Infecté:Xpantivirus et autre virus

Salut


Telecharge malwarebytes

-> http://www.malwarebytes.org/mbam/program/mbam-setup.exe

Tu l´instale; le programme va se mettre automatiquement a jour.

Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".

Click maintenant sur l´onglet recherche et coche la case : "executer un examen complet".

Puis click sur "rechercher".

Laisse le scanner le pc...

Si des elements on ete trouvés > click sur supprimer la selection.

si il t´es demandé de redemarrer > click sur "yes".

A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.

Copie et colle le rapport stp.

ps : les rapport sont aussi rangé dans l onglet rapport/log A découvrir : Estopa, Rosario Flores, La Oreja De Van Gogh
                  Bonne écoute @++ -;)

Bon il y en avait beaucoup, je les ai effacer, mais il semble que ça eu peu d'effet j'ai toujours des alertes

Malwarebytes' Anti-Malware 1.21
Version de la base de données: 967
Windows 5.1.2600 Service Pack 2

13:38:27 2008-07-19
mbam-log-7-19-2008 (13-38-27).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 78113
Temps écoulé: 21 minute(s), 35 second(s)

Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 31
Valeur(s) du Registre infectée(s): 10
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 15
Fichier(s) infecté(s): 77

Processus mémoire infecté(s):
C:\WINDOWS\system32\lphcvedj0enc7.exe (Trojan.FakeAlert) -> Unloaded process successfully.
C:\WINDOWS\system32\sysrest32.exe (Rootkit.Agent) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
C:\WINDOWS\system32\blphcvedj0enc7.scr (Trojan.FakeAlert) -> Unloaded module successfully.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{0656a137-b161-cadd-9777-e37a75727e78} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0b682cc1-fb40-4006-a5dd-99edd3c9095d} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0e1230f8-ea50-42a9-983c-d22abc2eeb4c} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9dd4258a-7138-49c4-8d34-587879a5c7a4} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9dd4258a-7138-49c4-8d34-587879a5c7a4} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b8c0220d-763d-49a4-95f4-61dfdec66ee6} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b8c0220d-763d-49a4-95f4-61dfdec66ee6} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c3bcc488-1ae7-11d4-ab82-0010a4ec2338} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3bcc488-1ae7-11d4-ab82-0010a4ec2338} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{000000da-0786-4633-87c6-1aa7a4429ef1} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000000da-0786-4633-87c6-1aa7a4429ef1} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{54645654-2225-4455-44a1-9f4543d34545} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5c7f15e1-f31a-44fd-aa1a-2ec63aaffd3a} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\rhcredj0enc7 (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\rhcredj0enc7 (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\dpcproxy (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\logons (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\uninstall (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\typelib (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\HOL5_VXIEWER.FULL.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Classes\applications\accessdiver.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fwbd (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\HolLol (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Inet Delivery (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mslagent (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Golden Palace Casino NEW (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SYSTEM\currentcontrolset\Services\iTunesMusic (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SYSTEM\currentcontrolset\Services\rdriv (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\wkey (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\mwc (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{0656a137-b161-cadd-9777-e37a75727e78} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{0e1230f8-ea50-42a9-983c-d22abc2eeb4c} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysrest32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\SystemCheck2 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lphcvedj0enc7 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\smrhcredj0enc7 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\wallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\scrnsave.exe (Hijack.Wallpaper) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\WINDOWS\mslagent (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\akl (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\Inet Delivery (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\smp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Will\Application Data\rhcredj0enc7 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Will\Application Data\rhcredj0enc7\Quarantine (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Will\Application Data\rhcredj0enc7\Quarantine\Autorun (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Will\Application Data\rhcredj0enc7\Quarantine\Autorun\HKCU (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Will\Application Data\rhcredj0enc7\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Will\Application Data\rhcredj0enc7\Quarantine\Autorun\HKLM (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Will\Application Data\rhcredj0enc7\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Will\Application Data\rhcredj0enc7\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Will\Application Data\rhcredj0enc7\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Will\Application Data\rhcredj0enc7\Quarantine\BrowserObjects (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Will\Application Data\rhcredj0enc7\Quarantine\Packages (Rogue.Multiple) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\mslagent\2_mslagent.dll (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\mslagent\mslagent.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\mslagent\uninstall.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\akl\akl.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\akl\akl.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\akl\uninstall.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\akl\unsetup.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\Inet Delivery\inetdl.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\Inet Delivery\intdel.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\smp\msrc.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sysrest32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\a.bat (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\base64.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\FVProtect.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\userconfig9x.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\winsystem.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\zip1.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\zip2.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\zip3.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\zipped.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\bdn.com (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\iTunesMusic.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\mssecu.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\akttzn.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\anticipator.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\awtoolb.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bdn.com (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bsva-egihsg52.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dpcproxy.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\emesx.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\h@tkeysh@@k.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hoproxy.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hxiwlgpm.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hxiwlgpm.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\medup012.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\medup020.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msgp.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msnbho.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mssecu.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msvchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mtr2.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mwin32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\netode.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\newsd32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ps1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\psof1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\psoft1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\regc64.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\regm64.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\Rundl1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sncntr.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssurf022.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssvchost.com (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssvchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sysreq.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\taack.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\taack.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\temp#01.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\thun.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\thun32.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\VBIEWER.OCX (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vcatchpi.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winlogonpc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winsystem.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\WINWGPX.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vbsys2.dll (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\blphcvedj0enc7.scr (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lphcvedj0enc7.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\phcvedj0enc7.bmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Will\Local Settings\temp\.tt1.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Will\Local Settings\temp\.tt2.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Will\Local Settings\temp\.tt3.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Will\Local Settings\temp\.tt4.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Will\Local Settings\temp\.tt5.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Will\Local Settings\temp\.tt7.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Will\Local Settings\temp\.ttA.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Will\Local Settings\temp\.ttE.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.

Antivirus Xp 2008 s'est réinstaller................................................ Et mon ordinateur est vachement lent.

