720 ----a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2006-05-16 10:27:42 409,600 ----a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-09-02 21:27:38 409,600 ----a-r C:\WINNT\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-08-01 20:07:14 32,768 ----a-r C:\WINNT\Installer\{C04E32E0-0416-434D-AFB9-6969D703A9EF}\icon.exe
- 2004-07-15 00:49:16 258,048 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2007-04-13 21:30:52 258,048 ----a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
- 2004-07-15 00:49:22 32,768 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2007-04-13 21:30:52 32,768 ----a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2004-07-14 23:32:22 81,920 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2007-04-13 20:57:52 81,920 ----a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2003-02-20 18:09:14 86,016 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2007-04-13 20:57:58 86,016 ----a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2004-07-14 23:25:06 315,392 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2007-04-13 20:56:30 315,392 ----a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2004-07-14 23:33:04 102,400 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2007-04-13 20:58:00 102,400 ----a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2004-07-15 13:29:02 2,138,112 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2007-04-13 20:50:46 2,142,208 ----a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
- 2003-02-20 18:09:18 77,824 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2007-04-13 20:58:02 77,824 ----a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2004-07-14 23:26:52 2,510,848 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2007-04-13 20:57:00 2,523,136 ----a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2004-07-14 23:28:34 2,502,656 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2007-04-13 20:57:28 2,514,944 ----a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
- 2004-08-10 15:20:00 106,496 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe
+ 2007-01-15 16:11:26 73,728 ----a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe
+ 2004-07-15 00:49:16 258,048 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\SHADOW2912\_aspnet_isapi.dll
+ 2004-07-14 23:32:22 81,920 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\SHADOW2912\_CORPerfMonExt.dll
+ 2004-07-14 23:24:30 282,624 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\SHADOW2912\_fusion.dll
+ 2004-07-14 23:25:06 315,392 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\SHADOW2912\_mscorjit.dll
+ 2004-07-15 13:29:02 2,138,112 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\SHADOW2912\_mscorlib.dll
+ 2003-02-20 18:09:18 77,824 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\SHADOW2912\_mscorsn.dll
+ 2004-07-14 23:26:52 2,510,848 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\SHADOW2912\_mscorsvr.dll
+ 2004-07-14 23:28:34 2,502,656 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\SHADOW2912\_mscorwks.dll
+ 2003-02-21 03:42:22 348,160 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\SHADOW2912\_msvcr71.dll
+ 2004-07-14 23:34:50 94,208 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\SHADOW2912\_PerfCounter.dll
- 2004-07-15 13:31:16 1,224,704 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2007-04-13 21:35:38 1,232,896 ----a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2004-10-08 05:20:12 1,257,472 -c--a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2007-04-13 21:35:46 1,265,664 ----a-w C:\WINNT\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2007-07-30 19:19:20 92,504 ------w C:\WINNT\SoftwareDistribution\WebSetup\cdm.dll
