virus( important) Fermé

Question

Bonjour, je voudrai savoir si vous  pouvez me dire si jai un virus sur mon ordi ( bitdefender ) ne detequete rien c'est bizare parce que mon ordi bug constament et les mise a jour ne peuvent etre faite ( code d'erreur) deplus des pub s 'ouvre constament sur internet explorer. merci de vos reponses ( important svp )

jlpjlp · Answer

slt,



Télécharge ici :

http://images.malwareremoval.com/random/RSIT.exe

random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.

Clique Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

NB : Les rapports sont sauvegardés dans le dossier C:\rsit

quiche69 · Answer

tien mai c un truc super long j' y comprend rien c grave et deplus il y a que un dossier texte qui s'ouvre
tien c'est ce qui est ecrit "Logfile of random's system information tool 1.05 (written by random/random)
Run by smain at 2009-01-22 20:39:10
Microsoft® Windows Vista™ Édition Familiale Premium  
System drive C: has 179 GB (78%) free of 230 GB
Total RAM: 894 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:39:18, on 22/01/2009
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32	askeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32undll32.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\smain\AppData\Local\ukmceag.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\smain\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\smain\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\System32undll32.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Alwil Software\Avast4\ashAvast.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\smain\Desktop\RSIT.exe
C:\Program Files	rend micro\smain.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE	oolbar.dll (file missing)
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BurstWriting module - {18CB1A7B-94CD-4582-8022-ADA16851E44B} - C:\Program Files\BurstWriting\BurstWriting.dll (file missing)
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1	oolbar.dll (file missing)
O2 - BHO: (no name) - {4C6C4BA2-1646-0F3A-1FAE-B393C162C92E} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE	oolbar.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32
vsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [RegistryCleanFixMFC] C:\Program Files\RegistryCleanFix2008\RegistryCleaner2008.exe
O4 - HKCU\..\Run: [dmgid.tmp] C:\Windows\system32\dmgid.tmp
O4 - HKCU\..\Run: [dmiyy.tmp] C:\Windows\system32\dmiyy.tmp
O4 - HKCU\..\Run: [dmcoc.tmp] C:\Windows\system32\dmcoc.tmp
O4 - HKCU\..\Run: [dmwnm.tmp] C:\Windows\system32\dmwnm.tmp
O4 - HKCU\..\Run: [dmsyy.tmp] C:\Windows\system32\dmsyy.tmp
O4 - HKCU\..\Run: [dmfsb.tmp] C:\Windows\system32\dmfsb.tmp
O4 - HKCU\..\Run: [dmidf.tmp] C:\Windows\system32\dmidf.tmp
O4 - HKCU\..\Run: [dmsqk.tmp] C:\Windows\system32\dmsqk.tmp
O4 - HKCU\..\Run: [dmlfd.tmp] C:\Windows\system32\dmlfd.tmp
O4 - HKCU\..\Run: [dmlaz.tmp] C:\Windows\system32\dmlaz.tmp
O4 - HKCU\..\Run: [dmxyf.tmp] C:\Windows\system32\dmxyf.tmp
O4 - HKCU\..\Run: [dmsew.tmp] C:\Windows\system32\dmsew.tmp
O4 - HKCU\..\Run: [dmssi.tmp] C:\Windows\system32\dmssi.tmp
O4 - HKCU\..\Run: [dmhzo.tmp] C:\Windows\system32\dmhzo.tmp
O4 - HKCU\..\Run: [dmnpl.tmp] C:\Windows\system32\dmnpl.tmp
O4 - HKCU\..\Run: [dmuyp.tmp] C:\Windows\system32\dmuyp.tmp
O4 - HKCU\..\Run: [dmhxb.tmp] C:\Windows\system32\dmhxb.tmp
O4 - HKCU\..\Run: [dmnpo.tmp] C:\Windows\system32\dmnpo.tmp
O4 - HKCU\..\Run: [dmhmh.tmp] C:\Windows\system32\dmhmh.tmp
O4 - HKCU\..\Run: [dmiys.tmp] C:\Windows\system32\dmiys.tmp
O4 - HKCU\..\Run: [dmnih.tmp] C:\Windows\system32\dmnih.tmp
O4 - HKCU\..\Run: [dmwoa.tmp] C:\Windows\system32\dmwoa.tmp
O4 - HKCU\..\Run: [dmezh.tmp] C:\Windows\system32\dmezh.tmp
O4 - HKCU\..\Run: [dmgfj.tmp] C:\Windows\system32\dmgfj.tmp
O4 - HKCU\..\Run: [dmeri.tmp] C:\Windows\system32\dmeri.tmp
O4 - HKCU\..\Run: [dmsbj.tmp] C:\Windows\system32\dmsbj.tmp
O4 - HKCU\..\Run: [dmtbj.tmp] C:\Windows\system32\dmtbj.tmp
O4 - HKCU\..\Run: [dmeic.tmp] C:\Windows\system32\dmeic.tmp
O4 - HKCU\..\Run: [dmqky.tmp] C:\Windows\system32\dmqky.tmp
O4 - HKCU\..\Run: [dmfxu.tmp] C:\Windows\system32\dmfxu.tmp
O4 - HKCU\..\Run: [dmohg.tmp] C:\Windows\system32\dmohg.tmp
O4 - HKCU\..\Run: [dmdnx.tmp] C:\Windows\system32\dmdnx.tmp
O4 - HKCU\..\Run: [dmlkp.tmp] C:\Windows\system32\dmlkp.tmp
O4 - HKCU\..\Run: [dmezy.tmp] C:\Windows\system32\dmezy.tmp
O4 - HKCU\..\Run: [dmpma.tmp] C:\Windows\system32\dmpma.tmp
O4 - HKCU\..\Run: [dmfem.tmp] C:\Windows\system32\dmfem.tmp
O4 - HKCU\..\Run: [dmvxj.tmp] C:\Windows\system32\dmvxj.tmp
O4 - HKCU\..\Run: [dmwuq.tmp] C:\Windows\system32\dmwuq.tmp
O4 - HKCU\..\Run: [dmlud.tmp] C:\Windows\system32\dmlud.tmp
O4 - HKCU\..\Run: [dmzpk.tmp] C:\Windows\system32\dmzpk.tmp
O4 - HKCU\..\Run: [dmjly.tmp] C:\Windows\system32\dmjly.tmp
O4 - HKCU\..\Run: [dmitk.tmp] C:\Windows\system32\dmitk.tmp
O4 - HKCU\..\Run: [dmdop.tmp] C:\Windows\system32\dmdop.tmp
O4 - HKCU\..\Run: [dmqry.tmp] C:\Windows\system32\dmqry.tmp
O4 - HKCU\..\Run: [dmddd.tmp] C:\Windows\system32\dmddd.tmp
O4 - HKCU\..\Run: [dmrzc.tmp] C:\Windows\system32\dmrzc.tmp
O4 - HKCU\..\Run: [dmalj.tmp] C:\Windows\system32\dmalj.tmp
O4 - HKCU\..\Run: [dmijt.tmp] C:\Windows\system32\dmijt.tmp
O4 - HKCU\..\Run: [dmsob.tmp] C:\Windows\system32\dmsob.tmp
O4 - HKCU\..\Run: [dmkdg.tmp] C:\Windows\system32\dmkdg.tmp
O4 - HKCU\..\Run: [dmpla.tmp] C:\Windows\system32\dmpla.tmp
O4 - HKCU\..\Run: [dmnhu.tmp] C:\Windows\system32\dmnhu.tmp
O4 - HKCU\..\Run: [dmoci.tmp] C:\Windows\system32\dmoci.tmp
O4 - HKCU\..\Run: [dmstm.tmp] C:\Windows\system32\dmstm.tmp
O4 - HKCU\..\Run: [dmufu.tmp] C:\Windows\system32\dmufu.tmp
O4 - HKCU\..\Run: [dmqvp.tmp] C:\Windows\system32\dmqvp.tmp
O4 - HKCU\..\Run: [dmznp.tmp] C:\Windows\system32\dmznp.tmp
O4 - HKCU\..\Run: [dmasb.tmp] C:\Windows\system32\dmasb.tmp
O4 - HKCU\..\Run: [dmfea.tmp] C:\Windows\system32\dmfea.tmp
O4 - HKCU\..\Run: [dmatr.tmp] C:\Windows\system32\dmatr.tmp
O4 - HKCU\..\Run: [dmwgv.tmp] C:\Windows\system32\dmwgv.tmpO4 - HKCU\..\Run: [dmgnw.tmp] C:\Windows\system32\dmgnw.tmp
O4 - HKCU\..\Run: [dmeih.tmp] C:\Windows\system32\dmeih.tmp
O4 - HKCU\..\Run: [dmszm.tmp] C:\Windows\system32\dmszm.tmp
O4 - HKCU\..\Run: [dmnbr.tmp] C:\Windows\system32\dmnbr.tmp
O4 - HKCU\..\Run: [dmqdh.tmp] C:\Windows\system32\dmqdh.tmp
O4 - HKCU\..\Run: [dmscv.tmp] C:\Windows\system32\dmscv.tmp
O4 - HKCU\..\Run: [dmeyc.tmp] C:\Windows\system32\dmeyc.tmp
O4 - HKCU\..\Run: [dmhvo.tmp] C:\Windows\system32\dmhvo.tmp
O4 - HKCU\..\Run: [dmbwd.tmp] C:\Windows\system32\dmbwd.tmp
O4 - HKCU\..\Run: [dmffk.tmp] C:\Windows\system32\dmffk.tmp
O4 - HKCU\..\Run: [dmdwz.tmp] C:\Windows\system32\dmdwz.tmp
O4 - HKCU\..\Run: [dmrpl.tmp] C:\Windows\system32\dmrpl.tmp
O4 - HKCU\..\Run: [dmjee.tmp] C:\Windows\system32\dmjee.tmp
O4 - HKCU\..\Run: [dmlqq.tmp] C:\Windows\system32\dmlqq.tmp
O4 - HKCU\..\Run: [dmqou.tmp] C:\Windows\system32\dmqou.tmp
O4 - HKCU\..\Run: [dmeif.tmp] C:\Windows\system32\dmeif.tmp
O4 - HKCU\..\Run: [dmuoz.tmp] C:\Windows\system32\dmuoz.tmp
O4 - HKCU\..\Run: [dmtov.tmp] C:\Windows\system32\dmtov.tmp
O4 - HKCU\..\Run: [dmaox.tmp] C:\Windows\system32\dmaox.tmp
O4 - HKCU\..\Run: [dmtpp.tmp] C:\Windows\system32\dmtpp.tmp
O4 - HKCU\..\Run: [dmehu.tmp] C:\Windows\system32\dmehu.tmp
O4 - HKCU\..\Run: [dmwei.tmp] C:\Windows\system32\dmwei.tmp
O4 - HKCU\..\Run: [dmcms.tmp] C:\Windows\system32\dmcms.tmp
O4 - HKCU\..\Run: [dmefe.tmp] C:\Windows\system32\dmefe.tmp
O4 - HKCU\..\Run: [dmjjt.tmp] C:\Windows\system32\dmjjt.tmp
O4 - HKCU\..\Run: [dmzev.tmp] C:\Windows\system32\dmzev.tmp
O4 - HKCU\..\Run: [dmevv.tmp] C:\Windows\system32\dmevv.tmp
O4 - HKCU\..\Run: [dmukb.tmp] C:\Windows\system32\dmukb.tmp
O4 - HKCU\..\Run: [dmbkl.tmp] C:\Windows\system32\dmbkl.tmp
O4 - HKCU\..\Run: [dmnbf.tmp] C:\Windows\system32\dmnbf.tmp
O4 - HKCU\..\Run: [dmrgc.tmp] C:\Windows\system32\dmrgc.tmp
O4 - HKCU\..\Run: [dmhag.tmp] C:\Windows\system32\dmhag.tmp
O4 - HKCU\..\Run: [dmkay.tmp] C:\Windows\system32\dmkay.tmp
O4 - HKCU\..\Run: [dmvkn.tmp] C:\Windows\system32\dmvkn.tmp
O4 - HKCU\..\Run: [dmaqd.tmp] C:\Windows\system32\dmaqd.tmp
O4 - HKCU\..\Run: [dmvhf.tmp] C:\Windows\system32\dmvhf.tmp
O4 - HKCU\..\Run: [dmxht.tmp] C:\Windows\system32\dmxht.tmp
O4 - HKCU\..\Run: [dmyew.tmp] C:\Windows\system32\dmyew.tmp
O4 - HKCU\..\Run: [dmgzr.tmp] C:\Windows\system32\dmgzr.tmp
O4 - HKCU\..\Run: [dmmcy.tmp] C:\Windows\system32\dmmcy.tmp
O4 - HKCU\..\Run: [dmztv.tmp] C:\Windows\system32\dmztv.tmp
O4 - HKCU\..\Run: [dmpxx.tmp] C:\Windows\system32\dmpxx.tmp
O4 - HKCU\..\Run: [dmymo.tmp] C:\Windows\system32\dmymo.tmp
O4 - HKCU\..\Run: [dmgxb.tmp] C:\Windows\system32\dmgxb.tmp
O4 - HKCU\..\Run: [dmyup.tmp] C:\Windows\system32\dmyup.tmp
O4 - HKCU\..\Run: [dmdsq.tmp] C:\Windows\system32\dmdsq.tmp
O4 - HKCU\..\Run: [dmypi.tmp] C:\Windows\system32\dmypi.tmp
O4 - HKCU\..\Run: [dmiyv.tmp] C:\Windows\system32\dmiyv.tmp
O4 - HKCU\..\Run: [dmsag.tmp] C:\Windows\system32\dmsag.tmp
O4 - HKCU\..\Run: [dmzmm.tmp] C:\Windows\system32\dmzmm.tmp
O4 - HKCU\..\Run: [dmtuq.tmp] C:\Windows\system32\dmtuq.tmp
O4 - HKCU\..\Run: [dmbpx.tmp] C:\Windows\system32\dmbpx.tmp
O4 - HKCU\..\Run: [dmqpm.tmp] C:\Windows\system32\dmqpm.tmp
O4 - HKCU\..\Run: [dmrwb.tmp] C:\Windows\system32\dmrwb.tmp
O4 - HKCU\..\Run: [dmobg.tmp] C:\Windows\system32\dmobg.tmp
O4 - HKCU\..\Run: [dmchh.tmp] C:\Windows\system32\dmchh.tmp
O4 - HKCU\..\Run: [dmizx.tmp] C:\Windows\system32\dmizx.tmp
O4 - HKCU\..\Run: [dmyhq.tmp] C:\Windows\system32\dmyhq.tmp
O4 - HKCU\..\Run: [dmfna.tmp] C:\Windows\system32\dmfna.tmp
O4 - HKCU\..\Run: [dmloy.tmp] C:\Windows\system32\dmloy.tmp
O4 - HKCU\..\Run: [dmvrg.tmp] C:\Windows\system32\dmvrg.tmp
O4 - HKCU\..\Run: [dmqfn.tmp] C:\Windows\system32\dmqfn.tmp
O4 - HKCU\..\Run: [dmiay.tmp] C:\Windows\system32\dmiay.tmp