Voila un rapport hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:46, on 2008-07-19
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\All Users\Application Data\zibapcnm\hcrydcrc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\hehqjuzs.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmon.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ibufetor.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\rhcredj0enc7\rhcredj0enc7.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
C:\WINDOWS\system32\pphcvedj0enc7.exe
C:\Documents and Settings\Will\Bureau\fixes\omgsuxor.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [8ccbda41] rundll32.exe "C:\WINDOWS\system32\rtfqyvyn.dll",b
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Lexmark 3100 Series] "C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe"
O4 - HKLM\..\Run: [lphcvedj0enc7] C:\WINDOWS\system32\lphcvedj0enc7.exe
O4 - HKLM\..\Run: [SMrhcredj0enc7] C:\Program Files\rhcredj0enc7\rhcredj0enc7.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [GenProc] C:\WINDOWS\system32\hehqjuzs.exe
O4 - HKCU\..\Run: [uimsgen] C:\WINDOWS\system32\exgzkzsh.exe
O4 - HKLM\..\Policies\Explorer\Run: [9rYUvdUVir] C:\Documents and Settings\All Users\Application Data\zibapcnm\hcrydcrc.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O21 - SSODL: ActChkSet - {58A95214-1550-3AF6-167A-07E21AF846E3} - C:\Program Files\zehgftf\ActChkSet.dll (file missing)
O21 - SSODL: HlpProcAct - {30D627F7-0436-D748-F525-01F41F7CF67A} - C:\Program Files\posgofb\HlpProcAct.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
End of file - 7509 bytes

réouvre malewarebyte
va sur quarantaine
supprime tout


Télécharge combofix : http://download.bleepingcomputer.com/sUBs/ComboFix.exe




-> Double clique sur combofix.exe.
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

Avant d'utiliser ComboFix :

-> Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.

-> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil.

Une fois fait, sur ton bureau double-clic sur Combofix.exe.

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.

- En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.

- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)

-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.

-> Tutoriel http://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

A découvrir : Estopa, Rosario Flores, La Oreja De Van Gogh
                  Bonne écoute @++ -;)

ComboFix 08-07-18.5 - Will 2008-07-19 14:48:24.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.189 [GMT -4:00]
Endroit: C:\Documents and Settings\Will\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!/b/color
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Will\Application Data\rhcredj0enc7
C:\WINDOWS\system32\blphcvedj0enc7.scr
C:\WINDOWS\system32\lphcvedj0enc7.exe
C:\WINDOWS\system32\phcvedj0enc7.bmp
C:\WINDOWS\system32\pphcvedj0enc7.exe
.
---- Previous Run -------
.
C:\WINDOWS\cookies.ini
C:\WINDOWS\system32\darqleay.ini
C:\WINDOWS\system32\ecokok.dll
C:\WINDOWS\system32\ljdalvrt.dll
C:\WINDOWS\system32\ljJBrOFX.dll
C:\WINDOWS\system32\lsmuectj.ini
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\msssc.dll
C:\WINDOWS\system32\nyvyqftr.ini
C:\WINDOWS\system32\oriytrwx.ini
C:\WINDOWS\system32\rtfqyvyn.dll
C:\WINDOWS\system32\wirjdh.dll
C:\WINDOWS\system32\XFOrBJjl.ini
C:\WINDOWS\system32\XFOrBJjl.ini2
C:\WINDOWS\system32\xkqgskre.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SYSREST.SYS
-------\Service_sysrest.sys


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-19 to 2008-07-19 ))))))))))))))))))))))))))))))))))))
.