+ 2007-07-30 19:19:36 549,720 ------w C:\WINNT\SoftwareDistribution\WebSetup\wuapi.dll
+ 2007-07-30 19:19:16 53,080 ------w C:\WINNT\SoftwareDistribution\WebSetup\wuauclt.exe
+ 2007-07-30 19:19:42 1,712,984 ------w C:\WINNT\SoftwareDistribution\WebSetup\wuaueng.dll
+ 2007-07-30 19:19:32 325,976 ------w C:\WINNT\SoftwareDistribution\WebSetup\wucltui.dll
+ 2007-07-30 19:18:40 33,624 ------w C:\WINNT\SoftwareDistribution\WebSetup\wups.dll
+ 2007-07-30 19:19:12 43,352 ------w C:\WINNT\SoftwareDistribution\WebSetup\wups2.dll
- 2004-08-04 08:00:00 100,352 -c--a-w C:\WINNT\system32\6to4svc.dll
+ 2006-08-16 11:58:05 100,352 ----a-w C:\WINNT\system32\6to4svc.dll
- 2006-03-04 03:58:42 1,022,976 ----a-w C:\WINNT\system32\browseui.dll
+ 2008-06-23 16:11:40 1,024,000 ----a-w C:\WINNT\system32\browseui.dll
- 2006-03-04 03:58:42 151,040 ----a-w C:\WINNT\system32\cdfview.dll
+ 2008-06-23 16:11:40 151,040 ----a-w C:\WINNT\system32\cdfview.dll
- 2004-08-04 08:00:00 66,560 ----a-w C:\WINNT\system32\cdm.dll
+ 2007-07-30 19:19:20 92,504 ----a-w C:\WINNT\system32\cdm.dll
- 2006-03-04 03:58:44 1,054,208 -c--a-w C:\WINNT\system32\danim.dll
+ 2008-06-23 16:11:42 1,054,208 ----a-w C:\WINNT\system32\danim.dll
- 2004-08-04 08:00:00 100,352 -c--a-w C:\WINNT\system32\dllcache\6to4svc.dll
+ 2006-08-16 11:58:05 100,352 -c--a-w C:\WINNT\system32\dllcache\6to4svc.dll
- 2004-08-04 08:00:00 138,496 -c--a-w C:\WINNT\system32\dllcache\afd.sys
+ 2008-06-20 10:44:38 138,368 -c--a-w C:\WINNT\system32\dllcache\afd.sys
- 2006-03-04 03:58:42 1,022,976 -c--a-w C:\WINNT\system32\dllcache\browseui.dll
+ 2008-06-23 16:11:40 1,024,000 -c--a-w C:\WINNT\system32\dllcache\browseui.dll
- 2004-08-03 23:10:38 274,304 -c--a-w C:\WINNT\system32\dllcache\bthport.sys
+ 2008-06-13 13:10:50 272,128 -c--a-w C:\WINNT\system32\dllcache\bthport.sys
- 2006-03-04 03:58:42 151,040 -c--a-w C:\WINNT\system32\dllcache\cdfview.dll
+ 2008-06-23 16:11:40 151,040 -c--a-w C:\WINNT\system32\dllcache\cdfview.dll
- 2004-08-04 08:00:00 66,560 -c--a-w C:\WINNT\system32\dllcache\cdm.dll
+ 2007-07-30 19:19:20 92,504 -c--a-w C:\WINNT\system32\dllcache\cdm.dll
- 2006-03-04 03:58:44 1,054,208 -c--a-w C:\WINNT\system32\dllcache\danim.dll
+ 2008-06-23 16:11:42 1,054,208 -c--a-w C:\WINNT\system32\dllcache\danim.dll
- 2004-08-04 08:00:00 561,179 -c--a-w C:\WINNT\system32\dllcache\dao360.dll
+ 2008-03-25 04:50:25 554,008 -c--a-w C:\WINNT\system32\dllcache\dao360.dll
- 2004-08-04 08:00:00 148,480 -c--a-w C:\WINNT\system32\dllcache\dnsapi.dll
+ 2008-06-20 17:41:10 148,992 -c--a-w C:\WINNT\system32\dllcache\dnsapi.dll
- 2004-08-04 08:00:00 357,888 -c--a-w C:\WINNT\system32\dllcache\dxtmsft.dll
+ 2008-06-23 16:11:43 357,888 -c--a-w C:\WINNT\system32\dllcache\dxtmsft.dll
- 2006-03-04 03:58:44 205,312 -c--a-w C:\WINNT\system32\dllcache\dxtrans.dll
+ 2008-06-23 16:11:43 205,312 -c--a-w C:\WINNT\system32\dllcache\dxtrans.dll
- 2005-07-26 04:39:45 243,200 -c--a-w C:\WINNT\system32\dllcache\es.dll
+ 2008-07-07 20:32:22 253,952 -c--a-w C:\WINNT\system32\dllcache\es.dll
- 2006-03-04 03:58:44 55,808 -c--a-w C:\WINNT\system32\dllcache\extmgr.dll
+ 2008-06-23 16:11:43 55,808 -c--a-w C:\WINNT\system32\dllcache\extmgr.dll
- 2004-08-04 08:00:00 18,432 -c--a-w C:\WINNT\system32\dllcache\iedw.exe
+ 2008-06-23 09:53:58 18,432 -c--a-w C:\WINNT\system32\dllcache\iedw.exe
- 2006-03-04 03:58:44 251,904 -c--a-w C:\WINNT\system32\dllcache\iepeers.dll
+ 2008-06-23 16:11:52 251,904 -c--a-w C:\WINNT\system32\dllcache\iepeers.dll
- 2006-03-17 09:07:17 679,424 -c--a-w C:\WINNT\system32\dllcache\inetcomm.dll
+ 2008-04-11 18:50:43 683,520 -c--a-w C:\WINNT\system32\dllcache\inetcomm.dll
- 2006-03-04 03:58:44 96,256 -c--a-w C:\WINNT\system32\dllcache\inseng.dll
+ 2008-06-23 16:11:52 96,256 -c--a-w C:\WINNT\system32\dllcache\inseng.dll
