Supprimer trojan Win32.Agent.xlm et CAB

anna777 · Septembre 21, 2008, 10:58

cricri

je finis donc les taches demandés comme vundofix et secunia (pour sécunia es-ce que je peux le faire en mode sans echec ? il bloque aussi)

et je fais le scan de bit defender comme sité en page 2

ça sera très long car le pc ram completement
Edité le 21/09/2008 à 23:00

guigui14100 · Septembre 22, 2008, 3:55

Désactive tes protection
Lance combofix, laisse e travailler et post le rapport

cricri58 · Septembre 22, 2008, 11:58

Fais ce que te dis guigui14100

  [quote=""]


                                         pour sécunia es-ce que je peux le faire en mode sans echec

[/quote]

C est un Utlitaire a installer comme tout autre en "mode Classique " il te dira les logiciels qui ne sont pas a jour et ou les mettre a jour

anna777 · Septembre 23, 2008, 1:22

je viens de lire les deux dernier messages, demain je scan avec combofix

j’ai laissée toute la journée de lundi le pc scanner avec dr web qui m’a detecté 8 infections dont celles du début de mon post, mais le pc s’est éteint avant la fin, j’ai relancé dr web et plus que 3 infections :

RegUBP2b-Compaq_Propriétaire.reg;C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Snapshots2;Trojan.StartPage.1505;Supprimé.;
!Apprendre l’astronomie avec Redshift - Montparnasse [ installer ];C:\Documents and Settings\Compaq_Propriétaire\Mes documents\Mes vidéos\VIDEOS, MUSIQUES…RECUS\Apprendre l’astronomie avec;Adware.Casino;Quarantaine.;
KillWind.exe;C:\hp\bin;Tool.ProcessKill;Quarantaine.;

j’ai cliqué sur quarantaine car je ne savais pas pour C:/hp si je devais supprimer

je scan avec combofix dès demain en rentrant du travail

excusez-moi de ne pas avoir lu plus tot vos derniers posts, c’est du temps perdu inutilement

anna777 · Septembre 23, 2008, 7:47

guigui

j’ai téléchar ger combofix un instant et le premier téléchagement ne fonctionnant pas très bien petit message avec ce mot ‘"corrompt’" et quelque chose d’écrit d’autre puis (logo combofix figé) impossible à ouvrir j’ai téléchargé une deuxième fois et voilà un fenetre qui s’ouvre

              "you cannot rename ComboFix (1) please use another name, preferbaly made up of alphanuméric charaters"

pour le premier chargement j’avais tout desactivé mes protections et pour le deuxième j’ai remis le pare feu par prudence,

je pense qu’il faut que je renomme combofix, mais comment

depuis l’autre jour bien souvent les logiciels de désinfection sont corrompu ça vient de quoi ?

merci à toi et excuse moi de ce contre temps

guigui14100 · Septembre 23, 2008, 7:58

Retelecharge le en faisant clique droit enregistrer sous sur le bureau

anna777 · Septembre 24, 2008, 12:25

sécunia enfin scanner jusqu’au bout, mise à jour effectuer par le biais de sécunia et sur le site windows uptate, bonne chose de faite

comboFix télécharger sur bureau, je le lance demain en fin d’après midi

es-ce que je peux supprimer manuellement les fichiers infectés à l’origine avant de lancer comboFix, je sais où ils sont, ils ne sont plus considés comme infectés par dr web, mais je n’en veut plus

merci pour ton aide

guigui14100 · Septembre 24, 2008, 9:04

Il ont été désinfecter je pense, si t’en veut plus tu peut lessupprimer :super:
Avant de lancer combofix pense a désactiver protection

anna777 · Septembre 24, 2008, 11:02

oui fichier de malheur supprimé, je m’en tiens à mes petits documentaires sur la nature dorénavent

voici le rapport de comboFix

ComboFix 08-09-24.01 - Compaq_Propri?taire 2008-09-24 22:35:17.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.169 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\Compaq_Propri?taire\Bureau\ComboFix.exe

Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\InternetSoftware\pcre3.dll
C:\Program Files\InternetSoftware\uninstall.exe
C:\WINDOWS\Downloaded Program Files\setup.inf
D:\Autorun.inf

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-08-24 au 2008-09-24 ))))))))))))))))))))))))))))))))))))
.

2008-09-24 11:08 . 2008-09-24 11:08 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-09-24 10:50 . 2008-07-18 22:07 270,880 --a------ C:\WINDOWS\system32\mucltui.dll
2008-09-24 10:50 . 2008-07-18 22:07 29,728 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-09-23 23:20 . C:\Documents and Settings\Compaq_Propriétaire\Application Data\vlc
2008-09-23 21:53 . 2008-09-23 21:53 d-------- C:\Program Files\filehippo.com
2008-09-23 20:04 . 2008-09-23 20:04 d-------- C:\Program Files\Secunia
2008-09-19 00:00 . 2008-09-19 00:00 d-------- C:\VundoFix Backups
2008-09-17 17:11 . 2008-09-20 19:12 d-------- C:\Program Files\a-squared Anti-Dialer
2008-09-17 13:49 . C:\Documents and Settings\Compaq_Propriétaire\DoctorWeb
2008-09-16 21:49 . 2008-09-16 21:48 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2008-09-15 20:37 . 2008-09-15 20:37 d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-09-13 14:51 . 2008-09-17 20:01 d-------- C:\Program Files\DivX
2008-09-07 23:52 . 2008-09-07 23:52 d-------- C:\WINDOWS\system32\hdined32.nls.{00021401-0000-0000-C000-000000000046}
2008-09-07 23:51 . 2008-09-08 00:10 d-------- C:\Program Files\burnatonce
2008-08-29 20:38 . 2008-09-05 22:15 d-------- C:\WINDOWS\system32\CatRoot_bak
2008-08-28 10:31 . 2008-08-28 10:31 13,580 --a------ C:\Documents and Settings@4ad749ef87874a367f01c31e87803d0a2d9c4c98
2008-08-27 19:01 . 2006-08-09 11:08 241,664 --a------ C:\WINDOWS\system32\SuDoku.ocx
2008-08-27 19:01 . 2004-03-09 00:00 212,240 --a------ C:\WINDOWS\system32\RICHTX32.OCX
2008-08-27 19:01 . 2006-08-09 10:54 86,016 --a------ C:\WINDOWS\system32\NumberSequence.ocx
2008-08-27 19:01 . 2006-08-08 17:36 61,440 --a------ C:\WINDOWS\system32\NumberCrunch.ocx
2008-08-27 19:01 . 2006-08-09 20:37 57,344 --a------ C:\WINDOWS\system32\WordSearch.ocx
2008-08-27 19:01 . 2006-08-16 11:32 49,152 --a------ C:\WINDOWS\system32\SpellingTest.ocx
2008-08-27 19:01 . 2006-08-20 15:00 49,152 --a------ C:\WINDOWS\system32\Reading.ocx
2008-08-25 18:38 . 2007-09-02 20:56 1,686,016 --a------ C:\WINDOWS\system32\clinetsuitex6.ocx
2008-08-25 18:38 . 2004-03-09 16:45 662,288 --a------ C:\WINDOWS\system32\MSCOMCT2.OCX
2008-08-25 18:38 . 2004-06-14 14:56 427,864 --a------ C:\WINDOWS\system32\XceedZip.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-24 20:35 --------- d-----w C:\Program Files\InternetSoftware
2008-09-24 20:34 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\OpenOffice.org2
2008-09-24 20:31 --------- d-----w C:\Program Files\Wanadoo
2008-09-23 11:40 --------- d-----w C:\Program Files\epson
2008-09-22 17:08 --------- d–h--w C:\Program Files\InstallShield Installation Information
2008-09-21 00:57 31,102 ----a-w C:\Documents and Settings\Compaq_Propriétaire\Application Data\wklnhst.dat
2008-09-17 22:30 --------- d-----w C:\Program Files\LimeWire
2008-09-16 21:38 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\LimeWire
2008-09-16 21:08 --------- d-----w C:\Program Files\eMule
2008-09-13 10:19 --------- d-----w C:\Program Files\Sport cérébral Brain challenge
2008-09-12 23:47 --------- d-----w C:\Program Files\CCleaner
2008-09-10 11:04 --------- d-----w C:\Program Files\Malwarebytes’ Anti-Malware
2008-09-09 22:04 38,528 ----a-w C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-09 22:03 17,200 ----a-w C:\WINDOWS\system32\drivers\mbam.sys
2008-09-07 20:25 --------- d-----w C:\Program Files\Wanadoo Messager
2008-08-31 22:24 --------- d-----w C:\Program Files\Java
2008-08-27 16:43 --------- d-----w C:\Program Files\Bible
2008-08-25 21:27 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-08-22 01:37 --------- d-----w C:\Program Files\PourCent
2008-08-22 01:14 --------- d-----w C:\Program Files\DVD Decrypter
2008-08-16 21:20 --------- d-----w C:\Program Files\Systeme
2008-08-16 21:19 --------- d-----w C:\Program Files\menumath
2008-08-14 23:58 73,728 ----a-w C:\WINDOWS\ALCFDRTM.EXE
2008-08-14 21:22 --------- d-----w C:\Documents and Settings\LocalService\Application Data\AdobeUM
2008-08-14 01:30 --------- d-----w C:\Program Files\scrabbleproB1.0.8
2008-08-13 02:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-08-12 17:22 --------- d-----w C:\Program Files\Micro Trivial Pursuit
2008-08-11 23:27 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-08-11 23:27 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\DAEMON Tools
2008-08-11 22:58 --------- d-----w C:\Program Files\MSN Messenger
2008-08-11 22:20 --------- d-----w C:\Documents and Settings\LocalService\Application Data\agi
2008-08-11 22:19 327,680 ----a-w C:\WINDOWS\system32\pythoncom25.dll
2008-08-11 22:19 2,113,536 ----a-w C:\WINDOWS\system32\python25.dll
2008-08-11 22:19 102,400 ----a-w C:\WINDOWS\system32\pywintypes25.dll
2008-08-11 22:19 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\agi
2008-07-28 15:53 110 ----a-w C:\ripp.bat
2008-07-28 14:34 --------- d-----w C:\Program Files\AviSynth 2.5
2008-07-26 11:22 --------- d—a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-07-25 08:36 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2008-07-24 20:53 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-07-23 16:50 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2008-07-23 16:48 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2008-07-23 16:48 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2008-07-23 16:46 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\dllcache\cdm.dll
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\dllcache\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\dllcache\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\dllcache\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\dllcache\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\dllcache\es.dll
2008-07-06 00:23 3,460 ----a-w C:\Program Files\SETUP.LST
2008-07-06 00:16 290,816 ------w C:\WINDOWS\Setup1.exe
2008-06-26 22:00 74,752 ------w C:\WINDOWS\ST6UNST.EXE
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\dllcache\mscms.dll
2008-06-24 16:12 295,936 ------w C:\WINDOWS\system32\wmpeffects.dll
2008-06-24 08:28 3,592,192 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-04-02 21:37 5,170,176 ----a-w C:\Program Files\WindowsDefender.msi
1998-07-12 22:00 21,504 ----a-w C:\Program Files\TABCTFR.DLL
2006-05-03 10:06 163,328 --sh–r C:\WINDOWS\system32\flvDX.dll
2007-02-21 11:47 31,232 --sh–r C:\WINDOWS\system32\msfDX.dll
2007-12-17 13:43 27,648 --sh–w C:\WINDOWS\system32\Smab0.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Note les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“WOOKIT”=“C:\PROGRA~1\Wanadoo\Shell.exe” [2004-08-23 122880]
“ctfmon.exe”=“C:\WINDOWS\system32\ctfmon.exe” [2004-08-06 15360]
“updateMgr”=“C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe” [2006-03-30 313472]
“Acme.PCHButton”=“C:\PROGRA~1\HELPAN~1\HPQ\XPXWWPP5\plugin\bin\PCHButton.exe” [2006-09-17 159744]
“MsnMsgr”=“C:\Program Files\MSN Messenger\MsnMsgr.Exe” [2007-01-19 5674352]
“SpybotSD TeaTimer”=“C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe” [2008-08-18 1832272]
“WMPNSCFG”=“C:\Program Files\Windows Media Player\WMPNSCFG.exe” [2006-11-03 204288]
“filehippo.com”=“C:\Program Files\filehippo.com\UpdateChecker.exe” [2008-07-03 137216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“hpsysdrv”=“c:\windows\system\hpsysdrv.exe” [1998-05-08 52736]
“KBD”=“C:\HP\KBD\KBD.EXE” [2003-02-12 61440]
“iTunesHelper”=“C:\Program Files\iTunes\iTunesHelper.exe” [2004-10-13 278528]
“Recguard”=“C:\WINDOWS\SMINST\RECGUARD.EXE” [2004-04-15 233472]
“ATIPTA”=“C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe” [2004-11-04 344064]
“PS2”=“C:\WINDOWS\system32\ps2.exe” [2003-09-13 98304]
“LSBWatcher”=“c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe” [2004-10-15 253952]
“Reminder”=“C:\Windows\Creator\Remind_XP.exe” [2004-12-14 663552]
“WOOWATCH”=“C:\PROGRA~1\Wanadoo\Watch.exe” [2004-08-23 20480]
“WOOTASKBARICON”=“C:\PROGRA~1\Wanadoo\GestMaj.exe” [2004-10-14 32768]
“avgnt”=“C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe” [2008-07-18 266497]
“TkBellExe”=“C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe” [2008-08-19 185896]
“BigDogPath”=“C:\WINDOWS\VM_STI.EXE” [2004-06-09 40960]
“ISUSPM Startup”=“C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe” [2004-04-17 196608]
“ISUSScheduler”=“C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe” [2004-06-16 81920]
“SunJavaUpdateSched”=“C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe” [2008-06-10 144784]
“a-squared”=“C:\Program Files\a-squared Anti-Dialer\a2adguard.exe” [2008-06-03 1497744]
“Raccourci vers la page des propriétés de High Definition Audio”=“HDAudPropShortcut.exe” [2004-03-17 C:\WINDOWS\system32\Hdaudpropshortcut.exe]
“AGRSMMSG”=“AGRSMMSG.exe” [2004-06-30 C:\WINDOWS\AGRSMMSG.exe]
“SoundMan”=“SOUNDMAN.EXE” [2005-02-22 C:\WINDOWS\SOUNDMAN.EXE]
“AlcWzrd”=“ALCWZRD.EXE” [2005-02-19 C:\WINDOWS\ALCWZRD.EXE]

C:\Documents and Settings\Yvan\Menu D?marrer\Programmes\D?marrage
M?mento.lnk - C:\QUICKENW\BILLMIND.EXE [2007-11-13 32768]

C:\Documents and Settings\Compaq_Propri?taire\Menu D?marrer\Programmes\D?marrage
M?mento.lnk - C:\QUICKENW\BILLMIND.EXE [2007-11-13 32768]
OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 393216]
Secunia PSI (RC3).lnk - C:\Program Files\Secunia\PSI (RC3)\psi.exe [2008-06-16 663552]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
“VIDC.I420”= i420vfw.dll
“vidc.yv12”= yv12vfw.dll

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
“EnableFirewall”= 0 (0x0)

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
“%windir%\system32\sessmgr.exe”=
“C:\Program Files\iTunes\iTunes.exe”=
“C:\Program Files\eMule\emule.exe”=
“C:\Program Files\Avira\AntiVir PersonalEdition Classic\avcenter.exe”=
“C:\WINDOWS\system32\fxsclnt.exe”=
“C:\Program Files\MSN Messenger\msnmsgr.exe”=
“C:\Program Files\MSN Messenger\livecall.exe”=

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
“17250:TCP”= 17250:TCP:emule
“53747:UDP”= 53747:UDP:emule
“6346:TCP”= 6346:TCP:Gnutella
“6346:UDP”= 6346:UDP:Gnutella

R2 a2AntiDialer;a-squared Anti-Dialer Service;C:\Program Files\a-squared Anti-Dialer\a2service.exe [2008-09-17 380536]
R3 PSI;PSI;C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2008-06-16 7808]
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{28a6a304-9541-11d9-b668-806d6172696f}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
.
Contenu du dossier ‘Tâches planifiées’
.

- - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-ares - C:\Program Files\Ares\Ares.exe
HKCU-Run-DAEMON Tools Lite - C:\Program Files\DAEMON Tools Lite\daemon.exe
HKLM-Run-EPSON Stylus DX3800 Series - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
HKLM-Run-DAEMON Tools - C:\Program Files\DAEMON Tools\daemon.exe

.
------- Examen supplémentaire -------
.
R0 -: HKCU-Main,Start Page = www.clubic.com…
R0 -: HKCU-Main,Default_Search_URL = ie.redirect.hp.com…
R0 -: HKLM-Main,Search Bar = ie.redirect.hp.com…

O16 -: CabBuilder - kiw.imgag.com…
C:\WINDOWS\Downloaded Program Files\OSDED4D.OSD
C:\WINDOWS\Downloaded Program Files\InstallerControl.dll

O16 -: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} - jeuxmultijoueurs.orange.fr…
C:\WINDOWS\Downloaded Program Files\OberonGameHost_dbg.inf
C:\WINDOWS\Downloaded Program Files\OberonGameHost.dll
.

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, www.gmer.net…
Rootkit scan 2008-09-24 22:38:52
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés …

Recherche d’éléments en démarrage automatique cachés …

Recherche de fichiers cachés …

Scan terminé avec succès
Fichiers cachés: 0

.
Heure de fin: 2008-09-24 22:40:25
ComboFix-quarantined-files.txt 2008-09-24 20:40:22

Avant-CF: 1ÿ634ÿ369ÿ536 octets libres
Après-CF: 2,267,590,656 octets libres

222 — E O F — 2008-09-24 09:09:04

combofix m’a supprimé des trucs, c’était encore des infections ?

j’aimerais savoir par contre, pourquoi lors d’infections comme celles-ci le pc est rapide les premieres minutes et ensuite il rame, pourquoi il rame pas dès l’ouverture ?

excuse pour toutes ces questions, mais à la maison je ne suis pas seule à me la poser

hormis bitedefender où je vais effectuer un scan en ligne es-ce que je peux encore faire autre chose pour etre sure que mon pc est sain

il rame très léger encore, mais possible qu’il faut encore que j’ouvre mon unité centrale et que dépoussière à l’interieur et surtout dans le ventilo, car il fait du bruit depuis quelques jours

vraiment merci pour ton aide et celle de tous,
Edité le 24/09/2008 à 23:10

guigui14100 · Septembre 24, 2008, 11:17

Oui.

Car les fichier infecter ne doivent pas ce charger dés le démarrage

Désactive tes proctections
Télécharge ce fichier puis fait le glisser sur combofix

Tu peut faire d’autre scan en ligne, il sont pour la plupart mis ici vers le milieux www.clubic.com…
Edité le 24/09/2008 à 23:18

anna777 · Septembre 25, 2008, 1:17

je désactive les protections:)

je télécharge l’antivirus NOD32 sur le bureau ?

et ensuite je fais un glisser poser sur le logo de combofix ?

je fais quoi ensuite avec l’anti virus qui est dans combofix

es-ce que je conserve mon anti virus actuelle?

anna777 · Septembre 25, 2008, 9:51

quand je vais dans le lien que tu m’as donné en premier, je vois télécharger antivirus …

j’ai cliqué aussi dans free téléchargé ce fichier et ça me conduit à une page blanche où c’est marqué :

File::
C:\WINDOWS\system32\Smab0.dll

Folder::
C:\Program Files\InternetSoftware

sinon avec le lien de clubic, j’ai reléchargé hijacthis et il a scanner completement

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:01:15, on 25/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\AGRSMMSG.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\VM_STI.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\MaxiMemo\MaxiMemo.exe
C:\Program Files\Secunia\PSI (RC3)\psi.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\FFC7W4EH\HiJackThis[1].exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Compaq_Propriétaire\Bureau\scan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = ie.redirect.hp.com…
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.clubic.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = ie.redirect.hp.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com…
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - (no file)
O3 - Toolbar: (no name) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - (no file)
O4 - HKLM…\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM…\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM…\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM…\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM…\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM…\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM…\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM…\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM…\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM…\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM…\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM…\Run: [Reminder] “C:\Windows\Creator\Remind_XP.exe”
O4 - HKLM…\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM…\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM…\Run: [avgnt] “C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe” /min
O4 - HKLM…\Run: [TkBellExe] “C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe” -osboot
O4 - HKLM…\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKLM…\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM…\Run: [ISUSScheduler] “C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe” -start
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe”
O4 - HKCU…\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU…\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - HKCU…\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\HPQ\XPXWWPP5\plugin\bin\PCHButton.exe
O4 - HKCU…\Run: [MsnMsgr] “C:\Program Files\MSN Messenger\MsnMsgr.Exe” /background
O4 - HKCU…\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU…\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVICE RÉSEAU’)
O4 - Startup: Mémento.lnk = C:\QUICKENW\BILLMIND.EXE
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Startup: Secunia PSI (RC3).lnk = C:\Program Files\Secunia\PSI (RC3)\psi.exe
O4 - Startup: SHARE.lnk = C:\Program Files\SHARE 1.0 EX2\Share.bat
O4 - Global Startup: Lancement rapide d’Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: MaxiMemo.lnk = C:\Program Files\MaxiMemo\MaxiMemo.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra ‘Tools’ menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra ‘Tools’ menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra ‘Tools’ menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra ‘Tools’ menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - www.wanadoo.fr… (file missing) (HKCU)
O15 - Trusted Zone: toolbar.imageshack.us…
O16 - DPF: CabBuilder - kiw.imgag.com…
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - webscanner.kaspersky.fr…
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - messenger.zone.msn.com…
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - messenger.zone.msn.com…
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - download.bitdefender.com…
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - cdn.scan.onecare.live.com…
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com…
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - espoirenjesus.spaces.live.com…
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - messenger.zone.msn.com…
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - jeuxmultijoueurs.orange.fr…
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com…
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

–
End of file - 10457 bytes

je fais un scan en ligne qui est sur clubic et je pense qu’après ça, se sera le dernier
Edité le 25/09/2008 à 22:10

guigui14100 · Septembre 25, 2008, 10:11

Fait clique droit enregistrer sous sur ce lien puis fait glisser le fichier sur comofix

anna777 · Septembre 26, 2008, 4:50

voici le log de combofix :

ComboFix 08-09-25.03 - Compaq_Propri?taire 2008-09-26 3:55:01.2 - NTFSx86
Lancé depuis: C:\Documents and Settings\Compaq_Propri?taire\Bureau\ComboFix.exe
Commutateurs utilisés :: C:\Documents and Settings\Compaq_Propri?taire\Bureau\CFScript.txt

FILE ::
C:\WINDOWS\system32\Smab0.dll
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\InternetSoftware
C:\WINDOWS\system32\Smab0.dll

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-08-26 au 2008-09-26 ))))))))))))))))))))))))))))))))))))
.

2008-09-26 01:39 . 2008-09-26 01:39 d-------- C:\WINDOWS\LastGood.Tmp
2008-09-26 00:54 . 2008-09-26 00:54 d-------- C:\WINDOWS\system32\fr
2008-09-26 00:54 . 2008-09-26 00:54 d-------- C:\WINDOWS\system32\bits
2008-09-26 00:54 . 2008-09-26 00:54 d-------- C:\WINDOWS\l2schemas
2008-09-26 00:35 . 2008-09-26 00:57 d-------- C:\WINDOWS\ServicePackFiles
2008-09-25 23:24 . 2008-09-25 23:25 d-------- C:\WINDOWS\EHome
2008-09-25 22:16 . 2008-09-25 22:34 d-------- C:\Program Files\EsetOnlineScanner
2008-09-24 11:08 . 2008-09-24 11:08 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-09-24 10:50 . 2008-07-18 22:07 270,880 --a------ C:\WINDOWS\system32\mucltui.dll
2008-09-24 10:50 . 2008-07-18 22:07 29,728 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-09-23 23:20 . C:\Documents and Settings\Compaq_Propriétaire\Application Data\vlc
2008-09-23 20:04 . 2008-09-23 20:04 d-------- C:\Program Files\Secunia
2008-09-17 17:11 . 2008-09-25 00:54 d-------- C:\Program Files\a-squared Anti-Dialer
2008-09-17 13:49 . C:\Documents and Settings\Compaq_Propriétaire\DoctorWeb
2008-09-16 21:49 . 2008-09-16 21:48 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2008-09-15 20:37 . 2008-09-15 20:37 d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-09-13 14:51 . 2008-09-17 20:01 d-------- C:\Program Files\DivX
2008-09-07 23:52 . 2008-09-07 23:52 d-------- C:\WINDOWS\system32\hdined32.nls.{00021401-0000-0000-C000-000000000046}
2008-09-07 23:51 . 2008-09-08 00:10 d-------- C:\Program Files\burnatonce
2008-08-29 20:52 . 2004-08-04 00:38 327,168 --------- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2008-08-28 10:31 . 2008-08-28 10:31 13,580 --a------ C:\Documents and Settings@4ad749ef87874a367f01c31e87803d0a2d9c4c98
2008-08-27 19:01 . 2006-08-09 11:08 241,664 --a------ C:\WINDOWS\system32\SuDoku.ocx
2008-08-27 19:01 . 2004-03-09 00:00 212,240 --a------ C:\WINDOWS\system32\RICHTX32.OCX
2008-08-27 19:01 . 2006-08-09 10:54 86,016 --a------ C:\WINDOWS\system32\NumberSequence.ocx
2008-08-27 19:01 . 2006-08-08 17:36 61,440 --a------ C:\WINDOWS\system32\NumberCrunch.ocx
2008-08-27 19:01 . 2006-08-09 20:37 57,344 --a------ C:\WINDOWS\system32\WordSearch.ocx
2008-08-27 19:01 . 2006-08-16 11:32 49,152 --a------ C:\WINDOWS\system32\SpellingTest.ocx
2008-08-27 19:01 . 2006-08-20 15:00 49,152 --a------ C:\WINDOWS\system32\Reading.ocx

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-26 01:31 --------- d-----w C:\Program Files\Wanadoo
2008-09-26 01:15 --------- d-----w C:\Program Files\MSN Messenger
2008-09-26 01:14 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\OpenOffice.org2
2008-09-25 20:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-09-24 22:31 --------- d-----w C:\Program Files\eMule
2008-09-23 11:40 --------- d-----w C:\Program Files\epson
2008-09-22 17:08 --------- d–h--w C:\Program Files\InstallShield Installation Information
2008-09-21 00:57 31,102 ----a-w C:\Documents and Settings\Compaq_Propriétaire\Application Data\wklnhst.dat
2008-09-17 22:30 --------- d-----w C:\Program Files\LimeWire
2008-09-16 21:38 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\LimeWire
2008-09-13 10:19 --------- d-----w C:\Program Files\Sport cérébral Brain challenge
2008-09-12 23:47 --------- d-----w C:\Program Files\CCleaner
2008-09-10 11:04 --------- d-----w C:\Program Files\Malwarebytes’ Anti-Malware
2008-09-09 22:04 38,528 ----a-w C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-09 22:03 17,200 ----a-w C:\WINDOWS\system32\drivers\mbam.sys
2008-09-07 20:25 --------- d-----w C:\Program Files\Wanadoo Messager
2008-08-31 22:24 --------- d-----w C:\Program Files\Java
2008-08-27 16:43 --------- d-----w C:\Program Files\Bible
2008-08-25 21:27 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-08-22 01:37 --------- d-----w C:\Program Files\PourCent
2008-08-22 01:14 --------- d-----w C:\Program Files\DVD Decrypter
2008-08-16 21:20 --------- d-----w C:\Program Files\Systeme
2008-08-16 21:19 --------- d-----w C:\Program Files\menumath
2008-08-14 23:58 73,728 ----a-w C:\WINDOWS\ALCFDRTM.EXE
2008-08-14 21:22 --------- d-----w C:\Documents and Settings\LocalService\Application Data\AdobeUM
2008-08-14 01:30 --------- d-----w C:\Program Files\scrabbleproB1.0.8
2008-08-12 17:22 --------- d-----w C:\Program Files\Micro Trivial Pursuit
2008-08-11 23:27 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-08-11 23:27 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\DAEMON Tools
2008-08-11 22:20 --------- d-----w C:\Documents and Settings\LocalService\Application Data\agi
2008-08-11 22:19 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\agi
2008-07-28 15:53 110 ----a-w C:\ripp.bat
2008-07-28 14:34 --------- d-----w C:\Program Files\AviSynth 2.5
2008-07-26 11:22 --------- d—a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-07-06 00:23 3,460 ----a-w C:\Program Files\SETUP.LST
2008-07-06 00:16 290,816 ------w C:\WINDOWS\Setup1.exe
2008-06-26 22:00 74,752 ------w C:\WINDOWS\ST6UNST.EXE
2007-04-02 21:37 5,170,176 ----a-w C:\Program Files\WindowsDefender.msi
1998-07-12 22:00 21,504 ----a-w C:\Program Files\TABCTFR.DLL
2006-05-03 10:06 163,328 --sh–r C:\WINDOWS\system32\flvDX.dll
2007-02-21 11:47 31,232 --sh–r C:\WINDOWS\system32\msfDX.dll
.

((((((((((((((((((((((((((((( snapshot@2008-09-24_22.40.00.81 )))))))))))))))))))))))))))))))))))))))))
.