2008-07-19 13:40 . 2008-07-19 13:40 90,112 --a------ C:\WINDOWS\system32\exgzkzsh.exe
2008-07-19 12:55 . 2008-07-19 12:55 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-19 12:55 . 2008-07-19 12:55 <REP> d-------- C:\Documents and Settings\Will\Application Data\Malwarebytes
2008-07-19 12:55 . 2008-07-19 12:55 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-19 12:55 . 2008-07-18 19:15 36,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-07-19 12:55 . 2008-07-18 19:15 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-07-19 12:00 . 2008-07-19 12:00 90,112 --a------ C:\WINDOWS\system32\itihobwn.exe
2008-07-18 22:03 . 2008-07-18 22:03 <REP> d--h----- C:\WINDOWS\system32\GroupPolicy
2008-07-16 16:25 . 2008-07-16 16:25 131,072 --a------ C:\WINDOWS\system32\hehqjuzs.exe
2008-07-15 22:48 . 2008-07-15 22:48 <REP> d-------- C:\Documents and Settings\All Users\Application Data\zibapcnm
2008-07-11 15:06 . 2008-07-11 15:06 754 --a------ C:\WINDOWS\WORDPAD.INI
2008-07-10 09:57 . 2008-04-23 00:16 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-07-10 09:57 . 2007-04-17 05:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-07-10 09:57 . 2007-03-08 01:10 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-07-10 09:57 . 2008-04-23 00:16 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-07-10 09:57 . 2008-04-23 00:16 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-07-10 09:57 . 2008-04-23 00:16 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-07-10 09:57 . 2008-04-23 00:16 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-07-10 09:57 . 2008-04-23 00:16 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-07-10 09:57 . 2008-04-22 03:39 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-07-09 10:21 . 2008-07-10 16:50 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-07-09 10:18 . 2007-08-13 18:54 33,792 --a--c--- C:\WINDOWS\system32\dllcache\custsat.dll
2008-07-09 10:05 . 2003-02-28 18:26 139,536 --a------ C:\WINDOWS\system32\javaee.dll
2008-07-09 10:05 . 2003-02-28 18:26 46,352 --a------ C:\WINDOWS\setdebug.exe
2008-07-09 10:05 . 2003-02-28 16:54 7,315 --a------ C:\WINDOWS\system32\javasup.vxd
2008-07-09 10:05 . 2003-02-28 16:35 6,550 --a------ C:\WINDOWS\jautoexp.dat
2008-07-09 10:05 . 2008-07-10 16:49 1,374 --a------ C:\WINDOWS\imsins.BAK
2008-07-09 10:05 . 2003-02-28 16:38 113 --a------ C:\WINDOWS\system32\zonedon.reg
2008-07-09 10:05 . 2003-02-28 16:38 113 --a------ C:\WINDOWS\system32\zonedoff.reg
2008-07-09 10:01 . 2008-07-09 10:01 <REP> d-------- C:\Program Files\CCleaner
2008-07-08 17:13 . 2008-07-08 17:16 69 --a------ C:\WINDOWS\NeroDigital.ini
2008-07-08 14:42 . 2004-07-20 17:24 1,568,768 --------- C:\WINDOWS\system32\ImagX7.dll
2008-07-08 14:42 . 2004-07-20 17:24 476,320 --------- C:\WINDOWS\system32\ImagXpr7.dll
2008-07-08 14:42 . 2004-07-20 17:24 471,040 --------- C:\WINDOWS\system32\ImagXRA7.dll
2008-07-08 14:42 . 2004-07-09 09:43 364,544 --------- C:\WINDOWS\system32\TwnLib4.dll
2008-07-08 14:42 . 2004-07-20 17:24 262,144 --------- C:\WINDOWS\system32\ImagXR7.dll
2008-07-08 14:42 . 2000-06-26 11:45 106,496 --a------ C:\WINDOWS\system32\TwnLib20.dll
2008-07-08 13:46 . 2008-07-08 14:00 <REP> d-------- C:\Program Files\Lexmark 3100 Series
2008-07-08 13:46 . 2008-07-08 13:46 <REP> d-------- C:\Lxk3100
2008-07-08 13:46 . 1997-04-18 11:49 298,496 --a------ C:\WINDOWS\unin040c.exe
2008-07-08 13:46 . 2003-09-03 23:56 69,632 --a------ C:\WINDOWS\system32\lxbrscin.dll
2008-07-08 13:46 . 2003-09-03 23:56 57,344 --a------ C:\WINDOWS\system32\lxbrcinf.dll
2008-07-08 13:46 . 2003-09-03 23:56 49,152 --a------ C:\WINDOWS\system32\lxbrcoin.dll
2008-07-08 13:46 . 2003-02-12 10:12 181 --a------ C:\WINDOWS\system32\lxbrcoin.ini
2008-07-08 13:38 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-07-08 13:38 . 2004-08-03 23:01 25,856 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys
2008-07-07 17:55 . 2008-07-07 17:55 <REP> d-------- C:\Program Files\CDBurnerXP
2008-07-07 17:55 . 2008-07-07 17:55 <REP> d-------- C:\Documents and Settings\Will\Application Data\Canneverbe_Limited
2008-07-07 17:43 . 2008-07-07 17:43 <REP> d-------- C:\Documents and Settings\Will\Application Data\Ahead
2008-07-07 17:42 . 2008-07-07 17:42 <REP> d-------- C:\Program Files\Fichiers communs\Ahead
2008-07-07 17:42 . 2008-07-07 17:42 <REP> d-------- C:\Program Files\Ahead
2008-07-07 17:42 . 2001-07-06 13:41 569,344 --a------ C:\WINDOWS\system32\imagr5.dll
2008-07-07 17:42 . 2001-07-06 11:44 544,768 --a------ C:\WINDOWS\system32\imagx5.dll
2008-07-07 17:42 . 2001-07-06 17:24 283,920 --a------ C:\WINDOWS\system32\ImagXpr5.dll
2008-07-07 17:42 . 2001-07-09 11:50 155,648 --a------ C:\WINDOWS\system32\NeroCheck.exe
2008-07-07 17:42 . 2003-03-29 15:45 89,184 --a------ C:\WINDOWS\system32\drivers\imagedrv.sys
2008-07-07 17:42 . 2003-09-15 13:56 57,344 --a------ C:\WINDOWS\system32\ImageDrive.cpl
2008-07-07 17:42 . 2001-06-26 08:15 38,912 --------- C:\WINDOWS\system32\picn20.dll
2008-07-07 17:27 . 2008-07-07 17:41 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-07-06 19:23 . 2008-06-02 07:37 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage r‚seau
2008-07-06 19:23 . 2008-06-02 07:37 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-07-06 19:23 . 2008-06-02 12:49 <REP> d--h----- C:\Documents and Settings\Administrateur\ModŠles
2008-07-06 19:23 . 2008-06-02 07:37 <REP> d-------- C:\Documents and Settings\Administrateur\Mes documents
2008-07-06 19:23 . 2008-06-02 07:37 <REP> dr------- C:\Documents and Settings\Administrateur\Menu D‚marrer
2008-07-06 19:23 . 2008-06-02 07:37 <REP> d-------- C:\Documents and Settings\Administrateur\Favoris
2008-07-06 19:23 . 2008-06-02 07:37 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-07-06 19:23 . 2008-07-06 19:23 <REP> d-------- C:\Documents and Settings\Administrateur
2008-07-04 16:14 . 2008-07-04 16:14 <REP> d-------- C:\Program Files\Lavasoft
2008-07-04 16:14 . 2008-07-04 16:16 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-07-02 16:49 . 2008-07-02 16:49 94,208 --a------ C:\WINDOWS\DIIUnin.exe
2008-07-02 16:49 . 2008-07-02 16:56 35,342 --a------ C:\WINDOWS\DIIUnin.dat
2008-07-02 16:49 . 2008-07-02 16:49 2,829 --a------ C:\WINDOWS\DIIUnin.pif
2008-06-22 16:06 . 2008-06-23 13:05 <REP> d-------- C:\Program Files\World of Warcraft Trial
2008-06-22 16:06 . 2008-06-22 16:06 <REP> d-------- C:\Program Files\Fichiers communs\Blizzard Entertainment
2008-06-22 12:36 . 2008-06-22 12:36 <REP> d-------- C:\Program Files\Ventrilo
2008-06-22 12:36 . 2008-06-22 12:37 <REP> d-------- C:\Documents and Settings\Will\Application Data\Ventrilo
2008-06-22 12:35 . 2008-07-04 16:14 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-06-20 13:41 . 2008-06-20 13:41 247,808 -----c--- C:\WINDOWS\system32\dllcache\mswsock.dll
2008-06-20 06:44 . 2008-06-20 06:44 138,368 -----c--- C:\WINDOWS\system32\dllcache\afd.sys