- 2004-08-04 08:00:00 450,560 -c--a-w C:\WINNT\system32\dllcache\jscript.dll
+ 2007-12-18 14:40:58 450,560 -c--a-w C:\WINNT\system32\dllcache\jscript.dll
- 2004-08-04 08:00:00 15,872 -c--a-w C:\WINNT\system32\dllcache\jsproxy.dll
+ 2008-06-23 16:11:52 16,384 -c--a-w C:\WINNT\system32\dllcache\jsproxy.dll
- 2004-08-04 08:00:00 331,776 -c--a-w C:\WINNT\system32\dllcache\msadce.dll
+ 2008-05-01 14:30:33 331,776 -c--a-w C:\WINNT\system32\dllcache\msadce.dll
- 2005-06-29 01:46:00 74,240 -c--a-w C:\WINNT\system32\dllcache\mscms.dll
+ 2008-06-24 16:23:05 74,240 -c--a-w C:\WINNT\system32\dllcache\mscms.dll
- 2004-08-04 08:00:00 512,029 -c--a-w C:\WINNT\system32\dllcache\msexch40.dll
+ 2008-03-25 04:50:28 518,944 -c--a-w C:\WINNT\system32\dllcache\msexch40.dll
- 2004-08-04 08:00:00 319,517 -c--a-w C:\WINNT\system32\dllcache\msexcl40.dll
+ 2008-03-25 04:50:30 326,432 -c--a-w C:\WINNT\system32\dllcache\msexcl40.dll
- 2006-03-23 20:31:39 3,055,616 -c--a-w C:\WINNT\system32\dllcache\mshtml.dll
+ 2008-06-23 16:11:58 3,067,392 -c--a-w C:\WINNT\system32\dllcache\mshtml.dll
- 2006-03-04 03:58:48 448,512 -c--a-w C:\WINNT\system32\dllcache\mshtmled.dll
+ 2008-06-23 16:12:00 449,024 -c--a-w C:\WINNT\system32\dllcache\mshtmled.dll
- 2004-08-04 08:00:00 1,507,356 -c--a-w C:\WINNT\system32\dllcache\msjet40.dll
+ 2008-03-25 04:50:34 1,516,568 -c--a-w C:\WINNT\system32\dllcache\msjet40.dll
- 2004-08-04 08:00:00 358,976 -c--a-w C:\WINNT\system32\dllcache\msjetol1.dll
+ 2008-03-25 04:50:40 355,112 -c--a-w C:\WINNT\system32\dllcache\msjetol1.dll
- 2004-08-04 08:00:00 151,583 -c--a-w C:\WINNT\system32\dllcache\msjint40.dll
+ 2008-03-27 08:12:54 151,583 -c--a-w C:\WINNT\system32\dllcache\msjint40.dll
- 2004-08-04 08:00:00 53,279 -c--a-w C:\WINNT\system32\dllcache\msjter40.dll
+ 2008-03-25 04:50:42 60,192 -c--a-w C:\WINNT\system32\dllcache\msjter40.dll
- 2004-08-04 08:00:00 241,693 -c--a-w C:\WINNT\system32\dllcache\msjtes40.dll
+ 2008-03-25 04:50:42 248,608 -c--a-w C:\WINNT\system32\dllcache\msjtes40.dll
- 2004-08-04 08:00:00 213,023 -c--a-w C:\WINNT\system32\dllcache\msltus40.dll
+ 2008-03-25 04:50:44 219,936 -c--a-w C:\WINNT\system32\dllcache\msltus40.dll
- 2004-08-04 08:00:00 348,189 -c--a-w C:\WINNT\system32\dllcache\mspbde40.dll
+ 2008-03-25 04:50:45 355,104 -c--a-w C:\WINNT\system32\dllcache\mspbde40.dll
- 2006-03-04 03:58:48 146,432 -c--a-w C:\WINNT\system32\dllcache\msrating.dll
+ 2008-06-23 16:12:02 146,432 -c--a-w C:\WINNT\system32\dllcache\msrating.dll
- 2004-08-04 08:00:00 421,919 -c--a-w C:\WINNT\system32\dllcache\msrd2x40.dll
+ 2008-03-25 04:50:47 432,928 -c--a-w C:\WINNT\system32\dllcache\msrd2x40.dll
- 2004-08-04 08:00:00 315,423 -c--a-w C:\WINNT\system32\dllcache\msrd3x40.dll
+ 2008-03-25 04:50:49 322,336 -c--a-w C:\WINNT\system32\dllcache\msrd3x40.dll
- 2004-08-04 08:00:00 552,989 -c--a-w C:\WINNT\system32\dllcache\msrepl40.dll
+ 2008-03-25 04:50:52 559,904 -c--a-w C:\WINNT\system32\dllcache\msrepl40.dll
- 2004-08-04 08:00:00 258,077 -c--a-w C:\WINNT\system32\dllcache\mstext40.dll
+ 2008-03-25 04:50:55 264,992 -c--a-w C:\WINNT\system32\dllcache\mstext40.dll
- 2006-03-04 03:58:48 532,480 -c--a-w C:\WINNT\system32\dllcache\mstime.dll
+ 2008-06-23 16:12:02 532,480 -c--a-w C:\WINNT\system32\dllcache\mstime.dll
- 2004-08-04 08:00:00 831,519 -c--a-w C:\WINNT\system32\dllcache\mswdat10.dll
+ 2008-03-25 04:50:57 838,432 -c--a-w C:\WINNT\system32\dllcache\mswdat10.dll
- 2004-08-04 08:00:00 245,248 -c--a-w C:\WINNT\system32\dllcache\mswsock.dll
+ 2008-06-20 17:41:10 245,248 -c--a-w C:\WINNT\system32\dllcache\mswsock.dll
- 2004-08-04 08:00:00 614,429 -c--a-w C:\WINNT\system32\dllcache\mswstr10.dll
+ 2008-03-25 04:50:58 621,344 -c--a-w C:\WINNT\system32\dllcache\mswstr10.dll