O4 - HKCU\..\Run: [dmkpa.tmp] C:\Windows\system32\dmkpa.tmp
O4 - HKCU\..\Run: [dmeci.tmp] C:\Windows\system32\dmeci.tmp
O4 - HKCU\..\Run: [dmvpz.tmp] C:\Windows\system32\dmvpz.tmp
O4 - HKCU\..\Run: [dmjhx.tmp] C:\Windows\system32\dmjhx.tmp
O4 - HKCU\..\Run: [dmitx.tmp] C:\Windows\system32\dmitx.tmp
O4 - HKCU\..\Run: [dmszz.tmp] C:\Windows\system32\dmszz.tmp
O4 - HKCU\..\Run: [dmqzt.tmp] C:\Windows\system32\dmqzt.tmp
O4 - HKCU\..\Run: [dmysd.tmp] C:\Windows\system32\dmysd.tmp
O4 - HKCU\..\Run: [dmmyz.tmp] C:\Windows\system32\dmmyz.tmp
O4 - HKCU\..\Run: [dmuhe.tmp] C:\Windows\system32\dmuhe.tmp
O4 - HKCU\..\Run: [dmgyl.tmp] C:\Windows\system32\dmgyl.tmp
O4 - HKCU\..\Run: [dmdsr.tmp] C:\Windows\system32\dmdsr.tmp
O4 - HKCU\..\Run: [dmmpi.tmp] C:\Windows\system32\dmmpi.tmp
O4 - HKCU\..\Run: [dmzku.tmp] C:\Windows\system32\dmzku.tmp
O4 - HKCU\..\Run: [dmtqq.tmp] C:\Windows\system32\dmtqq.tmp
O4 - HKCU\..\Run: [dmfjc.tmp] C:\Windows\system32\dmfjc.tmp
O4 - HKCU\..\Run: [dmjkj.tmp] C:\Windows\system32\dmjkj.tmp
O4 - HKCU\..\Run: [dmggv.tmp] C:\Windows\system32\dmggv.tmp
O4 - HKCU\..\Run: [dmuth.tmp] C:\Windows\system32\dmuth.tmp
O4 - HKCU\..\Run: [dmyzx.tmp] C:\Windows\system32\dmyzx.tmp
O4 - HKCU\..\Run: [dmtnt.tmp] C:\Windows\system32\dmtnt.tmp
O4 - HKCU\..\Run: [dmhjt.tmp] C:\Windows\system32\dmhjt.tmp
O4 - HKCU\..\Run: [dmfwh.tmp] C:\Windows\system32\dmfwh.tmp
O4 - HKCU\..\Run: [dmmmh.tmp] C:\Windows\system32\dmmmh.tmp
O4 - HKCU\..\Run: [dmaka.tmp] C:\Windows\system32\dmaka.tmp
O4 - HKCU\..\Run: [dmnyi.tmp] C:\Windows\system32\dmnyi.tmp
O4 - HKCU\..\Run: [dmlfe.tmp] C:\Windows\system32\dmlfe.tmp
O4 - HKCU\..\Run: [dmbej.tmp] C:\Windows\system32\dmbej.tmp
O4 - HKCU\..\Run: [dmhzk.tmp] C:\Windows\system32\dmhzk.tmp
O4 - HKCU\..\Run: [dmwzb.tmp] C:\Windows\system32\dmwzb.tmp
O4 - HKCU\..\Run: [dmzho.tmp] C:\Windows\system32\dmzho.tmp
O4 - HKCU\..\Run: [dmjhj.tmp] C:\Windows\system32\dmjhj.tmp
O4 - HKCU\..\Run: [dmvqd.tmp] C:\Windows\system32\dmvqd.tmp
O4 - HKCU\..\Run: [dmwko.tmp] C:\Windows\system32\dmwko.tmp
O4 - HKCU\..\Run: [dmakn.tmp] C:\Windows\system32\dmakn.tmp
O4 - HKCU\..\Run: [dmdfc.tmp] C:\Windows\system32\dmdfc.tmp
O4 - HKCU\..\Run: [dmbrg.tmp] C:\Windows\system32\dmbrg.tmp
O4 - HKCU\..\Run: [dmobt.tmp] C:\Windows\system32\dmobt.tmp
O4 - HKCU\..\Run: [dmhqk.tmp] C:\Windows\system32\dmhqk.tmp
O4 - HKCU\..\Run: [dmwob.tmp] C:\Windows\system32\dmwob.tmp
O4 - HKCU\..\Run: [dmdbb.tmp] C:\Windows\system32\dmdbb.tmp
O4 - HKCU\..\Run: [dmeww.tmp] C:\Windows\system32\dmeww.tmp
O4 - HKCU\..\Run: [dmisr.tmp] C:\Windows\system32\dmisr.tmp
O4 - HKCU\..\Run: [dmjgx.tmp] C:\Windows\system32\dmjgx.tmp
O4 - HKCU\..\Run: [dmlyp.tmp] C:\Windows\system32\dmlyp.tmp
O4 - HKCU\..\Run: [dmecj.tmp] C:\Windows\system32\dmecj.tmp
O4 - HKCU\..\Run: [dmjib.tmp] C:\Windows\system32\dmjib.tmp
O4 - HKCU\..\Run: [dmydf.tmp] C:\Windows\system32\dmydf.tmp
O4 - HKCU\..\Run: [dmdwa.tmp] C:\Windows\system32\dmdwa.tmp
O4 - HKCU\..\Run: [dmuui.tmp] C:\Windows\system32\dmuui.tmp
O4 - HKCU\..\Run: [dmmge.tmp] C:\Windows\system32\dmmge.tmp
O4 - HKCU\..\Run: [dmjcu.tmp] C:\Windows\system32\dmjcu.tmp
O4 - HKCU\..\Run: [dmjab.tmp] C:\Windows\system32\dmjab.tmp
O4 - HKCU\..\Run: [dmzun.tmp] C:\Windows\system32\dmzun.tmp
O4 - HKCU\..\Run: [dmwby.tmp] C:\Windows\system32\dmwby.tmp
O4 - HKCU\..\Run: [dmdwd.tmp] C:\Windows\system32\dmdwd.tmp
O4 - HKCU\..\Run: [dmxtj.tmp] C:\Windows\system32\dmxtj.tmp
O4 - HKCU\..\Run: [dmntw.tmp] C:\Windows\system32\dmntw.tmp
O4 - HKCU\..\Run: [dmhev.tmp] C:\Windows\system32\dmhev.tmp
O4 - HKCU\..\Run: [dmmhj.tmp] C:\Windows\system32\dmmhj.tmp
O4 - HKCU\..\Run: [dmpoj.tmp] C:\Windows\system32\dmpoj.tmp
O4 - HKCU\..\Run: [dmpeo.tmp] C:\Windows\system32\dmpeo.tmp
O4 - HKCU\..\Run: [dmhls.tmp] C:\Windows\system32\dmhls.tmp
O4 - HKCU\..\Run: [dmdbg.tmp] C:\Windows\system32\dmdbg.tmp
O4 - HKCU\..\Run: [dmwfc.tmp] C:\Windows\system32\dmwfc.tmp
O4 - HKCU\..\Run: [dmuru.tmp] C:\Windows\system32\dmuru.tmp
O4 - HKCU\..\Run: [dmjle.tmp] C:\Windows\system32\dmjle.tmp
O4 - HKCU\..\Run: [dmbnn.tmp] C:\Windows\system32\dmbnn.tmp
O4 - HKCU\..\Run: [dmurg.tmp] C:\Windows\system32\dmurg.tmp
O4 - HKCU\..\Run: [dmqpx.tmp] C:\Windows\system32\dmqpx.tmp
O4 - HKCU\..\Run: [dmwsq.tmp] C:\Windows\system32\dmwsq.tmp
O4 - HKCU\..\Run: [dmcqa.tmp] C:\Windows\system32\dmcqa.tmp
O4 - HKCU\..\Run: [dmpai.tmp] C:\Windows\system32\dmpai.tmp
O4 - HKCU\..\Run: [dmpro.tmp] C:\Windows\system32\dmpro.tmp
O4 - HKCU\..\Run: [dmrzo.tmp] C:\Windows\system32\dmrzo.tmp
O4 - HKCU\..\Run: [dmscm.tmp] C:\Windows\system32\dmscm.tmp
O4 - HKCU\..\Run: [dmxxc.tmp] C:\Windows\system32\dmxxc.tmp
O4 - HKCU\..\Run: [dmcys.tmp] C:\Windows\system32\dmcys.tmp
O4 - HKCU\..\Run: [dmrym.tmp] C:\Windows\system32\dmrym.tmp
O4 - HKCU\..\Run: [dmzyz.tmp] C:\Windows\system32\dmzyz.tmp
O4 - HKCU\..\Run: [dmxnv.tmp] C:\Windows\system32\dmxnv.tmp
O4 - HKCU\..\Run: [dmnby.tmp] C:\Windows\system32\dmnby.tmp
O4 - HKCU\..\Run: [dmbpw.tmp] C:\Windows\system32\dmbpw.tmp
O4 - HKCU\..\Run: [dmzcv.tmp] C:\Windows\system32\dmzcv.tmp
O4 - HKCU\..\Run: [dmujv.tmp] C:\Windows\system32\dmujv.tmp
O4 - HKCU\..\Run: [dmqyw.tmp] C:\Windows\system32\dmqyw.tmp
O4 - HKCU\..\Run: [dmlzc.tmp] C:\Windows\system32\dmlzc.tmp
O4 - HKCU\..\Run: [dmaij.tmp] C:\Windows\system32\dmaij.tmp
O4 - HKCU\..\Run: [dmbpf.tmp] C:\Windows\system32\dmbpf.tmp
O4 - HKCU\..\Run: [dmimr.tmp] C:\Windows\system32\dmimr.tmp
O4 - HKCU\..\Run: [dmbkc.tmp] C:\Windows\system32\dmbkc.tmp
O4 - HKCU\..\Run: [dmtub.tmp] C:\Windows\system32\dmtub.tmp
O4 - HKCU\..\Run: [dmzvf.tmp] C:\Windows\system32\dmzvf.tmp
O4 - HKCU\..\Run: [dmurv.tmp] C:\Windows\system32\dmurv.tmp
O4 - HKCU\..\Run: [dmnmt.tmp] C:\Windows\system32\dmnmt.tmp
O4 - HKCU\..\Run: [dmgtc.tmp] C:\Windows\system32\dmgtc.tmp
O4 - HKCU\..\Run: [dmsfp.tmp] C:\Windows\system32\dmsfp.tmp
O4 - HKCU\..\Run: [dmupn.tmp] C:\Windows\system32\dmupn.tmp
O4 - HKCU\..\Run: [dmzbz.tmp] C:\Windows\system32\dmzbz.tmp
O4 - HKCU\..\Run: [dmcot.tmp] C:\Windows\system32\dmcot.tmp
O4 - HKCU\..\Run: [dmmhm.tmp] C:\Windows\system32\dmmhm.tmp
O4 - HKCU\..\Run: [dmetp.tmp] C:\Windows\system32\dmetp.tmp
O4 - HKCU\..\Run: [dmjrn.tmp] C:\Windows\system32\dmjrn.tmp
O4 - HKCU\..\Run: [dmqcc.tmp] C:\Windows\system32\dmqcc.tmp
O4 - HKCU\..\Run: [dmudc.tmp] C:\Windows\system32\dmudc.tmp
O4 - HKCU\..\Run: [dmewk.tmp] C:\Windows\system32\dmewk.tmp
O4 - HKCU\..\Run: [dmuog.tmp] C:\Windows\system32\dmuog.tmp
O4 - HKCU\..\Run: [dmvsn.tmp] C:\Windows\system32\dmvsn.tmp
O4 - HKCU\..\Run: [dmhvu.tmp] C:\Windows\system32\dmhvu.tmp
O4 - HKCU\..\Run: [dmopc.tmp] C:\Windows\system32\dmopc.tmp
O4 - HKCU\..\Run: [dmwxc.tmp] C:\Windows\system32\dmwxc.tmp
O4 - HKCU\..\Run: [dmbup.tmp] C:\Windows\system32\dmbup.tmp
O4 - HKCU\..\Run: [dmolu.tmp] C:\Windows\system32\dmolu.tmp
O4 - HKCU\..\Run: [dmpqr.tmp] C:\Windows\system32\dmpqr.tmp
O4 - HKCU\..\Run: [dmbrs.tmp] C:\Windows\system32\dmbrs.tmp
O4 - HKCU\..\Run: [dmgmz.tmp] C:\Windows\system32\dmgmz.tmp
O4 - HKCU\..\Run: [dmwmf.tmp] C:\Windows\system32\dmwmf.tmp
O4 - HKCU\..\Run: [dmlcf.tmp] C:\Windows\system32\dmlcf.tmp
O4 - HKCU\..\Run: [dmjfy.tmp] C:\Windows\system32\dmjfy.tmp
O4 - HKCU\..\Run: [dmksh.tmp] C:\Windows\system32\dmksh.tmp
O4 - HKCU\..\Run: [dmzva.tmp] C:\Windows\system32\dmzva.tmp
O4 - HKCU\..\Run: [dmkbz.tmp] C:\Windows\system32\dmkbz.tmp
O4 - HKCU\..\Run: [dmruh.tmp] C:\Windows\system32\dmruh.tmp
O4 - HKCU\..\Run: [dmzmq.tmp] C:\Windows\system32\dmzmq.tmp
O4 - HKCU\..\Run: [dmdor.tmp] C:\Windows\system32\dmdor.tmp
O4 - HKCU\..\Run: [dmsyd.tmp] C:\Windows\system32\dmsyd.tmp
O4 - HKCU\..\Run: [dmbrc.tmp] C:\Windows\system32\dmbrc.tmp
O4 - HKCU\..\Run: [dmnvf.tmp] C:\Windows\system32\dmnvf.tmp
O4 - HKCU\..\Run: [dmkdm.tmp] C:\Windows\system32\dmkdm.tmp
O4 - HKCU\..\Run: [dmdrm.tmp] C:\Windows\system32\dmdrm.tmp
O4 - HKCU\..\Run: [dmkby.tmp] C:\Windows\system32\dmkby.tmp
O4 - HKCU\..\Run: [dmvda.tmp] C:\Windows\system32\dmvda.tmp
O4 - HKCU\..\Run: [Antivirus] C:\Program Files\Antivirus2008\Antvrs.exe
O4 - HKCU\..\Run: [dmzti.tmp] C:\Windows\system32\dmzti.tmp
O4 - HKCU\..\Run: [dmrwa.tmp] C:\Windows\system32\dmrwa.tmp
O4 - HKCU\..\Run: [dmqbj.tmp] C:\Windows\system32\dmqbj.tmp
O4 - HKCU\..\Run: [dmnqu.tmp] C:\Windows\system32\dmnqu.tmp
O4 - HKCU\..\Run: [dmzja.tmp] C:\Windows\system32\dmzja.tmp
O4 - HKCU\..\Run: [dmmmx.tmp] C:\Windows\system32\dmmmx.tmp
O4 - HKCU\..\Run: [dmidq.tmp] C:\Windows\system32\dmidq.tmp
O4 - HKCU\..\Run: [dmnwp.tmp] C:\Windows\system32\dmnwp.tmp
O4 - HKCU\..\Run: [gscic] "c:\users\smain\appdata\local\gscic.exe" gscic
O4 - HKCU\..\Run: [ukmceag] "c:\users\smain\appdata\local\ukmceag.exe" ukmceag
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Outil de notification Live Search.lnk = C:\Users\smain\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix: 
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D1548A26-B8F6-4E86-AE74-E7062CCC2E2A} (igLoader Content on Demand) - http://www.miniclip.com/igloader/igloader.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{03F0236A-898D-427C-A883-D624C6166736}: NameServer = 85.255.113.149,85.255.112.81
O17 - HKLM\System\CCS\Services\Tcpip\..\{16BED8C1-28BE-4064-8A2A-F8A1DF1EC244}: NameServer = 85.255.113.149,85.255.112.81
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.113.149 85.255.112.81
O17 - HKLM\System\CS1\Services\Tcpip\..\{03F0236A-898D-427C-A883-D624C6166736}: NameServer = 85.255.113.149,85.255.112.81
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.149 85.255.112.81
O17 - HKLM\System\CS2\Services\Tcpip\..\{03F0236A-898D-427C-A883-D624C6166736}: NameServer = 85.255.113.149,85.255.112.81
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.113.149 85.255.112.81
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