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-19 00:11 --------- d-----w C:\Documents and Settings\Will\Application Data\LimeWire
2008-07-18 13:48 --------- d-----w C:\Program Files\Diablo II
2008-07-18 02:00 --------- d-----w C:\Program Files\Warcraft III
2008-07-04 21:34 --------- d-----w C:\Program Files\Circle Developement
2008-07-03 23:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-07-02 22:46 --------- d-----w C:\Program Files\Starcraft
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-19 14:48 --------- d-----w C:\Program Files\LimeWire
2008-06-17 18:04 --------- d-----w C:\Documents and Settings\Will\Application Data\Apple Computer
2008-06-17 00:15 --------- d-----w C:\Program Files\iTunes
2008-06-17 00:15 --------- d-----w C:\Program Files\iPod
2008-06-17 00:15 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-06-17 00:14 --------- d-----w C:\Program Files\QuickTime
2008-06-17 00:14 --------- d-----w C:\Program Files\Bonjour
2008-06-17 00:13 --------- d-----w C:\Program Files\Fichiers communs\Apple
2008-06-17 00:13 --------- d-----w C:\Program Files\Apple Software Update
2008-06-17 00:13 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2008-06-16 18:11 --------- d-----w C:\Documents and Settings\Will\Application Data\gtk-2.0
2008-06-16 18:08 --------- d-----w C:\Program Files\GIMP-2.0
2008-06-16 15:32 --------- d-----w C:\Program Files\Robster Productions
2008-06-15 05:34 --------- d-----w C:\Program Files\Windows Live
2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-10 22:50 --------- d-----w C:\Program Files\Windows Live Toolbar
2008-06-10 22:50 --------- d-----w C:\Program Files\Windows Live Favorites
2008-06-10 22:50 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-06-10 22:49 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-06-10 22:47 --------- d-----w C:\Program Files\MSN Messenger
2008-06-10 22:46 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-06-09 00:21 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-06-09 00:21 --------- d-----w C:\Program Files\Exit hope
2008-06-08 20:46 --------- d-----w C:\Program Files\Valve
2008-06-06 01:40 --------- d-----w C:\Documents and Settings\Will\Application Data\MSN6
2008-06-06 01:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\MSN6
2008-06-03 16:12 2,829 ----a-w C:\WINDOWS\War3Unin.pif
2008-06-03 16:12 139,264 ----a-w C:\WINDOWS\War3Unin.exe
2008-06-03 15:05 --------- d-----w C:\Program Files\Java
2008-06-03 15:04 --------- d-----w C:\Program Files\Fichiers communs\Java
2008-06-02 19:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\WinZip
2008-06-02 19:12 70,656 ----a-w C:\WINDOWS\ScUnin.exe
2008-06-02 19:08 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-02 19:07 --------- d-----w C:\Program Files\EA GAMES
2008-06-02 19:06 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-06-02 17:53 --------- d-----w C:\Program Files\Avira
2008-06-02 17:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avira
2008-06-02 17:33 --------- d-----w C:\Program Files\ATI Technologies
2008-06-02 17:31 --------- d-----w C:\Program Files\SiSLan
2008-06-02 17:30 --------- d-----w C:\Program Files\Analog Devices
2008-06-02 16:56 --------- d-----w C:\Program Files\microsoft frontpage
2008-06-02 16:54 --------- d-----w C:\Program Files\Services en ligne
.