- 2004-08-04 08:00:00 348,189 -c--a-w C:\WINNT\system32\dllcache\msxbde40.dll
+ 2008-03-25 04:50:58 355,104 -c--a-w C:\WINNT\system32\dllcache\msxbde40.dll
- 2006-03-04 03:58:48 39,424 -c--a-w C:\WINNT\system32\dllcache\pngfilt.dll
+ 2008-06-23 16:12:02 39,424 -c--a-w C:\WINNT\system32\dllcache\pngfilt.dll
- 2005-08-30 03:54:26 1,287,168 -c--a-w C:\WINNT\system32\dllcache\quartz.dll
+ 2008-05-07 05:18:48 1,287,680 -c--a-w C:\WINNT\system32\dllcache\quartz.dll
- 2004-08-04 08:00:00 200,064 -c--a-w C:\WINNT\system32\dllcache\rmcast.sys
+ 2008-05-08 12:28:49 202,752 -c--a-w C:\WINNT\system32\dllcache\rmcast.sys
- 2006-03-30 09:27:01 1,495,040 -c--a-w C:\WINNT\system32\dllcache\shdocvw.dll
+ 2008-06-23 16:12:05 1,499,136 -c--a-w C:\WINNT\system32\dllcache\shdocvw.dll
- 2006-03-04 03:58:50 474,112 -c--a-w C:\WINNT\system32\dllcache\shlwapi.dll
+ 2008-06-23 16:12:05 474,112 -c--a-w C:\WINNT\system32\dllcache\shlwapi.dll
- 2006-01-13 02:28:14 359,808 -c--a-w C:\WINNT\system32\dllcache\tcpip.sys
+ 2008-06-20 10:45:13 360,320 -c--a-w C:\WINNT\system32\dllcache\tcpip.sys
- 2004-08-04 08:00:00 223,616 -c--a-w C:\WINNT\system32\dllcache\tcpip6.sys
+ 2008-06-20 09:52:06 225,920 -c--a-w C:\WINNT\system32\dllcache\tcpip6.sys
- 2006-03-18 11:04:10 614,400 -c--a-w C:\WINNT\system32\dllcache\urlmon.dll
+ 2008-06-23 16:12:06 618,496 -c--a-w C:\WINNT\system32\dllcache\urlmon.dll
- 2004-08-04 08:00:00 417,792 -c--a-w C:\WINNT\system32\dllcache\vbscript.dll
+ 2007-12-18 14:40:58 417,792 -c--a-w C:\WINNT\system32\dllcache\vbscript.dll
- 2006-03-04 03:58:52 663,552 -c--a-w C:\WINNT\system32\dllcache\wininet.dll
+ 2008-06-23 16:12:08 667,136 -c--a-w C:\WINNT\system32\dllcache\wininet.dll
- 2005-01-28 12:44:28 224,768 -c--a-w C:\WINNT\system32\dllcache\wmasf.dll
+ 2007-10-27 17:40:06 227,328 -c--a-w C:\WINNT\system32\dllcache\wmasf.dll
- 2006-03-10 05:09:14 5,533,696 -c--a-w C:\WINNT\system32\dllcache\wmp.dll
+ 2007-04-30 08:20:24 5,537,792 -c--a-w C:\WINNT\system32\dllcache\wmp.dll
- 2005-01-28 12:44:28 2,370,296 -c--a-w C:\WINNT\system32\dllcache\wmvcore.dll
+ 2006-12-07 05:29:34 2,374,472 -c--a-w C:\WINNT\system32\dllcache\wmvcore.dll
- 2004-08-04 08:00:00 430,592 -c--a-w C:\WINNT\system32\dllcache\wuapi.dll
+ 2007-07-30 19:19:36 549,720 -c--a-w C:\WINNT\system32\dllcache\wuapi.dll
- 2004-08-04 08:00:00 111,104 -c--a-w C:\WINNT\system32\dllcache\wuauclt.exe
+ 2007-07-30 19:19:16 53,080 -c--a-w C:\WINNT\system32\dllcache\wuauclt.exe
- 2004-08-04 08:00:00 1,134,592 -c--a-w C:\WINNT\system32\dllcache\wuaueng.dll
+ 2007-07-30 19:19:42 1,712,984 -c--a-w C:\WINNT\system32\dllcache\wuaueng.dll
- 2004-08-04 08:00:00 112,640 -c--a-w C:\WINNT\system32\dllcache\wucltui.dll
+ 2007-07-30 19:19:32 325,976 -c--a-w C:\WINNT\system32\dllcache\wucltui.dll
- 2004-08-04 08:00:00 36,864 -c--a-w C:\WINNT\system32\dllcache\wups.dll
+ 2007-07-30 19:18:40 33,624 -c--a-w C:\WINNT\system32\dllcache\wups.dll
- 2004-08-04 08:00:00 148,480 ----a-w C:\WINNT\system32\dnsapi.dll
+ 2008-06-20 17:41:10 148,992 ----a-w C:\WINNT\system32\dnsapi.dll
- 2004-08-04 08:00:00 138,496 ----a-w C:\WINNT\system32\drivers\afd.sys
+ 2008-06-20 10:44:38 138,368 ----a-w C:\WINNT\system32\drivers\afd.sys
+ 2008-06-13 13:10:50 272,128 ------w C:\WINNT\system32\drivers\bthport.sys
- 2004-08-04 08:00:00 200,064 -c--a-w C:\WINNT\system32\drivers\RMCast.sys
+ 2008-05-08 12:28:49 202,752 ----a-w C:\WINNT\system32\drivers\rmcast.sys
- 2006-01-13 02:28:14 359,808 ----a-w C:\WINNT\system32\drivers\tcpip.sys
+ 2008-06-20 10:45:13 360,320 ----a-w C:\WINNT\system32\drivers\tcpip.sys
- 2004-08-04 08:00:00 223,616 -c--a-w C:\WINNT\system32\drivers\tcpip6.sys
+ 2008-06-20 09:52:06 225,920 ----a-w C:\WINNT\system32\drivers\tcpip6.sys
- 2004-08-04 08:00:00 357,888 ----a-w C:\WINNT\system32\dxtmsft.dll