jlpjlp · Answer

aie aie aie cela fait mal un tel rapport!!!

il y a du boulot!

j'espere que tu es dispo car il faut y aller ! tu es détourné en ukraine!
________


smit fraud fix (colle le rapport)

1/ telecharger :

http://siri.urz.free.fr/Fix/SmitfraudFix.php

2/ double clique sur smitfraudfix. puis sélectionne 1 et appuyer sur entrée afin de créer le rapport des infection présentes.

______________




Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection): 

- Va dans démarrer puis panneau de configuration 
- Double Clique sur l'icône "Comptes d'utilisateurs" 
- Clique ensuite sur désactiver et valide. 

Télécharge maintenant Navilog1 depuis-ce lien : 

http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe 

Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau. 
Ensuite double clique sur navilog1.exe pour lancer l'installation. 
Une fois l'installation terminée, Fais un Clic-droit sur le raccourci Navilog1 présent sur ton bureau et choisis "Exécuter 

en tant qu'administrateur". 

Au menu principal, Fais le choix 1 
Laisse toi guider et patiente. 
Patiente jusqu'au message : 
*** Analyse Termine le ..... *** 
Appuie sur une touche le blocnote va s'ouvrir. 
Copie-colle l'intégralité du rapport dans une réponse. 
Referme le blocnote 
Le rapport fixnavi.txt est en outre sauvegardé dans %systemdrive%.

quiche69 · Answer

sa ne veux pas jarive pas (j 'arrive a telecharger smit fraud fix ensuite #  Recherche:

    * Double cliquer sur SmitfraudFix.exe
    * Sélectionner 1 et pressez Entrée dans le menu pour créer un rapport des fichiers responsables de l'infection. Le rapport se trouve à la racine du disque système C:\rapport.txt



mais apré sa me marche plus je sui inquier mon ordi bug

jlpjlp · Answer

alors fais ceci:


Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection): 

- Va dans démarrer puis panneau de configuration 
- Double Clique sur l'icône "Comptes d'utilisateurs" 
- Clique ensuite sur désactiver et valide. 


télécharge combofix (par sUBs) ici : renommé en killfix

http://sd-1.archive-host.com/membres/up/193094576412487685/Killfix.exe

et enregistre le sur le bureau. 

déconnecte toi d'internet et ferme toutes tes applications. 

désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware) 


double-clique sur combofix.exe et suis les instructions 

à la fin, il va produire un rapport C:\ComboFix.txt 

réactive ton parefeu, ton antivirus, la garde de ton antispyware 

copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse. 

Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi. 

Tu as un tutoriel complet ici : 

https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix 

_______________________


scan avec 
MalwareByte's Anti-Malware après mise a jour, en mode normal et vire ce qui est trouvé et colle le rapport

