Se connecter avec
S'enregistrer | Connectez-vous

mon pc est infecté :trojan, keilogers,backdoor etc...

Dernière réponse : dans Le monde de Windows

Bonjour,

mon pc est infecté depuis quelques temps, j'ai effectué des scans avec divers logiciels comme combofix, dr web, malwarbytes, antivir, spybot etc....certains scan en ligne bloquent, mme avec la désactivation de mes protections

j'ai pu éliminer quelques infections dont des trojans, un virus etc

mon pc ramant encore, buggant, m'empechant la plupart du temps de poster meme sur un forum, (plus de 2 heures pour pouvoir posté sur presence pc c soir)j'ai fait un scan en ligne avant hier avec escan et il m'a trouvé encore des infections dont : trojans, virus, keylogers....

quand escan à eu fini je me suis aperçue qu'il ne m'avait rien supprimé et je n'ai pas trouvé non plus de bouton suppression des infections, à contre coeur j'ai du fermer l'ordi

les infections empestent notre navigation à un point décourageant

je vous poste le rapport d'escan sur le post d'après car ça bug à chaque fois


merci pour votre aide

j'ai besoin aussi de mon pc pour ma formation d'aide soignante

Autres pages sur : infecte trojan keilogers backdoor

Lassé par la pub ? Créez un compte

bethanie777,

Afficher les rapports ComboFix et Malwarebytes des scan précédents.

Rapport ComboFix sur le C:\ComboFix.txt
Rapport Malwarebytes, en ouvrant le logiciel, dans [Rapports/Logs]
____________________________________

Télécharger HijackThis - & - Tutoriel HijackThis.
• Créer un répertoire C:\HjT ou C:\Program Files\HjT et mettez y HijackThis,
Citation :
Vista : clic droit sur le fichier HijackThis.exe ou sur le raccourci, Propriétés, Onglet Compatibilité,
• cocher : "Exécuter ce programme en tant qu'administrateur"
• Installer & lancer HijackThis et dans le Main menu,
• Appuyer sur [Do a system scan and save a logfile].
• Le bloc-note va s'ouvrir avec un rapport,
Afficher le rapport HijackThis sur votre prochain post.

merci mido :

rapport combofix :

ComboFix 08-09-26.01 - Compaq_Propri‚taire 2008-09-26 21:52:25.4 - NTFSx86
Lancé depuis: C:\Documents and Settings\Compaq_Propri‚taire\Bureau\ComboFix.exe
Commutateurs utilisés :: C:\Documents and Settings\Compaq_Propri‚taire\Bureau\CFScript.txt

FILE ::
C:\WINDOWS\ServicePackFiles\i386\dmremote.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\ServicePackFiles\i386\dmremote.exe

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-08-26 au 2008-09-26 ))))))))))))))))))))))))))))))))))))
.

2008-09-26 00:54 . 2008-09-26 00:54 <REP> d-------- C:\WINDOWS\system32\fr
2008-09-26 00:54 . 2008-09-26 00:54 <REP> d-------- C:\WINDOWS\system32\bits
2008-09-26 00:54 . 2008-09-26 00:54 <REP> d-------- C:\WINDOWS\l2schemas
2008-09-26 00:35 . 2008-09-26 00:57 <REP> d-------- C:\WINDOWS\ServicePackFiles
2008-09-25 23:24 . 2008-09-25 23:25 <REP> d-------- C:\WINDOWS\EHome
2008-09-25 22:16 . 2008-09-25 22:34 <REP> d-------- C:\Program Files\EsetOnlineScanner
2008-09-24 11:08 . 2008-09-24 11:08 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-09-24 10:50 . 2008-07-18 22:07 270,880 --a------ C:\WINDOWS\system32\mucltui.dll
2008-09-24 10:50 . 2008-07-18 22:07 29,728 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-09-23 23:20 . <REP> C:\Documents and Settings\Compaq_Propriétaire\Application Data\vlc
2008-09-23 20:04 . 2008-09-23 20:04 <REP> d-------- C:\Program Files\Secunia
2008-09-17 17:11 . 2008-09-25 00:54 <REP> d-------- C:\Program Files\a-squared Anti-Dialer
2008-09-17 13:49 . <REP> C:\Documents and Settings\Compaq_Propriétaire\DoctorWeb
2008-09-16 21:49 . 2008-09-16 21:48 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2008-09-15 20:37 . 2008-09-15 20:37 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-09-13 14:51 . 2008-09-17 20:01 <REP> d-------- C:\Program Files\DivX
2008-09-07 23:52 . 2008-09-07 23:52 <REP> d-------- C:\WINDOWS\system32\hdined32.nls.{00021401-0000-0000-C000-000000000046}
2008-09-07 23:51 . 2008-09-08 00:10 <REP> d-------- C:\Program Files\burnatonce
2008-08-29 20:52 . 2004-08-04 00:38 327,168 --------- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2008-08-28 10:31 . 2008-08-28 10:31 13,580 --a------ C:\Documents and Settings\@4ad749ef87874a367f01c31e87803d0a2d9c4c98
2008-08-27 19:01 . 2006-08-09 11:08 241,664 --a------ C:\WINDOWS\system32\SuDoku.ocx
2008-08-27 19:01 . 2004-03-09 00:00 212,240 --a------ C:\WINDOWS\system32\RICHTX32.OCX
2008-08-27 19:01 . 2006-08-09 10:54 86,016 --a------ C:\WINDOWS\system32\NumberSequence.ocx
2008-08-27 19:01 . 2006-08-08 17:36 61,440 --a------ C:\WINDOWS\system32\NumberCrunch.ocx
2008-08-27 19:01 . 2006-08-09 20:37 57,344 --a------ C:\WINDOWS\system32\WordSearch.ocx
2008-08-27 19:01 . 2006-08-16 11:32 49,152 --a------ C:\WINDOWS\system32\SpellingTest.ocx
2008-08-27 19:01 . 2006-08-20 15:00 49,152 --a------ C:\WINDOWS\system32\Reading.ocx

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-26 19:34 --------- d-----w C:\Program Files\Wanadoo
2008-09-26 19:34 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\OpenOffice.org2
2008-09-26 12:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-09-26 01:15 --------- d-----w C:\Program Files\MSN Messenger
2008-09-24 22:31 --------- d-----w C:\Program Files\eMule
2008-09-23 11:40 --------- d-----w C:\Program Files\epson
2008-09-22 17:08 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-21 00:57 31,102 ----a-w C:\Documents and Settings\Compaq_Propriétaire\Application Data\wklnhst.dat
2008-09-17 22:30 --------- d-----w C:\Program Files\LimeWire
2008-09-16 21:38 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\LimeWire
2008-09-13 10:19 --------- d-----w C:\Program Files\Sport cérébral Brain challenge
2008-09-12 23:47 --------- d-----w C:\Program Files\CCleaner
2008-09-10 11:04 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-09-09 22:04 38,528 ----a-w C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-09 22:03 17,200 ----a-w C:\WINDOWS\system32\drivers\mbam.sys
2008-09-07 20:25 --------- d-----w C:\Program Files\Wanadoo Messager
2008-08-31 22:24 --------- d-----w C:\Program Files\Java
2008-08-27 16:43 --------- d-----w C:\Program Files\Bible
2008-08-25 21:27 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-08-22 01:37 --------- d-----w C:\Program Files\PourCent
2008-08-22 01:14 --------- d-----w C:\Program Files\DVD Decrypter
2008-08-16 21:20 --------- d-----w C:\Program Files\Systeme
2008-08-16 21:19 --------- d-----w C:\Program Files\menumath
2008-08-14 23:58 73,728 ----a-w C:\WINDOWS\ALCFDRTM.EXE
2008-08-14 21:22 --------- d-----w C:\Documents and Settings\LocalService\Application Data\AdobeUM
2008-08-14 01:30 --------- d-----w C:\Program Files\scrabbleproB1.0.8
2008-08-12 17:22 --------- d-----w C:\Program Files\Micro Trivial Pursuit
2008-08-11 23:27 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-08-11 23:27 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\DAEMON Tools
2008-08-11 22:20 --------- d-----w C:\Documents and Settings\LocalService\Application Data\agi
2008-08-11 22:19 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\agi
2008-07-28 15:53 110 ----a-w C:\ripp.bat
2008-07-28 14:34 --------- d-----w C:\Program Files\AviSynth 2.5
2008-07-26 11:22 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-07-06 00:23 3,460 ----a-w C:\Program Files\SETUP.LST
2008-07-06 00:16 290,816 ------w C:\WINDOWS\Setup1.exe
2008-06-26 22:00 74,752 ------w C:\WINDOWS\ST6UNST.EXE
2007-04-02 21:37 5,170,176 ----a-w C:\Program Files\WindowsDefender.msi
1998-07-12 22:00 21,504 ----a-w C:\Program Files\TABCTFR.DLL
2006-05-03 10:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2007-02-21 11:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
.

((((((((((((((((((((((((((((( snapshot_2008-09-26_ 4.09.55.37 )))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 122880]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
"Acme.PCHButton"="C:\PROGRA~1\HELPAN~1\HPQ\XPXWWPP5\plugin\bin\PCHButton.exe" [2006-09-17 159744]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-08-18 1832272]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 204288]
"Uniblue RegistryBooster 2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" [2008-05-05 1923352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-08 52736]
"KBD"="C:\HP\KBD\KBD.EXE" [2003-02-12 61440]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2004-10-13 278528]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-15 233472]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-11-04 344064]
"PS2"="C:\WINDOWS\system32\ps2.exe" [2003-09-13 98304]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-15 253952]
"Reminder"="C:\Windows\Creator\Remind_XP.exe" [2004-12-14 663552]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 20480]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 32768]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-18 266497]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-08-19 185896]
"BigDogPath"="C:\WINDOWS\VM_STI.EXE" [2004-06-09 40960]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-04-17 196608]
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"Raccourci vers la page des propriétés de High Definition Audio"="HDAudPropShortcut.exe" [2004-03-17 C:\WINDOWS\system32\Hdaudpropshortcut.exe]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-30 C:\WINDOWS\AGRSMMSG.exe]
"SoundMan"="SOUNDMAN.EXE" [2005-02-22 C:\WINDOWS\SOUNDMAN.EXE]
"AlcWzrd"="ALCWZRD.EXE" [2005-02-19 C:\WINDOWS\ALCWZRD.EXE]

C:\Documents and Settings\Yvan\Menu D‚marrer\Programmes\D‚marrage\
M‚mento.lnk - C:\QUICKENW\BILLMIND.EXE [2007-11-13 32768]

C:\Documents and Settings\Compaq_Propri‚taire\Menu D‚marrer\Programmes\D‚marrage\
M‚mento.lnk - C:\QUICKENW\BILLMIND.EXE [2007-11-13 32768]
OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 393216]
Secunia PSI (RC3).lnk - C:\Program Files\Secunia\PSI (RC3)\psi.exe [2008-06-16 663552]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"vidc.yv12"= yv12vfw.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Avira\\AntiVir PersonalEdition Classic\\avcenter.exe"=
"C:\\WINDOWS\\system32\\fxsclnt.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"17250:TCP"= 17250:TCP:emule
"53747:UDP"= 53747:UDP:emule
"6346:TCP"= 6346:TCP:Gnutella
"6346:UDP"= 6346:UDP:Gnutella

R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 PSI;PSI;C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2008-06-16 7808]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{28a6a304-9541-11d9-b668-806d6172696f}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
.
Contenu du dossier 'Tâches planifiées'
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-26 22:00:47
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
Heure de fin: 2008-09-26 22:07:00
ComboFix-quarantined-files.txt 2008-09-26 20:06:48
ComboFix2.txt 2008-09-26 11:50:36
ComboFix3.txt 2008-09-24 20:40:27

Avant-CF: 348ÿ004ÿ352 octets libres
Après-CF: 346,243,072 octets libres

172 --- E O F --- 2008-09-24 09:09:04


le post du rapport combofix fonctionne,

mais je n'arrive pas à poster celui de escan qui m'a trouvé 27 virus (malwares, trojans, ......)


il y en a eu un deuxième :

ComboFix 08-09-25.03 - Compaq_Propri‚taire 2008-09-26 3:55:01.2 - NTFSx86
Lancé depuis: C:\Documents and Settings\Compaq_Propri‚taire\Bureau\ComboFix.exe
Commutateurs utilisés :: C:\Documents and Settings\Compaq_Propri‚taire\Bureau\CFScript.txt

FILE ::
C:\WINDOWS\system32\Smab0.dll
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\InternetSoftware
C:\WINDOWS\system32\Smab0.dll

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-08-26 au 2008-09-26 ))))))))))))))))))))))))))))))))))))
.