+ 2008-06-23 16:11:43 357,888 ----a-w C:\WINNT\system32\dxtmsft.dll
- 2006-03-04 03:58:44 205,312 ----a-w C:\WINNT\system32\dxtrans.dll
+ 2008-06-23 16:11:43 205,312 ----a-w C:\WINNT\system32\dxtrans.dll
- 2006-03-04 03:58:44 55,808 -c--a-w C:\WINNT\system32\extmgr.dll
+ 2008-06-23 16:11:43 55,808 ----a-w C:\WINNT\system32\extmgr.dll
- 2005-03-17 13:39:58 1,146,320 ----a-w C:\WINNT\system32\FM20.DLL
+ 2007-06-06 10:53:34 1,195,888 ----a-w C:\WINNT\system32\FM20.DLL
- 2003-07-14 21:57:04 32,584 ----a-w C:\WINNT\system32\FM20ENU.DLL
+ 2007-03-22 19:17:04 35,440 ----a-w C:\WINNT\system32\FM20ENU.DLL
- 2008-02-14 14:49:08 313,656 ----a-w C:\WINNT\system32\FNTCACHE.DAT
+ 2008-09-02 21:35:15 313,656 ----a-w C:\WINNT\system32\FNTCACHE.DAT
- 2006-03-04 03:58:44 251,904 ----a-w C:\WINNT\system32\iepeers.dll
+ 2008-06-23 16:11:52 251,904 ----a-w C:\WINNT\system32\iepeers.dll
- 2006-03-17 09:07:17 679,424 -c--a-w C:\WINNT\system32\inetcomm.dll
+ 2008-04-11 18:50:43 683,520 ----a-w C:\WINNT\system32\inetcomm.dll
- 2006-03-04 03:58:44 96,256 -c--a-w C:\WINNT\system32\inseng.dll
+ 2008-06-23 16:11:52 96,256 ----a-w C:\WINNT\system32\inseng.dll
- 2004-08-04 08:00:00 450,560 ----a-w C:\WINNT\system32\jscript.dll
+ 2007-12-18 14:40:58 450,560 ----a-w C:\WINNT\system32\jscript.dll
- 2004-08-04 08:00:00 15,872 -c--a-w C:\WINNT\system32\jsproxy.dll
+ 2008-06-23 16:11:52 16,384 ----a-w C:\WINNT\system32\jsproxy.dll
+ 2008-03-20 18:06:36 1,480,232 ------w C:\WINNT\system32\LegitCheckControl.dll
- 2004-03-22 14:17:06 24,816 ----a-w C:\WINNT\system32\mdimon.dll
+ 2007-04-09 13:23:54 28,040 ----a-w C:\WINNT\system32\mdimon.dll
- 2008-06-25 09:15:48 17,972,344 ----a-w C:\WINNT\system32\MRT.exe
+ 2008-08-05 18:11:01 15,888,504 ----a-w C:\WINNT\system32\MRT.exe
- 2005-09-23 06:28:52 270,848 ----a-w C:\WINNT\system32\mscoree.dll
+ 2006-12-22 12:28:14 271,360 ----a-w C:\WINNT\system32\mscoree.dll
- 2004-08-04 08:00:00 512,029 -c--a-w C:\WINNT\system32\msexch40.dll
+ 2008-03-25 04:50:28 518,944 ----a-w C:\WINNT\system32\msexch40.dll
- 2004-08-04 08:00:00 319,517 -c--a-w C:\WINNT\system32\msexcl40.dll
+ 2008-03-25 04:50:30 326,432 ----a-w C:\WINNT\system32\msexcl40.dll
- 2006-03-23 20:31:39 3,055,616 ----a-w C:\WINNT\system32\mshtml.dll
+ 2008-06-23 16:11:58 3,067,392 ----a-w C:\WINNT\system32\mshtml.dll
- 2006-03-04 03:58:48 448,512 ----a-w C:\WINNT\system32\mshtmled.dll
+ 2008-06-23 16:12:00 449,024 ----a-w C:\WINNT\system32\mshtmled.dll
- 2004-08-04 08:00:00 1,507,356 ----a-w C:\WINNT\system32\msjet40.dll
+ 2008-03-25 04:50:34 1,516,568 ----a-w C:\WINNT\system32\msjet40.dll
- 2004-08-04 08:00:00 358,976 ----a-w C:\WINNT\system32\msjetoledb40.dll
+ 2008-03-25 04:50:40 355,112 ----a-w C:\WINNT\system32\msjetoledb40.dll
- 2004-08-04 08:00:00 151,583 ----a-w C:\WINNT\system32\msjint40.dll
+ 2008-03-27 08:12:54 151,583 ----a-w C:\WINNT\system32\msjint40.dll
- 2004-08-04 08:00:00 53,279 ----a-w C:\WINNT\system32\msjter40.dll
+ 2008-03-25 04:50:42 60,192 ----a-w C:\WINNT\system32\msjter40.dll
- 2004-08-04 08:00:00 241,693 ----a-w C:\WINNT\system32\msjtes40.dll
+ 2008-03-25 04:50:42 248,608 ----a-w C:\WINNT\system32\msjtes40.dll
- 2004-08-04 08:00:00 213,023 -c--a-w C:\WINNT\system32\msltus40.dll
+ 2008-03-25 04:50:44 219,936 ----a-w C:\WINNT\system32\msltus40.dll
- 2004-08-04 08:00:00 348,189 -c--a-w C:\WINNT\system32\mspbde40.dll
+ 2008-03-25 04:50:45 355,104 ----a-w C:\WINNT\system32\mspbde40.dll
- 2006-03-04 03:58:48 146,432 ----a-w C:\WINNT\system32\msrating.dll
+ 2008-06-23 16:12:02 146,432 ----a-w C:\WINNT\system32\msrating.dll
- 2004-08-04 08:00:00 421,919 -c--a-w C:\WINNT\system32\msrd2x40.dll
+ 2008-03-25 04:50:47 432,928 ----a-w C:\WINNT\system32\msrd2x40.dll