https://www.malekal.com/tutoriel-malwarebyte-anti-malware/ 

__________________________

remets un rapport RSIT

quiche69 · Answer

voici le rapport combofix "ComboFix 09-01-19.05 - smain 2009-01-22 21:44:23.1 - NTFSx86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.894.206 [GMT 1:00] Lancé depuis: c:\users\smain\Desktop\Killfix.exe AV: avast! antivirus 4.8.1296 [VPS 090122-0] *On-access scanning disabled* (Updated) * Un nouveau point de restauration a été créé . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\Antivirus2008 c:\program files\BurstWriting c:\program files\BurstWriting\uninstall.dat c:\program files\BurstWriting\Uninstall.exe c:\program files\FBrowserAdvisor c:\program files\FBrowsingAdvisor c:\program files\FBrowsingAdvisor\IXPCOMEvents.xpt c:\program files\FBrowsingAdvisor\Logo.png c:\program files\FBrowsingAdvisor\main.db c:\program files\FBrowsingAdvisor\unins000.dat c:\program files\FBrowsingAdvisor\unins000.exe c:\program files\FBrowsingAdvisor\XPCOMEvents.dll c:\program files\FunWebProducts c:\program files\MyWebSearch c:\program files\MyWebSearch\bar\Settings\s_pid.dat c:\program files\Video Add-on c:\programdata\Adsl Software Limited c:\programdata\Adsl Software Limited\WinSpywareProtect\LOG\20080607130102891.log c:\programdata\Adsl Software Limited\WinSpywareProtect\LOG\20080607162346988.log c:\programdata\Adsl Software Limited\WinSpywareProtect\LOG\20080607173634430.log c:\programdata\Adsl Software Limited\WinSpywareProtect\LOG\20080607183920377.log c:\programdata\Adsl Software Limited\WinSpywareProtect\LOG\20080607214136560.log c:\programdata\Adsl Software Limited\WinSpywareProtect\LOG\20080608125010637.log c:\programdata\Adsl Software Limited\WinSpywareProtect\LOG\20080608203654748.log c:\programdata\Adsl Software Limited\WinSpywareProtect\LOG\20080609114607996.log c:\programdata\Adsl Software Limited\WinSpywareProtect\LOG\20080609121958158.log c:\programdata\Microsoft\Windows\Start Menu\Programs\InternetGameBox c:\programdata\Microsoft\Windows\Start Menu\Programs\InternetGameBox\Conditions générales.lnk c:\programdata\Microsoft\Windows\Start Menu\Programs\InternetGameBox\Confidentialité.lnk c:\programdata\Microsoft\Windows\Start Menu\Programs\InternetGameBox\InternetGameBox.lnk c:\programdata\Microsoft\Windows\Start Menu\Programs\InternetGameBox\Website.lnk c:\programdata\Microsoft\Windows\Start Menu\Programs\PlayMP3z c:\programdata\Microsoft\Windows\Start Menu\Programs\PlayMP3z\Run PlayMP3z.lnk c:\programdata\Microsoft\Windows\Start Menu\Programs\Spyware-Secure c:\programdata\Microsoft\Windows\Start Menu\Programs\Spyware-Secure\Spyware-Secure.lnk c:\programdata\Microsoft\Windows\Start Menu\Programs\Spyware-Secure\Website.lnk c:\users\smain\AppData\Local\gscic.dat c:\users\smain\AppData\Local\gscic_nav.dat c:\users\smain\AppData\Local\gscic_navps.dat c:\users\smain\AppData\Local\gscic_navup.dat c:\users\smain\AppData\Local\ukmceag.dat c:\users\smain\AppData\Local\ukmceag.exe c:\users\smain\AppData\Local\ukmceag_nav.dat c:\users\smain\AppData\Local\ukmceag_navps.dat c:\users\smain\AppData\Roaming\Microsoft\Windows\Start Menu\Antivirus2008 c:\users\smain\AppData\Roaming\Microsoft\Windows\Start Menu\Antivirus2008\Antivirus 2008.lnk c:\users\smain\AppData\Roaming\Microsoft\Windows\Start Menu\Antivirus2008\Uninstall Antivirus.lnk c:\windows\system32 vs2.inf . ((((((((((((((((((((((((((((( Fichiers créés du 2008-12-22 au 2009-01-22 )))))))))))))))))))))))))))))))))))) . 2009-01-22 20:29 . 2009-01-22 20:29 d-------- C: sit 2009-01-22 20:29 . 2009-01-22 20:43 d-------- c:\program files rend micro 2009-01-22 18:41 . 2008-11-26 18:17 51,792 --a------ c:\windows\System32\drivers\aswMonFlt.sys 2009-01-21 14:39 . 2009-01-21 14:38 410,984 --a------ c:\windows\System32\deploytk.dll 2009-01-15 09:58 . 2009-01-15 09:59 d-------- c:\program files\DivX 2009-01-09 18:06 . 2009-01-09 18:06 d-------- c:\program files\BitDownload 2009-01-08 14:25 . 2009-01-22 17:50 d-------- c:\program files\eMule 2009-01-08 14:18 . 2009-01-08 14:18 d-------- c:\users\smain\AppData\Roaming\.wyzo 2009-01-08 14:16 . 2009-01-08 14:29 d-------- c:\program files\Wyzo 2008-12-28 15:46 . 2008-12-28 15:46 d-------- c:\program files\AliveMedia 2008-12-28 11:28 . 2005-07-07 15:25 81,728 --a------ c:\windows\System32\drivers\k750mgmt.sys 2008-12-28 11:14 . 2005-07-07 15:25 79,488 --a------ c:\windows\System32\drivers\k750obex.sys 2008-12-28 11:06 . 2005-07-07 15:25 89,872 --a------ c:\windows\System32\drivers\k750mdm.sys 2008-12-28 11:06 . 2005-07-07 15:26 6,576 --a------ c:\windows\System32\drivers\k750mdfl.sys 2008-12-28 11:06 . 2005-07-07 15:26 6,144 --a------ c:\windows\System32\drivers\k750cmnt.sys 2008-12-28 11:06 . 2005-07-07 15:26 6,144 --a------ c:\windows\System32\drivers\k750cm.sys 2008-12-28 10:59 . 2005-07-07 15:26 55,216 --a------ c:\windows\System32\drivers\k750bus.sys 2008-12-28 10:59 . 2005-07-07 15:25 5,744 --a------ c:\windows\System32\drivers\k750whnt.sys 2008-12-28 10:59 . 2005-07-07 15:25 5,744 --a------ c:\windows\System32\drivers\k750wh.sys . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-22 20:44 1,048,576 --sha-w c:\users\Invité\NTUSER.DAT 2009-01-22 20:44 1,048,576 --sha-w c:\users\Invité\NTUSER.DAT 2009-01-22 18:55 --------- d-----w c:\program files\BitDefender 2009-01-22 18:52 81,984 ----a-w c:\windows\System32\bdod.bin 2009-01-21 20:44 --------- d-----w c:\programdata\Google Updater 2009-01-21 13:37 --------- d-----w c:\program files\Java 2009-01-20 09:04 --------- d-----w c:\users\smain\AppData\Roaming\LimeWire 2009-01-17 17:26 --------- d-----w c:\users\smain\AppData\Roaming\Image Zone Express 2009-01-07 18:34 --------- d-----w c:\program files\Google 2009-01-05 08:23 --------- d-----w c:\users\smain\AppData\Roaming\Printer Info Cache 2009-01-05 08:19 1,826 ----a-w c:\users\smain\AppData\Roaming\wklnhst.dat 2008-12-19 20:50 --------- d-----w c:\program files\Alwil Software 2008-12-19 20:31 --------- d-----w c:\programdata\Symantec 2008-12-19 20:31 --------- d-----w c:\program files\Common Files\Symantec Shared 2008-12-19 20:27 --------- d-----w c:\program files\Symantec 2008-12-14 09:19 --------- d-----w c:\users\smain\AppData\Roaming\EoRezo 2008-12-13 18:03 --------- d-----w c:\program files\MyXOFT 2008-11-06 16:35 200,704 ----a-w c:\windows\System32\ssldivx.dll 2008-11-06 16:35 1,044,480 ----a-w c:\windows\System32\libdivx.dll 2008-10-25 08:09 319,456 ----a-w c:\windows\DIFxAPI.dll 2008-09-23 14:09 174 --sha-w c:\program files\desktop.ini . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-10 1232896] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440] "SweetIM"="c:\program files\Macrogaming\SweetIM\SweetIM.exe" [2008-01-02 103712] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2006-09-28 65536] "KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536] "OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-21 136600] "NvSvc"="c:\windows\system32 vsvc.dll" [2008-05-22 526880] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-22 13539872] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-22 92704] "SweetIM"="c:\program files\Macrogaming\SweetIM\SweetIM.exe" [2008-01-02 103712] "Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000] "RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 c:\windows\RtHDVCpl.exe] c:\users\smain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Outil de notification Live Search.lnk - c:\users\smain\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe [2008-12-17 143360] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-01-02 210520] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UacDisableNotify"=dword:00000001 "InternetSettingsDisableNotify"=dword:00000001 "AutoUpdateDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{79C5137B-380B-440C-AB13-622A67C4244B}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{1A031041-9B75-4114-9530-AB750E1DE079}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{F95C86DF-DA7E-46E0-B2D0-864264E5FEF1}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire "{C6A02AA9-32CA-47B9-BFAF-BE3EB5E0FAF2}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire "{A863B3C8-6AD7-435F-9334-F999BB5B038E}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{436357C2-DACC-4A0D-8EB1-B61E72F5D484}"= UDP:c:\program files\LimeWire\1\LimeWire.exe:LimeWire "{1CB89129-AB0E-4156-8F74-A4FE18722BFA}"= TCP:c:\program files\LimeWire\1\LimeWire.exe:LimeWire "{0FD76A26-44B5-4B02-951F-041C83D1D098}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone) "TCP Query User{1CE9DC36-3F67-4C66-A1CA-BE11DA24EE4E}c:\program files\internet explorer\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "UDP Query User{380A859C-25E6-4BD7-BFBC-8739423ACCD9}c:\program files\internet explorer\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "TCP Query User{440D0908-4FFD-4BD3-9177-4D5B0EF58779}c:\program files\wyzo\wyzo.exe"= UDP:c:\program files\wyzo\wyzo.exe:Wyzo "UDP Query User{BA90C1AA-C43F-4103-961D-C7577375E0B1}c:\program files\wyzo\wyzo.exe"= TCP:c:\program files\wyzo\wyzo.exe:Wyzo "TCP Query User{FB263579-4060-491D-B76E-91F09710AD46}c:\program files\emule\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule "UDP Query User{8427D476-6D9B-41BC-AA39-EB9E9FDAA34C}c:\program files\emule\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System] "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic| [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List] "c:\Program Files\PPMate\ppmate.exe"= c:\program files\PPMate\ppmate.exe:*:Enabled:PPMate "c:\Program Files\PPMate\ppmnet.exe"= c:\program files\PPMate\ppmnet.exe:*:Enabled:PPMate R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [2009-01-22 111184] R3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\System32\drivers etr73.sys [2007-08-31 464384] R4 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [2009-01-22 20560] R4 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [2009-01-22 51792] S3 s916bus;Sony Ericsson Device 916 driver (WDM);c:\windows\System32\drivers\s916bus.sys [2008-05-13 83496] S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter;c:\windows\System32\drivers\s916mdfl.sys [2008-05-15 15016] S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver;c:\windows\System32\drivers\s916mdm.sys [2008-05-15 109992] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{41ab1c85-eb6c-11dc-a7db-001bfcc4fe2d}] \shell\Auto\command - wscript "esta ig.vbs" \shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript "esta ig.vbs" . Contenu du dossier 'Tâches planifiées' 2009-01-21 c:\windows\Tasks\User_Feed_Synchronization-{0E95EAE8-BC25-4F30-9F05-B0D3A2CC3007}.job - c:\windows\system32\msfeedssync.exe [2006-11-02 10:45] 2009-01-22 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job - c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20] . - - - - ORPHELINS SUPPRIMES - - - - WebBrowser-{6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - (no file) HKCU-Run-MsnMsgr - ~c:\program files\MSN Messenger\MsnMsgr.Exe HKCU-Run-RegistryCleanFixMFC - c:\program files\RegistryCleanFix2008\RegistryCleaner2008.exe HKCU-Run-dmgid.tmp - c:\windows\system32\dmgid.tmp HKCU-Run-dmiyy.tmp - c:\windows\system32\dmiyy.tmp HKCU-Run-dmcoc.tmp - c:\windows\system32\dmcoc.tmp HKCU-Run-dmwnm.tmp - c:\windows\system32\dmwnm.tmp HKCU-Run-dmsyy.tmp - c:\windows\system32\dmsyy.tmp HKCU-Run-dmfsb.tmp - c:\windows\system32\dmfsb.tmp HKCU-Run-dmidf.tmp - c:\windows\system32\dmidf.tmp HKCU-Run-dmsqk.tmp - c:\windows\system32\dmsqk.tmp HKCU-Run-dmlfd.tmp - c:\windows\system32\dmlfd.tmp HKCU-Run-dmlaz.tmp - c:\windows\system32\dmlaz.tmp HKCU-Run-dmxyf.tmp - c:\windows\system32\dmxyf.tmp HKCU-Run-dmsew.tmp - c:\windows\system32\dmsew.tmp HKCU-Run-dmssi.tmp - c:\windows\system32\dmssi.tmp HKCU-Run-dmhzo.tmp - c:\windows\system32\dmhzo.tmp HKCU-Run-dmnpl.tmp - c:\windows\system32\dmnpl.tmp HKCU-Run-dmuyp.tmp - c:\windows\system32\dmuyp.tmp HKCU-Run-dmhxb.tmp - c:\windows\system32\dmhxb.tmp HKCU-Run-dmnpo.tmp - c:\windows\system32\dmnpo.tmp HKCU-Run-dmhmh.tmp - c:\windows\system32\dmhmh.tmp HKCU-Run-dmiys.tmp - c:\windows\system32\dmiys.tmp HKCU-Run-dmnih.tmp - c:\windows\system32\dmnih.tmp HKCU-Run-dmwoa.tmp - c:\windows\system32\dmwoa.tmp HKCU-Run-dmezh.tmp - c:\windows\system32\dmezh.tmp HKCU-Run-dmgfj.tmp - c:\windows\system32\dmgfj.tmp HKCU-Run-dmeri.tmp - c:\windows\system32\dmeri.tmp HKCU-Run-dmsbj.tmp - c:\windows\system32\dmsbj.tmp HKCU-Run-dmtbj.tmp - c:\windows\system32\dmtbj.tmp HKCU-Run-dmeic.tmp - c:\windows\system32\dmeic.tmp HKCU-Run-dmqky.tmp - c:\windows\system32\dmqky.tmp HKCU-Run-dmfxu.tmp - c:\windows\system32\dmfxu.tmp HKCU-Run-dmohg.tmp - c:\windows\system32\dmohg.tmp HKCU-Run-dmdnx.tmp - c:\windows\system32\dmdnx.tmp HKCU-Run-dmlkp.tmp - c:\windows\system32\dmlkp.tmp