2008-09-26 01:39 . 2008-09-26 01:39 <REP> d-------- C:\WINDOWS\LastGood.Tmp
2008-09-26 00:54 . 2008-09-26 00:54 <REP> d-------- C:\WINDOWS\system32\fr
2008-09-26 00:54 . 2008-09-26 00:54 <REP> d-------- C:\WINDOWS\system32\bits
2008-09-26 00:54 . 2008-09-26 00:54 <REP> d-------- C:\WINDOWS\l2schemas
2008-09-26 00:35 . 2008-09-26 00:57 <REP> d-------- C:\WINDOWS\ServicePackFiles
2008-09-25 23:24 . 2008-09-25 23:25 <REP> d-------- C:\WINDOWS\EHome
2008-09-25 22:16 . 2008-09-25 22:34 <REP> d-------- C:\Program Files\EsetOnlineScanner
2008-09-24 11:08 . 2008-09-24 11:08 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-09-24 10:50 . 2008-07-18 22:07 270,880 --a------ C:\WINDOWS\system32\mucltui.dll
2008-09-24 10:50 . 2008-07-18 22:07 29,728 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-09-23 23:20 . <REP> C:\Documents and Settings\Compaq_Propriétaire\Application Data\vlc
2008-09-23 20:04 . 2008-09-23 20:04 <REP> d-------- C:\Program Files\Secunia
2008-09-17 17:11 . 2008-09-25 00:54 <REP> d-------- C:\Program Files\a-squared Anti-Dialer
2008-09-17 13:49 . <REP> C:\Documents and Settings\Compaq_Propriétaire\DoctorWeb
2008-09-16 21:49 . 2008-09-16 21:48 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2008-09-15 20:37 . 2008-09-15 20:37 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-09-13 14:51 . 2008-09-17 20:01 <REP> d-------- C:\Program Files\DivX
2008-09-07 23:52 . 2008-09-07 23:52 <REP> d-------- C:\WINDOWS\system32\hdined32.nls.{00021401-0000-0000-C000-000000000046}
2008-09-07 23:51 . 2008-09-08 00:10 <REP> d-------- C:\Program Files\burnatonce
2008-08-29 20:52 . 2004-08-04 00:38 327,168 --------- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2008-08-28 10:31 . 2008-08-28 10:31 13,580 --a------ C:\Documents and Settings\@4ad749ef87874a367f01c31e87803d0a2d9c4c98
2008-08-27 19:01 . 2006-08-09 11:08 241,664 --a------ C:\WINDOWS\system32\SuDoku.ocx
2008-08-27 19:01 . 2004-03-09 00:00 212,240 --a------ C:\WINDOWS\system32\RICHTX32.OCX
2008-08-27 19:01 . 2006-08-09 10:54 86,016 --a------ C:\WINDOWS\system32\NumberSequence.ocx
2008-08-27 19:01 . 2006-08-08 17:36 61,440 --a------ C:\WINDOWS\system32\NumberCrunch.ocx
2008-08-27 19:01 . 2006-08-09 20:37 57,344 --a------ C:\WINDOWS\system32\WordSearch.ocx
2008-08-27 19:01 . 2006-08-16 11:32 49,152 --a------ C:\WINDOWS\system32\SpellingTest.ocx
2008-08-27 19:01 . 2006-08-20 15:00 49,152 --a------ C:\WINDOWS\system32\Reading.ocx

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-26 01:31 --------- d-----w C:\Program Files\Wanadoo
2008-09-26 01:15 --------- d-----w C:\Program Files\MSN Messenger
2008-09-26 01:14 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\OpenOffice.org2
2008-09-25 20:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-09-24 22:31 --------- d-----w C:\Program Files\eMule
2008-09-23 11:40 --------- d-----w C:\Program Files\epson
2008-09-22 17:08 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-21 00:57 31,102 ----a-w C:\Documents and Settings\Compaq_Propriétaire\Application Data\wklnhst.dat
2008-09-17 22:30 --------- d-----w C:\Program Files\LimeWire
2008-09-16 21:38 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\LimeWire
2008-09-13 10:19 --------- d-----w C:\Program Files\Sport cérébral Brain challenge
2008-09-12 23:47 --------- d-----w C:\Program Files\CCleaner
2008-09-10 11:04 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-09-09 22:04 38,528 ----a-w C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-09 22:03 17,200 ----a-w C:\WINDOWS\system32\drivers\mbam.sys
2008-09-07 20:25 --------- d-----w C:\Program Files\Wanadoo Messager
2008-08-31 22:24 --------- d-----w C:\Program Files\Java
2008-08-27 16:43 --------- d-----w C:\Program Files\Bible
2008-08-25 21:27 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-08-22 01:37 --------- d-----w C:\Program Files\PourCent
2008-08-22 01:14 --------- d-----w C:\Program Files\DVD Decrypter
2008-08-16 21:20 --------- d-----w C:\Program Files\Systeme
2008-08-16 21:19 --------- d-----w C:\Program Files\menumath
2008-08-14 23:58 73,728 ----a-w C:\WINDOWS\ALCFDRTM.EXE
2008-08-14 21:22 --------- d-----w C:\Documents and Settings\LocalService\Application Data\AdobeUM
2008-08-14 01:30 --------- d-----w C:\Program Files\scrabbleproB1.0.8
2008-08-12 17:22 --------- d-----w C:\Program Files\Micro Trivial Pursuit
2008-08-11 23:27 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-08-11 23:27 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\DAEMON Tools
2008-08-11 22:20 --------- d-----w C:\Documents and Settings\LocalService\Application Data\agi
2008-08-11 22:19 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\agi
2008-07-28 15:53 110 ----a-w C:\ripp.bat
2008-07-28 14:34 --------- d-----w C:\Program Files\AviSynth 2.5
2008-07-26 11:22 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-07-06 00:23 3,460 ----a-w C:\Program Files\SETUP.LST
2008-07-06 00:16 290,816 ------w C:\WINDOWS\Setup1.exe
2008-06-26 22:00 74,752 ------w C:\WINDOWS\ST6UNST.EXE
2007-04-02 21:37 5,170,176 ----a-w C:\Program Files\WindowsDefender.msi
1998-07-12 22:00 21,504 ----a-w C:\Program Files\TABCTFR.DLL
2006-05-03 10:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2007-02-21 11:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
.