- 2004-08-04 08:00:00 315,423 -c--a-w C:\WINNT\system32\msrd3x40.dll
+ 2008-03-25 04:50:49 322,336 ----a-w C:\WINNT\system32\msrd3x40.dll
- 2004-08-04 08:00:00 552,989 -c--a-w C:\WINNT\system32\msrepl40.dll
+ 2008-03-25 04:50:52 559,904 ----a-w C:\WINNT\system32\msrepl40.dll
- 2004-08-04 08:00:00 258,077 -c--a-w C:\WINNT\system32\mstext40.dll
+ 2008-03-25 04:50:55 264,992 ----a-w C:\WINNT\system32\mstext40.dll
- 2006-03-04 03:58:48 532,480 ----a-w C:\WINNT\system32\mstime.dll
+ 2008-06-23 16:12:02 532,480 ----a-w C:\WINNT\system32\mstime.dll
- 2004-08-04 08:00:00 831,519 ----a-w C:\WINNT\system32\mswdat10.dll
+ 2008-03-25 04:50:57 838,432 ----a-w C:\WINNT\system32\mswdat10.dll
- 2004-08-04 08:00:00 614,429 ----a-w C:\WINNT\system32\mswstr10.dll
+ 2008-03-25 04:50:58 621,344 ----a-w C:\WINNT\system32\mswstr10.dll
- 2004-08-04 08:00:00 348,189 -c--a-w C:\WINNT\system32\msxbde40.dll
+ 2008-03-25 04:50:58 355,104 ----a-w C:\WINNT\system32\msxbde40.dll
- 2003-04-18 16:46:22 1,233,920 ----a-w C:\WINNT\system32\msxml4.dll
+ 2007-05-08 15:03:04 1,275,392 ----a-w C:\WINNT\system32\msxml4.dll
- 2006-12-04 14:37:58 1,317,648 ----a-w C:\WINNT\system32\msxml6.dll
+ 2007-05-15 15:43:10 1,320,800 ----a-w C:\WINNT\system32\msxml6.dll
+ 2007-07-30 19:19:10 271,224 ----a-w C:\WINNT\system32\mucltui.dll
- 2005-09-23 06:29:00 6,144 -c--a-w C:\WINNT\system32\mui\0409\mscorees.dll
+ 2006-12-22 13:02:36 6,144 ----a-w C:\WINNT\system32\mui\0409\mscorees.dll
- 2006-03-04 03:58:48 39,424 ----a-w C:\WINNT\system32\pngfilt.dll
+ 2008-06-23 16:12:02 39,424 ----a-w C:\WINNT\system32\pngfilt.dll
- 2005-08-30 03:54:26 1,287,168 ----a-w C:\WINNT\system32\quartz.dll
+ 2008-05-07 05:18:48 1,287,680 ----a-w C:\WINNT\system32\quartz.dll
- 2006-03-30 09:27:01 1,495,040 ----a-w C:\WINNT\system32\shdocvw.dll
+ 2008-06-23 16:12:05 1,499,136 ----a-w C:\WINNT\system32\shdocvw.dll
- 2006-03-04 03:58:50 474,112 ----a-w C:\WINNT\system32\shlwapi.dll
+ 2008-06-23 16:12:05 474,112 ----a-w C:\WINNT\system32\shlwapi.dll
+ 2007-07-30 19:19:36 549,720 ----a-w C:\WINNT\system32\SoftwareDistribution\Setup\ServiceStartup\wuapi.dll\7.0.6000.381\wuapi.dll
+ 2007-07-30 19:18:40 33,624 ----a-w C:\WINNT\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.0.6000.381\wups.dll
- 2006-10-08 21:51:14 14,640 ----a-w C:\WINNT\system32\spmsg.dll
+ 2007-11-30 12:39:22 17,272 ------w C:\WINNT\system32\spmsg.dll
- 2004-03-22 14:17:04 765,680 ----a-w C:\WINNT\system32\spool\drivers\w32x86\3\mdigraph.dll
+ 2007-04-09 13:24:04 758,664 ----a-w C:\WINNT\system32\spool\drivers\w32x86\3\mdigraph.dll
- 2004-03-22 14:17:10 42,224 ----a-w C:\WINNT\system32\spool\drivers\w32x86\3\mdiui.dll
+ 2007-04-09 13:23:58 46,472 ----a-w C:\WINNT\system32\spool\drivers\w32x86\3\mdiui.dll
- 2004-03-22 14:17:04 765,680 -c--a-w C:\WINNT\system32\spool\drivers\w32x86\mdigraph.dll
+ 2007-04-09 13:24:04 758,664 ----a-w C:\WINNT\system32\spool\drivers\w32x86\mdigraph.dll
- 2004-03-22 14:17:10 42,224 -c--a-w C:\WINNT\system32\spool\drivers\w32x86\mdiui.dll
+ 2007-04-09 13:23:58 46,472 ----a-w C:\WINNT\system32\spool\drivers\w32x86\mdiui.dll
- 2004-03-22 14:17:08 25,840 ----a-w C:\WINNT\system32\spool\prtprocs\w32x86\mdippr.dll
+ 2007-04-09 13:23:54 28,552 ----a-w C:\WINNT\system32\spool\prtprocs\w32x86\mdippr.dll
+ 2008-07-14 11:09:18 62,976 ------w C:\WINNT\system32\tzchange.exe
- 2006-03-18 11:04:10 614,400 ----a-w C:\WINNT\system32\urlmon.dll
+ 2008-06-23 16:12:06 618,496 ----a-w C:\WINNT\system32\urlmon.dll
- 2004-08-04 08:00:00 417,792 ----a-w C:\WINNT\system32\vbscript.dll
+ 2007-12-18 14:40:58 417,792 ----a-w C:\WINNT\system32\vbscript.dll
- 2005-01-28 12:44:28 224,768 ----a-w C:\WINNT\system32\wmasf.dll
+ 2007-10-27 17:40:06 227,328 ----a-w C:\WINNT\system32\wmasf.dll
- 2006-03-10 05:09:14 5,533,696