2004-08-04 13:07:10 82,944 -c----w C:\WINDOWS$NtUninstallKB946648$\msgsc.dll

2004-08-04 13:07:10 82,944 -c----w C:\WINDOWS$NtUninstallKB946648_0$\msgsc.dll
2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS$NtUninstallKB946648_0$\spuninst\spuninst.exe
2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS$NtUninstallKB946648_0$\spuninst\updspapi.dll

2004-08-05 04:00:00 200,064 -c----w C:\WINDOWS$NtUninstallKB950762$\rmcast.sys

2004-08-05 04:00:00 200,064 -c----w C:\WINDOWS$NtUninstallKB950762_0$\rmcast.sys
2007-11-30 12:39:29 26,488 -c----w C:\WINDOWS$NtUninstallKB950762_0$\spcustom.dll
2007-11-30 12:39:29 18,296 -c----w C:\WINDOWS$NtUninstallKB950762_0$\spmsg.dll
2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS$NtUninstallKB950762_0$\spuninst.exe
2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS$NtUninstallKB950762_0$\spuninst\spuninst.exe
2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS$NtUninstallKB950762_0$\spuninst\updspapi.dll
2007-11-30 12:39:29 767,352 -c----w C:\WINDOWS$NtUninstallKB950762_0$\update.exe
2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS$NtUninstallKB950762_0$\updspapi.dll

2005-07-26 04:39:57 243,200 -c----w C:\WINDOWS$NtUninstallKB950974$\es.dll

2005-07-26 04:39:57 243,200 -c----w C:\WINDOWS$NtUninstallKB950974_0$\es.dll
2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS$NtUninstallKB950974_0$\spuninst\spuninst.exe
2007-11-30 12:39:29 406,392 -c----w C:\WINDOWS$NtUninstallKB950974_0$\spuninst\updspapi.dll

2007-08-21 06:17:23 683,520 -c----w C:\WINDOWS$NtUninstallKB951066$\inetcomm.dll

2007-08-21 06:17:23 683,520 -c----w C:\WINDOWS$NtUninstallKB951066_0$\inetcomm.dll
2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS$NtUninstallKB951066_0$\spuninst\spuninst.exe
2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS$NtUninstallKB951066_0$\spuninst\updspapi.dll

2008-04-14 15:52:45 272,768 -c----w C:\WINDOWS$NtUninstallKB951376-v2$\bthport.sys

2008-04-14 15:52:45 272,768 -c----w C:\WINDOWS$NtUninstallKB951376-v2_0$\bthport.sys
2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS$NtUninstallKB951376-v2_0$\spuninst\spuninst.exe
2007-11-30 11:19:10 406,392 -c----w C:\WINDOWS$NtUninstallKB951376-v2_0$\spuninst\updspapi.dll
2007-11-30 11:19:06 26,488 -c----w C:\WINDOWS$NtUninstallKB951376_0$\spcustom.dll
2007-11-30 11:19:06 18,296 -c----w C:\WINDOWS$NtUninstallKB951376_0$\spmsg.dll
2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS$NtUninstallKB951376_0$\spuninst.exe
2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS$NtUninstallKB951376_0$\spuninst\spuninst.exe
2007-11-30 11:19:10 406,392 -c----w C:\WINDOWS$NtUninstallKB951376_0$\spuninst\updspapi.dll
2007-11-30 11:19:06 767,352 -c----w C:\WINDOWS$NtUninstallKB951376_0$\update.exe
2007-11-30 11:19:10 406,392 -c----w C:\WINDOWS$NtUninstallKB951376_0$\updspapi.dll

2004-08-06 01:00:00 1,293,824 -c----w C:\WINDOWS$NtUninstallKB951698$\quartz.dll

2004-08-06 01:00:00 1,293,824 -c----w C:\WINDOWS$NtUninstallKB951698_0$\quartz.dll
2007-11-30 11:19:06 26,488 -c----w C:\WINDOWS$NtUninstallKB951698_0$\spcustom.dll
2007-11-30 11:19:06 18,296 -c----w C:\WINDOWS$NtUninstallKB951698_0$\spmsg.dll
2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS$NtUninstallKB951698_0$\spuninst.exe
2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS$NtUninstallKB951698_0$\spuninst\spuninst.exe
2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS$NtUninstallKB951698_0$\spuninst\updspapi.dll
2007-11-30 12:39:29 767,352 -c----w C:\WINDOWS$NtUninstallKB951698_0$\update.exe
2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS$NtUninstallKB951698_0$\updspapi.dll

2004-08-06 01:00:00 138,496 -c----w C:\WINDOWS$NtUninstallKB951748$\afd.sys
2008-02-20 05:35:05 148,992 -c----w C:\WINDOWS$NtUninstallKB951748$\dnsapi.dll
2004-08-06 01:00:00 247,808 -c----w C:\WINDOWS$NtUninstallKB951748$\mswsock.dll
2007-10-30 17:20:55 360,064 -c----w C:\WINDOWS$NtUninstallKB951748$\tcpip.sys
2006-08-16 09:37:30 225,664 -c----w C:\WINDOWS$NtUninstallKB951748$\tcpip6.sys

2004-08-06 01:00:00 138,496 -c----w C:\WINDOWS$NtUninstallKB951748_0$\afd.sys
2008-02-20 05:35:05 148,992 -c----w C:\WINDOWS$NtUninstallKB951748_0$\dnsapi.dll
2004-08-06 01:00:00 247,808 -c----w C:\WINDOWS$NtUninstallKB951748_0$\mswsock.dll
2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS$NtUninstallKB951748_0$\spuninst\spuninst.exe
2007-11-30 12:39:29 406,392 -c----w C:\WINDOWS$NtUninstallKB951748_0$\spuninst\updspapi.dll
2007-10-30 17:20:55 360,064 -c----w C:\WINDOWS$NtUninstallKB951748_0$\tcpip.sys
2006-08-16 09:37:30 225,664 -c----w C:\WINDOWS$NtUninstallKB951748_0$\tcpip6.sys

2004-08-06 01:00:00 331,776 -c----w C:\WINDOWS$NtUninstallKB952287$\msadce.dll

2004-08-06 01:00:00 331,776 -c----w C:\WINDOWS$NtUninstallKB952287_0$\msadce.dll
2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS$NtUninstallKB952287_0$\spuninst\spuninst.exe
2007-11-30 11:19:10 406,392 -c----w C:\WINDOWS$NtUninstallKB952287_0$\spuninst\updspapi.dll

2005-06-29 01:49:41 74,240 -c----w C:\WINDOWS$NtUninstallKB952954$\mscms.dll

2005-06-29 01:49:41 74,240 -c----w C:\WINDOWS$NtUninstallKB952954_0$\mscms.dll
2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS$NtUninstallKB952954_0$\spuninst\spuninst.exe
2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS$NtUninstallKB952954_0$\spuninst\updspapi.dll

2006-10-04 14:05:26 39,424 ------w C:\WINDOWS\AppPatch\acadproc.dll

2008-04-14 02:33:18 39,424 ----a-w C:\WINDOWS\AppPatch\acadproc.dll

2004-08-06 01:00:00 1,852,416 ----a-w C:\WINDOWS\AppPatch\AcGenral.dll

2008-04-14 02:33:18 1,852,928 ----a-w C:\WINDOWS\AppPatch\acgenral.dll

2004-08-06 01:00:00 450,048 ----a-w C:\WINDOWS\AppPatch\AcLayers.dll

2008-04-14 02:33:18 451,072 ----a-w C:\WINDOWS\AppPatch\aclayers.dll

2004-08-06 01:00:00 137,728 ----a-w C:\WINDOWS\AppPatch\AcLua.dll

2008-04-14 02:33:18 141,312 ----a-w C:\WINDOWS\AppPatch\aclua.dll

2004-08-06 01:00:00 244,736 ----a-w C:\WINDOWS\AppPatch\AcSpecfc.dll

2008-04-14 02:33:18 245,248 ----a-w C:\WINDOWS\AppPatch\acspecfc.dll

2004-08-06 01:00:00 116,224 ----a-w C:\WINDOWS\AppPatch\AcXtrnal.dll

2008-04-14 02:33:18 116,224 ----a-w C:\WINDOWS\AppPatch\acxtrnal.dll

2007-10-19 17:44:37 181,760 ----a-w C:\WINDOWS\BDOSCAN8\bdcore.dll

2008-09-25 08:51:41 102,400 ----a-w C:\WINDOWS\BDOSCAN8\bdcore.dll

2006-05-24 23:21:00 118,784 ----a-w C:\WINDOWS\BDOSCAN8\bdupd.dll

2008-01-09 13:01:48 118,784 ----a-w C:\WINDOWS\BDOSCAN8\bdupd.dll

2006-05-24 23:21:14 53,248 ----a-w C:\WINDOWS\BDOSCAN8\ipsupd.dll

2008-01-09 13:01:48 53,248 ----a-w C:\WINDOWS\BDOSCAN8\ipsupd.dll

2007-10-19 17:44:38 142,848 ----a-w C:\WINDOWS\BDOSCAN8\libfn.dll

2008-09-25 08:51:41 142,848 ----a-w C:\WINDOWS\BDOSCAN8\libfn.dll
2008-01-09 13:01:48 118,784 ----a-w C:\WINDOWS\Downloaded Program Files\CONFLICT.1\bdupd.dll
2008-01-09 13:01:48 53,248 ----a-w C:\WINDOWS\Downloaded Program Files\CONFLICT.1\ipsupd.dll

2008-06-14 17:59:52 272,768 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys

2008-06-14 17:33:37 272,768 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys

2007-06-13 13:22:28 1,037,312 ----a-w C:\WINDOWS\explorer.exe

2008-04-14 02:34:03 1,037,824 ----a-w C:\WINDOWS\explorer.exe

2004-08-06 01:00:00 34,816 ----a-w C:\WINDOWS\Help\sniffpol.dll

2008-04-14 02:33:41 34,816 ----a-w C:\WINDOWS\Help\sniffpol.dll

2004-08-06 01:00:00 33,280 ----a-w C:\WINDOWS\Help\sstub.dll

2008-04-14 02:33:46 33,280 ----a-w C:\WINDOWS\Help\sstub.dll

2004-08-06 01:00:00 279,040 ----a-w C:\WINDOWS\Help\tshoot.dll

2008-04-14 02:33:46 279,040 ----a-w C:\WINDOWS\Help\tshoot.dll

2005-05-26 23:22:01 10,752 ----a-w C:\WINDOWS\hh.exe

2008-04-14 02:34:06 10,752 ----a-w C:\WINDOWS\hh.exe

2004-08-05 04:00:00 175,104 ----a-w C:\WINDOWS\ime\chsime\applets\PINTLCSA.DLL

2008-04-14 02:32:16 175,104 ----a-w C:\WINDOWS\ime\chsime\applets\pintlcsa.dll

2004-08-05 04:00:00 53,760 ----a-w C:\WINDOWS\ime\chsime\applets\PINTLCSD.DLL

2008-04-14 02:32:16 53,760 ----a-w C:\WINDOWS\ime\chsime\applets\pintlcsd.dll

2004-08-05 04:00:00 97,792 ----a-w C:\WINDOWS\ime\CHTIME\Applets\CHTMBX.DLL

2008-04-14 02:31:03 97,792 ----a-w C:\WINDOWS\ime\CHTIME\Applets\chtmbx.dll

2004-08-05 04:00:00 56,320 ----a-w C:\WINDOWS\ime\CHTIME\Applets\CHTSKDIC.DLL

2008-04-14 02:31:03 56,320 ----a-w C:\WINDOWS\ime\CHTIME\Applets\chtskdic.dll

2004-08-05 04:00:00 173,568 ----a-w C:\WINDOWS\ime\CHTIME\Applets\CHTSKF.DLL

2008-04-14 02:31:03 173,568 ----a-w C:\WINDOWS\ime\CHTIME\Applets\chtskf.dll

2004-08-05 04:00:00 426,041 ----a-w C:\WINDOWS\ime\imjp8_1\applets\voicepad.dll

2008-04-14 02:32:46 426,041 ----a-w C:\WINDOWS\ime\imjp8_1\applets\voicepad.dll

2004-08-05 04:00:00 86,073 ----a-w C:\WINDOWS\ime\imjp8_1\applets\voicesub.dll

2008-04-14 02:32:46 86,073 ----a-w C:\WINDOWS\ime\imjp8_1\applets\voicesub.dll

2004-08-05 04:00:00 368,696 ----a-w C:\WINDOWS\ime\imjp8_1\imjpcic.dll

2008-04-14 02:31:33 368,696 ----a-w C:\WINDOWS\ime\imjp8_1\imjpcic.dll

2004-08-05 04:00:00 716,856 ----a-w C:\WINDOWS\ime\imjp8_1\imjpcus.dll

2008-04-14 02:31:33 716,856 ----a-w C:\WINDOWS\ime\imjp8_1\imjpcus.dll

2004-08-05 04:00:00 81,976 ----a-w C:\WINDOWS\ime\imjp8_1\imjpdct.dll

2008-04-14 02:31:33 81,976 ----a-w C:\WINDOWS\ime\imjp8_1\imjpdct.dll

2004-08-05 04:00:00 274,489 ----a-w C:\WINDOWS\ime\imjp8_1\imjputyc.dll

2008-04-14 02:31:34 274,489 ----a-w C:\WINDOWS\ime\imjp8_1\imjputyc.dll

2004-08-05 04:00:00 86,016 ----a-w C:\WINDOWS\ime\imkr6_1\applets\imekrmbx.dll

2008-04-14 02:31:33 86,016 ----a-w C:\WINDOWS\ime\imkr6_1\applets\imekrmbx.dll

2004-08-05 04:00:00 106,496 ----a-w C:\WINDOWS\ime\imkr6_1\imekrcic.dll

2008-04-14 02:31:33 106,496 ----a-w C:\WINDOWS\ime\imkr6_1\imekrcic.dll

2004-08-06 01:00:00 220,160 ----a-w C:\WINDOWS\ime\mscandui.dll

2008-04-14 02:33:30 220,160 ----a-w C:\WINDOWS\ime\mscandui.dll

2004-08-05 04:00:00 102,456 ----a-w C:\WINDOWS\ime\shared\imlang.dll

2008-04-14 02:31:34 102,456 ----a-w C:\WINDOWS\ime\shared\imlang.dll

2004-08-05 04:00:00 15,872 ----a-w C:\WINDOWS\ime\shared\res\PADRS404.DLL

2008-04-14 02:32:16 15,872 ----a-w C:\WINDOWS\ime\shared\res\padrs404.dll

2004-08-05 04:00:00 15,360 ----a-w C:\WINDOWS\ime\shared\res\padrs804.dll

2008-04-14 02:32:16 15,360 ----a-w C:\WINDOWS\ime\shared\res\padrs804.dll

2004-08-06 01:00:00 130,048 ----a-w C:\WINDOWS\ime\SOFTKBD.DLL

2008-04-14 02:33:41 130,048 ----a-w C:\WINDOWS\ime\softkbd.dll

2004-08-06 01:00:00 62,976 ----a-w C:\WINDOWS\ime\SPGRMR.dll

2008-04-13 16:43:18 62,976 ----a-w C:\WINDOWS\ime\spgrmr.dll

2004-08-06 01:00:00 272,384 ----a-w C:\WINDOWS\ime\SPTIP.dll

2008-04-14 02:33:46 272,384 ----a-w C:\WINDOWS\ime\sptip.dll

2008-07-24 19:56:28 29,926 ----a-r C:\WINDOWS\Installer{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}\MsblIco.Exe

2008-09-26 01:15:58 29,926 ----a-r C:\WINDOWS\Installer{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}\MsblIco.Exe
2008-01-18 15:13:09 2,247 ------w C:\WINDOWS\Installer\tsclientmsitrans\tscdsbl.bat
2007-12-12 10:33:51 18,917 ------w C:\WINDOWS\Installer\tsclientmsitrans\tscinst.vbs
2007-10-30 10:06:46 13,801 ------w C:\WINDOWS\Installer\tsclientmsitrans\tscuinst.vbs
2008-04-14 02:33:06 25,600 ------w C:\WINDOWS\Installer\tsclientmsitrans\tscupdc.dll

2004-08-06 01:00:00 24,064 ----a-w C:\WINDOWS\msagent\agentanm.dll

2008-04-14 02:33:18 24,064 ----a-w C:\WINDOWS\msagent\agentanm.dll

2004-08-06 01:00:00 214,016 ----a-w C:\WINDOWS\msagent\agentctl.dll

2008-04-14 02:33:18 214,016 ----a-w C:\WINDOWS\msagent\agentctl.dll

2006-10-12 14:04:13 42,496 ----a-w C:\WINDOWS\msagent\agentdp2.dll

2008-04-14 02:33:18 42,496 ----a-w C:\WINDOWS\msagent\agentdp2.dll

2007-03-09 13:48:06 57,344 ----a-w C:\WINDOWS\msagent\agentdpv.dll

2008-04-14 02:33:18 57,344 ----a-w C:\WINDOWS\msagent\agentdpv.dll

2004-08-06 01:00:00 49,152 ----a-w C:\WINDOWS\msagent\agentmpx.dll

2008-04-14 02:33:18 49,152 ----a-w C:\WINDOWS\msagent\agentmpx.dll

2004-08-06 01:00:00 24,064 ----a-w C:\WINDOWS\msagent\agentpsh.dll

2008-04-14 02:33:18 24,064 ----a-w C:\WINDOWS\msagent\agentpsh.dll

2004-08-06 01:00:00 44,032 ----a-w C:\WINDOWS\msagent\agentsr.dll

2008-04-14 02:33:18 44,032 ----a-w C:\WINDOWS\msagent\agentsr.dll

2006-10-12 11:09:53 256,512 ----a-w C:\WINDOWS\msagent\agentsvr.exe

2008-04-14 02:33:53 256,512 ----a-w C:\WINDOWS\msagent\agentsvr.exe

2004-08-06 01:00:00 24,064 ----a-w C:\WINDOWS\msagent\agtintl.dll

2008-04-14 02:33:19 24,064 ----a-w C:\WINDOWS\msagent\agtintl.dll

2004-08-05 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0405.dll

2007-04-02 18:25:59 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0405.dll