((((((((((((((((((((((((((((( snapshot@2008-09-24_22.40.00.81 )))))))))))))))))))))))))))))))))))))))))
.
- 2004-08-04 13:07:10 82,944 -c----w C:\WINDOWS\$NtUninstallKB946648$\msgsc.dll
+ 2004-08-04 13:07:10 82,944 -c----w C:\WINDOWS\$NtUninstallKB946648_0$\msgsc.dll
+ 2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS\$NtUninstallKB946648_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB946648_0$\spuninst\updspapi.dll
- 2004-08-05 04:00:00 200,064 -c----w C:\WINDOWS\$NtUninstallKB950762$\rmcast.sys
+ 2004-08-05 04:00:00 200,064 -c----w C:\WINDOWS\$NtUninstallKB950762_0$\rmcast.sys
+ 2007-11-30 12:39:29 26,488 -c----w C:\WINDOWS\$NtUninstallKB950762_0$\spcustom.dll
+ 2007-11-30 12:39:29 18,296 -c----w C:\WINDOWS\$NtUninstallKB950762_0$\spmsg.dll
+ 2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS\$NtUninstallKB950762_0$\spuninst.exe
+ 2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS\$NtUninstallKB950762_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB950762_0$\spuninst\updspapi.dll
+ 2007-11-30 12:39:29 767,352 -c----w C:\WINDOWS\$NtUninstallKB950762_0$\update.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB950762_0$\updspapi.dll
- 2005-07-26 04:39:57 243,200 -c----w C:\WINDOWS\$NtUninstallKB950974$\es.dll
+ 2005-07-26 04:39:57 243,200 -c----w C:\WINDOWS\$NtUninstallKB950974_0$\es.dll
+ 2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS\$NtUninstallKB950974_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:29 406,392 -c----w C:\WINDOWS\$NtUninstallKB950974_0$\spuninst\updspapi.dll
- 2007-08-21 06:17:23 683,520 -c----w C:\WINDOWS\$NtUninstallKB951066$\inetcomm.dll
+ 2007-08-21 06:17:23 683,520 -c----w C:\WINDOWS\$NtUninstallKB951066_0$\inetcomm.dll
+ 2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS\$NtUninstallKB951066_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB951066_0$\spuninst\updspapi.dll
- 2008-04-14 15:52:45 272,768 -c----w C:\WINDOWS\$NtUninstallKB951376-v2$\bthport.sys
+ 2008-04-14 15:52:45 272,768 -c----w C:\WINDOWS\$NtUninstallKB951376-v2_0$\bthport.sys
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB951376-v2_0$\spuninst\spuninst.exe
+ 2007-11-30 11:19:10 406,392 -c----w C:\WINDOWS\$NtUninstallKB951376-v2_0$\spuninst\updspapi.dll
+ 2007-11-30 11:19:06 26,488 -c----w C:\WINDOWS\$NtUninstallKB951376_0$\spcustom.dll
+ 2007-11-30 11:19:06 18,296 -c----w C:\WINDOWS\$NtUninstallKB951376_0$\spmsg.dll
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB951376_0$\spuninst.exe
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB951376_0$\spuninst\spuninst.exe
+ 2007-11-30 11:19:10 406,392 -c----w C:\WINDOWS\$NtUninstallKB951376_0$\spuninst\updspapi.dll
+ 2007-11-30 11:19:06 767,352 -c----w C:\WINDOWS\$NtUninstallKB951376_0$\update.exe
+ 2007-11-30 11:19:10 406,392 -c----w C:\WINDOWS\$NtUninstallKB951376_0$\updspapi.dll
- 2004-08-06 01:00:00 1,293,824 -c----w C:\WINDOWS\$NtUninstallKB951698$\quartz.dll
+ 2004-08-06 01:00:00 1,293,824 -c----w C:\WINDOWS\$NtUninstallKB951698_0$\quartz.dll
+ 2007-11-30 11:19:06 26,488 -c----w C:\WINDOWS\$NtUninstallKB951698_0$\spcustom.dll
+ 2007-11-30 11:19:06 18,296 -c----w C:\WINDOWS\$NtUninstallKB951698_0$\spmsg.dll
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB951698_0$\spuninst.exe
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB951698_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB951698_0$\spuninst\updspapi.dll
+ 2007-11-30 12:39:29 767,352 -c----w C:\WINDOWS\$NtUninstallKB951698_0$\update.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB951698_0$\updspapi.dll
- 2004-08-06 01:00:00 138,496 -c----w C:\WINDOWS\$NtUninstallKB951748$\afd.sys
- 2008-02-20 05:35:05 148,992 -c----w C:\WINDOWS\$NtUninstallKB951748$\dnsapi.dll
- 2004-08-06 01:00:00 247,808 -c----w C:\WINDOWS\$NtUninstallKB951748$\mswsock.dll
- 2007-10-30 17:20:55 360,064 -c----w C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
- 2006-08-16 09:37:30 225,664 -c----w C:\WINDOWS\$NtUninstallKB951748$\tcpip6.sys
+ 2004-08-06 01:00:00 138,496 -c----w C:\WINDOWS\$NtUninstallKB951748_0$\afd.sys
+ 2008-02-20 05:35:05 148,992 -c----w C:\WINDOWS\$NtUninstallKB951748_0$\dnsapi.dll
+ 2004-08-06 01:00:00 247,808 -c----w C:\WINDOWS\$NtUninstallKB951748_0$\mswsock.dll
+ 2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS\$NtUninstallKB951748_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:29 406,392 -c----w C:\WINDOWS\$NtUninstallKB951748_0$\spuninst\updspapi.dll
+ 2007-10-30 17:20:55 360,064 -c----w C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
+ 2006-08-16 09:37:30 225,664 -c----w C:\WINDOWS\$NtUninstallKB951748_0$\tcpip6.sys
- 2004-08-06 01:00:00 331,776 -c----w C:\WINDOWS\$NtUninstallKB952287$\msadce.dll
+ 2004-08-06 01:00:00 331,776 -c----w C:\WINDOWS\$NtUninstallKB952287_0$\msadce.dll
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB952287_0$\spuninst\spuninst.exe
+ 2007-11-30 11:19:10 406,392 -c----w C:\WINDOWS\$NtUninstallKB952287_0$\spuninst\updspapi.dll
- 2005-06-29 01:49:41 74,240 -c----w C:\WINDOWS\$NtUninstallKB952954$\mscms.dll
+ 2005-06-29 01:49:41 74,240 -c----w C:\WINDOWS\$NtUninstallKB952954_0$\mscms.dll
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB952954_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB952954_0$\spuninst\updspapi.dll
- 2006-10-04 14:05:26 39,424 ------w C:\WINDOWS\AppPatch\acadproc.dll
+ 2008-04-14 02:33:18 39,424 ----a-w C:\WINDOWS\AppPatch\acadproc.dll
- 2004-08-06 01:00:00 1,852,416 ----a-w C:\WINDOWS\AppPatch\AcGenral.dll
+ 2008-04-14 02:33:18 1,852,928 ----a-w C:\WINDOWS\AppPatch\acgenral.dll
- 2004-08-06 01:00:00 450,048 ----a-w C:\WINDOWS\AppPatch\AcLayers.dll
+ 2008-04-14 02:33:18 451,072 ----a-w C:\WINDOWS\AppPatch\aclayers.dll
- 2004-08-06 01:00:00 137,728 ----a-w C:\WINDOWS\AppPatch\AcLua.dll
+ 2008-04-14 02:33:18 141,312 ----a-w C:\WINDOWS\AppPatch\aclua.dll
- 2004-08-06 01:00:00 244,736 ----a-w C:\WINDOWS\AppPatch\AcSpecfc.dll
+ 2008-04-14 02:33:18 245,248 ----a-w C:\WINDOWS\AppPatch\acspecfc.dll
- 2004-08-06 01:00:00 116,224 ----a-w C:\WINDOWS\AppPatch\AcXtrnal.dll
+ 2008-04-14 02:33:18 116,224 ----a-w C:\WINDOWS\AppPatch\acxtrnal.dll
- 2007-10-19 17:44:37 181,760 ----a-w C:\WINDOWS\BDOSCAN8\bdcore.dll
+ 2008-09-25 08:51:41 102,400 ----a-w C:\WINDOWS\BDOSCAN8\bdcore.dll
- 2006-05-24 23:21:00 118,784 ----a-w C:\WINDOWS\BDOSCAN8\bdupd.dll
+ 2008-01-09 13:01:48 118,784 ----a-w C:\WINDOWS\BDOSCAN8\bdupd.dll
- 2006-05-24 23:21:14 53,248 ----a-w C:\WINDOWS\BDOSCAN8\ipsupd.dll
+ 2008-01-09 13:01:48 53,248 ----a-w C:\WINDOWS\BDOSCAN8\ipsupd.dll
- 2007-10-19 17:44:38 142,848 ----a-w C:\WINDOWS\BDOSCAN8\libfn.dll
+ 2008-09-25 08:51:41 142,848 ----a-w C:\WINDOWS\BDOSCAN8\libfn.dll
+ 2008-01-09 13:01:48 118,784 ----a-w C:\WINDOWS\Downloaded Program Files\CONFLICT.1\bdupd.dll
+ 2008-01-09 13:01:48 53,248 ----a-w C:\WINDOWS\Downloaded Program Files\CONFLICT.1\ipsupd.dll
- 2008-06-14 17:59:52 272,768 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys
+ 2008-06-14 17:33:37 272,768 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys
- 2007-06-13 13:22:28 1,037,312 ----a-w C:\WINDOWS\explorer.exe
+ 2008-04-14 02:34:03 1,037,824 ----a-w C:\WINDOWS\explorer.exe
- 2004-08-06 01:00:00 34,816 ----a-w C:\WINDOWS\Help\sniffpol.dll
+ 2008-04-14 02:33:41 34,816 ----a-w C:\WINDOWS\Help\sniffpol.dll
- 2004-08-06 01:00:00 33,280 ----a-w C:\WINDOWS\Help\sstub.dll
+ 2008-04-14 02:33:46 33,280 ----a-w C:\WINDOWS\Help\sstub.dll
- 2004-08-06 01:00:00 279,040 ----a-w C:\WINDOWS\Help\tshoot.dll
+ 2008-04-14 02:33:46 279,040 ----a-w C:\WINDOWS\Help\tshoot.dll
- 2005-05-26 23:22:01 10,752 ----a-w C:\WINDOWS\hh.exe
+ 2008-04-14 02:34:06 10,752 ----a-w C:\WINDOWS\hh.exe
- 2004-08-05 04:00:00 175,104 ----a-w C:\WINDOWS\ime\chsime\applets\PINTLCSA.DLL
+ 2008-04-14 02:32:16 175,104 ----a-w C:\WINDOWS\ime\chsime\applets\pintlcsa.dll
- 2004-08-05 04:00:00 53,760 ----a-w C:\WINDOWS\ime\chsime\applets\PINTLCSD.DLL
+ 2008-04-14 02:32:16 53,760 ----a-w C:\WINDOWS\ime\chsime\applets\pintlcsd.dll
- 2004-08-05 04:00:00 97,792 ----a-w C:\WINDOWS\ime\CHTIME\Applets\CHTMBX.DLL
+ 2008-04-14 02:31:03 97,792 ----a-w C:\WINDOWS\ime\CHTIME\Applets\chtmbx.dll
- 2004-08-05 04:00:00 56,320 ----a-w C:\WINDOWS\ime\CHTIME\Applets\CHTSKDIC.DLL
+ 2008-04-14 02:31:03 56,320 ----a-w C:\WINDOWS\ime\CHTIME\Applets\chtskdic.dll
- 2004-08-05 04:00:00 173,568 ----a-w C:\WINDOWS\ime\CHTIME\Applets\CHTSKF.DLL
+ 2008-04-14 02:31:03 173,568 ----a-w C:\WINDOWS\ime\CHTIME\Applets\chtskf.dll
- 2004-08-05 04:00:00 426,041 ----a-w C:\WINDOWS\ime\imjp8_1\applets\voicepad.dll
+ 2008-04-14 02:32:46 426,041 ----a-w C:\WINDOWS\ime\imjp8_1\applets\voicepad.dll
- 2004-08-05 04:00:00 86,073 ----a-w C:\WINDOWS\ime\imjp8_1\applets\voicesub.dll
+ 2008-04-14 02:32:46 86,073 ----a-w C:\WINDOWS\ime\imjp8_1\applets\voicesub.dll
- 2004-08-05 04:00:00 368,696 ----a-w C:\WINDOWS\ime\imjp8_1\imjpcic.dll
+ 2008-04-14 02:31:33 368,696 ----a-w C:\WINDOWS\ime\imjp8_1\imjpcic.dll
- 2004-08-05 04:00:00 716,856 ----a-w C:\WINDOWS\ime\imjp8_1\imjpcus.dll
+ 2008-04-14 02:31:33 716,856 ----a-w C:\WINDOWS\ime\imjp8_1\imjpcus.dll
- 2004-08-05 04:00:00 81,976 ----a-w C:\WINDOWS\ime\imjp8_1\imjpdct.dll
+ 2008-04-14 02:31:33 81,976 ----a-w C:\WINDOWS\ime\imjp8_1\imjpdct.dll
- 2004-08-05 04:00:00 274,489 ----a-w C:\WINDOWS\ime\imjp8_1\imjputyc.dll
+ 2008-04-14 02:31:34 274,489 ----a-w C:\WINDOWS\ime\imjp8_1\imjputyc.dll
- 2004-08-05 04:00:00 86,016 ----a-w C:\WINDOWS\ime\imkr6_1\applets\imekrmbx.dll