((((((((((((((((((((((((((((( snapshot@2008-07-07_10.19.29.03 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-07-07 21:51:22 68,608 ----a-w C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2008-07-07 21:51:32 72,192 ----a-w C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2008-07-07 21:51:32 4,308,992 ----a-w C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2008-07-07 21:51:34 482,304 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2008-07-07 21:51:29 2,878,976 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2008-07-07 21:51:15 258,048 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2008-07-07 21:51:15 114,176 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2008-07-07 21:51:39 260,096 ----a-w C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2008-07-07 21:51:25 5,025,792 ----a-w C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2008-07-07 21:51:21 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2008-07-07 21:51:14 503,808 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2008-07-07 21:51:16 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2008-07-07 21:51:31 8,192 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2008-07-07 21:51:31 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2008-07-07 21:51:31 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2008-07-07 21:51:18 413,696 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2008-07-07 21:51:19 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2008-07-07 21:51:19 647,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2008-07-07 21:51:20 73,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2008-07-07 21:51:16 745,472 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2008-07-07 21:51:42 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-07-07 21:51:41 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2008-07-07 21:51:13 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-07 21:51:41 667,648 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2008-07-07 21:51:42 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2008-07-07 21:51:14 12,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-07-07 21:51:13 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2008-07-07 21:51:14 7,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2008-07-07 21:51:37 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2008-07-07 21:51:22 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2008-07-07 21:51:37 389,120 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2008-07-07 21:51:35 716,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2008-07-07 21:51:16 884,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2008-07-07 21:51:30 5,050,368 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2008-07-07 21:51:23 188,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2008-07-07 21:51:23 397,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2008-07-07 21:51:23 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2008-07-07 21:51:38 700,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2008-07-07 21:51:35 368,640 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2008-07-07 21:51:39 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2008-07-07 21:51:36 299,008 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2008-07-07 21:51:36 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-07-07 21:51:21 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2008-07-07 21:51:24 114,688 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2008-07-07 21:51:40 835,584 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2008-07-07 21:51:26 86,016 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2008-07-07 21:51:26 823,296 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2008-07-07 21:51:28 5,316,608 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2008-07-07 21:51:28 2,035,712 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2008-07-07 21:51:38 3,018,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2008-07-08 14:59:00 26,624 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\b10481a48cc3b74aba28eb8eedc24d69\Accessibility.ni.dll
+ 2008-07-08 14:59:04 860,160 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\b9da635eec3d3c4b88fcec9b017ceaa5\AspNetMMCExt.ni.dll
+ 2008-07-08 14:59:06 237,568 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\08dae506cfb3614e9aaa2f0e25da9e97\CustomMarshalers.ni.dll
+ 2008-07-08 14:59:05 15,360 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\dfsvc\229f2a278c1ead4b830ebb3a02be3c09\dfsvc.ni.exe
+ 2008-07-08 14:59:08 880,640 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\492ae2e8a0faa344a38aaa580b97e204\Microsoft.Build.Engine.ni.dll
+ 2008-07-08 14:59:09 81,920 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\f11b22ce25125440b189ea87459be8ba\Microsoft.Build.Framework.ni.dll
+ 2008-07-08 14:59:13 1,691,648 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\14c74cc85e6b214e8608a289550033b3\Microsoft.Build.Tasks.ni.dll
+ 2008-07-08 14:59:14 163,840 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\7c767357ce03234fbd4c3176ba3b8f31\Microsoft.Build.Utilities.ni.dll
+ 2008-07-08 14:59:17 1,724,416 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\0bc28b42f0c426439f2afe1857cc4033\Microsoft.VisualBasic.ni.dll
+ 2008-07-07 21:52:41 11,415,552 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\14347d2b73fba548a68a7aabf495df07\mscorlib.ni.dll
+ 2008-07-08 14:59:20 962,560 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\2c4336f6006aab4681055546b763b108\System.Configuration.ni.dll
+ 2008-07-07 21:54:23 6,688,768 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\2e2bb2849037c4489cb75078863a8ef1\System.Data.ni.dll
+ 2008-07-08 14:59:22 1,712,128 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\3964fbe80d2555489d87b9c53fb00065\System.Deployment.ni.dll
+ 2008-07-07 21:54:46 10,723,328 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Design\355bd7ddee5f1945ab242388441fcadf\System.Design.ni.dll
+ 2008-07-08 14:59:25 1,220,608 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\b13d4cb7db8dd04ea0d17edae0f3e661\System.DirectoryServices.ni.dll
+ 2008-07-08 14:59:26 512,000 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\fbaa22fa5a5f024799ea8c67e113fbfb\System.DirectoryServices.Protocols.ni.dll
+ 2008-07-07 21:53:16 229,376 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\f79c670903c78847868415629d700930\System.Drawing.Design.ni.dll
+ 2008-07-07 21:53:21 1,626,112 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\918a65297062dd46b820499596c30a41\System.Drawing.ni.dll
+ 2008-07-08 14:59:28 659,456 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\0bc03eefd8c39944a2fa0e045b017458\System.EnterpriseServices.ni.dll
+ 2008-07-08 14:59:28 294,912 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\0bc03eefd8c39944a2fa0e045b017458\System.EnterpriseServices.Wrapper.dll
+ 2008-07-08 14:59:29 729,088 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\3489470650494f48a6014ae05d956eb7\System.Security.ni.dll
+ 2008-07-08 14:59:31 684,032 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\e9d64903b587f4498a2f495f430688ea\System.Transactions.ni.dll
+ 2008-07-08 16:30:47 2,310,144 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\a47b483552e8b04b9a953c8bc85c2c1d\System.Web.Mobile.ni.dll
+ 2008-07-08 16:30:48 237,568 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\f09e559846c0f848b1134c366a78adb5\System.Web.RegularExpressions.ni.dll
+ 2008-07-08 16:30:52 1,945,600 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\dc60876f5c0dc243b4986b6c1ee38442\System.Web.Services.ni.dll
+ 2008-07-08 16:30:39 11,808,768 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\d15d9fd915a7fa4baec1779cd4d0992f\System.Web.ni.dll
+ 2008-07-07 21:53:55 13,107,200 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e524063b6ccd94ab8a833166d27bece\System.Windows.Forms.ni.dll
+ 2008-07-07 21:54:09 5,640,192 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3073f9fb0221b645a58a0c53bfb4f763\System.Xml.ni.dll
+ 2008-07-07 21:53:12 8,093,696 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\fda879d6c30ff54f93714486abc41c5a\System.ni.dll