HKCU-Run-dmezy.tmp - c:\windows\system32\dmezy.tmp HKCU-Run-dmpma.tmp - c:\windows\system32\dmpma.tmp HKCU-Run-dmfem.tmp - c:\windows\system32\dmfem.tmp HKCU-Run-dmvxj.tmp - c:\windows\system32\dmvxj.tmp HKCU-Run-dmwuq.tmp - c:\windows\system32\dmwuq.tmp HKCU-Run-dmlud.tmp - c:\windows\system32\dmlud.tmp HKCU-Run-dmzpk.tmp - c:\windows\system32\dmzpk.tmp HKCU-Run-dmjly.tmp - c:\windows\system32\dmjly.tmp HKCU-Run-dmitk.tmp - c:\windows\system32\dmitk.tmp HKCU-Run-dmdop.tmp - c:\windows\system32\dmdop.tmp HKCU-Run-dmqry.tmp - c:\windows\system32\dmqry.tmp HKCU-Run-dmddd.tmp - c:\windows\system32\dmddd.tmp HKCU-Run-dmrzc.tmp - c:\windows\system32\dmrzc.tmp HKCU-Run-dmalj.tmp - c:\windows\system32\dmalj.tmp HKCU-Run-dmijt.tmp - c:\windows\system32\dmijt.tmp HKCU-Run-dmsob.tmp - c:\windows\system32\dmsob.tmp HKCU-Run-dmkdg.tmp - c:\windows\system32\dmkdg.tmp HKCU-Run-dmpla.tmp - c:\windows\system32\dmpla.tmp HKCU-Run-dmnhu.tmp - c:\windows\system32\dmnhu.tmp HKCU-Run-dmoci.tmp - c:\windows\system32\dmoci.tmp HKCU-Run-dmstm.tmp - c:\windows\system32\dmstm.tmp HKCU-Run-dmufu.tmp - c:\windows\system32\dmufu.tmp HKCU-Run-dmqvp.tmp - c:\windows\system32\dmqvp.tmp HKCU-Run-dmznp.tmp - c:\windows\system32\dmznp.tmp HKCU-Run-dmasb.tmp - c:\windows\system32\dmasb.tmp HKCU-Run-dmfea.tmp - c:\windows\system32\dmfea.tmp HKCU-Run-dmatr.tmp - c:\windows\system32\dmatr.tmp HKCU-Run-dmwgv.tmp - c:\windows\system32\dmwgv.tmp HKCU-Run-dmgnw.tmp - c:\windows\system32\dmgnw.tmp HKCU-Run-dmeih.tmp - c:\windows\system32\dmeih.tmp HKCU-Run-dmszm.tmp - c:\windows\system32\dmszm.tmp HKCU-Run-dmnbr.tmp - c:\windows\system32\dmnbr.tmp HKCU-Run-dmqdh.tmp - c:\windows\system32\dmqdh.tmp HKCU-Run-dmscv.tmp - c:\windows\system32\dmscv.tmp HKCU-Run-dmeyc.tmp - c:\windows\system32\dmeyc.tmp HKCU-Run-dmhvo.tmp - c:\windows\system32\dmhvo.tmp HKCU-Run-dmbwd.tmp - c:\windows\system32\dmbwd.tmp HKCU-Run-dmffk.tmp - c:\windows\system32\dmffk.tmp HKCU-Run-dmdwz.tmp - c:\windows\system32\dmdwz.tmp HKCU-Run-dmrpl.tmp - c:\windows\system32\dmrpl.tmp HKCU-Run-dmjee.tmp - c:\windows\system32\dmjee.tmp HKCU-Run-dmlqq.tmp - c:\windows\system32\dmlqq.tmp HKCU-Run-dmqou.tmp - c:\windows\system32\dmqou.tmp HKCU-Run-dmeif.tmp - c:\windows\system32\dmeif.tmp HKCU-Run-dmuoz.tmp - c:\windows\system32\dmuoz.tmp HKCU-Run-dmtov.tmp - c:\windows\system32\dmtov.tmp HKCU-Run-dmaox.tmp - c:\windows\system32\dmaox.tmp HKCU-Run-dmtpp.tmp - c:\windows\system32\dmtpp.tmp HKCU-Run-dmehu.tmp - c:\windows\system32\dmehu.tmp HKCU-Run-dmwei.tmp - c:\windows\system32\dmwei.tmp HKCU-Run-dmcms.tmp - c:\windows\system32\dmcms.tmp HKCU-Run-dmefe.tmp - c:\windows\system32\dmefe.tmp HKCU-Run-dmjjt.tmp - c:\windows\system32\dmjjt.tmp HKCU-Run-dmzev.tmp - c:\windows\system32\dmzev.tmp HKCU-Run-dmevv.tmp - c:\windows\system32\dmevv.tmp HKCU-Run-dmukb.tmp - c:\windows\system32\dmukb.tmp HKCU-Run-dmbkl.tmp - c:\windows\system32\dmbkl.tmp HKCU-Run-dmnbf.tmp - c:\windows\system32\dmnbf.tmp HKCU-Run-dmrgc.tmp - c:\windows\system32\dmrgc.tmp HKCU-Run-dmhag.tmp - c:\windows\system32\dmhag.tmp HKCU-Run-dmkay.tmp - c:\windows\system32\dmkay.tmp HKCU-Run-dmvkn.tmp - c:\windows\system32\dmvkn.tmp HKCU-Run-dmaqd.tmp - c:\windows\system32\dmaqd.tmp HKCU-Run-dmvhf.tmp - c:\windows\system32\dmvhf.tmp HKCU-Run-dmxht.tmp - c:\windows\system32\dmxht.tmp HKCU-Run-dmyew.tmp - c:\windows\system32\dmyew.tmp HKCU-Run-dmgzr.tmp - c:\windows\system32\dmgzr.tmp HKCU-Run-dmmcy.tmp - c:\windows\system32\dmmcy.tmp HKCU-Run-dmztv.tmp - c:\windows\system32\dmztv.tmp HKCU-Run-dmpxx.tmp - c:\windows\system32\dmpxx.tmp HKCU-Run-dmymo.tmp - c:\windows\system32\dmymo.tmp HKCU-Run-dmgxb.tmp - c:\windows\system32\dmgxb.tmp HKCU-Run-dmyup.tmp - c:\windows\system32\dmyup.tmp HKCU-Run-dmdsq.tmp - c:\windows\system32\dmdsq.tmp HKCU-Run-dmypi.tmp - c:\windows\system32\dmypi.tmp HKCU-Run-dmiyv.tmp - c:\windows\system32\dmiyv.tmp HKCU-Run-dmsag.tmp - c:\windows\system32\dmsag.tmp HKCU-Run-dmzmm.tmp - c:\windows\system32\dmzmm.tmp HKCU-Run-dmtuq.tmp - c:\windows\system32\dmtuq.tmp HKCU-Run-dmbpx.tmp - c:\windows\system32\dmbpx.tmp HKCU-Run-dmqpm.tmp - c:\windows\system32\dmqpm.tmp HKCU-Run-dmrwb.tmp - c:\windows\system32\dmrwb.tmp HKCU-Run-dmobg.tmp - c:\windows\system32\dmobg.tmp HKCU-Run-dmchh.tmp - c:\windows\system32\dmchh.tmp HKCU-Run-dmizx.tmp - c:\windows\system32\dmizx.tmp HKCU-Run-dmyhq.tmp - c:\windows\system32\dmyhq.tmp HKCU-Run-dmfna.tmp - c:\windows\system32\dmfna.tmp HKCU-Run-dmloy.tmp - c:\windows\system32\dmloy.tmp HKCU-Run-dmvrg.tmp - c:\windows\system32\dmvrg.tmp HKCU-Run-dmqfn.tmp - c:\windows\system32\dmqfn.tmp HKCU-Run-dmiay.tmp - c:\windows\system32\dmiay.tmp HKCU-Run-dmkpa.tmp - c:\windows\system32\dmkpa.tmp HKCU-Run-dmeci.tmp - c:\windows\system32\dmeci.tmp HKCU-Run-dmvpz.tmp - c:\windows\system32\dmvpz.tmp HKCU-Run-dmjhx.tmp - c:\windows\system32\dmjhx.tmp HKCU-Run-dmitx.tmp - c:\windows\system32\dmitx.tmp HKCU-Run-dmszz.tmp - c:\windows\system32\dmszz.tmp HKCU-Run-dmqzt.tmp - c:\windows\system32\dmqzt.tmp HKCU-Run-dmysd.tmp - c:\windows\system32\dmysd.tmp HKCU-Run-dmmyz.tmp - c:\windows\system32\dmmyz.tmp HKCU-Run-dmuhe.tmp - c:\windows\system32\dmuhe.tmp HKCU-Run-dmgyl.tmp - c:\windows\system32\dmgyl.tmp HKCU-Run-dmdsr.tmp - c:\windows\system32\dmdsr.tmp HKCU-Run-dmmpi.tmp - c:\windows\system32\dmmpi.tmp HKCU-Run-dmzku.tmp - c:\windows\system32\dmzku.tmp HKCU-Run-dmtqq.tmp - c:\windows\system32\dmtqq.tmp HKCU-Run-dmfjc.tmp - c:\windows\system32\dmfjc.tmp HKCU-Run-dmjkj.tmp - c:\windows\system32\dmjkj.tmp HKCU-Run-dmggv.tmp - c:\windows\system32\dmggv.tmp HKCU-Run-dmuth.tmp - c:\windows\system32\dmuth.tmp HKCU-Run-dmyzx.tmp - c:\windows\system32\dmyzx.tmp HKCU-Run-dmtnt.tmp - c:\windows\system32\dmtnt.tmp HKCU-Run-dmhjt.tmp - c:\windows\system32\dmhjt.tmp HKCU-Run-dmfwh.tmp - c:\windows\system32\dmfwh.tmp HKCU-Run-dmmmh.tmp - c:\windows\system32\dmmmh.tmp HKCU-Run-dmaka.tmp - c:\windows\system32\dmaka.tmp HKCU-Run-dmnyi.tmp - c:\windows\system32\dmnyi.tmp HKCU-Run-dmlfe.tmp - c:\windows\system32\dmlfe.tmp HKCU-Run-dmbej.tmp - c:\windows\system32\dmbej.tmp HKCU-Run-dmhzk.tmp - c:\windows\system32\dmhzk.tmp HKCU-Run-dmwzb.tmp - c:\windows\system32\dmwzb.tmp HKCU-Run-dmzho.tmp - c:\windows\system32\dmzho.tmp HKCU-Run-dmjhj.tmp - c:\windows\system32\dmjhj.tmp HKCU-Run-dmvqd.tmp - c:\windows\system32\dmvqd.tmp HKCU-Run-dmwko.tmp - c:\windows\system32\dmwko.tmp HKCU-Run-dmakn.tmp - c:\windows\system32\dmakn.tmp HKCU-Run-dmdfc.tmp - c:\windows\system32\dmdfc.tmp HKCU-Run-dmbrg.tmp - c:\windows\system32\dmbrg.tmp HKCU-Run-dmobt.tmp - c:\windows\system32\dmobt.tmp HKCU-Run-dmhqk.tmp - c:\windows\system32\dmhqk.tmp HKCU-Run-dmwob.tmp - c:\windows\system32\dmwob.tmp HKCU-Run-dmdbb.tmp - c:\windows\system32\dmdbb.tmp HKCU-Run-dmeww.tmp - c:\windows\system32\dmeww.tmp HKCU-Run-dmisr.tmp - c:\windows\system32\dmisr.tmp HKCU-Run-dmjgx.tmp - c:\windows\system32\dmjgx.tmp HKCU-Run-dmlyp.tmp - c:\windows\system32\dmlyp.tmp HKCU-Run-dmecj.tmp - c:\windows\system32\dmecj.tmp HKCU-Run-dmjib.tmp - c:\windows\system32\dmjib.tmp HKCU-Run-dmydf.tmp - c:\windows\system32\dmydf.tmp HKCU-Run-dmdwa.tmp - c:\windows\system32\dmdwa.tmp HKCU-Run-dmuui.tmp - c:\windows\system32\dmuui.tmp HKCU-Run-dmmge.tmp - c:\windows\system32\dmmge.tmp HKCU-Run-dmjcu.tmp - c:\windows\system32\dmjcu.tmp HKCU-Run-dmjab.tmp - c:\windows\system32\dmjab.tmp HKCU-Run-dmzun.tmp - c:\windows\system32\dmzun.tmp HKCU-Run-dmwby.tmp - c:\windows\system32\dmwby.tmp HKCU-Run-dmdwd.tmp - c:\windows\system32\dmdwd.tmp HKCU-Run-dmxtj.tmp - c:\windows\system32\dmxtj.tmp HKCU-Run-dmntw.tmp - c:\windows\system32\dmntw.tmp HKCU-Run-dmhev.tmp - c:\windows\system32\dmhev.tmp HKCU-Run-dmmhj.tmp - c:\windows\system32\dmmhj.tmp HKCU-Run-dmpoj.tmp - c:\windows\system32\dmpoj.tmp HKCU-Run-dmpeo.tmp - c:\windows\system32\dmpeo.tmp HKCU-Run-dmhls.tmp - c:\windows\system32\dmhls.tmp HKCU-Run-dmdbg.tmp - c:\windows\system32\dmdbg.tmp HKCU-Run-dmwfc.tmp - c:\windows\system32\dmwfc.tmp HKCU-Run-dmuru.tmp - c:\windows\system32\dmuru.tmp HKCU-Run-dmjle.tmp - c:\windows\system32\dmjle.tmp HKCU-Run-dmbnn.tmp - c:\windows\system32\dmbnn.tmp HKCU-Run-dmurg.tmp - c:\windows\system32\dmurg.tmp HKCU-Run-dmqpx.tmp - c:\windows\system32\dmqpx.tmp HKCU-Run-dmwsq.tmp - c:\windows\system32\dmwsq.tmp HKCU-Run-dmcqa.tmp - c:\windows\system32\dmcqa.tmp HKCU-Run-dmpai.tmp - c:\windows\system32\dmpai.tmp HKCU-Run-dmpro.tmp - c:\windows\system32\dmpro.tmp HKCU-Run-dmrzo.tmp - c:\windows\system32\dmrzo.tmp HKCU-Run-dmscm.tmp - c:\windows\system32\dmscm.tmp HKCU-Run-dmxxc.tmp - c:\windows\system32\dmxxc.tmp HKCU-Run-dmcys.tmp - c:\windows\system32\dmcys.tmp HKCU-Run-dmrym.tmp - c:\windows\system32\dmrym.tmp HKCU-Run-dmzyz.tmp - c:\windows\system32\dmzyz.tmp HKCU-Run-dmxnv.tmp - c:\windows\system32\dmxnv.tmp HKCU-Run-dmnby.tmp - c:\windows\system32\dmnby.tmp HKCU-Run-dmbpw.tmp - c:\windows\system32\dmbpw.tmp HKCU-Run-dmzcv.tmp - c:\windows\system32\dmzcv.tmp HKCU-Run-dmujv.tmp - c:\windows\system32\dmujv.tmp HKCU-Run-dmqyw.tmp - c:\windows\system32\dmqyw.tmp HKCU-Run-dmlzc.tmp - c:\windows\system32\dmlzc.tmp HKCU-Run-dmaij.tmp - c:\windows\system32\dmaij.tmp HKCU-Run-dmbpf.tmp - c:\windows\system32\dmbpf.tmp HKCU-Run-dmimr.tmp - c:\windows\system32\dmimr.tmp HKCU-Run-dmbkc.tmp - c:\windows\system32\dmbkc.tmp HKCU-Run-dmtub.tmp - c:\windows\system32\dmtub.tmp HKCU-Run-dmzvf.tmp - c:\windows\system32\dmzvf.tmp HKCU-Run-dmurv.tmp - c:\windows\system32\dmurv.tmp HKCU-Run-dmnmt.tmp - c:\windows\system32\dmnmt.tmp HKCU-Run-dmgtc.tmp - c:\windows\system32\dmgtc.tmp HKCU-Run-dmsfp.tmp - c:\windows\system32\dmsfp.tmp HKCU-Run-dmupn.tmp - c:\windows\system32\dmupn.tmp HKCU-Run-dmzbz.tmp - c:\windows\system32\dmzbz.tmp HKCU-Run-dmcot.tmp - c:\windows\system32\dmcot.tmp HKCU-Run-dmmhm.tmp - c:\windows\system32\dmmhm.tmp HKCU-Run-dmetp.tmp - c:\windows\system32\dmetp.tmp HKCU-Run-dmjrn.tmp - c:\windows\system32\dmjrn.tmp HKCU-Run-dmqcc.tmp - c:\windows\system32\dmqcc.tmp HKCU-Run-dmudc.tmp - c:\windows\system32\dmudc.tmp HKCU-Run-dmewk.tmp - c:\windows\system32\dmewk.tmp HKCU-Run-dmuog.tmp - c:\windows\system32\dmuog.tmp HKCU-Run-dmvsn.tmp - c:\windows\system32\dmvsn.tmp HKCU-Run-dmhvu.tmp - c:\windows\system32\dmhvu.tmp HKCU-Run-dmopc.tmp - c:\windows\system32\dmopc.tmp HKCU-Run-dmwxc.tmp - c:\windows\system32\dmwxc.tmp HKCU-Run-dmbup.tmp - c:\windows\system32\dmbup.tmp HKCU-Run-dmolu.tmp - c:\windows\system32\dmolu.tmp HKCU-Run-dmpqr.tmp - c:\windows\system32\dmpqr.tmp HKCU-Run-dmbrs.tmp - c:\windows\system32\dmbrs.tmp HKCU-Run-dmgmz.tmp - c:\windows\system32\dmgmz.tmp HKCU-Run-dmwmf.tmp - c:\windows\system32\dmwmf.tmp HKCU-Run-dmlcf.tmp - c:\windows\system32\dmlcf.tmp HKCU-Run-dmjfy.tmp - c:\windows\system32\dmjfy.tmp HKCU-Run-dmksh.tmp - c:\windows\system32\dmksh.tmp HKCU-Run-dmzva.tmp - c:\windows\system32\dmzva.tmp HKCU-Run-dmkbz.tmp - c:\windows\system32\dmkbz.tmp HKCU-Run-dmruh.tmp - c:\windows\system32\dmruh.tmp HKCU-Run-dmzmq.tmp - c:\windows\system32\dmzmq.tmp HKCU-Run-dmdor.tmp - c:\windows\system32\dmdor.tmp HKCU-Run-dmsyd.tmp - c:\windows\system32\dmsyd.tmp HKCU-Run-dmbrc.tmp - c:\windows\system32\dmbrc.tmp HKCU-Run-dmnvf.tmp - c:\windows\system32\dmnvf.tmp HKCU-Run-dmkdm.tmp - c:\windows\system32\dmkdm.tmp HKCU-Run-dmdrm.tmp - c:\windows\system32\dmdrm.tmp HKCU-Run-dmkby.tmp - c:\windows\system32\dmkby.tmp HKCU-Run-dmvda.tmp - c:\windows\system32\dmvda.tmp HKCU-Run-dmzti.tmp - c:\windows\system32\dmzti.tmp HKCU-Run-dmrwa.tmp - c:\windows\system32\dmrwa.tmp HKCU-Run-dmqbj.tmp - c:\windows\system32\dmqbj.tmp HKCU-Run-dmnqu.tmp - c:\windows\system32\dmnqu.tmp HKCU-Run-dmzja.tmp - c:\windows\system32\dmzja.tmp HKCU-Run-dmmmx.tmp - c:\windows\system32\dmmmx.tmp HKCU-Run-dmidq.tmp - c:\windows\system32\dmidq.tmp HKCU-Run-dmnwp.tmp - c:\windows\system32\dmnwp.tmp HKCU-Run-gscic - c:\users\smain\appdata\local\gscic.exe HKCU-Run-ukmceag - c:\users\smain\appdata\local\ukmceag.exe HKLM-Run-EoEngine - (no file) . ------- Examen supplémentaire ------- . mStart Page = hxxp://home.sweetim.com uSearchURL,(Default) = hxxp://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\users\smain\AppData\Roaming\Mozilla\Firefox\Profiles\1kvkmdks.default\ FF - prefs.js: browser.search.selectedEngine - Live Search FF - prefs.js: browser.startup.homepage - hxxp://fr.msn.com/ FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA2&q= FF - plugin: c:\program files\Google\Google Updater\2.4.1368.5602 pCIDetect13.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-22 21:53:45 Windows 6.0.6000 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . Heure de fin: 2009-01-22 21:55:51 ComboFix-quarantined-files.txt 2009-01-22 20:55:47 Avant-CF: 189 417 684 992 octets libres Après-CF: 190,202,462,208 octets libres 482 --- E O F --- 2008-09-22 17:17:37