2004-08-05 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0406.dll

2007-04-02 18:25:59 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0406.dll

2004-08-05 04:00:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt0407.dll

2007-04-02 18:26:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt0407.dll

2004-08-05 04:00:00 22,016 ----a-w C:\WINDOWS\msagent\intl\agt0408.dll

2007-04-02 18:26:00 22,016 ----a-w C:\WINDOWS\msagent\intl\agt0408.dll

2004-08-05 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0409.dll

2008-04-13 17:32:28 19,968 ----a-w C:\WINDOWS\msagent\intl\agt0409.dll

2004-08-05 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt040b.dll

2007-04-02 18:26:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt040b.dll

2004-08-05 04:00:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt040c.dll

2007-04-02 18:26:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt040c.dll

2004-08-05 04:00:00 19,968 ----a-w C:\WINDOWS\msagent\intl\agt040e.dll

2007-04-02 18:26:00 19,968 ----a-w C:\WINDOWS\msagent\intl\agt040e.dll

2004-08-05 04:00:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0410.dll

2007-04-02 18:26:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0410.dll

2004-08-05 04:00:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0413.dll

2007-04-02 18:26:01 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0413.dll

2004-08-05 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0414.dll

2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0414.dll

2004-08-05 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0415.dll

2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0415.dll

2004-08-05 04:00:00 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0416.dll

2007-04-02 18:26:01 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0416.dll

2004-08-05 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0419.dll

2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0419.dll

2004-08-05 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041d.dll

2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041d.dll

2004-08-05 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041f.dll

2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041f.dll

2004-08-05 04:00:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0816.dll

2007-04-02 18:26:02 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0816.dll

2004-08-05 04:00:00 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0c0a.dll

2007-04-02 18:26:02 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0c0a.dll

2004-08-06 01:00:00 39,936 ----a-w C:\WINDOWS\msagent\mslwvtts.dll

2008-04-14 02:33:32 39,936 ----a-w C:\WINDOWS\msagent\mslwvtts.dll

2006-06-02 19:32:20 33,792 ------w C:\WINDOWS\network diagnostic\custsat.dll

2008-04-14 02:33:22 33,792 ------w C:\WINDOWS\network diagnostic\custsat.dll

2006-10-10 12:44:50 557,568 ------w C:\WINDOWS\network diagnostic\xpnetdiag.exe

2008-04-13 18:53:32 558,080 ------w C:\WINDOWS\network diagnostic\xpnetdiag.exe

2004-08-06 01:00:00 70,656 ----a-w C:\WINDOWS\NOTEPAD.EXE

2008-04-14 02:34:15 70,656 ----a-w C:\WINDOWS\notepad.exe

2004-08-06 01:00:00 768,512 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe

2008-04-14 02:34:06 769,024 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe

2004-08-06 01:00:00 743,936 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HelpSvc.exe

2008-04-14 02:34:06 744,448 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\helpsvc.exe

2004-08-06 01:00:00 18,944 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HscUpd.exe

2008-04-14 02:34:06 18,432 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\hscupd.exe

2004-08-06 01:00:00 160,768 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe

2008-04-14 02:34:12 172,544 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe

2004-08-06 01:00:00 381,952 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msinfo.dll

2008-04-14 02:33:32 382,464 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msinfo.dll

2004-08-06 01:00:00 102,400 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchshell.dll

2008-04-14 02:33:38 102,912 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchshell.dll

2004-08-06 01:00:00 38,912 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll

2008-04-14 02:33:38 38,400 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll

2006-09-17 02:12:40 82,203 ----a-w C:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat

2008-09-25 23:25:23 82,203 ----a-w C:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat

2006-09-17 02:12:40 3,744 ----a-w C:\WINDOWS\pchealth\helpctr\PackageStore\SkuStore.bin

2008-09-25 23:25:24 4,050 ----a-w C:\WINDOWS\pchealth\helpctr\PackageStore\SkuStore.bin

2004-08-06 01:00:00 151,040 ----a-w C:\WINDOWS\pchealth\UploadLB\Binaries\UploadM.exe

2008-04-14 02:34:26 151,040 ----a-w C:\WINDOWS\pchealth\UploadLB\Binaries\uploadm.exe