+ 2004-08-19 20:09:20 61,440 -c----w C:\WINDOWS\ie7\admparse.dll
+ 2004-08-19 20:09:20 101,888 -c----w C:\WINDOWS\ie7\advpack.dll
+ 2004-08-19 20:09:22 35,328 -c----w C:\WINDOWS\ie7\corpol.dll
+ 2006-06-02 19:32:20 33,792 -c----w C:\WINDOWS\ie7\custsat.dll
+ 2008-04-21 07:02:28 357,888 -c----w C:\WINDOWS\ie7\dxtmsft.dll
+ 2008-04-21 07:02:28 205,312 -c----w C:\WINDOWS\ie7\dxtrans.dll
+ 2008-04-21 07:02:28 55,808 -c----w C:\WINDOWS\ie7\extmgr.dll
+ 2004-08-19 20:09:28 38,912 -c----w C:\WINDOWS\ie7\hmmapi.dll
+ 2004-08-19 20:09:56 34,304 -c----w C:\WINDOWS\ie7\ie4uinit.exe
+ 2004-08-19 20:09:28 139,264 -c----w C:\WINDOWS\ie7\ieakeng.dll
+ 2004-08-19 20:09:28 221,696 -c----w C:\WINDOWS\ie7\ieaksie.dll
+ 2002-08-30 12:00:00 245,760 -c----w C:\WINDOWS\ie7\ieakui.dll
+ 2004-08-19 20:09:28 323,584 -c----w C:\WINDOWS\ie7\iedkcs32.dll
+ 2008-04-17 10:52:54 18,432 -c----w C:\WINDOWS\ie7\iedw.exe
+ 2004-08-19 20:09:28 81,920 -c----w C:\WINDOWS\ie7\ieencode.dll
+ 2008-04-21 07:02:29 251,392 -c----w C:\WINDOWS\ie7\iepeers.dll
+ 2004-08-19 20:09:28 49,152 -c----w C:\WINDOWS\ie7\iernonce.dll
+ 2004-08-19 20:09:28 63,488 -c----w C:\WINDOWS\ie7\iesetup.dll
+ 2004-08-19 20:09:56 93,184 -c----w C:\WINDOWS\ie7\iexplore.exe
+ 2004-08-19 20:09:30 35,840 -c----w C:\WINDOWS\ie7\imgutil.dll
+ 2008-04-21 07:02:29 96,768 -c----w C:\WINDOWS\ie7\inseng.dll
+ 2007-12-18 14:41:58 450,560 -c----w C:\WINDOWS\ie7\jscript.dll
+ 2008-04-21 07:02:29 16,384 -c----w C:\WINDOWS\ie7\jsproxy.dll
+ 2004-08-19 20:09:32 22,528 -c----w C:\WINDOWS\ie7\licmgr10.dll
+ 2004-08-19 20:10:00 29,184 -c----w C:\WINDOWS\ie7\mshta.exe
+ 2008-04-21 07:02:34 3,080,704 -c----w C:\WINDOWS\ie7\mshtml.dll
+ 2008-04-21 07:02:34 449,024 -c----w C:\WINDOWS\ie7\mshtmled.dll
+ 2004-08-19 20:08:28 57,344 -c----w C:\WINDOWS\ie7\mshtmler.dll
+ 2002-08-30 12:00:00 146,432 -c----w C:\WINDOWS\ie7\msls31.dll
+ 2008-04-21 07:02:34 146,432 -c----w C:\WINDOWS\ie7\msrating.dll
+ 2008-04-21 07:02:35 532,480 -c----w C:\WINDOWS\ie7\mstime.dll
+ 2004-08-19 20:09:38 97,280 -c----w C:\WINDOWS\ie7\occache.dll
+ 2008-04-21 07:02:35 39,424 -c----w C:\WINDOWS\ie7\pngfilt.dll
+ 2007-09-26 22:34:42 33,472 -c----w C:\WINDOWS\ie7\spuninst\iecustom.dll
+ 2007-09-26 22:32:30 66,048 -c--a-w C:\WINDOWS\ie7\spuninst\ieResetIcons.exe
+ 2006-09-06 21:43:28 216,800 -c----w C:\WINDOWS\ie7\spuninst\spuninst.exe
+ 2006-09-06 21:43:30 394,976 -c----w C:\WINDOWS\ie7\spuninst\updspapi.dll
+ 2004-08-19 20:09:48 37,888 -c----w C:\WINDOWS\ie7\url.dll
+ 2008-04-21 07:02:39 617,984 -c----w C:\WINDOWS\ie7\urlmon.dll
+ 2007-12-18 14:41:59 417,792 -c----w C:\WINDOWS\ie7\vbscript.dll
+ 2007-06-26 13:56:54 851,968 -c----w C:\WINDOWS\ie7\vgx.dll
+ 2004-08-19 20:09:48 281,600 -c----w C:\WINDOWS\ie7\webcheck.dll
+ 2008-04-21 07:02:40 663,552 -c----w C:\WINDOWS\ie7\wininet.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\updspapi.dll
+ 2007-08-13 22:54:10 765,952 -c----w C:\WINDOWS\ie7updates\KB938127-IE7\vgx.dll
+ 2007-08-13 22:39:00 123,904 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\advpack.dll
+ 2007-08-13 22:35:46 346,624 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtmsft.dll
+ 2007-08-13 22:35:38 214,528 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtrans.dll
+ 2007-08-13 22:54:10 131,584 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\extmgr.dll
+ 2007-08-13 22:36:26 61,952 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\icardie.dll
+ 2007-08-13 22:39:06 54,784 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ie4uinit.exe
+ 2007-08-13 22:39:26 152,064 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakeng.dll
+ 2007-08-13 22:39:54 229,376 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieaksie.dll
+ 2007-08-13 21:56:54 161,792 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakui.dll
+ 2007-02-12 20:10:12 2,451,312 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieapfltr.dat
+ 2007-07-11 16:27:48 383,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieapfltr.dll
+ 2007-08-13 22:39:50 382,976 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iedkcs32.dll
+ 2007-08-13 22:54:10 6,049,280 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieframe.dll
+ 2007-08-13 22:39:10 43,008 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iernonce.dll
+ 2007-08-13 22:34:04 266,752 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iertutil.dll
+ 2007-08-13 22:39:10 13,312 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieudinit.exe
+ 2007-08-13 22:43:56 622,080 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iexplore.exe
+ 2007-08-13 22:54:10 27,136 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\jsproxy.dll
+ 2007-08-13 22:54:10 458,752 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeeds.dll
+ 2007-08-13 22:54:10 50,688 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeedsbs.dll
+ 2007-08-13 22:54:12 3,578,368 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtml.dll
+ 2007-08-13 22:54:10 475,648 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtmled.dll
+ 2007-08-13 22:44:26 192,000 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msrating.dll
+ 2007-08-13 22:54:10 670,720 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mstime.dll
+ 2007-08-13 22:44:06 101,376 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\occache.dll
+ 2007-08-13 22:36:12 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\pngfilt.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\updspapi.dll
+ 2007-08-13 22:44:30 105,984 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\url.dll
+ 2007-08-13 22:54:10 1,162,240 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\urlmon.dll
+ 2007-08-13 22:54:10 231,424 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\webcheck.dll
+ 2007-08-13 22:54:10 818,688 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\wininet.dll
+ 2008-07-09 14:05:28 2,678 ----a-w C:\WINDOWS\java\Packages\Data\2FTFV3H3.DAT
+ 2008-07-09 14:05:24 2,678 ----a-w C:\WINDOWS\java\Packages\Data\4F5J3DVD.DAT
+ 2008-07-09 14:05:24 2,678 ----a-w C:\WINDOWS\java\Packages\Data\539VF75B.DAT
+ 2008-07-09 14:05:24 2,678 ----a-w C:\WINDOWS\java\Packages\Data\7ZLJB71N.DAT
+ 2008-07-09 14:05:25 2,678 ----a-w C:\WINDOWS\java\Packages\Data\J5V3LBRN.DAT
+ 2008-07-09 14:05:30 2,232 ----a-w C:\WINDOWS\java\Packages\Data\NT3P3V3N.DAT
- 2003-02-20 23:09:46 57,344 ----a-w C:\WINDOWS\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2005-09-23 11:28:52 72,704 ----a-w C:\WINDOWS\Microsoft.NET\Framework\NETFXSBS10.exe
- 2003-02-20 23:09:32 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp10.dll
+ 2005-09-23 11:28:52 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp10.dll
+ 2005-09-23 11:28:56 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2005-09-23 11:28:58 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2005-09-23 11:28:56 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\SharedReg12.dll
- 2003-02-20 22:43:50 131,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
+ 2005-09-23 11:28:52 86,528 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
+ 2005-09-23 11:28:36 18,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2005-09-23 11:28:42 136,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
+ 2005-09-23 11:28:44 4,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
+ 2005-09-23 11:29:04 183,808 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
+ 2005-09-23 11:28:28 208,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
+ 2005-09-23 11:28:56 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
+ 2005-09-23 11:28:58 138,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
+ 2005-09-23 11:28:36 87,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll
+ 2005-09-23 11:28:58 55,488 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2005-09-23 11:28:32 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2005-09-23 11:28:32 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
+ 2005-09-23 11:28:32 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