jlpjlp · Answer

scan avec
MalwareByte's Anti-Malware après mise a jour, en mode normal et vire ce qui est trouvé et colle le rapport

https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

__________________________

remets un rapport RSIT

et


tu télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2 

* Double-clique dessus pour lancer l'installation 
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau 
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche) 
* Patiente jusqu'à la fin du scan 
* Poste le rapport généré (C:\lopR.txt)

quiche69 · Answer

je suis entrai de scané avec
MalwareByte's Anti-Malware mais cela prend longtemps ( 3heures ) c'est normale

jlpjlp · Answer

oui c'est normal

sinon fais un scan rapide


a plus

quiche69 · Answer

voici Malwarebytes' Anti-Malware 1.33
Version de la base de données: 1654
Windows 6.0.6000 

23/01/2009 13:17:05
mbam-log-2009-01-23 (13-17-05).txt

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
Eléments examinés: 133566
Temps écoulé: 3 hour(s), 59 minute(s), 35 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 18
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 4

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3aa42713-5c1e-48e2-b432-d8bf420dd31d} (Rogue.Antivirus2008) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fbrowsingadvisor_is1 (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\BitDownload (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Users\smain\AppData\Roaming\Antivirus (Rogue.Antivirus2008) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\regxpcom.exe (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\regxpcom.exe (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\FBrowsingAdvisor\XPCOMEvents.dll.vir (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\BitDownload Setup Components (Trojan.Lop) -> Quarantined and deleted successfully.

jlpjlp · Answer

remets un rapport RSIT

et


tu télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)

quiche69 · Answer

dsl mai cquoi un rapport rsit tu ne peut pas le faire avc ce que je tai envoyer

jlpjlp · Answer

rsit c'est ce qui est expliqué en 1

quiche69 · Answer

donc je dois refaire un dianostique c 'est sa non. Deplus tu me dit  télécharge Lop S&D.exe sur ton Bureau et de faire sa * Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
mais jarive jusqu' a la deuxieme etoile ( le scan démare pas )

jlpjlp · Answer

remets alors juste un rapport RSIT

quiche69 · Answer

tien voila Logfile of random's system information tool 1.05 (written by random/random)
Run by smain at 2009-01-24 17:50:55
Microsoft® Windows Vista™ Édition Familiale Premium  
System drive C: has 179 GB (78%) free of 230 GB
Total RAM: 894 MB (23% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:51:04, on 24/01/2009
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16764)
Boot mode: Normal

Running processes:
C:\Windows\system32	askeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32undll32.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Users\smain\AppData\Local\gfrzkd.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\System32\mobsync.exe
C:\Users\smain\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Windows\System32undll32.exe
C:\Users\smain\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\hp\kbd\kbd.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\smain\Desktop\RSIT.exe
C:\Program Files	rend micro\smain.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE	oolbar.dll (file missing)
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1	oolbar.dll (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE	oolbar.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32
vsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [gfrzkd] "c:\users\smain\appdata\local\gfrzkd.exe" gfrzkd
O4 - Startup: Outil de notification Live Search.lnk = C:\Users\smain\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix: 
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D1548A26-B8F6-4E86-AE74-E7062CCC2E2A} (igLoader Content on Demand) - http://www.miniclip.com/igloader/igloader.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

jlpjlp · Answer

analyse ce fihcier sur virus total et dis si infecté : https://www.virustotal.com/gui/

C:\Program Files\MSN Messenger\msnmsgr.exe

______________

télécharge OTMoveIt

http://oldtimer.geekstogo.com/OTMoveIt3.exe

(de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.




:files
c:\users\smain\appdata\local\gfrzkd.exe 
:reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{41ab1c85-eb6c-11dc-a7db-001bfcc4fe2d}]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"gfrzkd"=-


clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.

________________________




Télécharges AD-Remover ( de Cyrildu17 / C_XX ) sur ton bureau :
http://sd-1.archive-host.com/membres/up/16506160323759868/AD­-R.exe

/!\ Déconnectes toi et fermes toutes applications en cours

&#9679; Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( C:\Program files )
&#9679; Double clique sur l'icône Ad-removersituée sur ton bureau
&#9679; Au menu principal choisi l'option "A"
&#9679; Postes le rapport qui apparait à la fin .

( le rapport est sauvegardé aussi sous C:\Ad-report(date).log )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Note :

"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

quiche69 · Answer

se n 'est pas marqué si c'est infecté mais voici se que sa ma mis " Information additionnelle
File size: 5674352 bytes
MD5...: a7efc7ea7ef6fb022a8a95813edcbe5d
SHA1..: 3a61f9696cc34fd4863f07c9aa70e54621bb4c77
SHA256: 98247c844f9d9c165787f830e5c8850046565d3775833334987dad7377843005
SHA512: 5ec5bcb26e0921d1aa20cfef9384a08c91ae36a28b6ba2afd28a6b01ece40dd6
e5ad39a51a1deabc3c35a6878be06a5e21f7dce5dae14f25db91b07bc25c4ef5
ssdeep: 49152:+nRgOM5CKhm4W1nf5IWbDmGdq0HSHnBY2lWtoK/r3uoWfKrPR5Z4a+v3Xk
9SEBoz:+nRNMBO1f1bilESicQTr2KzR8apVCD
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (68.0%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x5708ed
timedatestamp.....: 0x45b12d6a (Fri Jan 19 20:43:22 2007)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x4b1029 0x4b1200 6.32 8d3146f757440806d5803f1d0d94b2b7
.data 0x4b3000 0x88824 0x87e00 5.05 08b16b3222aaf04e0a2d978fd1d8fa4c
.rsrc 0x53c000 0x2db10 0x2dc00 4.88 ee608aaa6b1f77f4951050802ea41f10