2004-08-06 01:00:00 151,552 ----a-w C:\WINDOWS\PeerNet\sqldb20.dll

2008-04-14 02:33:46 151,552 ----a-w C:\WINDOWS\PeerNet\sqldb20.dll

2004-08-06 01:00:00 462,848 ----a-w C:\WINDOWS\PeerNet\sqlqp20.dll

2008-04-14 02:33:46 462,848 ----a-w C:\WINDOWS\PeerNet\sqlqp20.dll

2004-08-06 01:00:00 110,592 ----a-w C:\WINDOWS\PeerNet\sqlse20.dll

2008-04-14 02:33:46 110,592 ----a-w C:\WINDOWS\PeerNet\sqlse20.dll

2004-08-06 01:00:00 153,088 ----a-w C:\WINDOWS\regedit.exe

2008-04-14 02:34:19 153,088 ----a-w C:\WINDOWS\regedit.exe
2008-04-13 18:46:18 53,376 ------w C:\WINDOWS\ServicePackFiles\i386\1394bus.sys
2008-04-13 18:40:50 12,288 ------w C:\WINDOWS\ServicePackFiles\i386\4mmdat.sys
2008-04-13 18:46:20 48,128 ------w C:\WINDOWS\ServicePackFiles\i386\61883.sys
2008-04-14 02:33:18 100,352 ------w C:\WINDOWS\ServicePackFiles\i386\6to4svc.dll
2008-04-14 02:33:18 136,192 ------w C:\WINDOWS\ServicePackFiles\i386\aaclient.dll
2004-08-03 20:32:22 231,552 ------w C:\WINDOWS\ServicePackFiles\i386\ac97ali.sys
2004-08-03 20:32:32 84,480 ------w C:\WINDOWS\ServicePackFiles\i386\ac97via.sys
2008-04-14 02:33:18 39,424 ------w C:\WINDOWS\ServicePackFiles\i386\acadproc.dll
2008-04-14 02:33:53 190,464 ------w C:\WINDOWS\ServicePackFiles\i386\accwiz.exe
2008-04-14 02:33:18 1,852,928 ------w C:\WINDOWS\ServicePackFiles\i386\acgenral.dll
2008-04-14 02:33:18 451,072 ------w C:\WINDOWS\ServicePackFiles\i386\aclayers.dll
2008-04-14 02:33:18 141,312 ------w C:\WINDOWS\ServicePackFiles\i386\aclua.dll
2008-04-14 02:33:18 120,320 ------w C:\WINDOWS\ServicePackFiles\i386\aclui.dll
2008-04-14 01:52:42 188,672 ------w C:\WINDOWS\ServicePackFiles\i386\acpi.sys
2008-04-14 02:33:18 245,248 ------w C:\WINDOWS\ServicePackFiles\i386\acspecfc.dll
2008-04-14 02:33:18 193,536 ------w C:\WINDOWS\ServicePackFiles\i386\activeds.dll
2008-04-14 02:33:53 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\actmovie.exe
2008-04-14 02:33:18 98,304 ------w C:\WINDOWS\ServicePackFiles\i386\actxprxy.dll
2008-04-14 02:33:18 116,224 ------w C:\WINDOWS\ServicePackFiles\i386\acxtrnal.dll
2008-04-14 02:33:18 20,540 ------w C:\WINDOWS\ServicePackFiles\i386\admin.dll
2008-04-14 02:33:53 16,439 ------w C:\WINDOWS\ServicePackFiles\i386\admin.exe
2004-08-03 20:32:24 10,880 ------w C:\WINDOWS\ServicePackFiles\i386\admjoy.sys
2008-04-14 02:33:18 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\admparse.dll
2008-04-14 02:33:18 175,616 ------w C:\WINDOWS\ServicePackFiles\i386\adsldp.dll
2008-04-14 02:33:18 143,360 ------w C:\WINDOWS\ServicePackFiles\i386\adsldpc.dll
2008-04-14 02:33:18 68,096 ------w C:\WINDOWS\ServicePackFiles\i386\adsmsext.dll
2008-04-14 02:33:18 263,680 ------w C:\WINDOWS\ServicePackFiles\i386\adsnt.dll
2008-04-14 02:33:18 4,255 ------w C:\WINDOWS\ServicePackFiles\i386\adv01nt5.dll
2008-04-14 02:33:18 3,967 ------w C:\WINDOWS\ServicePackFiles\i386\adv02nt5.dll
2008-04-14 02:33:18 3,615 ------w C:\WINDOWS\ServicePackFiles\i386\adv05nt5.dll
2008-04-14 02:33:18 3,647 ------w C:\WINDOWS\ServicePackFiles\i386\adv07nt5.dll
2008-04-14 02:33:18 3,135 ------w C:\WINDOWS\ServicePackFiles\i386\adv08nt5.dll
2008-04-14 02:33:18 3,711 ------w C:\WINDOWS\ServicePackFiles\i386\adv09nt5.dll
2008-04-14 02:33:18 3,775 ------w C:\WINDOWS\ServicePackFiles\i386\adv11nt5.dll
2008-04-14 02:33:18 685,568 ------w C:\WINDOWS\ServicePackFiles\i386\advapi32.dll
2008-04-14 02:33:18 101,888 ------w C:\WINDOWS\ServicePackFiles\i386\advpack.dll
2008-04-13 16:39:23 142,592 ------w C:\WINDOWS\ServicePackFiles\i386\aec.sys
2008-04-13 19:19:23 138,112 ------w C:\WINDOWS\ServicePackFiles\i386\afd.sys
2008-04-14 02:33:18 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\agentanm.dll
2008-04-14 02:33:18 214,016 ------w C:\WINDOWS\ServicePackFiles\i386\agentctl.dll
2008-04-14 02:33:18 42,496 ------w C:\WINDOWS\ServicePackFiles\i386\agentdp2.dll
2008-04-14 02:33:18 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\agentdpv.dll
2008-04-14 02:33:18 49,152 ------w C:\WINDOWS\ServicePackFiles\i386\agentmpx.dll
2008-04-14 02:33:18 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\agentpsh.dll
2008-04-14 02:33:18 44,032 ------w C:\WINDOWS\ServicePackFiles\i386\agentsr.dll
2008-04-14 02:33:53 256,512 ------w C:\WINDOWS\ServicePackFiles\i386\agentsvr.exe
2008-04-13 18:36:38 42,368 ------w C:\WINDOWS\ServicePackFiles\i386\agp440.sys
2008-04-13 18:36:39 44,928 ------w C:\WINDOWS\ServicePackFiles\i386\agpcpq.sys
2007-04-02 18:25:59 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0401.dll
2007-04-02 18:25:59 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0404.dll
2007-04-02 18:25:59 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0405.dll
2007-04-02 18:25:59 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0406.dll
2007-04-02 18:26:00 21,504 ------w C:\WINDOWS\ServicePackFiles\i386\agt0407.dll
2007-04-02 18:26:00 22,016 ------w C:\WINDOWS\ServicePackFiles\i386\agt0408.dll
2008-04-13 17:32:28 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\agt0409.dll
2007-04-02 18:26:00 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt040b.dll
2007-04-02 18:26:00 21,504 ------w C:\WINDOWS\ServicePackFiles\i386\agt040c.dll
2007-04-02 18:26:00 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt040d.dll
2007-04-02 18:26:00 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\agt040e.dll
2007-04-02 18:26:00 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\agt0410.dll
2007-04-02 18:26:00 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0411.dll
2007-04-02 18:26:00 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0412.dll
2007-04-02 18:26:01 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\agt0413.dll
2007-04-02 18:26:01 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0414.dll
2007-04-02 18:26:01 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0415.dll
2007-04-02 18:26:01 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\agt0416.dll
2007-04-02 18:26:01 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0419.dll
2007-04-02 18:26:01 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt041d.dll
2007-04-02 18:26:01 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt041f.dll
2007-04-02 18:26:02 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0804.dll
2007-04-02 18:26:02 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\agt0816.dll
2007-04-02 18:26:02 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\agt0c0a.dll
2008-04-14 02:33:19 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\agtintl.dll
2008-04-14 02:33:53 98,304 ------w C:\WINDOWS\ServicePackFiles\i386\ahui.exe
2008-04-14 02:33:53 44,544 ------w C:\WINDOWS\ServicePackFiles\i386\alg.exe
2008-04-13 18:36:38 42,752 ------w C:\WINDOWS\ServicePackFiles\i386\alim1541.sys
2008-04-14 02:33:19 17,408 ------w C:\WINDOWS\ServicePackFiles\i386\alrsvc.dll
2008-04-13 18:36:39 43,008 ------w C:\WINDOWS\ServicePackFiles\i386\amdagp.sys
2008-04-14 01:54:28 41,472 ------w C:\WINDOWS\ServicePackFiles\i386\amdk6.sys
2008-04-14 01:54:29 41,856 ------w C:\WINDOWS\ServicePackFiles\i386\amdk7.sys
2008-04-14 02:33:19 70,656 ------w C:\WINDOWS\ServicePackFiles\i386\amstream.dll
2004-08-03 20:31:20 36,224 ------w C:\WINDOWS\ServicePackFiles\i386\an983.sys
2008-04-14 02:33:19 125,952 ------w C:\WINDOWS\ServicePackFiles\i386\apphelp.dll
2008-04-14 02:33:19 334,336 ------w C:\WINDOWS\ServicePackFiles\i386\aqueue.dll
2008-04-13 18:51:25 60,800 ------w C:\WINDOWS\ServicePackFiles\i386\arp1394.sys
2008-04-14 02:33:19 65,024 ------w C:\WINDOWS\ServicePackFiles\i386\asycfilt.dll
2008-04-13 18:57:27 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\asyncmac.sys
2008-04-14 02:33:53 25,088 ------w C:\WINDOWS\ServicePackFiles\i386\at.exe
2008-04-13 18:40:30 96,512 ------w C:\WINDOWS\ServicePackFiles\i386\atapi.sys
2004-08-03 20:29:30 56,623 ------w C:\WINDOWS\ServicePackFiles\i386\ati1btxx.sys
2004-08-03 20:29:30 11,615 ------w C:\WINDOWS\ServicePackFiles\i386\ati1mdxx.sys
2004-08-03 20:29:30 12,047 ------w C:\WINDOWS\ServicePackFiles\i386\ati1pdxx.sys
2004-08-03 20:29:32 30,671 ------w C:\WINDOWS\ServicePackFiles\i386\ati1raxx.sys
2004-08-03 20:29:32 63,663 ------w C:\WINDOWS\ServicePackFiles\i386\ati1rvxx.sys
2004-08-03 20:29:32 26,367 ------w C:\WINDOWS\ServicePackFiles\i386\ati1snxx.sys
2004-08-03 20:29:32 21,343 ------w C:\WINDOWS\ServicePackFiles\i386\ati1ttxx.sys
2004-08-03 20:29:32 36,463 ------w C:\WINDOWS\ServicePackFiles\i386\ati1tuxx.sys
2004-08-03 20:29:32 29,455 ------w C:\WINDOWS\ServicePackFiles\i386\ati1xbxx.sys
2004-08-03 20:29:32 34,735 ------w C:\WINDOWS\ServicePackFiles\i386\ati1xsxx.sys
2008-04-14 02:33:19 229,376 ------w C:\WINDOWS\ServicePackFiles\i386\ati2cqag.dll
2008-04-14 02:33:19 377,984 ------w C:\WINDOWS\ServicePackFiles\i386\ati2dvaa.dll
2008-04-14 02:33:19 201,728 ------w C:\WINDOWS\ServicePackFiles\i386\ati2dvag.dll
2004-08-03 22:38:42 327,168 ------w C:\WINDOWS\ServicePackFiles\i386\ati2mtaa.sys
2004-08-03 22:38:44 701,440 ------w C:\WINDOWS\ServicePackFiles\i386\ati2mtag.sys
2008-04-14 02:33:19 870,784 ------w C:\WINDOWS\ServicePackFiles\i386\ati3d1ag.dll
2008-04-14 02:33:19 1,057,760 ------w C:\WINDOWS\ServicePackFiles\i386\ati3d2ag.dll
2008-04-14 02:33:19 1,888,992 ------w C:\WINDOWS\ServicePackFiles\i386\ati3duag.dll
2004-08-03 20:29:28 57,856 ------w C:\WINDOWS\ServicePackFiles\i386\atinbtxx.sys
2004-08-03 20:29:30 13,824 ------w C:\WINDOWS\ServicePackFiles\i386\atinmdxx.sys
2004-08-03 20:29:30 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\atinpdxx.sys
2004-08-03 20:29:30 52,224 ------w C:\WINDOWS\ServicePackFiles\i386\atinraxx.sys
2004-08-03 20:29:32 104,960 ------w C:\WINDOWS\ServicePackFiles\i386\atinrvxx.sys
2004-08-03 20:29:32 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\atinsnxx.sys
2004-08-03 20:29:32 13,824 ------w C:\WINDOWS\ServicePackFiles\i386\atinttxx.sys
2004-08-03 20:29:32 73,216 ------w C:\WINDOWS\ServicePackFiles\i386\atintuxx.sys
2004-08-03 20:29:32 31,744 ------w C:\WINDOWS\ServicePackFiles\i386\atinxbxx.sys
2004-08-03 20:29:32 63,488 ------w C:\WINDOWS\ServicePackFiles\i386\atinxsxx.sys
2008-04-14 02:33:19 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\ativtmxx.dll
2008-04-14 02:33:19 516,768 ------w C:\WINDOWS\ServicePackFiles\i386\ativvaxx.dll
2008-04-14 02:33:19 58,880 ------w C:\WINDOWS\ServicePackFiles\i386\atl.dll
2008-04-14 02:33:53 11,264 ------w C:\WINDOWS\ServicePackFiles\i386\atmadm.exe
2008-04-13 18:51:25 59,904 ------w C:\WINDOWS\ServicePackFiles\i386\atmarpc.sys
2008-04-14 02:31:00 285,696 ------w C:\WINDOWS\ServicePackFiles\i386\atmfd.dll
2008-04-13 18:51:30 55,808 ------w C:\WINDOWS\ServicePackFiles\i386\atmlane.sys
2008-04-14 02:33:19 30,208 ------w C:\WINDOWS\ServicePackFiles\i386\atmlib.dll
2008-04-14 02:33:53 12,288 ------w C:\WINDOWS\ServicePackFiles\i386\attrib.exe
2008-04-14 02:33:19 21,183 ------w C:\WINDOWS\ServicePackFiles\i386\atv01nt5.dll
2008-04-14 02:33:19 11,359 ------w C:\WINDOWS\ServicePackFiles\i386\atv02nt5.dll
2008-04-14 02:33:19 25,471 ------w C:\WINDOWS\ServicePackFiles\i386\atv04nt5.dll
2008-04-14 02:33:19 14,143 ------w C:\WINDOWS\ServicePackFiles\i386\atv06nt5.dll
2008-04-14 02:33:19 17,279 ------w C:\WINDOWS\ServicePackFiles\i386\atv10nt5.dll
2008-04-14 02:33:19 42,496 ------w C:\WINDOWS\ServicePackFiles\i386\audiosrv.dll
2008-04-14 02:33:53 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\auditusr.exe
2008-04-14 02:33:19 20,540 ------w C:\WINDOWS\ServicePackFiles\i386\author.dll
2008-04-14 02:33:53 16,439 ------w C:\WINDOWS\ServicePackFiles\i386\author.exe
2008-04-14 02:33:19 62,464 ------w C:\WINDOWS\ServicePackFiles\i386\authz.dll
2008-04-14 02:33:53 625,152 ------w C:\WINDOWS\ServicePackFiles\i386\autochk.exe
2008-04-14 02:33:53 638,976 ------w C:\WINDOWS\ServicePackFiles\i386\autoconv.exe
2008-04-14 02:33:54 616,960 ------w C:\WINDOWS\ServicePackFiles\i386\autofmt.exe
2008-04-14 02:33:54 11,264 ------w C:\WINDOWS\ServicePackFiles\i386\autolfn.exe
2008-04-13 18:46:20 38,912 ------w C:\WINDOWS\ServicePackFiles\i386\avc.sys
2008-04-13 18:46:07 13,696 ------w C:\WINDOWS\ServicePackFiles\i386\avcstrm.sys
2008-04-14 02:33:19 85,504 ------w C:\WINDOWS\ServicePackFiles\i386\avifil32.dll
2008-04-14 02:33:19 233,472 ------w C:\WINDOWS\ServicePackFiles\i386\azroles.dll
2008-04-14 02:33:19 52,736 ------w C:\WINDOWS\ServicePackFiles\i386\basesrv.dll
2008-04-14 02:33:19 29,184 ------w C:\WINDOWS\ServicePackFiles\i386\batmeter.dll
2008-04-14 02:33:19 8,704 ------w C:\WINDOWS\ServicePackFiles\i386\batt.dll
2008-04-13 18:36:32 14,208 ------w C:\WINDOWS\ServicePackFiles\i386\battc.sys
2008-04-13 18:46:21 11,776 ------w C:\WINDOWS\ServicePackFiles\i386\bdasup.sys
2008-04-14 02:33:19 17,408 ------w C:\WINDOWS\ServicePackFiles\i386\bidispl.dll
2008-04-14 02:33:19 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\bitsprx2.dll
2008-04-14 02:33:19 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\bitsprx3.dll
2008-04-14 02:33:19 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\bitsprx4.dll
2008-04-14 02:33:55 71,680 ------w C:\WINDOWS\ServicePackFiles\i386\blastcln.exe
2008-04-13 18:53:23 71,552 ------w C:\WINDOWS\ServicePackFiles\i386\bridge.sys
2008-04-14 01:57:48 70,144 ------w C:\WINDOWS\ServicePackFiles\i386\browselc.dll
2008-04-14 02:33:20 77,824 ------w C:\WINDOWS\ServicePackFiles\i386\browser.dll
2008-04-14 02:33:20 1,025,024 ------w C:\WINDOWS\ServicePackFiles\i386\browseui.dll
2008-04-14 02:33:20 78,336 ------w C:\WINDOWS\ServicePackFiles\i386\browsewm.dll
2008-04-14 02:33:20 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\bthci.dll
2008-04-13 18:46:33 17,024 ------w C:\WINDOWS\ServicePackFiles\i386\bthenum.sys
2008-04-13 18:46:33 37,888 ------w C:\WINDOWS\ServicePackFiles\i386\bthmodem.sys
2008-04-13 18:51:34 101,120 ------w C:\WINDOWS\ServicePackFiles\i386\bthpan.sys