+ 2005-09-23 11:28:32 23,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2005-09-23 11:28:32 70,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2005-09-23 11:28:32 13,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
+ 2005-09-23 11:28:32 26,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
+ 2005-09-23 11:28:32 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2005-09-23 11:28:32 29,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2005-09-23 11:28:32 29,888 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2005-09-23 11:28:32 503,808 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
+ 2005-09-23 11:28:56 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2005-09-23 11:28:56 88,576 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2005-09-23 11:28:42 76,984 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2005-09-23 11:28:42 1,144,832 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
+ 2005-09-23 11:28:42 13,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
+ 2005-09-23 11:28:58 17,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll
+ 2005-09-23 11:28:56 68,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
+ 2005-09-23 11:28:44 31,936 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
+ 2005-09-23 11:28:38 52,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
+ 2005-09-23 11:28:38 4,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2005-09-23 11:29:12 547,840 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
+ 2005-09-23 11:28:56 788,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
+ 2005-09-23 11:28:50 9,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll
+ 2005-09-23 11:28:56 9,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2005-09-23 11:28:56 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
+ 2005-09-23 11:28:56 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
+ 2005-09-23 11:28:56 5,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
+ 2005-09-23 11:28:56 224,952 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2005-09-23 11:28:56 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
+ 2005-09-23 11:28:56 55,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
+ 2005-09-23 11:28:56 72,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
+ 2005-09-23 11:28:48 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\jsc.exe
+ 2005-09-23 11:01:16 609,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
+ 2005-09-23 10:29:48 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1025.dll
+ 2005-09-23 10:32:24 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1028.dll
+ 2005-09-23 10:34:10 82,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1029.dll
+ 2005-09-23 10:34:12 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1030.dll
+ 2005-09-23 10:34:44 85,504 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1031.dll
+ 2005-09-23 10:36:24 87,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1032.dll
+ 2005-09-23 07:46:14 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1033.dll
+ 2005-09-23 10:38:26 81,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1035.dll
+ 2005-09-23 10:38:52 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1036.dll
+ 2005-09-23 10:40:30 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1037.dll
+ 2005-09-23 10:40:32 83,968 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1038.dll
+ 2005-09-23 10:40:56 84,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1040.dll
+ 2005-09-23 10:42:58 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1041.dll
+ 2005-09-23 10:44:58 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1042.dll
+ 2005-09-23 10:46:38 83,456 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1043.dll
+ 2005-09-23 10:46:38 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1044.dll
+ 2005-09-23 10:46:40 83,456 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1045.dll
+ 2005-09-23 10:47:04 82,432 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1046.dll
+ 2005-09-23 10:47:30 82,432 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1049.dll
+ 2005-09-23 10:47:32 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1053.dll
+ 2005-09-23 10:47:32 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1055.dll
+ 2005-09-23 10:30:18 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.2052.dll
+ 2005-09-23 10:47:06 84,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.2070.dll
+ 2005-09-23 10:29:50 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.3076.dll
+ 2005-09-23 10:36:48 85,504 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.3082.dll
+ 2005-09-23 11:57:06 245,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\unicows.dll
+ 2005-09-23 11:28:48 413,696 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2005-09-23 11:28:48 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
+ 2005-09-23 11:28:48 647,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2005-09-23 11:28:48 73,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
+ 2005-09-23 11:28:48 745,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2005-09-23 11:29:10 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2005-09-23 11:29:10 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
+ 2005-09-23 11:29:08 667,648 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
+ 2005-09-23 11:28:30 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2005-09-23 11:29:10 5,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
+ 2005-09-23 11:28:30 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
+ 2005-09-23 11:28:30 12,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2005-09-23 11:28:30 7,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
+ 2005-09-23 11:28:32 87,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
+ 2005-09-23 11:28:48 69,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
+ 2005-09-23 11:28:56 800,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2005-09-23 11:28:56 73,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
+ 2005-09-23 11:28:56 288,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
+ 2005-09-23 11:28:56 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
+ 2005-09-23 11:28:56 326,144 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2005-09-23 11:28:56 81,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2005-09-23 11:28:56 4,308,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2005-09-23 11:28:56 102,400 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2005-09-23 11:29:00 330,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
+ 2005-09-23 11:28:56 67,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
+ 2005-09-23 11:28:50 9,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
+ 2005-09-23 11:28:56 226,816 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
+ 2005-09-23 11:28:56 66,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
+ 2005-09-23 11:28:56 10,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
+ 2005-09-23 11:28:50 5,615,616 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2005-09-23 11:29:00 22,528 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
+ 2005-09-23 11:28:56 96,440 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2005-09-23 11:28:56 14,848 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2005-09-23 11:28:56 78,336 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
+ 2005-09-23 11:28:50 136,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2005-09-23 11:28:56 53,248 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
+ 2005-09-23 11:28:56 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
+ 2005-09-23 11:29:02 59,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
+ 2005-09-23 11:28:58 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2005-09-23 11:28:56 107,520 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
+ 2005-09-23 11:29:00 85,504 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
+ 2005-09-23 11:28:56 377,344 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2005-09-23 11:28:56 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2005-09-23 11:28:58 389,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
+ 2005-09-23 11:28:56 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