+ 2008-04-14 02:31:33 86,016 ----a-w C:\WINDOWS\ime\imkr6_1\applets\imekrmbx.dll
- 2004-08-05 04:00:00 106,496 ----a-w C:\WINDOWS\ime\imkr6_1\imekrcic.dll
+ 2008-04-14 02:31:33 106,496 ----a-w C:\WINDOWS\ime\imkr6_1\imekrcic.dll
- 2004-08-06 01:00:00 220,160 ----a-w C:\WINDOWS\ime\mscandui.dll
+ 2008-04-14 02:33:30 220,160 ----a-w C:\WINDOWS\ime\mscandui.dll
- 2004-08-05 04:00:00 102,456 ----a-w C:\WINDOWS\ime\shared\imlang.dll
+ 2008-04-14 02:31:34 102,456 ----a-w C:\WINDOWS\ime\shared\imlang.dll
- 2004-08-05 04:00:00 15,872 ----a-w C:\WINDOWS\ime\shared\res\PADRS404.DLL
+ 2008-04-14 02:32:16 15,872 ----a-w C:\WINDOWS\ime\shared\res\padrs404.dll
- 2004-08-05 04:00:00 15,360 ----a-w C:\WINDOWS\ime\shared\res\padrs804.dll
+ 2008-04-14 02:32:16 15,360 ----a-w C:\WINDOWS\ime\shared\res\padrs804.dll
- 2004-08-06 01:00:00 130,048 ----a-w C:\WINDOWS\ime\SOFTKBD.DLL
+ 2008-04-14 02:33:41 130,048 ----a-w C:\WINDOWS\ime\softkbd.dll
- 2004-08-06 01:00:00 62,976 ----a-w C:\WINDOWS\ime\SPGRMR.dll
+ 2008-04-13 16:43:18 62,976 ----a-w C:\WINDOWS\ime\spgrmr.dll
- 2004-08-06 01:00:00 272,384 ----a-w C:\WINDOWS\ime\SPTIP.dll
+ 2008-04-14 02:33:46 272,384 ----a-w C:\WINDOWS\ime\sptip.dll
- 2008-07-24 19:56:28 29,926 ----a-r C:\WINDOWS\Installer\{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}\MsblIco.Exe
+ 2008-09-26 01:15:58 29,926 ----a-r C:\WINDOWS\Installer\{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}\MsblIco.Exe
+ 2008-01-18 15:13:09 2,247 ------w C:\WINDOWS\Installer\tsclientmsitrans\tscdsbl.bat
+ 2007-12-12 10:33:51 18,917 ------w C:\WINDOWS\Installer\tsclientmsitrans\tscinst.vbs
+ 2007-10-30 10:06:46 13,801 ------w C:\WINDOWS\Installer\tsclientmsitrans\tscuinst.vbs
+ 2008-04-14 02:33:06 25,600 ------w C:\WINDOWS\Installer\tsclientmsitrans\tscupdc.dll
- 2004-08-06 01:00:00 24,064 ----a-w C:\WINDOWS\msagent\agentanm.dll
+ 2008-04-14 02:33:18 24,064 ----a-w C:\WINDOWS\msagent\agentanm.dll
- 2004-08-06 01:00:00 214,016 ----a-w C:\WINDOWS\msagent\agentctl.dll
+ 2008-04-14 02:33:18 214,016 ----a-w C:\WINDOWS\msagent\agentctl.dll
- 2006-10-12 14:04:13 42,496 ----a-w C:\WINDOWS\msagent\agentdp2.dll
+ 2008-04-14 02:33:18 42,496 ----a-w C:\WINDOWS\msagent\agentdp2.dll
- 2007-03-09 13:48:06 57,344 ----a-w C:\WINDOWS\msagent\agentdpv.dll
+ 2008-04-14 02:33:18 57,344 ----a-w C:\WINDOWS\msagent\agentdpv.dll
- 2004-08-06 01:00:00 49,152 ----a-w C:\WINDOWS\msagent\agentmpx.dll
+ 2008-04-14 02:33:18 49,152 ----a-w C:\WINDOWS\msagent\agentmpx.dll
- 2004-08-06 01:00:00 24,064 ----a-w C:\WINDOWS\msagent\agentpsh.dll
+ 2008-04-14 02:33:18 24,064 ----a-w C:\WINDOWS\msagent\agentpsh.dll
- 2004-08-06 01:00:00 44,032 ----a-w C:\WINDOWS\msagent\agentsr.dll
+ 2008-04-14 02:33:18 44,032 ----a-w C:\WINDOWS\msagent\agentsr.dll
- 2006-10-12 11:09:53 256,512 ----a-w C:\WINDOWS\msagent\agentsvr.exe
+ 2008-04-14 02:33:53 256,512 ----a-w C:\WINDOWS\msagent\agentsvr.exe
- 2004-08-06 01:00:00 24,064 ----a-w C:\WINDOWS\msagent\agtintl.dll
+ 2008-04-14 02:33:19 24,064 ----a-w C:\WINDOWS\msagent\agtintl.dll
- 2004-08-05 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0405.dll
+ 2007-04-02 18:25:59 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0405.dll
- 2004-08-05 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0406.dll
+ 2007-04-02 18:25:59 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0406.dll
- 2004-08-05 04:00:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt0407.dll
+ 2007-04-02 18:26:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt0407.dll
- 2004-08-05 04:00:00 22,016 ----a-w C:\WINDOWS\msagent\intl\agt0408.dll
+ 2007-04-02 18:26:00 22,016 ----a-w C:\WINDOWS\msagent\intl\agt0408.dll
- 2004-08-05 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0409.dll
+ 2008-04-13 17:32:28 19,968 ----a-w C:\WINDOWS\msagent\intl\agt0409.dll
- 2004-08-05 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt040b.dll
+ 2007-04-02 18:26:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt040b.dll
- 2004-08-05 04:00:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt040c.dll
+ 2007-04-02 18:26:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt040c.dll
- 2004-08-05 04:00:00 19,968 ----a-w C:\WINDOWS\msagent\intl\agt040e.dll
+ 2007-04-02 18:26:00 19,968 ----a-w C:\WINDOWS\msagent\intl\agt040e.dll
- 2004-08-05 04:00:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0410.dll
+ 2007-04-02 18:26:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0410.dll
- 2004-08-05 04:00:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0413.dll
+ 2007-04-02 18:26:01 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0413.dll
- 2004-08-05 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0414.dll
+ 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0414.dll
- 2004-08-05 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0415.dll
+ 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0415.dll
- 2004-08-05 04:00:00 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0416.dll
+ 2007-04-02 18:26:01 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0416.dll
- 2004-08-05 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0419.dll
+ 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0419.dll
- 2004-08-05 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041d.dll
+ 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041d.dll
- 2004-08-05 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041f.dll
+ 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041f.dll
- 2004-08-05 04:00:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0816.dll
+ 2007-04-02 18:26:02 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0816.dll
- 2004-08-05 04:00:00 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0c0a.dll
+ 2007-04-02 18:26:02 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0c0a.dll
- 2004-08-06 01:00:00 39,936 ----a-w C:\WINDOWS\msagent\mslwvtts.dll
+ 2008-04-14 02:33:32 39,936 ----a-w C:\WINDOWS\msagent\mslwvtts.dll
- 2006-06-02 19:32:20 33,792 ------w C:\WINDOWS\network diagnostic\custsat.dll
+ 2008-04-14 02:33:22 33,792 ------w C:\WINDOWS\network diagnostic\custsat.dll
- 2006-10-10 12:44:50 557,568 ------w C:\WINDOWS\network diagnostic\xpnetdiag.exe
+ 2008-04-13 18:53:32 558,080 ------w C:\WINDOWS\network diagnostic\xpnetdiag.exe
- 2004-08-06 01:00:00 70,656 ----a-w C:\WINDOWS\NOTEPAD.EXE
+ 2008-04-14 02:34:15 70,656 ----a-w C:\WINDOWS\notepad.exe
- 2004-08-06 01:00:00 768,512 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe
+ 2008-04-14 02:34:06 769,024 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe
- 2004-08-06 01:00:00 743,936 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HelpSvc.exe
+ 2008-04-14 02:34:06 744,448 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\helpsvc.exe
- 2004-08-06 01:00:00 18,944 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HscUpd.exe
+ 2008-04-14 02:34:06 18,432 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\hscupd.exe
- 2004-08-06 01:00:00 160,768 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe
+ 2008-04-14 02:34:12 172,544 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe
- 2004-08-06 01:00:00 381,952 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msinfo.dll
+ 2008-04-14 02:33:32 382,464 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msinfo.dll
- 2004-08-06 01:00:00 102,400 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchshell.dll
+ 2008-04-14 02:33:38 102,912 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchshell.dll
- 2004-08-06 01:00:00 38,912 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
+ 2008-04-14 02:33:38 38,400 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
- 2006-09-17 02:12:40 82,203 ----a-w C:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat
+ 2008-09-25 23:25:23 82,203 ----a-w C:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat
- 2006-09-17 02:12:40 3,744 ----a-w C:\WINDOWS\pchealth\helpctr\PackageStore\SkuStore.bin
+ 2008-09-25 23:25:24 4,050 ----a-w C:\WINDOWS\pchealth\helpctr\PackageStore\SkuStore.bin
- 2004-08-06 01:00:00 151,040 ----a-w C:\WINDOWS\pchealth\UploadLB\Binaries\UploadM.exe
+ 2008-04-14 02:34:26 151,040 ----a-w C:\WINDOWS\pchealth\UploadLB\Binaries\uploadm.exe
- 2004-08-06 01:00:00 151,552 ----a-w C:\WINDOWS\PeerNet\sqldb20.dll
+ 2008-04-14 02:33:46 151,552 ----a-w C:\WINDOWS\PeerNet\sqldb20.dll
- 2004-08-06 01:00:00 462,848 ----a-w C:\WINDOWS\PeerNet\sqlqp20.dll
+ 2008-04-14 02:33:46 462,848 ----a-w C:\WINDOWS\PeerNet\sqlqp20.dll
- 2004-08-06 01:00:00 110,592 ----a-w C:\WINDOWS\PeerNet\sqlse20.dll
+ 2008-04-14 02:33:46 110,592 ----a-w C:\WINDOWS\PeerNet\sqlse20.dll
- 2004-08-06 01:00:00 153,088 ----a-w C:\WINDOWS\regedit.exe
+ 2008-04-14 02:34:19 153,088 ----a-w C:\WINDOWS\regedit.exe
+ 2008-04-13 18:46:18 53,376 ------w C:\WINDOWS\ServicePackFiles\i386\1394bus.sys
+ 2008-04-13 18:40:50 12,288 ------w C:\WINDOWS\ServicePackFiles\i386\4mmdat.sys
+ 2008-04-13 18:46:20 48,128 ------w C:\WINDOWS\ServicePackFiles\i386\61883.sys
+ 2008-04-14 02:33:18 100,352 ------w C:\WINDOWS\ServicePackFiles\i386\6to4svc.dll
+ 2008-04-14 02:33:18 136,192 ------w C:\WINDOWS\ServicePackFiles\i386\aaclient.dll
+ 2004-08-03 20:32:22 231,552 ------w C:\WINDOWS\ServicePackFiles\i386\ac97ali.sys
+ 2004-08-03 20:32:32 84,480 ------w C:\WINDOWS\ServicePackFiles\i386\ac97via.sys
+ 2008-04-14 02:33:18 39,424 ------w C:\WINDOWS\ServicePackFiles\i386\acadproc.dll