2008-04-14 01:58:00 273,664 ------w C:\WINDOWS\ServicePackFiles\i386\bthport.sys
2008-04-13 18:46:31 36,480 ------w C:\WINDOWS\ServicePackFiles\i386\bthprint.sys
2008-04-14 02:33:20 30,208 ------w C:\WINDOWS\ServicePackFiles\i386\bthserv.dll
2008-04-13 18:46:29 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\bthusb.sys
2008-04-14 02:33:20 50,688 ------w C:\WINDOWS\ServicePackFiles\i386\btpanui.dll
2008-04-14 02:33:20 218,112 ------w C:\WINDOWS\ServicePackFiles\i386\c_g18030.dll
2008-04-14 02:33:20 60,416 ------w C:\WINDOWS\ServicePackFiles\i386\cabinet.dll
2008-04-14 02:33:20 85,504 ------w C:\WINDOWS\ServicePackFiles\i386\cabview.dll
2008-04-14 02:33:55 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\cacls.exe
2008-04-14 02:33:20 385,024 ------w C:\WINDOWS\ServicePackFiles\i386\callcont.dll
2008-04-14 02:33:20 121,856 ------w C:\WINDOWS\ServicePackFiles\i386\camext30.dll
2008-04-14 02:33:20 50,688 ------w C:\WINDOWS\ServicePackFiles\i386\camocx.dll
2008-04-14 02:33:20 153,600 ------w C:\WINDOWS\ServicePackFiles\i386\capesnpn.dll
2008-04-14 02:33:20 226,304 ------w C:\WINDOWS\ServicePackFiles\i386\catsrv.dll
2008-04-14 02:33:20 85,504 ------w C:\WINDOWS\ServicePackFiles\i386\catsrvps.dll
2008-04-14 02:33:20 625,664 ------w C:\WINDOWS\ServicePackFiles\i386\catsrvut.dll
2008-04-13 18:46:23 17,024 ------w C:\WINDOWS\ServicePackFiles\i386\ccdecode.sys
2008-04-13 19:14:21 63,744 ------w C:\WINDOWS\ServicePackFiles\i386\cdfs.sys
2008-04-14 02:33:20 152,064 ------w C:\WINDOWS\ServicePackFiles\i386\cdfview.dll
2008-04-14 02:33:20 66,560 ------w C:\WINDOWS\ServicePackFiles\i386\cdm.dll
2008-04-14 02:33:20 2,091,520 ------w C:\WINDOWS\ServicePackFiles\i386\cdosys.dll
2008-04-13 18:40:46 62,976 ------w C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
2008-04-14 02:33:20 200,192 ------w C:\WINDOWS\ServicePackFiles\i386\certcli.dll
2008-04-14 02:33:20 467,968 ------w C:\WINDOWS\ServicePackFiles\i386\certmgr.dll
2008-04-14 02:33:20 39,424 ------w C:\WINDOWS\ServicePackFiles\i386\cfgbkend.dll
2008-04-14 02:31:03 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\cfgmgr32.dll
2008-04-14 02:33:56 188,480 ------w C:\WINDOWS\ServicePackFiles\i386\cfgwiz.exe
2008-04-14 02:33:20 15,423 ------w C:\WINDOWS\ServicePackFiles\i386\ch7xxnt5.dll
2008-04-13 18:40:58 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\changer.sys
2008-04-14 02:33:20 148,480 ------w C:\WINDOWS\ServicePackFiles\i386\cic.dll
2008-04-14 02:33:20 1,359,360 ------w C:\WINDOWS\ServicePackFiles\i386\cimwin32.dll
2008-04-14 02:33:20 69,120 ------w C:\WINDOWS\ServicePackFiles\i386\ciodm.dll
2008-04-14 02:33:57 5,632 ------w C:\WINDOWS\ServicePackFiles\i386\cisvc.exe
2008-04-13 19:16:22 49,536 ------w C:\WINDOWS\ServicePackFiles\i386\classpnp.sys
2008-04-14 02:33:21 110,592 ------w C:\WINDOWS\ServicePackFiles\i386\clbcatex.dll
2008-04-14 02:33:21 498,688 ------w C:\WINDOWS\ServicePackFiles\i386\clbcatq.dll
2008-04-14 02:33:57 65,536 ------w C:\WINDOWS\ServicePackFiles\i386\cleanmgr.exe
2008-04-14 02:33:21 77,824 ------w C:\WINDOWS\ServicePackFiles\i386\cliconfg.dll
2008-04-14 02:33:57 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\cliconfg.exe
2008-04-14 02:33:57 104,448 ------w C:\WINDOWS\ServicePackFiles\i386\clipbrd.exe
2008-04-14 02:33:57 33,280 ------w C:\WINDOWS\ServicePackFiles\i386\clipsrv.exe
2008-04-14 02:33:21 58,368 ------w C:\WINDOWS\ServicePackFiles\i386\clusapi.dll
2008-04-13 18:36:37 13,952 ------w C:\WINDOWS\ServicePackFiles\i386\cmbatt.sys
2008-04-14 02:33:21 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\cmcfg32.dll
2008-04-14 02:33:57 401,408 ------w C:\WINDOWS\ServicePackFiles\i386\cmd.exe
2008-04-14 02:33:21 353,280 ------w C:\WINDOWS\ServicePackFiles\i386\cmdial32.dll
2008-04-14 02:33:57 25,600 ------w C:\WINDOWS\ServicePackFiles\i386\cmdl32.exe
2008-04-14 02:33:57 39,936 ------w C:\WINDOWS\ServicePackFiles\i386\cmmon32.exe
2008-04-14 02:33:21 191,488 ------w C:\WINDOWS\ServicePackFiles\i386\cmprops.dll
2008-04-14 02:33:21 13,312 ------w C:\WINDOWS\ServicePackFiles\i386\cmsetacl.dll
2008-04-14 02:33:57 65,536 ------w C:\WINDOWS\ServicePackFiles\i386\cmstp.exe
2008-04-14 02:33:21 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\cmutil.dll
2008-04-14 02:33:21 50,688 ------w C:\WINDOWS\ServicePackFiles\i386\cnbjmon.dll
2008-04-14 02:33:21 83,968 ------w C:\WINDOWS\ServicePackFiles\i386\cnbjmon2.dll
2008-04-13 16:44:16 17,920 ------w C:\WINDOWS\ServicePackFiles\i386\cobramsg.dll
2008-04-14 02:33:21 60,416 ------w C:\WINDOWS\ServicePackFiles\i386\colbact.dll
2008-04-14 02:33:21 28,160 ------w C:\WINDOWS\ServicePackFiles\i386\comaddin.dll
2008-04-14 02:33:21 195,072 ------w C:\WINDOWS\ServicePackFiles\i386\comadmin.dll
2008-04-14 02:33:21 617,472 ------w C:\WINDOWS\ServicePackFiles\i386\comctl32.dll
2008-04-14 02:33:21 281,600 ------w C:\WINDOWS\ServicePackFiles\i386\comdlg32.dll
2008-04-14 02:33:21 253,440 ------w C:\WINDOWS\ServicePackFiles\i386\compatui.dll
2008-04-13 18:36:37 10,240 ------w C:\WINDOWS\ServicePackFiles\i386\compbatt.sys
2008-04-14 02:33:21 230,912 ------w C:\WINDOWS\ServicePackFiles\i386\compstui.dll
2008-04-14 02:33:21 97,792 ------w C:\WINDOWS\ServicePackFiles\i386\comrepl.dll
2008-04-14 02:33:57 9,728 ------w C:\WINDOWS\ServicePackFiles\i386\comrepl.exe
2008-04-14 02:33:57 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\comrereg.exe
2008-04-14 02:33:21 851,968 ------w C:\WINDOWS\ServicePackFiles\i386\comres.dll
2008-04-14 02:33:21 274,944 ------w C:\WINDOWS\ServicePackFiles\i386\comsetup.dll
2008-04-14 02:33:21 167,424 ------w C:\WINDOWS\ServicePackFiles\i386\comsnap.dll
2008-04-14 02:33:21 1,267,200 ------w C:\WINDOWS\ServicePackFiles\i386\comsvcs.dll
2008-04-14 02:33:21 539,648 ------w C:\WINDOWS\ServicePackFiles\i386\comuid.dll
2008-04-14 02:33:58 1,044,480 ------w C:\WINDOWS\ServicePackFiles\i386\conf.exe
2008-04-14 02:33:21 45,056 ------w C:\WINDOWS\ServicePackFiles\i386\confmrsl.dll
2008-04-14 02:33:21 358,400 ------w C:\WINDOWS\ServicePackFiles\i386\confmsp.dll
2008-04-14 02:33:59 27,648 ------w C:\WINDOWS\ServicePackFiles\i386\conime.exe
2008-04-14 02:33:21 35,328 ------w C:\WINDOWS\ServicePackFiles\i386\corpol.dll
2008-04-14 02:33:21 12,800 ------w C:\WINDOWS\ServicePackFiles\i386\credssp.dll
2008-04-14 02:33:21 165,888 ------w C:\WINDOWS\ServicePackFiles\i386\credui.dll
2008-04-14 02:02:47 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\crusoe.sys
2008-04-14 02:33:21 606,208 ------w C:\WINDOWS\ServicePackFiles\i386\crypt32.dll
2008-04-14 02:33:21 75,776 ------w C:\WINDOWS\ServicePackFiles\i386\cryptdlg.dll
2008-04-14 02:33:21 33,280 ------w C:\WINDOWS\ServicePackFiles\i386\cryptdll.dll
2008-04-14 02:33:21 54,784 ------w C:\WINDOWS\ServicePackFiles\i386\cryptext.dll
2008-04-14 02:33:21 64,512 ------w C:\WINDOWS\ServicePackFiles\i386\cryptnet.dll
2008-04-14 02:33:21 62,464 ------w C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
2008-04-14 02:33:21 530,432 ------w C:\WINDOWS\ServicePackFiles\i386\cryptui.dll
2008-04-14 02:33:21 102,912 ------w C:\WINDOWS\ServicePackFiles\i386\cscdll.dll
2008-04-14 02:33:59 139,264 ------w C:\WINDOWS\ServicePackFiles\i386\cscript.exe
2008-04-14 02:33:21 337,920 ------w C:\WINDOWS\ServicePackFiles\i386\cscui.dll
2008-04-14 02:33:22 32,256 ------w C:\WINDOWS\ServicePackFiles\i386\csrsrv.dll
2008-04-14 02:33:59 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\csrss.exe
2008-04-14 02:33:59 15,360 ------w C:\WINDOWS\ServicePackFiles\i386\ctfmon.exe
2008-04-14 02:33:22 252,416 ------w C:\WINDOWS\ServicePackFiles\i386\ctmasetp.dll
2008-04-14 02:33:22 33,792 ------w C:\WINDOWS\ServicePackFiles\i386\custsat.dll
2004-08-03 20:32:26 48,640 ------w C:\WINDOWS\ServicePackFiles\i386\cwrwdm.sys
2008-04-14 02:33:22 1,179,648 ------w C:\WINDOWS\ServicePackFiles\i386\d3d8.dll
2008-04-14 02:33:22 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\d3d8thk.dll
2008-04-14 02:33:22 1,689,088 ------w C:\WINDOWS\ServicePackFiles\i386\d3d9.dll
2008-04-14 02:33:22 824,320 ------w C:\WINDOWS\ServicePackFiles\i386\d3dim700.dll
2008-04-14 02:33:22 1,056,768 ------w C:\WINDOWS\ServicePackFiles\i386\danim.dll
2008-03-25 04:50:25 554,008 ------w C:\WINDOWS\ServicePackFiles\i386\dao360.dll
2008-04-14 02:33:22 55,296 ------w C:\WINDOWS\ServicePackFiles\i386\dataclen.dll
2008-04-14 02:33:22 165,376 ------w C:\WINDOWS\ServicePackFiles\i386\datime.dll
2008-04-14 02:33:22 25,600 ------w C:\WINDOWS\ServicePackFiles\i386\davclnt.dll
2008-04-14 02:33:22 640,000 ------w C:\WINDOWS\ServicePackFiles\i386\dbghelp.dll
2008-04-14 02:33:22 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\dbmsrpcn.dll
2008-04-14 02:33:22 110,592 ------w C:\WINDOWS\ServicePackFiles\i386\dbnetlib.dll
2008-04-14 02:33:22 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\dbnmpntw.dll
2008-04-14 02:50:20 1,804 ------w C:\WINDOWS\ServicePackFiles\i386\dcache.bin
2008-04-14 02:33:22 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\dcap32.dll
2008-04-14 02:33:22 8,704 ------w C:\WINDOWS\ServicePackFiles\i386\dciman32.dll
2008-04-14 02:33:59 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\dcomcnfg.exe
2008-04-14 02:33:59 31,744 ------w C:\WINDOWS\ServicePackFiles\i386\ddeshare.exe
2008-04-14 02:33:22 279,552 ------w C:\WINDOWS\ServicePackFiles\i386\ddraw.dll
2008-04-14 02:33:22 27,136 ------w C:\WINDOWS\ServicePackFiles\i386\ddrawex.dll
2008-04-14 02:33:59 25,088 ------w C:\WINDOWS\ServicePackFiles\i386\defrag.exe
2008-04-14 02:33:22 59,904 ------w C:\WINDOWS\ServicePackFiles\i386\devenum.dll
2008-04-14 02:33:22 290,816 ------w C:\WINDOWS\ServicePackFiles\i386\devmgr.dll
2008-04-14 02:33:59 82,944 ------w C:\WINDOWS\ServicePackFiles\i386\dfrgfat.exe
2008-04-14 02:33:59 105,472 ------w C:\WINDOWS\ServicePackFiles\i386\dfrgntfs.exe
2008-04-14 02:33:22 39,936 ------w C:\WINDOWS\ServicePackFiles\i386\dfrgsnap.dll
2008-04-14 02:33:22 124,416 ------w C:\WINDOWS\ServicePackFiles\i386\dfrgui.dll
2008-04-14 02:33:22 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\dfsshlex.dll
2008-04-14 02:33:22 115,200 ------w C:\WINDOWS\ServicePackFiles\i386\dgnet.dll
2008-04-14 02:33:22 127,488 ------w C:\WINDOWS\ServicePackFiles\i386\dhcpcsvc.dll
2008-04-14 02:33:22 411,136 ------w C:\WINDOWS\ServicePackFiles\i386\dhcpmon.dll
2008-04-14 02:33:22 49,152 ------w C:\WINDOWS\ServicePackFiles\i386\dhcpqec.dll
2008-04-14 02:33:59 548,352 ------w C:\WINDOWS\ServicePackFiles\i386\dialer.exe
2008-04-14 02:34:00 87,040 ------w C:\WINDOWS\ServicePackFiles\i386\diantz.exe
2004-08-06 01:00:00 887,784 ------w C:\WINDOWS\ServicePackFiles\i386\digcore.exe
2008-04-14 02:33:22 68,608 ------w C:\WINDOWS\ServicePackFiles\i386\digest.dll
2008-04-14 02:33:22 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\dimsntfy.dll
2008-04-14 02:33:22 39,936 ------w C:\WINDOWS\ServicePackFiles\i386\dimsroam.dll
2008-04-14 02:33:22 165,376 ------w C:\WINDOWS\ServicePackFiles\i386\dinput.dll
2008-04-14 02:33:22 187,904 ------w C:\WINDOWS\ServicePackFiles\i386\dinput8.dll
2008-04-14 02:33:22 86,528 ------w C:\WINDOWS\ServicePackFiles\i386\directdb.dll
2008-04-13 18:40:47 36,352 ------w C:\WINDOWS\ServicePackFiles\i386\disk.sys
2008-04-14 02:33:22 1,504,768 ------w C:\WINDOWS\ServicePackFiles\i386\diskcopy.dll
2008-04-13 18:40:44 14,208 ------w C:\WINDOWS\ServicePackFiles\i386\diskdump.sys
2008-04-14 02:34:00 167,936 ------w C:\WINDOWS\ServicePackFiles\i386\diskpart.exe
2008-04-14 02:33:22 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\dispex.dll
2008-04-14 02:34:00 5,120 ------w C:\WINDOWS\ServicePackFiles\i386\dllhost.exe
2008-04-13 18:40:51 8,320 ------w C:\WINDOWS\ServicePackFiles\i386\dlttape.sys
2008-04-14 02:34:00 225,280 ------w C:\WINDOWS\ServicePackFiles\i386\dmadmin.exe
2008-04-14 02:33:22 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\dmband.dll
2008-04-14 02:05:07 800,256 ------w C:\WINDOWS\ServicePackFiles\i386\dmboot.sys
2008-04-14 02:33:22 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\dmcompos.dll
2008-04-14 02:33:22 285,184 ------w C:\WINDOWS\ServicePackFiles\i386\dmdlgs.dll
2008-04-14 02:33:22 200,704 ------w C:\WINDOWS\ServicePackFiles\i386\dmdskmgr.dll
2008-04-14 02:33:22 181,248 ------w C:\WINDOWS\ServicePackFiles\i386\dmime.dll
2008-04-14 02:05:12 154,496 ------w C:\WINDOWS\ServicePackFiles\i386\dmio.sys
2008-04-14 02:33:22 35,840 ------w C:\WINDOWS\ServicePackFiles\i386\dmloader.dll
2008-04-14 02:34:00 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\dmremote.exe
2008-04-14 02:33:22 82,432 ------w C:\WINDOWS\ServicePackFiles\i386\dmscript.dll
2008-04-14 02:33:22 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\dmserver.dll
2008-04-14 02:33:22 105,984 ------w C:\WINDOWS\ServicePackFiles\i386\dmstyle.dll
2008-04-14 02:33:22 103,424 ------w C:\WINDOWS\ServicePackFiles\i386\dmsynth.dll
2008-04-14 02:33:22 104,448 ------w C:\WINDOWS\ServicePackFiles\i386\dmusic.dll
2008-04-13 18:45:01 52,864 ------w C:\WINDOWS\ServicePackFiles\i386\dmusic.sys
2008-04-14 02:33:22 58,880 ------w C:\WINDOWS\ServicePackFiles\i386\dmutil.dll
2008-04-14 02:33:22 147,968 ------w C:\WINDOWS\ServicePackFiles\i386\dnsapi.dll
2008-04-14 02:33:22 45,568 ------w C:\WINDOWS\ServicePackFiles\i386\dnsrslvr.dll
2008-04-14 02:33:22 48,640 ------w C:\WINDOWS\ServicePackFiles\i386\docprop2.dll
2004-08-06 01:00:00 54,080 ------w C:\WINDOWS\ServicePackFiles\i386\dosx.exe
2008-04-14 02:33:22 26,112 ------w C:\WINDOWS\ServicePackFiles\i386\dot3api.dll
2008-04-14 02:33:22 60,928 ------w C:\WINDOWS\ServicePackFiles\i386\dot3cfg.dll
2008-04-14 02:33:22 39,936 ------w C:\WINDOWS\ServicePackFiles\i386\dot3clnt.dll
2008-04-14 02:33:22 9,216 ------w C:\WINDOWS\ServicePackFiles\i386\dot3dlg.dll
2008-04-14 02:33:22 56,832 ------w C:\WINDOWS\ServicePackFiles\i386\dot3msm.dll