+ 2005-09-23 11:28:56 2,878,976 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
+ 2005-09-23 11:28:56 482,304 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
+ 2005-09-23 11:28:56 716,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2005-09-23 11:28:38 884,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2005-09-23 11:28:56 5,050,368 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2005-09-23 11:28:56 397,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
+ 2005-09-23 11:28:56 188,416 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2005-09-23 11:28:56 3,018,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2005-09-23 11:28:56 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
+ 2005-09-23 11:28:56 700,416 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2005-09-23 11:28:56 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2005-09-23 11:28:56 47,616 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
+ 2005-09-23 11:28:56 114,176 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
+ 2005-09-23 11:28:56 368,640 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
+ 2005-09-23 11:28:56 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
+ 2005-09-23 11:28:56 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
+ 2005-09-23 11:28:56 131,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
+ 2005-09-23 11:28:56 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2005-09-23 11:28:56 114,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
+ 2005-09-23 11:28:56 260,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
+ 2005-09-23 11:28:56 5,025,792 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2005-09-23 11:28:56 835,584 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
+ 2005-09-23 11:28:56 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll
+ 2005-09-23 11:28:56 823,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
+ 2005-09-23 11:28:56 5,316,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2005-09-23 11:28:56 2,035,712 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2005-09-23 11:28:56 71,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
+ 2005-09-23 11:29:06 1,140,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2005-09-23 11:28:30 1,306,624 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
+ 2005-09-23 11:28:32 298,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2005-09-23 11:28:56 28,160 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
+ 2006-06-02 19:32:20 33,792 ------w C:\WINDOWS\network diagnostic\custsat.dll
+ 2006-10-10 12:44:50 557,568 ------w C:\WINDOWS\network diagnostic\xpnetdiag.exe
- 2004-08-19 20:09:20 61,440 ----a-w C:\WINDOWS\system32\admparse.dll
+ 2007-08-13 22:39:20 71,680 ----a-w C:\WINDOWS\system32\admparse.dll
- 2004-08-19 20:09:20 101,888 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2008-04-23 04:16:39 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
- 2002-08-30 12:00:00 49,182 ----a-w C:\WINDOWS\system32\clspack.exe
+ 2003-02-28 22:26:26 49,424 ----a-w C:\WINDOWS\system32\clspack.exe
- 2004-08-19 20:09:22 35,328 ----a-w C:\WINDOWS\system32\corpol.dll
+ 2007-08-13 22:42:54 17,408 ----a-w C:\WINDOWS\system32\corpol.dll
+ 2005-09-23 11:28:38 83,456 ----a-w C:\WINDOWS\system32\dfshim.dll
+ 2007-08-13 22:39:20 71,680 -c----w C:\WINDOWS\system32\dllcache\admparse.dll
+ 2008-04-23 04:16:39 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2007-08-13 22:42:54 17,408 -c----w C:\WINDOWS\system32\dllcache\corpol.dll
- 2008-02-20 05:35:05 148,992 -c----w C:\WINDOWS\system32\dllcache\dnsapi.dll
+ 2008-06-20 17:41:06 148,992 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
- 2008-04-21 07:02:28 357,888 -c----w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-04-23 04:16:39 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2008-04-21 07:02:28 205,312 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-04-23 04:16:39 214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2008-04-21 07:02:28 55,808 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-04-23 04:16:39 133,120 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2007-08-13 22:18:02 60,416 -c----w C:\WINDOWS\system32\dllcache\hmmapi.dll
+ 2008-04-22 07:41:08 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2008-04-23 04:16:39 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2008-04-23 04:16:39 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2002-08-30 12:00:00 245,760 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2008-04-20 05:07:51 161,792 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2008-04-23 04:16:39 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2008-04-17 10:52:54 18,432 -c----w C:\WINDOWS\system32\dllcache\iedw.exe
+ 2007-08-13 22:44:02 69,120 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe
+ 2007-08-13 22:45:18 78,336 -c----w C:\WINDOWS\system32\dllcache\ieencode.dll
- 2008-04-21 07:02:29 251,392 -c----w C:\WINDOWS\system32\dllcache\iepeers.dll
+ 2007-08-13 22:54:10 191,488 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll
+ 2008-04-23 04:16:39 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2007-08-13 22:39:12 55,296 -c----w C:\WINDOWS\system32\dllcache\iesetup.dll
+ 2008-04-22 07:41:30 625,664 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2007-08-13 22:36:06 36,352 -c----w C:\WINDOWS\system32\dllcache\imgutil.dll
- 2008-04-21 07:02:29 96,768 -c----w C:\WINDOWS\system32\dllcache\inseng.dll
+ 2007-08-13 22:39:02 92,672 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll
- 2007-12-18 14:41:58 450,560 -c----w C:\WINDOWS\system32\dllcache\jscript.dll
+ 2007-08-13 22:38:04 491,520 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll
- 2008-04-21 07:02:29 16,384 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-04-23 04:16:40 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2007-08-13 22:44:18 40,960 -c----w C:\WINDOWS\system32\dllcache\licmgr10.dll
+ 2008-02-26 12:00:31 294,912 -c----w C:\WINDOWS\system32\dllcache\msctf.dll
+ 2007-08-13 22:32:30 45,568 -c----w C:\WINDOWS\system32\dllcache\mshta.exe
- 2008-04-21 07:02:34 3,080,704 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-04-24 02:16:42 3,591,680 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2008-04-21 07:02:34 449,024 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-04-23 04:16:40 478,208 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2007-08-13 22:01:12 48,128 -c----w C:\WINDOWS\system32\dllcache\mshtmler.dll
- 2002-08-30 12:00:00 146,432 -c--a-w C:\WINDOWS\system32\dllcache\msls31.dll
+ 2007-08-13 22:54:10 156,160 -c--a-w C:\WINDOWS\system32\dllcache\msls31.dll
- 2008-04-21 07:02:34 146,432 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-04-23 04:16:40 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
- 2008-04-21 07:02:35 532,480 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-04-23 04:16:40 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-04-23 04:16:40 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll
- 2008-04-21 07:02:35 39,424 -c----w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-04-23 04:16:40 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2007-10-30 17:20:55 360,064 -c----w C:\WINDOWS\system32\dllcache\tcpip.sys
+ 2008-06-20 10:45:13 360,320 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys
- 2006-08-16 09:37:30 225,664 -c----w C:\WINDOWS\system32\dllcache\tcpip6.sys
+ 2008-06-20 09:52:06 225,920 -c--a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
+ 2008-04-23 04:16:40 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
- 2008-04-21 07:02:39 617,984 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-04-23 04:16:40 1,159,680 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2007-12-18 14:41:59 417,792 -c----w C:\WINDOWS\system32\dllcache\vbscript.dll
+ 2007-08-13 22:54:10 413,696 -c--a-w C:\WINDOWS\system32\dllcache\vbscript.dll
- 2007-06-26 13:56:54 851,968 -c----w C:\WINDOWS\system32\dllcache\vgx.dll
+ 2007-07-12 23:30:52 765,952 -c--a-w C:\WINDOWS\system32\dllcache\vgx.dll
+ 2008-04-23 04:16:40 233,472 -c----w C:\WINDOWS\system