+ 2008-04-14 02:33:53 190,464 ------w C:\WINDOWS\ServicePackFiles\i386\accwiz.exe
+ 2008-04-14 02:33:18 1,852,928 ------w C:\WINDOWS\ServicePackFiles\i386\acgenral.dll
+ 2008-04-14 02:33:18 451,072 ------w C:\WINDOWS\ServicePackFiles\i386\aclayers.dll
+ 2008-04-14 02:33:18 141,312 ------w C:\WINDOWS\ServicePackFiles\i386\aclua.dll
+ 2008-04-14 02:33:18 120,320 ------w C:\WINDOWS\ServicePackFiles\i386\aclui.dll
+ 2008-04-14 01:52:42 188,672 ------w C:\WINDOWS\ServicePackFiles\i386\acpi.sys
+ 2008-04-14 02:33:18 245,248 ------w C:\WINDOWS\ServicePackFiles\i386\acspecfc.dll
+ 2008-04-14 02:33:18 193,536 ------w C:\WINDOWS\ServicePackFiles\i386\activeds.dll
+ 2008-04-14 02:33:53 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\actmovie.exe
+ 2008-04-14 02:33:18 98,304 ------w C:\WINDOWS\ServicePackFiles\i386\actxprxy.dll
+ 2008-04-14 02:33:18 116,224 ------w C:\WINDOWS\ServicePackFiles\i386\acxtrnal.dll
+ 2008-04-14 02:33:18 20,540 ------w C:\WINDOWS\ServicePackFiles\i386\admin.dll
+ 2008-04-14 02:33:53 16,439 ------w C:\WINDOWS\ServicePackFiles\i386\admin.exe
+ 2004-08-03 20:32:24 10,880 ------w C:\WINDOWS\ServicePackFiles\i386\admjoy.sys
+ 2008-04-14 02:33:18 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\admparse.dll
+ 2008-04-14 02:33:18 175,616 ------w C:\WINDOWS\ServicePackFiles\i386\adsldp.dll
+ 2008-04-14 02:33:18 143,360 ------w C:\WINDOWS\ServicePackFiles\i386\adsldpc.dll
+ 2008-04-14 02:33:18 68,096 ------w C:\WINDOWS\ServicePackFiles\i386\adsmsext.dll
+ 2008-04-14 02:33:18 263,680 ------w C:\WINDOWS\ServicePackFiles\i386\adsnt.dll
+ 2008-04-14 02:33:18 4,255 ------w C:\WINDOWS\ServicePackFiles\i386\adv01nt5.dll
+ 2008-04-14 02:33:18 3,967 ------w C:\WINDOWS\ServicePackFiles\i386\adv02nt5.dll
+ 2008-04-14 02:33:18 3,615 ------w C:\WINDOWS\ServicePackFiles\i386\adv05nt5.dll
+ 2008-04-14 02:33:18 3,647 ------w C:\WINDOWS\ServicePackFiles\i386\adv07nt5.dll
+ 2008-04-14 02:33:18 3,135 ------w C:\WINDOWS\ServicePackFiles\i386\adv08nt5.dll
+ 2008-04-14 02:33:18 3,711 ------w C:\WINDOWS\ServicePackFiles\i386\adv09nt5.dll
+ 2008-04-14 02:33:18 3,775 ------w C:\WINDOWS\ServicePackFiles\i386\adv11nt5.dll
+ 2008-04-14 02:33:18 685,568 ------w C:\WINDOWS\ServicePackFiles\i386\advapi32.dll
+ 2008-04-14 02:33:18 101,888 ------w C:\WINDOWS\ServicePackFiles\i386\advpack.dll
+ 2008-04-13 16:39:23 142,592 ------w C:\WINDOWS\ServicePackFiles\i386\aec.sys
+ 2008-04-13 19:19:23 138,112 ------w C:\WINDOWS\ServicePackFiles\i386\afd.sys
+ 2008-04-14 02:33:18 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\agentanm.dll
+ 2008-04-14 02:33:18 214,016 ------w C:\WINDOWS\ServicePackFiles\i386\agentctl.dll
+ 2008-04-14 02:33:18 42,496 ------w C:\WINDOWS\ServicePackFiles\i386\agentdp2.dll
+ 2008-04-14 02:33:18 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\agentdpv.dll
+ 2008-04-14 02:33:18 49,152 ------w C:\WINDOWS\ServicePackFiles\i386\agentmpx.dll
+ 2008-04-14 02:33:18 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\agentpsh.dll
+ 2008-04-14 02:33:18 44,032 ------w C:\WINDOWS\ServicePackFiles\i386\agentsr.dll
+ 2008-04-14 02:33:53 256,512 ------w C:\WINDOWS\ServicePackFiles\i386\agentsvr.exe
+ 2008-04-13 18:36:38 42,368 ------w C:\WINDOWS\ServicePackFiles\i386\agp440.sys
+ 2008-04-13 18:36:39 44,928 ------w C:\WINDOWS\ServicePackFiles\i386\agpcpq.sys
+ 2007-04-02 18:25:59 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0401.dll
+ 2007-04-02 18:25:59 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0404.dll
+ 2007-04-02 18:25:59 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0405.dll
+ 2007-04-02 18:25:59 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0406.dll
+ 2007-04-02 18:26:00 21,504 ------w C:\WINDOWS\ServicePackFiles\i386\agt0407.dll
+ 2007-04-02 18:26:00 22,016 ------w C:\WINDOWS\ServicePackFiles\i386\agt0408.dll
+ 2008-04-13 17:32:28 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\agt0409.dll
+ 2007-04-02 18:26:00 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt040b.dll
+ 2007-04-02 18:26:00 21,504 ------w C:\WINDOWS\ServicePackFiles\i386\agt040c.dll
+ 2007-04-02 18:26:00 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt040d.dll
+ 2007-04-02 18:26:00 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\agt040e.dll
+ 2007-04-02 18:26:00 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\agt0410.dll
+ 2007-04-02 18:26:00 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0411.dll
+ 2007-04-02 18:26:00 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0412.dll
+ 2007-04-02 18:26:01 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\agt0413.dll
+ 2007-04-02 18:26:01 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0414.dll
+ 2007-04-02 18:26:01 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0415.dll
+ 2007-04-02 18:26:01 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\agt0416.dll
+ 2007-04-02 18:26:01 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0419.dll
+ 2007-04-02 18:26:01 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt041d.dll
+ 2007-04-02 18:26:01 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt041f.dll
+ 2007-04-02 18:26:02 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0804.dll
+ 2007-04-02 18:26:02 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\agt0816.dll
+ 2007-04-02 18:26:02 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\agt0c0a.dll
+ 2008-04-14 02:33:19 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\agtintl.dll
+ 2008-04-14 02:33:53 98,304 ------w C:\WINDOWS\ServicePackFiles\i386\ahui.exe
+ 2008-04-14 02:33:53 44,544 ------w C:\WINDOWS\ServicePackFiles\i386\alg.exe
+ 2008-04-13 18:36:38 42,752 ------w C:\WINDOWS\ServicePackFiles\i386\alim1541.sys
+ 2008-04-14 02:33:19 17,408 ------w C:\WINDOWS\ServicePackFiles\i386\alrsvc.dll
+ 2008-04-13 18:36:39 43,008 ------w C:\WINDOWS\ServicePackFiles\i386\amdagp.sys
+ 2008-04-14 01:54:28 41,472 ------w C:\WINDOWS\ServicePackFiles\i386\amdk6.sys
+ 2008-04-14 01:54:29 41,856 ------w C:\WINDOWS\ServicePackFiles\i386\amdk7.sys
+ 2008-04-14 02:33:19 70,656 ------w C:\WINDOWS\ServicePackFiles\i386\amstream.dll
+ 2004-08-03 20:31:20 36,224 ------w C:\WINDOWS\ServicePackFiles\i386\an983.sys
+ 2008-04-14 02:33:19 125,952 ------w C:\WINDOWS\ServicePackFiles\i386\apphelp.dll
+ 2008-04-14 02:33:19 334,336 ------w C:\WINDOWS\ServicePackFiles\i386\aqueue.dll
+ 2008-04-13 18:51:25 60,800 ------w C:\WINDOWS\ServicePackFiles\i386\arp1394.sys
+ 2008-04-14 02:33:19 65,024 ------w C:\WINDOWS\ServicePackFiles\i386\asycfilt.dll
+ 2008-04-13 18:57:27 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\asyncmac.sys
+ 2008-04-14 02:33:53 25,088 ------w C:\WINDOWS\ServicePackFiles\i386\at.exe
+ 2008-04-13 18:40:30 96,512 ------w C:\WINDOWS\ServicePackFiles\i386\atapi.sys
+ 2004-08-03 20:29:30 56,623 ------w C:\WINDOWS\ServicePackFiles\i386\ati1btxx.sys
+ 2004-08-03 20:29:30 11,615 ------w C:\WINDOWS\ServicePackFiles\i386\ati1mdxx.sys
+ 2004-08-03 20:29:30 12,047 ------w C:\WINDOWS\ServicePackFiles\i386\ati1pdxx.sys
+ 2004-08-03 20:29:32 30,671 ------w C:\WINDOWS\ServicePackFiles\i386\ati1raxx.sys
+ 2004-08-03 20:29:32 63,663 ------w C:\WINDOWS\ServicePackFiles\i386\ati1rvxx.sys
+ 2004-08-03 20:29:32 26,367 ------w C:\WINDOWS\ServicePackFiles\i386\ati1snxx.sys
+ 2004-08-03 20:29:32 21,343 ------w C:\WINDOWS\ServicePackFiles\i386\ati1ttxx.sys
+ 2004-08-03 20:29:32 36,463 ------w C:\WINDOWS\ServicePackFiles\i386\ati1tuxx.sys
+ 2004-08-03 20:29:32 29,455 ------w C:\WINDOWS\ServicePackFiles\i386\ati1xbxx.sys
+ 2004-08-03 20:29:32 34,735 ------w C:\WINDOWS\ServicePackFiles\i386\ati1xsxx.sys
+ 2008-04-14 02:33:19 229,376 ------w C:\WINDOWS\ServicePackFiles\i386\ati2cqag.dll
+ 2008-04-14 02:33:19 377,984 ------w C:\WINDOWS\ServicePackFiles\i386\ati2dvaa.dll
+ 2008-04-14 02:33:19 201,728 ------w C:\WINDOWS\ServicePackFiles\i386\ati2dvag.dll
+ 2004-08-03 22:38:42 327,168 ------w C:\WINDOWS\ServicePackFiles\i386\ati2mtaa.sys
+ 2004-08-03 22:38:44 701,440 ------w C:\WINDOWS\ServicePackFiles\i386\ati2mtag.sys
+ 2008-04-14 02:33:19 870,784 ------w C:\WINDOWS\ServicePackFiles\i386\ati3d1ag.dll
+ 2008-04-14 02:33:19 1,057,760 ------w C:\WINDOWS\ServicePackFiles\i386\ati3d2ag.dll
+ 2008-04-14 02:33:19 1,888,992 ------w C:\WINDOWS\ServicePackFiles\i386\ati3duag.dll
+ 2004-08-03 20:29:28 57,856 ------w C:\WINDOWS\ServicePackFiles\i386\atinbtxx.sys
+ 2004-08-03 20:29:30 13,824 ------w C:\WINDOWS\ServicePackFiles\i386\atinmdxx.sys
+ 2004-08-03 20:29:30 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\atinpdxx.sys
+ 2004-08-03 20:29:30 52,224 ------w C:\WINDOWS\ServicePackFiles\i386\atinraxx.sys
+ 2004-08-03 20:29:32 104,960 ------w C:\WINDOWS\ServicePackFiles\i386\atinrvxx.sys
+ 2004-08-03 20:29:32 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\atinsnxx.sys
+ 2004-08-03 20:29:32 13,824 ------w C:\WINDOWS\ServicePackFiles\i386\atinttxx.sys
+ 2004-08-03 20:29:32 73,216 ------w C:\WINDOWS\ServicePackFiles\i386\atintuxx.sys
+ 2004-08-03 20:29:32 31,744 ------w C:\WINDOWS\ServicePackFiles\i386\atinxbxx.sys
+ 2004-08-03 20:29:32 63,488 ------w C:\WINDOWS\ServicePackFiles\i386\atinxsxx.sys
+ 2008-04-14 02:33:19 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\ativtmxx.dll
+ 2008-04-14 02:33:19 516,768 ------w C:\WINDOWS\ServicePackFiles\i386\ativvaxx.dll
+ 2008-04-14 02:33:19 58,880 ------w C:\WINDOWS\ServicePackFiles\i386\atl.dll
+ 2008-04-14 02:33:53 11,264 ------w C:\WINDOWS\ServicePackFiles\i386\atmadm.exe