2008-04-14 02:33:22 133,120 ------w C:\WINDOWS\ServicePackFiles\i386\dot3svc.dll
2008-04-14 02:33:22 651,264 ------w C:\WINDOWS\ServicePackFiles\i386\dot3ui.dll
2008-04-13 18:39:46 206,976 ------w C:\WINDOWS\ServicePackFiles\i386\dot4.sys
2008-04-14 01:54:17 103,936 ------w C:\WINDOWS\ServicePackFiles\i386\dpcdll.dll
2008-04-14 02:34:01 29,696 ------w C:\WINDOWS\ServicePackFiles\i386\dplaysvr.exe
2008-04-14 02:33:22 229,888 ------w C:\WINDOWS\ServicePackFiles\i386\dplayx.dll
2008-04-14 02:33:23 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\dpmodemx.dll
2008-04-14 02:31:14 3,072 ------w C:\WINDOWS\ServicePackFiles\i386\dpnaddr.dll
2008-04-14 02:33:23 375,296 ------w C:\WINDOWS\ServicePackFiles\i386\dpnet.dll
2008-04-14 02:33:23 35,328 ------w C:\WINDOWS\ServicePackFiles\i386\dpnhpast.dll
2008-04-14 02:33:23 60,928 ------w C:\WINDOWS\ServicePackFiles\i386\dpnhupnp.dll
2008-04-14 02:31:14 3,072 ------w C:\WINDOWS\ServicePackFiles\i386\dpnlobby.dll
2008-04-14 02:34:01 18,432 ------w C:\WINDOWS\ServicePackFiles\i386\dpnsvr.exe
2008-04-14 02:33:23 21,504 ------w C:\WINDOWS\ServicePackFiles\i386\dpvacm.dll
2008-04-14 02:33:23 213,504 ------w C:\WINDOWS\ServicePackFiles\i386\dpvoice.dll
2008-04-14 02:34:01 83,456 ------w C:\WINDOWS\ServicePackFiles\i386\dpvsetup.exe
2008-04-14 02:33:23 116,736 ------w C:\WINDOWS\ServicePackFiles\i386\dpvvox.dll
2008-04-14 02:33:23 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\dpwsockx.dll
2008-04-13 18:45:14 60,160 ------w C:\WINDOWS\ServicePackFiles\i386\drmk.sys
2008-04-13 18:45:13 2,944 ------w C:\WINDOWS\ServicePackFiles\i386\drmkaud.sys
2008-04-14 02:33:23 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\drprov.dll
2004-08-05 04:00:00 4,656 ------w C:\WINDOWS\ServicePackFiles\i386\ds16gt.dll
2008-04-14 02:33:23 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\ds32gt.dll
2008-04-14 02:33:23 181,248 ------w C:\WINDOWS\ServicePackFiles\i386\dsdmo.dll
2008-04-14 02:33:23 72,192 ------w C:\WINDOWS\ServicePackFiles\i386\dsdmoprp.dll
2008-04-14 02:33:23 93,696 ------w C:\WINDOWS\ServicePackFiles\i386\dskquota.dll
2008-04-14 02:33:23 161,280 ------w C:\WINDOWS\ServicePackFiles\i386\dskquoui.dll
2008-04-14 02:33:23 367,616 ------w C:\WINDOWS\ServicePackFiles\i386\dsound.dll
2008-04-14 02:33:23 1,293,824 ------w C:\WINDOWS\ServicePackFiles\i386\dsound3d.dll
2008-04-14 02:33:23 145,920 ------w C:\WINDOWS\ServicePackFiles\i386\dsprop.dll
2008-04-14 02:06:29 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\dsprpres.dll
2008-04-14 02:33:23 240,640 ------w C:\WINDOWS\ServicePackFiles\i386\dsquery.dll
2008-04-14 02:33:23 52,736 ------w C:\WINDOWS\ServicePackFiles\i386\dssec.dll
2008-04-13 17:37:57 138,752 ------w C:\WINDOWS\ServicePackFiles\i386\dssenh.dll
2008-04-14 02:33:23 113,664 ------w C:\WINDOWS\ServicePackFiles\i386\dsuiext.dll
2008-04-14 02:33:23 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\dswave.dll
2008-04-14 02:34:01 10,752 ------w C:\WINDOWS\ServicePackFiles\i386\dumprep.exe
2008-04-14 02:33:23 304,128 ------w C:\WINDOWS\ServicePackFiles\i386\duser.dll
2008-04-14 02:34:01 17,920 ------w C:\WINDOWS\ServicePackFiles\i386\dvdupgrd.exe
2008-04-14 02:34:01 180,224 ------w C:\WINDOWS\ServicePackFiles\i386\dwwin.exe
2008-04-14 02:33:23 619,008 ------w C:\WINDOWS\ServicePackFiles\i386\dx7vb.dll
2008-04-14 02:33:23 1,227,264 ------w C:\WINDOWS\ServicePackFiles\i386\dx8vb.dll
2008-04-14 02:34:01 1,298,432 ------w C:\WINDOWS\ServicePackFiles\i386\dxdiag.exe
2008-04-14 02:33:23 2,113,536 ------w C:\WINDOWS\ServicePackFiles\i386\dxdiagn.dll
2008-04-13 18:38:29 71,168 ------w C:\WINDOWS\ServicePackFiles\i386\dxg.sys
2008-04-14 02:33:23 357,888 ------w C:\WINDOWS\ServicePackFiles\i386\dxtmsft.dll
2008-04-14 02:33:23 205,312 ------w C:\WINDOWS\ServicePackFiles\i386\dxtrans.dll
2008-04-14 02:33:23 30,720 ------w C:\WINDOWS\ServicePackFiles\i386\eapolqec.dll
2008-04-14 02:33:23 184,832 ------w C:\WINDOWS\ServicePackFiles\i386\eapp3hst.dll
2008-04-14 02:33:23 126,976 ------w C:\WINDOWS\ServicePackFiles\i386\eappcfg.dll
2008-04-14 02:33:23 94,720 ------w C:\WINDOWS\ServicePackFiles\i386\eappgnui.dll
2008-04-14 02:33:23 180,736 ------w C:\WINDOWS\ServicePackFiles\i386\eapphost.dll
2008-04-14 02:33:23 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\eappprxy.dll
2008-04-14 02:33:23 59,392 ------w C:\WINDOWS\ServicePackFiles\i386\eapqec.dll
2008-04-14 02:33:23 33,792 ------w C:\WINDOWS\ServicePackFiles\i386\eapsvc.dll
2008-04-14 02:33:23 175,616 ------w C:\WINDOWS\ServicePackFiles\i386\ediskeer.dll
2008-04-14 02:33:23 187,392 ------w C:\WINDOWS\ServicePackFiles\i386\els.dll
2008-04-14 02:33:23 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\encapi.dll
2008-04-14 02:33:23 186,880 ------w C:\WINDOWS\ServicePackFiles\i386\encdec.dll
2008-04-14 01:56:19 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\ep9res.dll
2004-08-03 22:37:52 121,344 ------w C:\WINDOWS\ServicePackFiles\i386\epcl5res.dll
2008-04-14 02:33:24 23,040 ------w C:\WINDOWS\ServicePackFiles\i386\ersvc.dll
2008-04-14 02:33:24 246,272 ------w C:\WINDOWS\ServicePackFiles\i386\es.dll
2008-04-14 02:33:24 1,097,728 ------w C:\WINDOWS\ServicePackFiles\i386\esent.dll
2008-04-14 02:33:24 247,808 ------w C:\WINDOWS\ServicePackFiles\i386\esscli.dll
2004-08-03 20:32:28 137,088 ------w C:\WINDOWS\ServicePackFiles\i386\essm2e.sys
2008-04-14 02:34:01 195,072 ------w C:\WINDOWS\ServicePackFiles\i386\eudcedit.exe
2008-04-14 02:33:24 56,320 ------w C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
2008-04-14 02:33:24 109,568 ------w C:\WINDOWS\ServicePackFiles\i386\evntagnt.dll
2008-04-14 02:34:01 26,112 ------w C:\WINDOWS\ServicePackFiles\i386\evntcmd.exe
2008-04-14 02:33:24 21,504 ------w C:\WINDOWS\ServicePackFiles\i386\evntrprv.dll
2008-04-14 02:34:02 94,720 ------w C:\WINDOWS\ServicePackFiles\i386\evntwin.exe
2008-04-14 02:34:03 1,037,824 ------w C:\WINDOWS\ServicePackFiles\i386\explorer.exe
2008-04-14 02:33:24 380,445 ------w C:\WINDOWS\ServicePackFiles\i386\expsrv.dll
2008-04-14 02:33:24 55,808 ------w C:\WINDOWS\ServicePackFiles\i386\extmgr.dll
2008-04-14 02:34:04 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\extrac32.exe
2008-04-14 02:33:24 125,952 ------w C:\WINDOWS\ServicePackFiles\i386\exts.dll
2008-04-14 02:31:21 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\f3ahvoas.dll
2008-04-13 19:14:29 143,744 ------w C:\WINDOWS\ServicePackFiles\i386\fastfat.sys
2008-04-14 02:33:24 472,064 ------w C:\WINDOWS\ServicePackFiles\i386\fastprox.dll
2008-04-14 02:33:24 80,896 ------w C:\WINDOWS\ServicePackFiles\i386\faultrep.dll
2008-04-14 02:34:04 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\faxpatch.exe
2008-04-13 18:40:25 27,392 ------w C:\WINDOWS\ServicePackFiles\i386\fdc.sys
2008-04-14 02:33:24 21,504 ------w C:\WINDOWS\ServicePackFiles\i386\feclient.dll
2008-04-14 02:33:24 348,160 ------w C:\WINDOWS\ServicePackFiles\i386\filemgmt.dll
2008-04-14 02:34:04 29,184 ------w C:\WINDOWS\ServicePackFiles\i386\findstr.exe
2008-04-14 01:57:38 44,672 ------w C:\WINDOWS\ServicePackFiles\i386\fips.sys
2008-04-14 02:33:24 88,064 ------w C:\WINDOWS\ServicePackFiles\i386\fldrclnr.dll
2008-04-13 18:40:25 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\flpydisk.sys
2008-04-14 02:33:24 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\fltlib.dll
2008-04-14 02:34:04 23,040 ------w C:\WINDOWS\ServicePackFiles\i386\fltmc.exe
2008-04-13 18:32:59 129,792 ------w C:\WINDOWS\ServicePackFiles\i386\fltmgr.sys
2008-04-14 02:33:24 386,560 ------w C:\WINDOWS\ServicePackFiles\i386\fontext.dll
2008-04-14 02:33:24 80,896 ------w C:\WINDOWS\ServicePackFiles\i386\fontsub.dll
2008-04-14 02:34:04 21,504 ------w C:\WINDOWS\ServicePackFiles\i386\fontview.exe
2008-04-14 02:34:04 7,680 ------w C:\WINDOWS\ServicePackFiles\i386\forcedos.exe
2004-08-03 20:31:24 34,173 ------w C:\WINDOWS\ServicePackFiles\i386\forehe.sys
2008-04-14 02:34:31 29,696 ------w C:\WINDOWS\ServicePackFiles\i386\format.com
2008-04-14 02:33:24 32,828 ------w C:\WINDOWS\ServicePackFiles\i386\fp40ext.dll
2008-04-14 02:33:24 184,435 ------w C:\WINDOWS\ServicePackFiles\i386\fp4amsft.dll
2008-04-14 02:33:24 82,035 ------w C:\WINDOWS\ServicePackFiles\i386\fp4anscp.dll
2008-04-14 02:33:24 147,513 ------w C:\WINDOWS\ServicePackFiles\i386\fp4apws.dll
2008-04-14 02:33:24 49,210 ------w C:\WINDOWS\ServicePackFiles\i386\fp4areg.dll
2008-04-14 02:33:24 102,509 ------w C:\WINDOWS\ServicePackFiles\i386\fp4atxt.dll
2008-04-14 02:33:24 618,605 ------w C:\WINDOWS\ServicePackFiles\i386\fp4autl.dll
2008-04-14 02:33:24 41,020 ------w C:\WINDOWS\ServicePackFiles\i386\fp4avnb.dll
2008-04-14 02:33:24 32,826 ------w C:\WINDOWS\ServicePackFiles\i386\fp4avss.dll
2008-04-14 02:33:24 49,212 ------w C:\WINDOWS\ServicePackFiles\i386\fp4awebs.dll
2008-04-14 02:33:24 876,653 ------w C:\WINDOWS\ServicePackFiles\i386\fp4awel.dll
2008-04-14 02:34:04 15,120 ------w C:\WINDOWS\ServicePackFiles\i386\fp98sadm.exe
2008-04-14 02:34:04 109,840 ------w C:\WINDOWS\ServicePackFiles\i386\fp98swin.exe
2008-04-14 02:34:04 24,632 ------w C:\WINDOWS\ServicePackFiles\i386\fpadmcgi.exe
2008-04-14 02:33:24 20,541 ------w C:\WINDOWS\ServicePackFiles\i386\fpadmdll.dll
2008-04-14 02:34:04 188,494 ------w C:\WINDOWS\ServicePackFiles\i386\fpcount.exe
2008-04-14 02:33:24 94,208 ------w C:\WINDOWS\ServicePackFiles\i386\fpencode.dll
2008-04-14 02:33:25 20,541 ------w C:\WINDOWS\ServicePackFiles\i386\fpexedll.dll
2008-04-14 02:33:25 598,071 ------w C:\WINDOWS\ServicePackFiles\i386\fpmmc.dll
2003-04-15 08:29:34 217,088 ------w C:\WINDOWS\ServicePackFiles\i386\fpmmcsat.dll
2008-04-14 02:34:04 20,538 ------w C:\WINDOWS\ServicePackFiles\i386\fpremadm.exe
2008-04-14 02:34:04 28,728 ------w C:\WINDOWS\ServicePackFiles\i386\fpsrvadm.exe
2008-04-14 02:31:23 9,344 ------w C:\WINDOWS\ServicePackFiles\i386\framebuf.dll
2008-04-14 02:33:25 185,344 ------w C:\WINDOWS\ServicePackFiles\i386\framedyn.dll
2008-04-14 02:34:04 193,024 ------w C:\WINDOWS\ServicePackFiles\i386\fsquirt.exe
2008-04-14 02:34:04 46,080 ------w C:\WINDOWS\ServicePackFiles\i386\ftp.exe
2008-04-14 02:33:25 60,416 ------w C:\WINDOWS\ServicePackFiles\i386\fwcfg.dll
2008-04-14 02:33:25 451,584 ------w C:\WINDOWS\ServicePackFiles\i386\fxsapi.dll
2008-04-14 02:34:04 142,848 ------w C:\WINDOWS\ServicePackFiles\i386\fxsclnt.exe
2008-04-14 02:33:25 72,192 ------w C:\WINDOWS\ServicePackFiles\i386\fxscom.dll
2008-04-14 02:33:25 285,184 ------w C:\WINDOWS\ServicePackFiles\i386\fxscomex.dll
2008-04-14 02:34:04 238,592 ------w C:\WINDOWS\ServicePackFiles\i386\fxscover.exe
2008-04-14 02:33:25 26,624 ------w C:\WINDOWS\ServicePackFiles\i386\fxsdrv.dll
2008-04-14 02:33:25 66,048 ------w C:\WINDOWS\ServicePackFiles\i386\fxsevent.dll
2008-04-14 02:33:25 23,552 ------w C:\WINDOWS\ServicePackFiles\i386\fxsext32.dll
2008-04-14 02:33:25 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\fxsmon.dll
2008-04-14 02:33:25 132,608 ------w C:\WINDOWS\ServicePackFiles\i386\fxsocm.dll
2008-04-14 02:33:25 8,704 ------w C:\WINDOWS\ServicePackFiles\i386\fxsperf.dll
2008-04-14 02:31:25 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\fxsres.dll
2008-04-14 02:33:25 563,712 ------w C:\WINDOWS\ServicePackFiles\i386\fxsst.dll
2008-04-14 02:34:05 268,800 ------w C:\WINDOWS\ServicePackFiles\i386\fxssvc.exe
2008-04-14 02:33:25 246,272 ------w C:\WINDOWS\ServicePackFiles\i386\fxst30.dll
2008-04-14 02:33:25 397,312 ------w C:\WINDOWS\ServicePackFiles\i386\fxstiff.dll
2008-04-14 02:33:25 156,672 ------w C:\WINDOWS\ServicePackFiles\i386\fxsui.dll
2008-04-14 02:33:25 197,120 ------w C:\WINDOWS\ServicePackFiles\i386\fxswzrd.dll
2008-04-14 02:33:25 400,896 ------w C:\WINDOWS\ServicePackFiles\i386\fxsxp32.dll
2008-04-13 18:36:40 46,464 ------w C:\WINDOWS\ServicePackFiles\i386\gagp30kx.sys
2008-04-13 18:45:29 10,624 ------w C:\WINDOWS\ServicePackFiles\i386\gameenum.sys
2008-04-13 18:45:32 59,136 ------w C:\WINDOWS\ServicePackFiles\i386\gckernel.sys
2008-04-14 02:33:25 285,184 ------w C:\WINDOWS\ServicePackFiles\i386\gdi32.dll
2008-04-14 02:33:25 123,904 ------w C:\WINDOWS\ServicePackFiles\i386\glu32.dll
2004-08-05 04:00:00 101,888 ------w C:\WINDOWS\ServicePackFiles\i386\gpkcsp.dll
2008-04-14 01:59:15 10,240 ------w C:\WINDOWS\ServicePackFiles\i386\gpkrsrc.dll
2008-04-14 02:34:05 39,424 ------w C:\WINDOWS\ServicePackFiles\i386\grpconv.exe
2008-04-14 01:59:21 28,544 ------w C:\WINDOWS\ServicePackFiles\i386\grserial.sys
2008-04-14 02:33:26 134,656 ------w C:\WINDOWS\ServicePackFiles\i386\guitrn.dll
2008-04-14 02:33:26 115,712 ------w C:\WINDOWS\ServicePackFiles\i386\guitrna.dll
2008-04-14 02:33:26 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\h323cc.dll
2008-04-14 02:33:26 614,912 ------w C:\WINDOWS\ServicePackFiles\i386\h323msp.dll
2008-04-13 18:31:32 105,344 ------w C:\WINDOWS\ServicePackFiles\i386\hal.dll
2008-04-13 18:31:28 131,840 ------w C:\WINDOWS\ServicePackFiles\i386\halaacpi.dll
2008-04-13 18:31:27 81,152 ------w C:\WINDOWS\ServicePackFiles\i386\halacpi.dll
2008-04-13 18:31:28 150,528 ------w C:\WINDOWS\ServicePackFiles\i386\halapic.dll
2008-04-13 18:31:28 134,400 ------w C:\WINDOWS\ServicePackFiles\i386\halmacpi.dll
2008-04-13 18:31:32 152,576 ------w C:\WINDOWS\ServicePackFiles\i386\halmps.dll
2008-04-13 18:31:31 77,696 ------w C:\WINDOWS\ServicePackFiles\i386\halsp.dll
2008-04-14 02:33:26 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\hccoin.dll
2008-04-13 16:36:05 144,384 ------w C:\WINDOWS\ServicePackFiles\i386\hdaudbus.sys
2008-04-14 02:34:05 17,408 ------w C:\WINDOWS\ServicePackFiles\i386\help.exe
2008-04-14 02:34:06 769,024 ------w C:\WINDOWS\ServicePackFiles\i386\helpctr.exe
2008-04-14 02:34:06 744,448 ------w C:\WINDOWS\ServicePackFiles\i386\helpsvc.exe
2008-04-14 02:34:06 10,752 ------w C:\WINDOWS\ServicePackFiles\i386\hh