Répondre à elg_49

les logs HiJackThis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:18:21, on 03/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\ibmpmsvc.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
c:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Network Associates\McAfee Desktop Firewall for Windows XP\FireSvc.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\mcshield.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\program files\lotus\notes\ntmulti.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\TPHDEXLG.EXE
C:\WINNT\system32\TpKmpSVC.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\system32\wscntfy.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\WINNT\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Babylon\Babylon-Pro\Babylon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\lotus\organize\easyclip.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINNT\explorer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINNT\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINNT\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Babylon Translator] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Lotus Organizer EasyClip.lnk = ?
O4 - Global Startup: Lotus QuickStart.lnk = ?
O4 - Global Startup: VPN Client.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - c:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O14 - IERESET.INF: START_PAGE_URL=http://inside.abb.com
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activ [...] stubie.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mi [...] 7006427421
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINNT\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: McAfee Desktop Firewall Service (FireSvc) - McAfee, Inc. - C:\Program Files\Network Associates\McAfee Desktop Firewall for Windows XP\FireSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINNT\system32\ibmpmsvc.exe
O23 - Service: Tivoli Endpoint (lcfd) - Unknown owner - C:\Tivoli\lcf\bin\w32-ix86\mrt\lcfd.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
O23 - Service: Multi-user Cleanup Service - IBM Corp - C:\program files\lotus\notes\ntmulti.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINNT\System32\TPHDEXLG.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINNT\system32\TpKmpSVC.exe

--
End of file - 10089 bytes

Répondre à elg_49

re
le rapport ComboFix n'est toujours pas complet.
mais au vu de ton rapport hijackthis, je ne préfère pas que tu repasses l'outil. (ça ne me semble pas nécessaire)

~Fais une analyse antivirus en ligne sur le site de Kaspersky
http://www.kaspersky.com/kos/eng/p [...] bscan.html

* Clique sur Accept
* Une barre jaune va te demander si tu acceptes d'installer le Kavwebscan_Unicode.cab, installe l'Active X.
* clique une nouvelle fois sur "Accept"
* Les bases de mises à jour vont s'installer, patiente un moment
* Clique sur Next.
* Clique sur My Computer, le scan se met en route; attends la fin du scan sans fermer la fenêtre sinon il s'arrêtera.
* Poste le rapport de scan.

------------------------------ Prévention et protection
/!\Marre de la pub: Firefox sécurisé/!\
Répondre à Sham_Rock

Friday, September 5, 2008
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Friday, September 05, 2008 17:23:56
Records in database: 1194745

Scan settings
Scan using the following database extended
Scan archives yes
Scan mail databases yes

Scan area My Computer
C:\
D:\
F:\

Scan statistics
Files scanned 94988
Threat name 9
Infected objects 10
Suspicious objects 0
Duration of the scan 02:24:12

File name Threat name Threats count
C:\Documents and Settings\Administrator\Desktop\antivirus foder\ASE_Setup_Free_fr.exe Infected: not-a-virus:FraudTool.Win32.AntiSpywareExpert.ab 1