+ 2008-04-13 18:51:25 59,904 ------w C:\WINDOWS\ServicePackFiles\i386\atmarpc.sys
+ 2008-04-14 02:31:00 285,696 ------w C:\WINDOWS\ServicePackFiles\i386\atmfd.dll
+ 2008-04-13 18:51:30 55,808 ------w C:\WINDOWS\ServicePackFiles\i386\atmlane.sys
+ 2008-04-14 02:33:19 30,208 ------w C:\WINDOWS\ServicePackFiles\i386\atmlib.dll
+ 2008-04-14 02:33:53 12,288 ------w C:\WINDOWS\ServicePackFiles\i386\attrib.exe
+ 2008-04-14 02:33:19 21,183 ------w C:\WINDOWS\ServicePackFiles\i386\atv01nt5.dll
+ 2008-04-14 02:33:19 11,359 ------w C:\WINDOWS\ServicePackFiles\i386\atv02nt5.dll
+ 2008-04-14 02:33:19 25,471 ------w C:\WINDOWS\ServicePackFiles\i386\atv04nt5.dll
+ 2008-04-14 02:33:19 14,143 ------w C:\WINDOWS\ServicePackFiles\i386\atv06nt5.dll
+ 2008-04-14 02:33:19 17,279 ------w C:\WINDOWS\ServicePackFiles\i386\atv10nt5.dll
+ 2008-04-14 02:33:19 42,496 ------w C:\WINDOWS\ServicePackFiles\i386\audiosrv.dll
+ 2008-04-14 02:33:53 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\auditusr.exe
+ 2008-04-14 02:33:19 20,540 ------w C:\WINDOWS\ServicePackFiles\i386\author.dll
+ 2008-04-14 02:33:53 16,439 ------w C:\WINDOWS\ServicePackFiles\i386\author.exe
+ 2008-04-14 02:33:19 62,464 ------w C:\WINDOWS\ServicePackFiles\i386\authz.dll
+ 2008-04-14 02:33:53 625,152 ------w C:\WINDOWS\ServicePackFiles\i386\autochk.exe
+ 2008-04-14 02:33:53 638,976 ------w C:\WINDOWS\ServicePackFiles\i386\autoconv.exe
+ 2008-04-14 02:33:54 616,960 ------w C:\WINDOWS\ServicePackFiles\i386\autofmt.exe
+ 2008-04-14 02:33:54 11,264 ------w C:\WINDOWS\ServicePackFiles\i386\autolfn.exe
+ 2008-04-13 18:46:20 38,912 ------w C:\WINDOWS\ServicePackFiles\i386\avc.sys
+ 2008-04-13 18:46:07 13,696 ------w C:\WINDOWS\ServicePackFiles\i386\avcstrm.sys
+ 2008-04-14 02:33:19 85,504 ------w C:\WINDOWS\ServicePackFiles\i386\avifil32.dll
+ 2008-04-14 02:33:19 233,472 ------w C:\WINDOWS\ServicePackFiles\i386\azroles.dll
+ 2008-04-14 02:33:19 52,736 ------w C:\WINDOWS\ServicePackFiles\i386\basesrv.dll
+ 2008-04-14 02:33:19 29,184 ------w C:\WINDOWS\ServicePackFiles\i386\batmeter.dll
+ 2008-04-14 02:33:19 8,704 ------w C:\WINDOWS\ServicePackFiles\i386\batt.dll
+ 2008-04-13 18:36:32 14,208 ------w C:\WINDOWS\ServicePackFiles\i386\battc.sys
+ 2008-04-13 18:46:21 11,776 ------w C:\WINDOWS\ServicePackFiles\i386\bdasup.sys
+ 2008-04-14 02:33:19 17,408 ------w C:\WINDOWS\ServicePackFiles\i386\bidispl.dll
+ 2008-04-14 02:33:19 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\bitsprx2.dll
+ 2008-04-14 02:33:19 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\bitsprx3.dll
+ 2008-04-14 02:33:19 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\bitsprx4.dll
+ 2008-04-14 02:33:55 71,680 ------w C:\WINDOWS\ServicePackFiles\i386\blastcln.exe
+ 2008-04-13 18:53:23 71,552 ------w C:\WINDOWS\ServicePackFiles\i386\bridge.sys
+ 2008-04-14 01:57:48 70,144 ------w C:\WINDOWS\ServicePackFiles\i386\browselc.dll
+ 2008-04-14 02:33:20 77,824 ------w C:\WINDOWS\ServicePackFiles\i386\browser.dll
+ 2008-04-14 02:33:20 1,025,024 ------w C:\WINDOWS\ServicePackFiles\i386\browseui.dll
+ 2008-04-14 02:33:20 78,336 ------w C:\WINDOWS\ServicePackFiles\i386\browsewm.dll
+ 2008-04-14 02:33:20 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\bthci.dll
+ 2008-04-13 18:46:33 17,024 ------w C:\WINDOWS\ServicePackFiles\i386\bthenum.sys
+ 2008-04-13 18:46:33 37,888 ------w C:\WINDOWS\ServicePackFiles\i386\bthmodem.sys
+ 2008-04-13 18:51:34 101,120 ------w C:\WINDOWS\ServicePackFiles\i386\bthpan.sys
+ 2008-04-14 01:58:00 273,664 ------w C:\WINDOWS\ServicePackFiles\i386\bthport.sys
+ 2008-04-13 18:46:31 36,480 ------w C:\WINDOWS\ServicePackFiles\i386\bthprint.sys
+ 2008-04-14 02:33:20 30,208 ------w C:\WINDOWS\ServicePackFiles\i386\bthserv.dll
+ 2008-04-13 18:46:29 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\bthusb.sys
+ 2008-04-14 02:33:20 50,688 ------w C:\WINDOWS\ServicePackFiles\i386\btpanui.dll
+ 2008-04-14 02:33:20 218,112 ------w C:\WINDOWS\ServicePackFiles\i386\c_g18030.dll
+ 2008-04-14 02:33:20 60,416 ------w C:\WINDOWS\ServicePackFiles\i386\cabinet.dll
+ 2008-04-14 02:33:20 85,504 ------w C:\WINDOWS\ServicePackFiles\i386\cabview.dll
+ 2008-04-14 02:33:55 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\cacls.exe
+ 2008-04-14 02:33:20 385,024 ------w C:\WINDOWS\ServicePackFiles\i386\callcont.dll
+ 2008-04-14 02:33:20 121,856 ------w C:\WINDOWS\ServicePackFiles\i386\camext30.dll
+ 2008-04-14 02:33:20 50,688 ------w C:\WINDOWS\ServicePackFiles\i386\camocx.dll
+ 2008-04-14 02:33:20 153,600 ------w C:\WINDOWS\ServicePackFiles\i386\capesnpn.dll
+ 2008-04-14 02:33:20 226,304 ------w C:\WINDOWS\ServicePackFiles\i386\catsrv.dll
+ 2008-04-14 02:33:20 85,504 ------w C:\WINDOWS\ServicePackFiles\i386\catsrvps.dll
+ 2008-04-14 02:33:20 625,664 ------w C:\WINDOWS\ServicePackFiles\i386\catsrvut.dll
+ 2008-04-13 18:46:23 17,024 ------w C:\WINDOWS\ServicePackFiles\i386\ccdecode.sys
+ 2008-04-13 19:14:21 63,744 ------w C:\WINDOWS\ServicePackFiles\i386\cdfs.sys
+ 2008-04-14 02:33:20 152,064 ------w C:\WINDOWS\ServicePackFiles\i386\cdfview.dll
+ 2008-04-14 02:33:20 66,560 ------w C:\WINDOWS\ServicePackFiles\i386\cdm.dll
+ 2008-04-14 02:33:20 2,091,520 ------w C:\WINDOWS\ServicePackFiles\i386\cdosys.dll
+ 2008-04-13 18:40:46 62,976 ------w C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
+ 2008-04-14 02:33:20 200,192 ------w C:\WINDOWS\ServicePackFiles\i386\certcli.dll
+ 2008-04-14 02:33:20 467,968 ------w C:\WINDOWS\ServicePackFiles\i386\certmgr.dll
+ 2008-04-14 02:33:20 39,424 ------w C:\WINDOWS\ServicePackFiles\i386\cfgbkend.dll
+ 2008-04-14 02:31:03 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\cfgmgr32.dll
+ 2008-04-14 02:33:56 188,480 ------w C:\WINDOWS\ServicePackFiles\i386\cfgwiz.exe
+ 2008-04-14 02:33:20 15,423 ------w C:\WINDOWS\ServicePackFiles\i386\ch7xxnt5.dll
+ 2008-04-13 18:40:58 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\changer.sys
+ 2008-04-14 02:33:20 148,480 ------w C:\WINDOWS\ServicePackFiles\i386\cic.dll
+ 2008-04-14 02:33:20 1,359,360 ------w C:\WINDOWS\ServicePackFiles\i386\cimwin32.dll
+ 2008-04-14 02:33:20 69,120 ------w C:\WINDOWS\ServicePackFiles\i386\ciodm.dll
+ 2008-04-14 02:33:57 5,632 ------w C:\WINDOWS\ServicePackFiles\i386\cisvc.exe
+ 2008-04-13 19:16:22 49,536 ------w C:\WINDOWS\ServicePackFiles\i386\classpnp.sys
+ 2008-04-14 02:33:21 110,592 ------w C:\WINDOWS\ServicePackFiles\i386\clbcatex.dll
+ 2008-04-14 02:33:21 498,688 ------w C:\WINDOWS\ServicePackFiles\i386\clbcatq.dll
+ 2008-04-14 02:33:57 65,536 ------w C:\WINDOWS\ServicePackFiles\i386\cleanmgr.exe
+ 2008-04-14 02:33:21 77,824 ------w C:\WINDOWS\ServicePackFiles\i386\cliconfg.dll
+ 2008-04-14 02:33:57 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\cliconfg.exe
+ 2008-04-14 02:33:57 104,448 ------w C:\WINDOWS\ServicePackFiles\i386\clipbrd.exe
+ 2008-04-14 02:33:57 33,280 ------w C:\WINDOWS\ServicePackFiles\i386\clipsrv.exe
+ 2008-04-14 02:33:21 58,368 ------w C:\WINDOWS\ServicePackFiles\i386\clusapi.dll
+ 2008-04-13 18:36:37 13,952 ------w C:\WINDOWS\ServicePackFiles\i386\cmbatt.sys
+ 2008-04-14 02:33:21 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\cmcfg32.dll
+ 2008-04-14 02:33:57 401,408 ------w C:\WINDOWS\ServicePackFiles\i386\cmd.exe
+ 2008-04-14 02:33:21 353,280 ------w C:\WINDOWS\ServicePackFiles\i386\cmdial32.dll
+ 2008-04-14 02:33:57 25,600 ------w C:\WINDOWS\ServicePackFiles\i386\cmdl32.exe
+ 2008-04-14 02:33:57 39,936 ------w C:\WINDOWS\ServicePackFiles\i386\cmmon32.exe
+ 2008-04-14 02:33:21 191,488 ------w C:\WINDOWS\ServicePackFiles\i386\cmprops.dll
+ 2008-04-14 02:33:21 13,312 ------w C:\WINDOWS\ServicePackFiles\i386\cmsetacl.dll
+ 2008-04-14 02:33:57 65,536 ------w C:\WINDOWS\ServicePackFiles\i386\cmstp.exe
+ 2008-04-14 02:33:21 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\cmutil.dll
+ 2008-04-14 02:33:21 50,688 ------w C:\WINDOWS\ServicePackFiles\i386\cnbjmon.dll
+ 2008-04-14 02:33:21 83,968 ------w C:\WINDOWS\ServicePackFiles\i386\cnbjmon2.dll
+ 2008-04-13 16:44:16 17,920 ------w C:\WINDOWS\ServicePackFiles\i386\cobramsg.dll
+ 2008-04-14 02:33:21 60,416 ------w C:\WINDOWS\ServicePackFiles\i386\colbact.dll
+ 2008-04-14 02:33:21 28,160 ------w C:\WINDOWS\ServicePackFiles\i386\comaddin.dll
+ 2008-04-14 02:33:21 195,072 ------w C:\WINDOWS\ServicePackFiles\i386\comadmin.dll
+ 2008-04-14 02:33:21 617,472 ------w C:\WINDOWS\ServicePackFiles\i386\comctl32.dll
+ 2008-04-14 02:33:21 281,600 ------w C:\WINDOWS\ServicePackFiles\i386\comdlg32.dll
+ 2008-04-14 02:33:21 253,440 ------w C:\WINDOWS\ServicePackFiles\i386\compatui.dll
+ 2008-04-13 18:36:37 10,240 ------w C:\WINDOWS\ServicePackFiles\i386\compbatt.sys
+ 2008-04-14 02:33:21 230,912 ------w C:\WINDOWS\ServicePackFiles\i386\compstui.dll
+ 2008-04-14 02:33:21 97,792 ------w C:\WINDOWS\ServicePackFiles\i386\comrepl.dll
+ 2008-04-14 02:33:57 9,728 ------w C:\WINDOWS\ServicePackFiles\i386\comrepl.exe
+ 2008-04-14 02:33:57 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\comrereg.exe
+ 2008-04-14 02:33:21 851,968 ------w C:\WINDOWS\ServicePackFiles\i386\comres.dll
+ 2008-04-14 02:33:21 274,944 ------w C:\WINDOWS\ServicePackFiles\i386\comsetup.dll
+ 2008-04-14 02:33:21 167,424 ------w C:\WINDOWS\ServicePackFiles\i386\comsnap.dll
+ 2008-04-14 02:33:21 1,267,200 ------w C:\WINDOWS\ServicePackFiles\i386\comsvcs.dll
+ 2008-04-14 02:33:21 539,648 ------w C:\WINDOWS\ServicePackFiles\i386\comuid.dll
+ 2008-04-14 02:33:58 1,044,480 ------w C:\WINDOWS\ServicePackFiles\i386\conf.exe