guigui14100 · Septembre 26, 2008, 9:40

Tu a un virus sortie de je ne sais ou télécharge ce nouveau script et fait glissé sur combofix.

Moi je vais finir d analyser ton rapport
Edité le 26/09/2008 à 09:41

anna777 · Septembre 27, 2008, 12:34

Je te remercie pour ta perceverence envers moi

franchement je desesperais ce matin car le pc rame encore

voilà le rapport de combofix avec le script

j’ai cherché sur google : ServicePackFiles\i386\dmremote.exe

es-ce que c’est bien lui qui mempechait mme de télécharger ce que vous me demandiez tous au début des post en me disant corrompu ?

ComboFix 08-09-26.01 - Compaq_Propri?taire 2008-09-26 21:52:25.4 - NTFSx86
Lancé depuis: C:\Documents and Settings\Compaq_Propri?taire\Bureau\ComboFix.exe
Commutateurs utilisés :: C:\Documents and Settings\Compaq_Propri?taire\Bureau\CFScript.txt

FILE ::
C:\WINDOWS\ServicePackFiles\i386\dmremote.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\ServicePackFiles\i386\dmremote.exe

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-08-26 au 2008-09-26 ))))))))))))))))))))))))))))))))))))
.

2008-09-26 00:54 . 2008-09-26 00:54 d-------- C:\WINDOWS\system32\fr
2008-09-26 00:54 . 2008-09-26 00:54 d-------- C:\WINDOWS\system32\bits
2008-09-26 00:54 . 2008-09-26 00:54 d-------- C:\WINDOWS\l2schemas
2008-09-26 00:35 . 2008-09-26 00:57 d-------- C:\WINDOWS\ServicePackFiles
2008-09-25 23:24 . 2008-09-25 23:25 d-------- C:\WINDOWS\EHome
2008-09-25 22:16 . 2008-09-25 22:34 d-------- C:\Program Files\EsetOnlineScanner
2008-09-24 11:08 . 2008-09-24 11:08 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-09-24 10:50 . 2008-07-18 22:07 270,880 --a------ C:\WINDOWS\system32\mucltui.dll
2008-09-24 10:50 . 2008-07-18 22:07 29,728 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-09-23 23:20 . C:\Documents and Settings\Compaq_Propriétaire\Application Data\vlc
2008-09-23 20:04 . 2008-09-23 20:04 d-------- C:\Program Files\Secunia
2008-09-17 17:11 . 2008-09-25 00:54 d-------- C:\Program Files\a-squared Anti-Dialer
2008-09-17 13:49 . C:\Documents and Settings\Compaq_Propriétaire\DoctorWeb
2008-09-16 21:49 . 2008-09-16 21:48 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2008-09-15 20:37 . 2008-09-15 20:37 d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-09-13 14:51 . 2008-09-17 20:01 d-------- C:\Program Files\DivX
2008-09-07 23:52 . 2008-09-07 23:52 d-------- C:\WINDOWS\system32\hdined32.nls.{00021401-0000-0000-C000-000000000046}
2008-09-07 23:51 . 2008-09-08 00:10 d-------- C:\Program Files\burnatonce
2008-08-29 20:52 . 2004-08-04 00:38 327,168 --------- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2008-08-28 10:31 . 2008-08-28 10:31 13,580 --a------ C:\Documents and Settings@4ad749ef87874a367f01c31e87803d0a2d9c4c98
2008-08-27 19:01 . 2006-08-09 11:08 241,664 --a------ C:\WINDOWS\system32\SuDoku.ocx
2008-08-27 19:01 . 2004-03-09 00:00 212,240 --a------ C:\WINDOWS\system32\RICHTX32.OCX
2008-08-27 19:01 . 2006-08-09 10:54 86,016 --a------ C:\WINDOWS\system32\NumberSequence.ocx
2008-08-27 19:01 . 2006-08-08 17:36 61,440 --a------ C:\WINDOWS\system32\NumberCrunch.ocx
2008-08-27 19:01 . 2006-08-09 20:37 57,344 --a------ C:\WINDOWS\system32\WordSearch.ocx
2008-08-27 19:01 . 2006-08-16 11:32 49,152 --a------ C:\WINDOWS\system32\SpellingTest.ocx
2008-08-27 19:01 . 2006-08-20 15:00 49,152 --a------ C:\WINDOWS\system32\Reading.ocx

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-26 19:34 --------- d-----w C:\Program Files\Wanadoo
2008-09-26 19:34 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\OpenOffice.org2
2008-09-26 12:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-09-26 01:15 --------- d-----w C:\Program Files\MSN Messenger
2008-09-24 22:31 --------- d-----w C:\Program Files\eMule
2008-09-23 11:40 --------- d-----w C:\Program Files\epson
2008-09-22 17:08 --------- d–h--w C:\Program Files\InstallShield Installation Information
2008-09-21 00:57 31,102 ----a-w C:\Documents and Settings\Compaq_Propriétaire\Application Data\wklnhst.dat
2008-09-17 22:30 --------- d-----w C:\Program Files\LimeWire
2008-09-16 21:38 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\LimeWire
2008-09-13 10:19 --------- d-----w C:\Program Files\Sport cérébral Brain challenge
2008-09-12 23:47 --------- d-----w C:\Program Files\CCleaner
2008-09-10 11:04 --------- d-----w C:\Program Files\Malwarebytes’ Anti-Malware
2008-09-09 22:04 38,528 ----a-w C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-09 22:03 17,200 ----a-w C:\WINDOWS\system32\drivers\mbam.sys
2008-09-07 20:25 --------- d-----w C:\Program Files\Wanadoo Messager
2008-08-31 22:24 --------- d-----w C:\Program Files\Java
2008-08-27 16:43 --------- d-----w C:\Program Files\Bible
2008-08-25 21:27 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-08-22 01:37 --------- d-----w C:\Program Files\PourCent
2008-08-22 01:14 --------- d-----w C:\Program Files\DVD Decrypter
2008-08-16 21:20 --------- d-----w C:\Program Files\Systeme
2008-08-16 21:19 --------- d-----w C:\Program Files\menumath
2008-08-14 23:58 73,728 ----a-w C:\WINDOWS\ALCFDRTM.EXE
2008-08-14 21:22 --------- d-----w C:\Documents and Settings\LocalService\Application Data\AdobeUM
2008-08-14 01:30 --------- d-----w C:\Program Files\scrabbleproB1.0.8
2008-08-12 17:22 --------- d-----w C:\Program Files\Micro Trivial Pursuit
2008-08-11 23:27 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-08-11 23:27 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\DAEMON Tools
2008-08-11 22:20 --------- d-----w C:\Documents and Settings\LocalService\Application Data\agi
2008-08-11 22:19 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\agi
2008-07-28 15:53 110 ----a-w C:\ripp.bat
2008-07-28 14:34 --------- d-----w C:\Program Files\AviSynth 2.5
2008-07-26 11:22 --------- d—a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-07-06 00:23 3,460 ----a-w C:\Program Files\SETUP.LST
2008-07-06 00:16 290,816 ------w C:\WINDOWS\Setup1.exe
2008-06-26 22:00 74,752 ------w C:\WINDOWS\ST6UNST.EXE
2007-04-02 21:37 5,170,176 ----a-w C:\Program Files\WindowsDefender.msi
1998-07-12 22:00 21,504 ----a-w C:\Program Files\TABCTFR.DLL
2006-05-03 10:06 163,328 --sh–r C:\WINDOWS\system32\flvDX.dll
2007-02-21 11:47 31,232 --sh–r C:\WINDOWS\system32\msfDX.dll
.

((((((((((((((((((((((((((((( snapshot_2008-09-26_ 4.09.55.37 )))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Note les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“WOOKIT”=“C:\PROGRA~1\Wanadoo\Shell.exe” [2004-08-23 122880]
“ctfmon.exe”=“C:\WINDOWS\system32\ctfmon.exe” [2008-04-14 15360]
“updateMgr”=“C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe” [2006-03-30 313472]
“Acme.PCHButton”=“C:\PROGRA~1\HELPAN~1\HPQ\XPXWWPP5\plugin\bin\PCHButton.exe” [2006-09-17 159744]
“MsnMsgr”=“C:\Program Files\MSN Messenger\MsnMsgr.Exe” [2007-01-19 5674352]
“SpybotSD TeaTimer”=“C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe” [2008-08-18 1832272]
“WMPNSCFG”=“C:\Program Files\Windows Media Player\WMPNSCFG.exe” [2006-11-03 204288]
“Uniblue RegistryBooster 2”=“C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe” [2008-05-05 1923352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“hpsysdrv”=“c:\windows\system\hpsysdrv.exe” [1998-05-08 52736]
“KBD”=“C:\HP\KBD\KBD.EXE” [2003-02-12 61440]
“iTunesHelper”=“C:\Program Files\iTunes\iTunesHelper.exe” [2004-10-13 278528]
“Recguard”=“C:\WINDOWS\SMINST\RECGUARD.EXE” [2004-04-15 233472]
“ATIPTA”=“C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe” [2004-11-04 344064]
“PS2”=“C:\WINDOWS\system32\ps2.exe” [2003-09-13 98304]
“LSBWatcher”=“c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe” [2004-10-15 253952]
“Reminder”=“C:\Windows\Creator\Remind_XP.exe” [2004-12-14 663552]
“WOOWATCH”=“C:\PROGRA~1\Wanadoo\Watch.exe” [2004-08-23 20480]
“WOOTASKBARICON”=“C:\PROGRA~1\Wanadoo\GestMaj.exe” [2004-10-14 32768]
“avgnt”=“C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe” [2008-07-18 266497]
“TkBellExe”=“C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe” [2008-08-19 185896]
“BigDogPath”=“C:\WINDOWS\VM_STI.EXE” [2004-06-09 40960]
“ISUSPM Startup”=“C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe” [2004-04-17 196608]
“ISUSScheduler”=“C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe” [2004-06-16 81920]
“SunJavaUpdateSched”=“C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe” [2008-06-10 144784]
“Raccourci vers la page des propriétés de High Definition Audio”=“HDAudPropShortcut.exe” [2004-03-17 C:\WINDOWS\system32\Hdaudpropshortcut.exe]
“AGRSMMSG”=“AGRSMMSG.exe” [2004-06-30 C:\WINDOWS\AGRSMMSG.exe]
“SoundMan”=“SOUNDMAN.EXE” [2005-02-22 C:\WINDOWS\SOUNDMAN.EXE]
“AlcWzrd”=“ALCWZRD.EXE” [2005-02-19 C:\WINDOWS\ALCWZRD.EXE]

C:\Documents and Settings\Yvan\Menu D?marrer\Programmes\D?marrage
M?mento.lnk - C:\QUICKENW\BILLMIND.EXE [2007-11-13 32768]

C:\Documents and Settings\Compaq_Propri?taire\Menu D?marrer\Programmes\D?marrage
M?mento.lnk - C:\QUICKENW\BILLMIND.EXE [2007-11-13 32768]
OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 393216]
Secunia PSI (RC3).lnk - C:\Program Files\Secunia\PSI (RC3)\psi.exe [2008-06-16 663552]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
“VIDC.I420”= i420vfw.dll
“vidc.yv12”= yv12vfw.dll

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
“EnableFirewall”= 0 (0x0)

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
“%windir%\system32\sessmgr.exe”=
“C:\Program Files\iTunes\iTunes.exe”=
“C:\Program Files\eMule\emule.exe”=
“C:\Program Files\Avira\AntiVir PersonalEdition Classic\avcenter.exe”=
“C:\WINDOWS\system32\fxsclnt.exe”=
“%windir%\Network Diagnostic\xpnetdiag.exe”=
“C:\Program Files\MSN Messenger\msnmsgr.exe”=
“C:\Program Files\MSN Messenger\livecall.exe”=

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
“17250:TCP”= 17250:TCP:emule
“53747:UDP”= 53747:UDP:emule
“6346:TCP”= 6346:TCP:Gnutella
“6346:UDP”= 6346:UDP:Gnutella

R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 PSI;PSI;C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2008-06-16 7808]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{28a6a304-9541-11d9-b668-806d6172696f}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
.
Contenu du dossier ‘Tâches planifiées’
.

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, www.gmer.net…
Rootkit scan 2008-09-26 22:00:47
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés …

Recherche d’éléments en démarrage automatique cachés …

Recherche de fichiers cachés …

Scan terminé avec succès
Fichiers cachés: 0

.
Heure de fin: 2008-09-26 22:07:00
ComboFix-quarantined-files.txt 2008-09-26 20:06:48
ComboFix2.txt 2008-09-26 11:50:36
ComboFix3.txt 2008-09-24 20:40:27

Avant-CF: 348ÿ004ÿ352 octets libres
Après-CF: 346,243,072 octets libres

172 — E O F — 2008-09-24 09:09:04

merci beaucoup et à demain

guigui14100 · Septembre 27, 2008, 9:46

Normalement je pense que sa doit être bon, tu en pense quoi vu que c’est toi qui a le pc devant toi?

Si tu a des doutes tu peut faire des scan en ligne:
Bitdefender
Housecall
Eset

anna777 · Septembre 27, 2008, 7:06

il rame encore au bout d’un moment, il répond pas tout de suite, meme au niveau clavier des fois,

mais je vais faire un scan en ligne sur les trois que tu m’as donné, il est possible que mon disque dur soit bien rempli

dernière chose :

j’ai uniblue registry booster 2 : c’est un logiciel qui corrige t’es erreur de registre et pour la première fois j’ai fait un scan avec ce logiciel et il m’a trouvé 241 erreur de registre, blem, à part le scan je ne sais pas ce qu’il faut faire ensuite, je vais chercher un tutoriel sur le net

que pense tu aussi de spybot on dirait que le mien se conduit comme un pare feu, il me demande si je j’accepte la modification de tel et tel programme quand je fais une manip, alors que j’ai le pare feu windows,

es-ce que spybot fait double emploi ?

est-ce que c’est normal qu’un fichier nommé “Thumbs.db” data base file soit dans tout mes dossiers existant dans mon pc ? mon dossier : ma musique et mes sous dossiers musique ou mon dossier céramique par exemple, en fait quand je clique dessus une petite fenetre s’ouvre “spybot search & destroy” et me fait un scan du dossier où il est inséré

juste que tu me dises si c’est normale,

merci pour ta persévérance, pour ton aide qui m’a été précieuse

merci à cricri et à remy pour leur aide
Edité le 27/09/2008 à 22:30

anna777 · Septembre 29, 2008, 10:09

bonjour escam

j’ai pu enfin télécharger escan et le lancer en mode sans échec, problème quand le scan à été fini, il ne m’a rien supprimé, j’ai cherché un éventuel bouton de suppression, mais rien, j’ai du fermer, je n’étais pas là quand le pc à été réouvert il escan à redémarrer mon mari l’a éteint

je te passe les dernieres lignes du rapport, car trop long sinon :

29 sept. 2008 01:17:14 - [Scan du répertoire : D:\System Volume Information_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}]

29 sept. 2008 01:17:14 - [Scan du répertoire : D:\RECOVERY]
29 sept. 2008 01:17:14 - Scan fichier D:\RECOVERY\Desktop.ini
29 sept. 2008 01:17:14 - Scan fichier D:\RECOVERY\warning.BMP
29 sept. 2008 01:17:14 - Scan fichier D:\RECOVERY\Folder.htt
29 sept. 2008 01:17:14 - Scan fichier D:\RECOVERY\Protect.ed
29 sept. 2008 01:17:14 - Scan fichier D:\install.bat (???)
29 sept. 2008 01:17:14 - Scan fichier D:\Softthinks_MLSP_ALL_RED_WW-01.block
29 sept. 2008 01:17:14 - Scan fichier D:\Softthinks_MLSP_ALL_RED_WW.txt

29 sept. 2008 01:17:14 - ***** Analyse de Virus spécifique ITW *****

29 sept. 2008 01:17:15 - ***** Scan complet. *****

29 sept. 2008 01:17:15 - Total de Fichiers scannés: 188292
29 sept. 2008 01:17:15 - Total de virus trouvés: 27
29 sept. 2008 01:17:15 - Total de fichiers désinfectés: 0
29 sept. 2008 01:17:15 - Nombre de fichiers renommés: 0
29 sept. 2008 01:17:15 - Total de fichiers supprimés: 0
29 sept. 2008 01:17:15 - Nombre d’erreurs: 169
29 sept. 2008 01:17:15 - Temps écoulé: 03:07:34
29 sept. 2008 01:17:15 - Date de la base de donnée des virus : 20 Aug 2008
29 sept. 2008 01:17:15 - Nombre de Virus dans la base de données : 1113234

29 sept. 2008 01:17:15 - Scan complet.

voilà pourquoi je voudrais savoir où est le bouton suppression

je peux comprendre que mon problème a été long à règler et que ça a été décourageant, mais je suis près de me sortir de se souci

merci pour l’aide