C:\Documents and Settings\Administrator\Desktop\antivirus foder\install_4887_MHwyMHwxMDAwMDAwMDAwfHx8fHx8fHw_.exe Infected: not-a-virus:FraudTool.Win32.UltimateAntivirus.ap 1

C:\Documents and Settings\Administrator\Desktop\antivirus foder\install_4887_MHwyMHwxMDAwMDAwMDAwfHx8fHx8fHw_.exe Infected: not-a-virus:FraudTool.Win32.UltimateAntivirus.an 1

C:\Documents and Settings\Administrator\Desktop\forum\ZEBRESTORE\[4]-Submit_2008-07-31@13.11.zip Infected: Trojan.Win32.Monder.avp 1

C:\QooBox\Quarantine\C\temp\Av-test.txt.vir Infected: EICAR-Test-File 1

C:\QooBox\Quarantine\C\WINNT\system32\clbdll.dll.vir.vir Infected: Rootkit.Win32.Clbd.gq 1

C:\QooBox\Quarantine\C\WINNT\system32\drivers\Winxf75.sys.zip Infected: Trojan-Downloader.Win32.Mutant.aim 1

C:\QooBox\Quarantine\C\WINNT\system32\WinCtrl32.dll.vir Infected: Trojan-Downloader.Win32.Mutant.asj 1

C:\quarantine\clbdll.dll.Vir Infected: Rootkit.Win32.Clbd.gq 1

C:\WINNT\system32\poofmemr.dll Infected: Trojan.Win32.Monder.bhs 1

The selected area was scanned.

Répondre à elg_49

bonjour

supprime:
C:\QooBox
C:\quarantine
C:\WINNT\system32\poofmemr.dll
C:\Documents and Settings\Administrator\Desktop\antivirus foder

mets à jour Windows:
http://www.infos-du-net.com/forum/ [...] ordinateur

et reposte un log hijackthis stp

------------------------------ Prévention et protection
/!\Marre de la pub: Firefox sécurisé/!\
Répondre à Sham_Rock

Bonjour Sham_Rock,
Les suppressions ont été faites, les MAJ windows aussi. Ci-dessous les logs HiJackThis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:09:52, on 07/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\ibmpmsvc.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
c:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Network Associates\McAfee Desktop Firewall for Windows XP\FireSvc.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\mcshield.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\program files\lotus\notes\ntmulti.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\TPHDEXLG.EXE
C:\WINNT\system32\TpKmpSVC.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\WINNT\system32\wscntfy.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\Explorer.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\WINNT\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\lotus\organize\easyclip.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINNT\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINNT\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Lotus Organizer EasyClip.lnk = ?
O4 - Global Startup: Lotus QuickStart.lnk = ?
O4 - Global Startup: VPN Client.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - c:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINNT\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINNT\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://inside.abb.com
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mi [...] 7006427421
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINNT\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: McAfee Desktop Firewall Service (FireSvc) - McAfee, Inc. - C:\Program Files\Network Associates\McAfee Desktop Firewall for Windows XP\FireSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINNT\system32\ibmpmsvc.exe
O23 - Service: Tivoli Endpoint (lcfd) - Unknown owner - C:\Tivoli\lcf\bin\w32-ix86\mrt\lcfd.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
O23 - Service: Multi-user Cleanup Service - IBM Corp - C:\program files\lotus\notes\ntmulti.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINNT\System32\TPHDEXLG.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINNT\system32\TpKmpSVC.exe

--
End of file - 10503 bytes

Répondre à elg_49

bonsoir
Supprime tous les programmes installés pour la désinfection.

Merci de consulter ce dossier (en pdf) pour en connaître davantage sur les risques du Net.

Si tu trouves ce document intéressant, n'hésite pas à le transmettre à tes contacts.

Si tu en as assez d'être assailli de publicités durant ta navigation, installe Firefox sécurisé avec les extensions noscript et AdBlock Plus.

~Edite ton premier message (en cliquant sur la gomme) et marque [résolu] dans le titre.

:hello:

------------------------------ Prévention et protection
/!\Marre de la pub: Firefox sécurisé/!\
Répondre à Sham_Rock

Merci à tous pour votre aide précieuse

Répondre à elg_49

de rien
bon surf
:hello:

------------------------------ Prévention et protection
/!\Marre de la pub: Firefox sécurisé/!\
Répondre à Sham_Rock

Créer un nouveau sujet Répondre

Tom's Guide > Forum > Sécurité - Virus > verification apres probleme iexplorer.exe [résolu]

Aller à :

Aide |
Règles du forum

Il y a 1853 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.

Page générée en 0,535 secondes

Attention

Vous allez répondre sur un sujet resté inactif pendant plus de 6 mois.
Assurez-vous d'apporter des éléments nouveaux à la discussion avant de poursuivre.

Répondre Annuler

Liens

Donne ton avis en vidéo

Messages similaires

Les téléchargements

Ressources relatives

Les derniers dossiers

Test : Nokia N97, un vrai clavier, du Wi-Fi, un grand écran tactile...

Les bonnes raisons pour ne pas passer à l'iPhone 3G S

Faut-il craquer pour une TV à Led ?

Clés USB : capacité ou vitesse, le comparatif

Téléchargement

Liens commerciaux

Attention