+ 2008-04-14 02:33:21 45,056 ------w C:\WINDOWS\ServicePackFiles\i386\confmrsl.dll
+ 2008-04-14 02:33:21 358,400 ------w C:\WINDOWS\ServicePackFiles\i386\confmsp.dll
+ 2008-04-14 02:33:59 27,648 ------w C:\WINDOWS\ServicePackFiles\i386\conime.exe
+ 2008-04-14 02:33:21 35,328 ------w C:\WINDOWS\ServicePackFiles\i386\corpol.dll
+ 2008-04-14 02:33:21 12,800 ------w C:\WINDOWS\ServicePackFiles\i386\credssp.dll
+ 2008-04-14 02:33:21 165,888 ------w C:\WINDOWS\ServicePackFiles\i386\credui.dll
+ 2008-04-14 02:02:47 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\crusoe.sys
+ 2008-04-14 02:33:21 606,208 ------w C:\WINDOWS\ServicePackFiles\i386\crypt32.dll
+ 2008-04-14 02:33:21 75,776 ------w C:\WINDOWS\ServicePackFiles\i386\cryptdlg.dll
+ 2008-04-14 02:33:21 33,280 ------w C:\WINDOWS\ServicePackFiles\i386\cryptdll.dll
+ 2008-04-14 02:33:21 54,784 ------w C:\WINDOWS\ServicePackFiles\i386\cryptext.dll
+ 2008-04-14 02:33:21 64,512 ------w C:\WINDOWS\ServicePackFiles\i386\cryptnet.dll
+ 2008-04-14 02:33:21 62,464 ------w C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
+ 2008-04-14 02:33:21 530,432 ------w C:\WINDOWS\ServicePackFiles\i386\cryptui.dll
+ 2008-04-14 02:33:21 102,912 ------w C:\WINDOWS\ServicePackFiles\i386\cscdll.dll
+ 2008-04-14 02:33:59 139,264 ------w C:\WINDOWS\ServicePackFiles\i386\cscript.exe
+ 2008-04-14 02:33:21 337,920 ------w C:\WINDOWS\ServicePackFiles\i386\cscui.dll
+ 2008-04-14 02:33:22 32,256 ------w C:\WINDOWS\ServicePackFiles\i386\csrsrv.dll
+ 2008-04-14 02:33:59 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\csrss.exe
+ 2008-04-14 02:33:59 15,360 ------w C:\WINDOWS\ServicePackFiles\i386\ctfmon.exe
+ 2008-04-14 02:33:22 252,416 ------w C:\WINDOWS\ServicePackFiles\i386\ctmasetp.dll
+ 2008-04-14 02:33:22 33,792 ------w C:\WINDOWS\ServicePackFiles\i386\custsat.dll
+ 2004-08-03 20:32:26 48,640 ------w C:\WINDOWS\ServicePackFiles\i386\cwrwdm.sys
+ 2008-04-14 02:33:22 1,179,648 ------w C:\WINDOWS\ServicePackFiles\i386\d3d8.dll
+ 2008-04-14 02:33:22 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\d3d8thk.dll
+ 2008-04-14 02:33:22 1,689,088 ------w C:\WINDOWS\ServicePackFiles\i386\d3d9.dll
+ 2008-04-14 02:33:22 824,320 ------w C:\WINDOWS\ServicePackFiles\i386\d3dim700.dll
+ 2008-04-14 02:33:22 1,056,768 ------w C:\WINDOWS\ServicePackFiles\i386\danim.dll
+ 2008-03-25 04:50:25 554,008 ------w C:\WINDOWS\ServicePackFiles\i386\dao360.dll
+ 2008-04-14 02:33:22 55,296 ------w C:\WINDOWS\ServicePackFiles\i386\dataclen.dll
+ 2008-04-14 02:33:22 165,376 ------w C:\WINDOWS\ServicePackFiles\i386\datime.dll
+ 2008-04-14 02:33:22 25,600 ------w C:\WINDOWS\ServicePackFiles\i386\davclnt.dll
+ 2008-04-14 02:33:22 640,000 ------w C:\WINDOWS\ServicePackFiles\i386\dbghelp.dll
+ 2008-04-14 02:33:22 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\dbmsrpcn.dll
+ 2008-04-14 02:33:22 110,592 ------w C:\WINDOWS\ServicePackFiles\i386\dbnetlib.dll
+ 2008-04-14 02:33:22 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\dbnmpntw.dll
+ 2008-04-14 02:50:20 1,804 ------w C:\WINDOWS\ServicePackFiles\i386\dcache.bin
+ 2008-04-14 02:33:22 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\dcap32.dll
+ 2008-04-14 02:33:22 8,704 ------w C:\WINDOWS\ServicePackFiles\i386\dciman32.dll
+ 2008-04-14 02:33:59 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\dcomcnfg.exe
+ 2008-04-14 02:33:59 31,744 ------w C:\WINDOWS\ServicePackFiles\i386\ddeshare.exe
+ 2008-04-14 02:33:22 279,552 ------w C:\WINDOWS\ServicePackFiles\i386\ddraw.dll
+ 2008-04-14 02:33:22 27,136 ------w C:\WINDOWS\ServicePackFiles\i386\ddrawex.dll
+ 2008-04-14 02:33:59 25,088 ------w C:\WINDOWS\ServicePackFiles\i386\defrag.exe
+ 2008-04-14 02:33:22 59,904 ------w C:\WINDOWS\ServicePackFiles\i386\devenum.dll
+ 2008-04-14 02:33:22 290,816 ------w C:\WINDOWS\ServicePackFiles\i386\devmgr.dll
+ 2008-04-14 02:33:59 82,944 ------w C:\WINDOWS\ServicePackFiles\i386\dfrgfat.exe
+ 2008-04-14 02:33:59 105,472 ------w C:\WINDOWS\ServicePackFiles\i386\dfrgntfs.exe
+ 2008-04-14 02:33:22 39,936 ------w C:\WINDOWS\ServicePackFiles\i386\dfrgsnap.dll
+ 2008-04-14 02:33:22 124,416 ------w C:\WINDOWS\ServicePackFiles\i386\dfrgui.dll
+ 2008-04-14 02:33:22 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\dfsshlex.dll
+ 2008-04-14 02:33:22 115,200 ------w C:\WINDOWS\ServicePackFiles\i386\dgnet.dll
+ 2008-04-14 02:33:22 127,488 ------w C:\WINDOWS\ServicePackFiles\i386\dhcpcsvc.dll
+ 2008-04-14 02:33:22 411,136 ------w C:\WINDOWS\ServicePackFiles\i386\dhcpmon.dll
+ 2008-04-14 02:33:22 49,152 ------w C:\WINDOWS\ServicePackFiles\i386\dhcpqec.dll
+ 2008-04-14 02:33:59 548,352 ------w C:\WINDOWS\ServicePackFiles\i386\dialer.exe
+ 2008-04-14 02:34:00 87,040 ------w C:\WINDOWS\ServicePackFiles\i386\diantz.exe
+ 2004-08-06 01:00:00 887,784 ------w C:\WINDOWS\ServicePackFiles\i386\digcore.exe
+ 2008-04-14 02:33:22 68,608 ------w C:\WINDOWS\ServicePackFiles\i386\digest.dll
+ 2008-04-14 02:33:22 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\dimsntfy.dll
+ 2008-04-14 02:33:22 39,936 ------w C:\WINDOWS\ServicePackFiles\i386\dimsroam.dll
+ 2008-04-14 02:33:22 165,376 ------w C:\WINDOWS\ServicePackFiles\i386\dinput.dll
+ 2008-04-14 02:33:22 187,904 ------w C:\WINDOWS\ServicePackFiles\i386\dinput8.dll
+ 2008-04-14 02:33:22 86,528 ------w C:\WINDOWS\ServicePackFiles\i386\directdb.dll
+ 2008-04-13 18:40:47 36,352 ------w C:\WINDOWS\ServicePackFiles\i386\disk.sys
+ 2008-04-14 02:33:22 1,504,768 ------w C:\WINDOWS\ServicePackFiles\i386\diskcopy.dll
+ 2008-04-13 18:40:44 14,208 ------w C:\WINDOWS\ServicePackFiles\i386\diskdump.sys
+ 2008-04-14 02:34:00 167,936 ------w C:\WINDOWS\ServicePackFiles\i386\diskpart.exe
+ 2008-04-14 02:33:22 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\dispex.dll
+ 2008-04-14 02:34:00 5,120 ------w C:\WINDOWS\ServicePackFiles\i386\dllhost.exe
+ 2008-04-13 18:40:51 8,320 ------w C:\WINDOWS\ServicePackFiles\i386\dlttape.sys
+ 2008-04-14 02:34:00 225,280 ------w C:\WINDOWS\ServicePackFiles\i386\dmadmin.exe
+ 2008-04-14 02:33:22 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\dmband.dll
+ 2008-04-14 02:05:07 800,256 ------w C:\WINDOWS\ServicePackFiles\i386\dmboot.sys
+ 2008-04-14 02:33:22 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\dmcompos.dll
+ 2008-04-14 02:33:22 285,184 ------w C:\WINDOWS\ServicePackFiles\i386\dmdlgs.dll
+ 2008-04-14 02:33:22 200,704 ------w C:\WINDOWS\ServicePackFiles\i386\dmdskmgr.dll
+ 2008-04-14 02:33:22 181,248 ------w C:\WINDOWS\ServicePackFiles\i386\dmime.dll
+ 2008-04-14 02:05:12 154,496 ------w C:\WINDOWS\ServicePackFiles\i386\dmio.sys
+ 2008-04-14 02:33:22 35,840 ------w C:\WINDOWS\ServicePackFiles\i386\dmloader.dll
+ 2008-04-14 02:34:00 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\dmremote.exe
+ 2008-04-14 02:33:22 82,432 ------w C:\WINDOWS\ServicePackFiles\i386\dmscript.dll
+ 2008-04-14 02:33:22 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\dmserver.dll
+ 2008-04-14 02:33:22 105,984 ------w C:\WINDOWS\ServicePackFiles\i386\dmstyle.dll
+ 2008-04-14 02:33:22 103,424 ------w C:\WINDOWS\ServicePackFiles\i386\dmsynth.dll
+ 2008-04-14 02:33:22 104,448 ------w C:\WINDOWS\ServicePackFiles\i386\dmusic.dll
+ 2008-04-13 18:45:01 52,864 ------w C:\WINDOWS\ServicePackFiles\i386\dmusic.sys
+ 2008-04-14 02:33:22 58,880 ------w C:\WINDOWS\ServicePackFiles\i386\dmutil.dll
+ 2008-04-14 02:33:22 147,968 ------w C:\WINDOWS\ServicePackFiles\i386\dnsapi.dll
+ 2008-04-14 02:33:22 45,568 ------w C:\WINDOWS\ServicePackFiles\i386\dnsrslvr.dll
+ 2008-04-14 02:33:22 48,640 ------w C:\WINDOWS\ServicePackFiles\i386\docprop2.dll
+ 2004-08-06 01:00:00 54,080 ------w C:\WINDOWS\ServicePackFiles\i386\dosx.exe
+ 2008-04-14 02:33:22 26,112 ------w C:\WINDOWS\ServicePackFiles\i386\dot3api.dll
+ 2008-04-14 02:33:22 60,928 ------w C:\WINDOWS\ServicePackFiles\i386\dot3cfg.dll
+ 2008-04-14 02:33:22 39,936 ------w C:\WINDOWS\ServicePackFiles\i386\dot3clnt.dll
+ 2008-04-14 02:33:22 9,216 ------w C:\WINDOWS\ServicePackFiles\i386\dot3dlg.dll
+ 2008-04-14 02:33:22 56,832 ------w C:\WINDOWS\ServicePackFiles\i386\dot3msm.dll
+ 2008-04-14 02:33:22 133,120 ------w C:\WINDOWS\ServicePackFiles\i386\dot3svc.dll
+ 2008-04-14 02:33:22 651,264 ------w C:\WINDOWS\ServicePackFiles\i386\dot3ui.dll
+ 2008-04-13 18:39:46 206,976 ------w C:\WINDOWS\ServicePackFiles\i386\dot4.sys
+ 2008-04-14 01:54:17 103,936 ------w C:\WINDOWS\ServicePackFiles\i386\dpcdll.dll
+ 2008-04-14 02:34:01 29,696 ------w C:\WINDOWS\ServicePackFiles\i386\dplaysvr.exe
+ 2008-04-14 02:33:22 229,888 ------w C:\WINDOWS\ServicePackFiles\i386\dplayx.dll
+ 2008-04-14 02:33:23 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\dpmodemx.dll
+ 2008-04-14 02:31:14 3,072 ------w C:\WINDOWS\ServicePackFiles\i386\dpnaddr.dll
+ 2008-04-14 02:33:23 375,296 ------w C:\WINDOWS\ServicePackFiles\i386\dpnet.dll
+ 2008-04-14 02:33:23 35,328 ------w C:\WINDOWS\ServicePackFiles\i386\dpnhpast.dll
+ 2008-04-14 02:33:23 60,928 ------w C:\WINDOWS\ServicePackFiles\i386\dpnhupnp.dll
+ 2008-04-14 02:31:14 3,072 ------w C:\WINDOWS\ServicePackFiles\i386\dpnlobby.dll
+ 2008-04-14 02:34:01 18,432 ------w C:\WINDOWS\ServicePackFiles\i386\dpnsvr.exe
+ 2008-04-14 02:33:23 21,504 ------w C:\WINDOWS\ServicePackFiles\i386\dpvacm.dll
+ 2008-04-14 02:33:23 213,504 ------w C:\WINDOWS\ServicePackFiles\i386\dpvoice.dll
+ 2008-04-14 02:34:01 83,456 ------w C:\WINDOWS\ServicePackFiles\i386\dpvsetup.exe
+ 2008-04-14 02:33:23

rapport hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:20:58, on 01/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\AGRSMMSG.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\MaxiMemo\MaxiMemo.exe
C:\Program Files\Secunia\PSI (RC3)\psi.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\HjT\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.clubic.com/forum/internet-general/supprimer-...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - (no file)
O3 - Toolbar: (no name) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - (no file)
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\HPQ\XPXWWPP5\plugin\bin\PCHButton.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: Mémento.lnk = C:\QUICKENW\BILLMIND.EXE
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Startup: Secunia PSI (RC3).lnk = C:\Program Files\Secunia\PSI (RC3)\psi.exe
O4 - Startup: SHARE.lnk = C:\Program Files\SHARE 1.0 EX2\Share.bat
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: MaxiMemo.lnk = C:\Program Files\MaxiMemo\MaxiMemo.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O15 - Trusted Zone: http://toolbar.imageshack.us
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/Install...
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scan...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://espoirenjesus.spaces.live.com/PhotoUpload/MsnPUp...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1....
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

--
End of file - 10310 bytes



j'essaye de poster une partie du rapport escan si je peux

et la fin du rapport escan :

la fin du rapport escan : scan en mode sans échec :

29 sept. 2008 01:17:13 - [Scan du répertoire : D:\Réinstallation Système]
29 sept. 2008 01:17:13 - Scan fichier D:\Réinstallation Système\Desktop.ini
29 sept. 2008 01:17:13 - Scan fichier D:\Réinstallation Système\Warning.bmp
29 sept. 2008 01:17:13 - Scan fichier D:\Réinstallation Système\Protect.ed
29 sept. 2008 01:17:13 - Scan fichier D:\Réinstallation Système\Folder.htt
29 sept. 2008 01:17:13 - Scan fichier D:\USER

29 sept. 2008 01:17:13 - [Scan du répertoire : D:\System Volume Information]
29 sept. 2008 01:17:13 - Scan fichier D:\System Volume Information\Folder.htt
29 sept. 2008 01:17:14 - Scan fichier D:\System Volume Information\Protect.ed
29 sept. 2008 01:17:14 - Scan fichier D:\System Volume Information\Desktop.ini
29 sept. 2008 01:17:14 - Scan fichier D:\System Volume Information\Warning.bmp

29 sept. 2008 01:17:14 - [Scan du répertoire : D:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}]

29 sept. 2008 01:17:14 - [Scan du répertoire : D:\RECOVERY]
29 sept. 2008 01:17:14 - Scan fichier D:\RECOVERY\Desktop.ini
29 sept. 2008 01:17:14 - Scan fichier D:\RECOVERY\warning.BMP
29 sept. 2008 01:17:14 - Scan fichier D:\RECOVERY\Folder.htt
29 sept. 2008 01:17:14 - Scan fichier D:\RECOVERY\Protect.ed
29 sept. 2008 01:17:14 - Scan fichier D:\install.bat (????)
29 sept. 2008 01:17:14 - Scan fichier D:\Softthinks_MLSP_ALL_RED_WW-01.block
29 sept. 2008 01:17:14 - Scan fichier D:\Softthinks_MLSP_ALL_RED_WW.txt

29 sept. 2008 01:17:14 - ***** Analyse de Virus spécifique ITW *****

29 sept. 2008 01:17:15 - ***** Scan complet. *****

29 sept. 2008 01:17:15 - Total de Fichiers scannés: 188292
29 sept. 2008 01:17:15 - Total de virus trouvés: 27
29 sept. 2008 01:17:15 - Total de fichiers désinfectés: 0
29 sept. 2008 01:17:15 - Nombre de fichiers renommés: 0
29 sept. 2008 01:17:15 - Total de fichiers supprimés: 0
29 sept. 2008 01:17:15 - Nombre d'erreurs: 169
29 sept. 2008 01:17:15 - Temps écoulé: 03:07:34
29 sept. 2008 01:17:15 - Date de la base de donnée des virus : 20 Aug 2008
29 sept. 2008 01:17:15 - Nombre de Virus dans la base de données : 1113234

29 sept. 2008 01:17:15 - Scan complet.

problème il ne m'a rien supprimé et je n'ai pas vu de bouton suppresssion [:1somnih@ck]


merci pour ton aide précieuse

salut,
Citation :
j'ai fait une restauration du système, donc plus la peine que vous répondiez et que vous maidiez

merci quand meme


et ben, ta jamais encore entendu parler, que certain virus malin, s'intègre dans la restauration du système?
ont vas déjà voir ça, si dans quelques temps tu criera à nouveau au secours!!!

après ta restauration système, t'as au moins effectuer un nouveau test anti-virus?

bon plutôt avec un anti virus en ligne!!!
parce que chaque personne peut avoir ses propres raisons, pour aimer plutôt tel ou tel anti-virus!
certains utilisent les bases de données de virus identique, mais cela dépend de ce qui se trouve dans le programme anti-virus!

bon j'arrête là!
parce que je n'ais pas envie de chercher la petite bêtes, sur tel ou tel anti-virus et le meilleur.
Lassé par la pub ? Créez un compte

Créer un nouveau sujet