( 28 imports )
> MSVCR80.dll: __3@YAXPAX@Z, ___V@YAXPAX@Z, memcpy_s, _CxxThrowException, memmove_s, wcschr, rand, _wcsdup, ceil, _wtol, memmove, free, isxdigit, isalpha, isdigit, realloc, atol, _difftime64, _wcsupr_s, floor, _callnewh, _amsg_exit, __getmainargs, _cexit, _exit, _XcptFilter, _ismbblead, _acmdln, _initterm, _initterm_e, _configthreadlocale, __setusermatherr, _adjust_fdiv, __p__commode, __p__fmode, _encode_pointer, __set_app_type, _terminate@@YAXXZ, _except_handler4_common, _unlock, __dllonexit, _lock, _onexit, _decode_pointer, _invoke_watson, _controlfp_s, __type_info_dtor_internal_method@type_info@@QAEXXZ, _crt_debugger_hook, tolower, wcspbrk, _wgetenv, wcstol, wcsncpy_s, strtoul, _mbsrchr, _mbsupr_s, _ismbcspace, _mbsinc, _wfullpath, _gmtime64_s, _aligned_malloc, _aligned_free, _scwprintf, wcsncmp, towupper, srand, atoi, _mbschr, _stricmp, _wcsrev, wcsftime, isspace, _purecall, malloc, __CxxFrameHandler3, memset, memchr, _wcsicmp, wcsrchr, _wcslwr_s, calloc, _recalloc, _resetstkoflw, memcpy, _mktime64, _localtime64_s, _time64, wcsstr, _beginthreadex, _vscwprintf, _strnicmp, wprintf, vswprintf_s, _mbscmp, wcsspn, strtol, _wcstoui64, wcscpy_s, _strnicoll, _strrev, strncmp, _mbspbrk, _localtime64, wcstoul, __RTDynamicCast, qsort, _mbscspn, _mbsspn, _wcsncoll, iswdigit, iswalpha, _set_purecall_handler, _wcsnicmp, exit, _vsnwprintf, qsort_s, _mbsstr, fopen, fprintf, fclose, _vsnprintf, strstr, strrchr, _wcsnicoll, _wtoi, _strlwr, vsprintf_s, _vscprintf, _mbsicmp, swprintf_s, iswspace, strchr, _ltoa, wcscspn, _mbslwr_s
> ADVAPI32.dll: CryptAcquireContextW, ConvertStringSecurityDescriptorToSecurityDescriptorW, TraceEvent, RegCloseKey, CryptGenRandom, RegEnumKeyExW, RegCreateKeyExW, RegOpenKeyExW, RegDeleteValueW, CryptDecrypt, CryptEncrypt, CryptDeriveKey, CryptDestroyKey, OpenSCManagerW, OpenServiceW, CloseServiceHandle, QueryServiceStatusEx, CryptGetHashParam, CryptHashData, RegQueryValueExW, CryptCreateHash, CryptDestroyHash, CryptReleaseContext, ImpersonateSelf, RegSetValueExW, GetTraceEnableFlags, GetTraceEnableLevel, OpenThreadToken, OpenProcessToken, InitializeSecurityDescriptor, GetLengthSid, InitializeAcl, AddAccessAllowedAce, GetTraceLoggerHandle, RegisterTraceGuidsW, UnregisterTraceGuids, FreeSid, CheckTokenMembership, MakeAbsoluteSD, SetSecurityDescriptorDacl, SetSecurityDescriptorGroup, SetSecurityDescriptorOwner, IsValidSecurityDescriptor, CryptImportKey, CryptSetHashParam, RegEnumKeyA, RegEnumValueA, RegQueryInfoKeyW, RegDeleteValueA, RegQueryValueExA, RegSetValueExA, RegCreateKeyExA, RegOpenKeyExA, AccessCheck, RevertToSelf, RegDeleteKeyA, AllocateAndInitializeSid
> KERNEL32.dll: VirtualAlloc, VirtualFree, IsProcessorFeaturePresent, GetThreadLocale, GetLocaleInfoA, HeapSize, HeapDestroy, AddAtomW, SetThreadPriority, CreateToolhelp32Snapshot, Process32First, Process32Next, lstrcpynA, GetLocaleInfoW, GetACP, GetSystemDefaultLCID, FormatMessageA, GetVolumeInformationW, FileTimeToLocalFileTime, GetVersionExW, SetErrorMode, GetUserDefaultLCID, CreateMutexA, OpenEventA, GetProcessTimes, GetSystemInfo, GetWindowsDirectoryW, GetUserDefaultUILanguage, QueryDepthSList, InterlockedFlushSList, InitializeSListHead, InterlockedPushEntrySList, InterlockedPopEntrySList, GetTempFileNameW, GetCurrentThread, QueueUserWorkItem, CompareStringA, GetSystemTimeAsFileTime, SetFileTime, FindFirstFileA, MoveFileExA, GetFullPathNameW, GetTimeZoneInformation, lstrcpyW, WaitForMultipleObjects, GetOverlappedResult, CancelIo, ReadDirectoryChangesW, SetEndOfFile, RemoveDirectoryW, SystemTimeToTzSpecificLocalTime, GetFileAttributesExW, FindFirstFileExW, FindNextFileW, FreeResource, FindAtomW, InterlockedCompareExchange, SystemTimeToFileTime, FindFirstFileW, FindClose, TerminateProcess, SetFilePointer, SetProcessWorkingSetSize, SetCurrentDirectoryW, GetModuleFileNameA, GetDiskFreeSpaceExW, CompareStringW, OpenFileMappingW, MapViewOfFileEx, LoadLibraryExW, CopyFileW, CreateFileMappingW, CreateMutexW, DuplicateHandle, GetCurrentProcessId, ReleaseMutex, GetVersionExA, CreateEventA, GetCommandLineA, GetModuleHandleA, GlobalMemoryStatus, ExitProcess, CreateFileMappingA, OpenFileMappingA, MapViewOfFile, UnmapViewOfFile, ExpandEnvironmentStringsA, DeleteFileA, GetSystemDirectoryW, LoadLibraryW, ExpandEnvironmentStringsW, GetStartupInfoA, lstrcmpiA, lstrcmpA, ReadFile, RtlMoveMemory, MoveFileW, MoveFileExW, GetProcAddress, GetSystemTime, FileTimeToSystemTime, GetDateFormatW, GetTimeFormatW, GetLocalTime, FreeLibrary, GetTempPathW, GlobalFree, TlsGetValue, GetSystemDirectoryA, LoadLibraryA, GetModuleFileNameW, lstrlenA, Sleep, CreateThread, GetModuleHandleW, LocalAlloc, ResumeThread, GetExitCodeThread, TerminateThread, SetEvent, ResetEvent, CreateEventW, CreateProcessW, WaitForSingleObject, GetExitCodeProcess, CompareFileTime, SetThreadExecutionState, InterlockedDecrement, InterlockedIncrement, HeapReAlloc, HeapAlloc, GetProcessHeap, HeapFree, CreateDirectoryW, SetLastError, GetCurrentProcess, FlushInstructionCache, RaiseException, GetTickCount, GetFileAttributesW, SetFileAttributesW, DeleteFileW, GetShortPathNameW, GlobalAlloc, GlobalLock, GlobalSize, GlobalUnlock, lstrcmpW, lstrcpynW, lstrcmpiW, lstrlenW, MulDiv, GetFileSize, InterlockedExchange, WideCharToMultiByte, FlushFileBuffers, WriteFile, CreateFileW, FormatMessageW, MultiByteToWideChar, CloseHandle, GetLastError, LocalFree, GetCurrentThreadId, FindResourceExW, FindResourceW, LoadResource, LockResource, SizeofResource, DeleteCriticalSection, InitializeCriticalSection, LeaveCriticalSection, EnterCriticalSection, GetStringTypeExA, IsDBCSLeadByteEx, lstrcatA, lstrcpyA, SetCurrentDirectoryA, GetCurrentDirectoryA, GetPrivateProfileIntA, GetDriveTypeW, GetLogicalDriveStringsW, IsWow64Process, QueryPerformanceCounter, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, OpenMutexW, DebugBreak, LoadLibraryExA, VirtualQuery, VirtualProtect, GetThreadContext, SetThreadContext, SuspendThread, GetCurrentDirectoryW
> GDI32.dll: GetDIBits, SetBitmapBits, SetPixel, EnumFontFamiliesExW, CreateRectRgn, OffsetViewportOrgEx, SetDIBColorTable, SetLayout, GetRgnBox, SetStretchBltMode, CreateDIBSection, PatBlt, CreatePen, MoveToEx, LineTo, CreateFontIndirectW, ExtTextOutW, GetPixel, SetBkColor, GetTextMetricsW, LPtoDP, SetMapMode, SetViewportOrgEx, CreateDCW, CreateMetaFileW, SaveDC, SetWindowOrgEx, SetWindowExtEx, RestoreDC, CloseMetaFile, DeleteMetaFile, CreateRectRgnIndirect, CreateRoundRectRgn, GetStockObject, GetObjectW, CreateCompatibleBitmap, GetClipRgn, CreateCompatibleDC, DeleteDC, SelectObject, GetDIBColorTable, GetDeviceCaps, CreateSolidBrush, DeleteObject, SetBkMode, SetTextColor, SelectClipRgn, ExtSelectClipRgn, StretchBlt, BitBlt
> USER32.dll: GetScrollInfo, GetDlgCtrlID, GetDlgItemTextW, IsWindowEnabled, MapDialogRect, DrawFocusRect, CreateDialogParamW, GetNextDlgTabItem, SendMessageA, SetActiveWindow, RedrawWindow, SetDlgItemTextW, SetProcessDefaultLayout, ModifyMenuW, GetLastActivePopup, GetClassNameA, SetCursorPos, InsertMenuW, GetAsyncKeyState, TrackPopupMenu, GetClassInfoExA, RegisterClassW, RegisterWindowMessageA, GetDoubleClickTime, SetMenuDefaultItem, MoveWindow, LoadImageW, CheckDlgButton, EnableWindow, CheckRadioButton, GetMessageW, SetRectEmpty, GetProcessDefaultLayout, GetClassNameW, GetWindow, GetDlgItem, FindWindowA, MessageBoxW, PostQuitMessage, AdjustWindowRectEx, GetMenuStringW, AppendMenuW, FindWindowW, FindWindowExW, DrawAnimatedRects, CreateWindowExW, RegisterClassExW, UnionRect, CallWindowProcW, GetClassInfoExW, GetWindowLongW, BeginPaint, EndPaint, IntersectRect, SetWindowRgn, IsMenu, IsZoomed, SetMenu, MessageBeep, GetMenu, CheckMenuItem, SetWindowPlacement, SetMenuItemInfoW, IsIconic, CheckMenuRadioItem, IsWindowVisible, LoadIconA, SetWindowTextW, GetWindowPlacement, LoadCursorA, FlashWindow, GetForegroundWindow, UpdateWindow, GetKeyState, ClientToScreen, GetSystemMetrics, GetSysColor, GetClientRect, EqualRect, GetWindowTextLengthW, GetWindowTextW, SetWindowPos, GetWindowRect, SetForegroundWindow, IsWindow, MapWindowPoints, CopyRect, LoadMenuA, TrackPopupMenuEx, GetDesktopWindow, SetCapture, ReleaseCapture, SetWindowsHookExW, UnhookWindowsHookEx, PostThreadMessageW, CallNextHookEx, PeekMessageW, MsgWaitForMultipleObjects, TranslateMessage, DispatchMessageW, PostMessageW, CreateMenu, DestroyMenu, CreatePopupMenu, DeleteMenu, GetMenuItemCount, SendMessageW, SystemParametersInfoW, RemoveMenu, GetSubMenu, GetMenuItemInfoW, InsertMenuItemW, GetActiveWindow, DialogBoxParamW, IsDlgButtonChecked, LoadIconW, SendDlgItemMessageW, SetWindowLongW, EndDialog, LoadCursorW, SetCursor, GetCursorPos, DestroyWindow, InvalidateRect, GetParent, GetFocus, IsChild, SetFocus, DrawTextW, FrameRect, FillRect, GetSysColorBrush, DrawIconEx, DestroyIcon, EnableMenuItem, OffsetRect, InflateRect, SetRect, GetDC, ReleaseDC, ShowWindow, SetTimer, SetParent, DefWindowProcW, KillTimer, GetCapture, GetTopWindow, MessageBoxIndirectW, EnumChildWindows, UnregisterClassA, CharNextA, CharLowerA, CharNextW, CharLowerW, GetKeyboardLayoutList, MonitorFromRect, RegisterClipboardFormatW, GetMenuItemID, GetMenuState, ScreenToClient, SetDlgItemInt, GetDlgItemInt, IsRectEmpty, GetWindowRgn, AdjustWindowRect, MonitorFromWindow, GetMonitorInfoW, GetIconInfo, GetWindowThreadProcessId, IsDialogMessageW, CharLowerBuffW, CharPrevW, LoadStringA, LoadStringW, IsClipboardFormatAvailable, RegisterWindowMessageW, EnumWindows, EnumThreadWindows, RegisterClassExA, CreateWindowExA, GetWindowDC, PtInRect, DestroyAcceleratorTable, UnregisterClassW
> WSOCK32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -
> SHELL32.dll: -, -, ShellExecuteExW, -, -, SHGetDesktopFolder, -, SHChangeNotify, SHCreateDirectoryExW, ExtractIconExW, SHBrowseForFolderW, SHGetPathFromIDListW, -, SHGetFolderPathAndSubDirW, -, Shell_NotifyIconW, Shell_NotifyIconA, SHAppBarMessage, ShellExecuteExA, ShellExecuteW, -, SHGetFileInfoW, SHFileOperationW, SHGetFolderPathW, ShellExecuteA, SHGetMalloc, DragQueryFileW
> ole32.dll: CreateOleAdviseHolder, OleRegGetMiscStatus, OleRegGetUserType, CreateDataAdviseHolder, OleRegEnumVerbs, WriteClassStm, OleSaveToStream, CoSuspendClassObjects, ReleaseStgMedium, OleFlushClipboard, StringFromCLSID, CLSIDFromString, CoInitializeEx, CoGetInterfaceAndReleaseStream, CoMarshalInterThreadInterfaceInStream, CoAllowSetForegroundWindow, CoCreateGuid, StgCreateDocfileOnILockBytes, CreateILockBytesOnHGlobal, OleSetClipboard, CoFreeUnusedLibraries, CoSetProxyBlanket, CLSIDFromProgID, CoFileTimeNow, CoCreateFreeThreadedMarshaler, CoFreeLibrary, CoLoadLibrary, StgOpenStorageOnILockBytes, CoTaskMemAlloc, OleLockRunning, StringFromGUID2, OleRun, CoRevokeClassObject, OleInitialize, OleUninitialize, CoInitializeSecurity, CoRegisterClassObject, CoInitialize, CoUninitialize, CreateStreamOnHGlobal, GetHGlobalFromStream, CoCreateInstance, OleLoadFromStream, CoTaskMemFree
> OLEAUT32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -
> SHLWAPI.dll: PathStripToRootW, SHCreateStreamOnFileEx, PathFindFileNameW, PathAppendA, PathFindExtensionW, SHCopyKeyA, SHStrDupW, UrlGetPartW, PathUnquoteSpacesW, PathStripPathW, PathCommonPrefixW, PathCanonicalizeW, SHCreateStreamOnFileW, PathRelativePathToW, PathIsDirectoryW, StrCmpNIW, PathFileExistsW, PathRemoveFileSpecW, PathAppendW
> MSIMG32.dll: AlphaBlend, TransparentBlt
> gdiplus.dll: GdipGetImageHeight, GdipGetImageRawFormat, GdipGetImagePixelFormat, GdipGetImagePaletteSize, GdipGetImagePalette, GdipImageGetFrameDimensionsList, GdipImageGetFrameCount, GdipImageSelectActiveFrame, GdipGetPropertyItemSize, GdipGetPropertyItem, GdipCreateBitmapFromStream, GdipCreateBitmapFromStreamICM, GdipBitmapLockBits, GdipBitmapUnlockBits, GdiplusShutdown, GdipFree, GdipAlloc, GdipDisposeImage, GdipSaveImageToStream, GdipCreateBitmapFromScan0, GdipCreateBitmapFromHBITMAP, GdipGetImageEncodersSize, GdipGetImageEncoders, GdiplusStartup, GdipCloneImage, GdipSaveImageToFile, GdipGetImageWidth
> MSNCore.dll: _CSAddFile@@YGJIPB_W0IK@Z, _RMPruneResourceSet@@YG_NKPB_W@Z, _FrameTitleProp@DialogHost@@2PAUPropertyInfo@DirectUI@@A, _Class@DialogHost@@2PAUIClassInfo@DirectUI@@A, _CreateGraphic@Value@DirectUI@@SGPAV12@PAUHBITMAP__@@EI_N1I1@Z, _FontSizeProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _LPARAMProp@CmdButton@@2PAUPropertyInfo@DirectUI@@A, _Open@CPerfMonitor@@QAEXXZ, _Close@CPerfMonitor@@QAEXXZ, GetHRESULTString, _Create@VerticalFlowLayout@DirectUI@@SGJHIIIPAPAVLayout@2@@Z, _CSGetElementInnerText@@YGJPAUIXMLDOMNode@@PB_WAAVCComBSTR@ATL@@@Z, _m_pMsgFilter@CMsgFilterHolder@@1PAVCMsgFilter@@A, _CSConfigGetDownloadState@@YG_AW4tagCONFIGSERVERCLIENT_DOWNLOAD_STATE@@PA_N@Z, _CSConfigNotify@@YGXJ@Z, _CSConfigDownload@@YGJPB_W000IK_NPADIW4tagCONFIGSERVERCLIENT_EVENT_TYPE@@00@Z, _CSGetAttributeValue@@YGJPAUIXMLDOMNode@@PB_WAAVCComBSTR@ATL@@@Z, _CSAdd@@YGJIPB_W00IK_NW4tagCONFIGSERVERCLIENT_EVENT_TYPE@@00@Z, _CSRemove@@YGJI@Z, _CSReset@@YGXXZ, _CSConfigReleaseXML@@YGXXZ, _CSSelectNode@@YGJIPB_WPAPAUIXMLDOMNode@@@Z, _CSLoadFromFile@@YGJPB_WPAPAUIXMLDOMNode@@@Z, _CSConfigIsInfoReady@@YG_NXZ, _CSSelectNode@@YGJPAUIXMLDOMNode@@PB_WPAPAU1@@Z, _CSConfigSelectNode@@YGJPB_WPAPAUIXMLDOMNode@@@Z, _CSConfigGetAttributeValue@@YGJPB_W0AAK@Z, _CSConfigGetElementInnerText@@YGJPAUIXMLDOMNode@@PB_WAAV_$CStringT@_WV_$StrTraitATL@_WV_$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z, _CSConfigGetElementInnerText@@YGJPB_WAAV_$CStringT@_WV_$StrTraitATL@_WV_$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z, _GetPageInc@ScrollBar@DirectUI@@IAEHXZ, _LineProp@ScrollBar@DirectUI@@2PAUPropertyInfo@2@A, _MinimumProp@ScrollBar@DirectUI@@2PAUPropertyInfo@2@A, _MaximumProp@ScrollBar@DirectUI@@2PAUPropertyInfo@2@A, _Create@NativeHWNDHost@DirectUI@@SGJPB_W0PAUHWND__@@PAUHICON__@@HHHHHHPAUHINSTANCE__@@IPAPAV12@@Z, _WM_PRIVATE_UPDATEFRAME@CFramelessHost@@2IB, MapGadgetPoints, SetGadgetOrder, _Initialize@ScrollViewer@DirectUI@@QAEJXZ, _OnListenedPropertyChanged@ScrollViewer@DirectUI@@UAEXPAVElement@2@PAUPropertyInfo@2@HPAVValue@2@2@Z, _CreateScrollBars@ScrollViewer@DirectUI@@MAEJXZ, _Add@ScrollViewer@DirectUI@@UAEJPAPAVElement@2@I@Z, _OnEvent@ScrollViewer@DirectUI@@UAEXPAUEvent@2@@Z, _OnInput@ScrollViewer@DirectUI@@UAEXPAUInputEvent@2@@Z, _OnPropertyChanged@ScrollViewer@DirectUI@@UAEXPAUPropertyInfo@2@HPAVValue@2@1@Z, _OnPropertyChanging@ScrollViewer@DirectUI@@UAE_NPAUPropertyInfo@2@HPAVValue@2@1@Z, _Class@Combobox@DirectUI@@2PAUIClassInfo@2@A, _Class@ScrollViewer@DirectUI@@2PAUIClassInfo@2@A, _Class@Viewer@DirectUI@@2PAUIClassInfo@2@A, _Class@Thumb@DirectUI@@2PAUIClassInfo@2@A, _Class@RepeatButton@DirectUI@@2PAUIClassInfo@2@A, InitGadgetComponent, _Register@HWNDContainer@@SGJXZ, _Register@PNGGraphic@@SGJXZ, _Register@CmdButton@@SGJXZ, _Register@Clipper@@SGJXZ, _Register@CExpando@@SGJXZ, _Register@ClipperH@@SGJXZ, _Register@CExpandoH@@SGJXZ, _Register@DialogHost@@SGJXZ, UninitGadgetComponent, _Enter@Edit@DirectUI@@2PAEA, _StateChange@Checkbox@DirectUI@@2PAEA, _FindFirstDescendentByClass@DirectUI@@YGPAVElement@1@PAV21@PAUIClassInfo@1@@Z, _StateProp@Checkbox@DirectUI@@2PAUPropertyInfo@2@A, _IsIMEActive@WLEditT@@IAE_NXZ, _RemoveEllipsis@WLEditT@@IAEXXZ, _ForceDSChanged@WLEditT@@IAEXXZ, SetGadgetMessageFilter, _AnimationProp@Element@DirectUI@@2PAUPropertyInfo@2@A, GetGadget, _OnDragEnterEvent@CDropTargetGadgetAdaptor@@2PAEA, _FontFaceProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _FontWeightProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _FontStyleProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _GetTextServices@CRichEditAccessible@@IAE_AV_$CComPtr@VITextServices@@@ATL@@XZ, _EmbededOleToText@CRichEditAccessible@@IAEXAAV_$CStringT@_WV_$StrTraitATL@_WV_$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@U_charrange@@@Z, _Initialize@CRichEditAccessible@@QAEXPAVElement@DirectUI@@@Z, _PinBottomEnabledProp@WLEditT@@2PAUPropertyInfo@DirectUI@@A, _SetReadOnly@WLEditT@@QAEJH@Z, _SetPinBottom@WLEditT@@QAEJ_N@Z, _GetPinBottomEnabled@WLEditT@@QBE_NXZ, _ShowEndProp@ScrollBar@DirectUI@@2PAUPropertyInfo@2@A, _ContextSensitiveHelp@DuiAccessible@DirectUI@@UAGJH@Z, _GetWindow@DuiAccessible@DirectUI@@UAGJPAPAUHWND__@@@Z, _Clone@DuiAccessible@DirectUI@@UAGJPAPAUIEnumVARIANT@@@Z, _Reset@DuiAccessible@DirectUI@@UAGJXZ, _Skip@DuiAccessible@DirectUI@@UAGJK@Z, _Next@DuiAccessible@DirectUI@@UAGJKPAUtagVARIANT@@PAK@Z, _Disconnect@CRichEditAccessible@@UAEJXZ, _put_accValue@CRichEditAccessible@@UAGJUtagVARIANT@@PA_W@Z, _put_accName@DuiAccessible@DirectUI@@UAGJUtagVARIANT@@PA_W@Z, _accDoDefaultAction@DuiAccessible@DirectUI@@UAGJUtagVARIANT@@@Z, _accHitTest@DuiAccessible@DirectUI@@UAGJJJPAUtagVARIANT@@@Z, _accNavigate@DuiAccessible@DirectUI@@UAGJJUtagVARIANT@@PAU3@@Z, _accLocation@DuiAccessible@DirectUI@@UAGJPAJ000UtagVARIANT@@@Z, _accSelect@DuiAccessible@DirectUI@@UAGJJUtagVARIANT@@@Z, _get_accDefaultAction@DuiAccessible@DirectUI@@UAGJUtagVARIANT@@PAPA_W@Z, _get_accSelection@DuiAccessible@DirectUI@@UAGJPAUtagVARIANT@@@Z, _get_accFocus@DuiAccessible@DirectUI@@UAGJPAUtagVARIANT@@@Z, _get_accKeyboardShortcut@DuiAccessible@DirectUI@@UAGJUtagVARIANT@@PAPA_W@Z, _get_accHelpTopic@DuiAccessible@DirectUI@@UAGJPAPA_WUtagVARIANT@@PAJ@Z, _get_accHelp@DuiAccessible@DirectUI@@UAGJUtagVARIANT@@PAPA_W@Z, _get_accState@DuiAccessible@DirectUI@@UAGJUtagVARIANT@@PAU3@@Z, _get_accRole@DuiAccessible@DirectUI@@UAGJUtagVARIANT@@PAU3@@Z, _get_accDescription@DuiAccessible@DirectUI@@UAGJUtagVARIANT@@PAPA_W@Z, _get_accValue@CRichEditAccessible@@UAGJUtagVARIANT@@PAPA_W@Z, _get_accName@DuiAccessible@DirectUI@@UAGJUtagVARIANT@@PAPA_W@Z, _get_accChild@DuiAccessible@DirectUI@@UAGJUtagVARIANT@@PAPAUIDispatch@@@Z, _get_accChildCount@DuiAccessible@DirectUI@@UAGJPAJ@Z, _get_accParent@DuiAccessible@DirectUI@@UAGJPAPAUIDispatch@@@Z, _Invoke@DuiAccessible@DirectUI@@UAGJJABU_GUID@@KGPAUtagDISPPARAMS@@PAUtagVARIANT@@PAUtagEXCEPINFO@@PAI@Z, _GetIDsOfNames@DuiAccessible@DirectUI@@UAGJABU_GUID@@PAPA_WIKPAJ@Z, _GetTypeInfo@DuiAccessible@DirectUI@@UAGJIKPAPAUITypeInfo@@@Z, _GetTypeInfoCount@DuiAccessible@DirectUI@@UAGJPAI@Z, _Release@DuiAccessible@DirectUI@@UAGKXZ, _AddRef@DuiAccessible@DirectUI@@UAGKXZ, _QueryInterface@DuiAccessible@DirectUI@@UAGJABU_GUID@@PAPAX@Z, __1DuiAccessible@DirectUI@@UAE@XZ, _Initialize@Selector@DirectUI@@QAEJXZ, _Create@Selector@DirectUI@@SGJPAPAVElement@2@@Z, _SelectionChange@Selector@DirectUI@@2PAEA, _MessageCallbackHelper@CDropTargetGadgetAdaptor@@SGIPAVElement@DirectUI@@PAUIDropTarget@@PAUtagGMSG@@AAV_$CRefCountedPtr2@VCDropTargetGadgetAdaptor@@@@@Z, _GetClassInfoW@CmdButton@@UAEPAUIClassInfo@DirectUI@@XZ, _BringWindowToTop@NativeHWNDHost@DirectUI@@QAEXXZ, _pvValueListNull@Value@DirectUI@@2PAV12@A, _CreateVariant@Value@DirectUI@@SGPAV12@PAUtagVARIANT@@@Z, _RMFindModuleForResource@@YGPAUHINSTANCE__@@PB_W0K0@Z, _RMLoadBitmap@@YGPAUHBITMAP__@@PB_WK0@Z, _DataTransformProp@Element@DirectUI@@2PAUPropertyInfo@2@A, __SetValue@Element@DirectUI@@IAEJPBUPropertyInfo@2@HPAVValue@2@_N2@Z, _KillTimer@DuiElementTimerHandler@@QAEXIK@Z, _SetTimer@DuiElementTimerHandler@@QAEIIIK@Z, __1DuiElementTimerHandler@@UAE@XZ, __0DuiElementTimerHandler@@QAE@XZ, _pvUnknownNull@Value@DirectUI@@2PAV12@A, _Help@HWNDElement@DirectUI@@2PAEA, _DestroyWindow@NativeHWNDHost@DirectUI@@QAEXXZ, _CreateImageValue@CRMDUIParser@@UAEPAVValue@DirectUI@@PB_W@Z, _CreateStringValue@CRMDUIParser@@UAEPAVValue@DirectUI@@PB_WI@Z, _SetDataTransform@Element@DirectUI@@QAEJPAUIUnknown@@@Z, _Create@FillLayout@DirectUI@@SGJPAPAVLayout@2@@Z, _Initialize@HWNDElement@DirectUI@@QAEJPAUHWND__@@_NI1@Z, ForwardGadgetMessage, _WndProc@HWNDElement@DirectUI@@UAEJPAUHWND__@@IIJ@Z, _GetAccessibleImpl@HWNDElement@DirectUI@@UAEJPAPAUIAccessible@@@Z, _RemoveTooltip@HWNDElement@DirectUI@@UAEXPAVElement@2@@Z, _RMLoadImage@@YGPAXPB_WIHHIK0@Z, _RMLoadResourceStream@@YGPAUIStream@@PB_W0_NPAKK0@Z, _GetContentSize@WLEditT@@QAE_AUtagSIZE@@XZ, _ActivateTooltip@HWNDElement@DirectUI@@UAEXPAVElement@2@K@Z, _UpdateTooltip@HWNDElement@DirectUI@@UAEXPAVElement@2@@Z, _OnDestroy@HWNDElement@DirectUI@@UAEXXZ, _OnKeyFocusMoved@HWNDElement@DirectUI@@UAEXPAVElement@2@0@Z, _OnGroupChanged@HWNDElement@DirectUI@@UAEXH_N@Z, _OnPropertyChanged@HWNDElement@DirectUI@@UAEXPAUPropertyInfo@2@HPAVValue@2@1@Z, _OnInput@HWNDElement@DirectUI@@UAEXPAUInputEvent@2@@Z, _OnEvent@HWNDElement@DirectUI@@UAEXPAUEvent@2@@Z, _Destroy@NativeHWNDHost@DirectUI@@UAEXXZ, _GetScreenCenterPoint@CDUIDialog@@SG_AUtagPOINT@@PAUHWND__@@@Z, _Class@HWNDElement@DirectUI@@2PAUIClassInfo@2@A, _SyncMaxVisibleLines@WLEditT@@QAEJXZ, _RMFindModule@@YGPAUHINSTANCE__@@KPB_W@Z, _Class@Element@DirectUI@@2PAUIClassInfo@2@A, _FindDescendent@Element@DirectUI@@QAEPAV12@G@Z, _StrToID@DirectUI@@YGGPB_W@Z, _EndDefer@Element@DirectUI@@SGXXZ, _ShowElement@@YGJPAVElement@DirectUI@@H@Z, _StartDefer@Element@DirectUI@@SGXXZ, _GetElement@NativeHWNDHost@DirectUI@@QAEPAVElement@2@XZ, __1CRMDirectStringResource@@UAE@XZ, __BCRMDirectStringResource@@QBEPB_WXZ, __1CRMSystemMetricString@@UAE@XZ, __BCRMSystemMetricString@@QAEPB_WXZ, _Length@CRMSystemMetricString@@QAEKXZ, __0CRMSystemMetricString@@QAE@ABVCRMDirectStringResource@@@Z, _IsSystemMetric@CRMDirectStringResource@@QBE_NXZ, _Length@CRMDirectStringResource@@QBEIXZ, __0CRMDirectStringResource@@QAE@IKPB_W@Z, __1CRMCompoundStringResource@@UAE@XZ, _BuildString@CRMCompoundStringResource@@UBE_NPA_WI@Z, _Length@CRMCompoundStringResource@@QBEIXZ, __0CRMCompoundStringResource@@QAE@IKPB_W@Z, _GetInstance@CConfigServerClientEvents@@SGPAV1@XZ, _g_fIsRTL@UxgUtil@@3HA, __0CDUIDialog@@QAE@XZ, _Destroy@CDUIDialog@@MAEXXZ, _OnMessage@CDUIDialog@@MAEJIIJAAJ@Z, _SetDefaultFocus@NativeHWNDHost@DirectUI@@MAEXXZ, _OnDefaultFrameColorChanged@CFramelessHost@@MAEXXZ, _OnUpdateFrame@CFramelessHost@@MAEX_N@Z, _OnLoadHiddenState@CDUIDialog@@MAE_NXZ, _OnSaveHiddenState@CDUIDialog@@MAEX_N@Z, _OnCreateRegion@CDUIDialog@@MAEPAUHRGN__@@HHHH@Z, _ExitDialog@CDUIDialog@@MAEXH@Z, _OnPostCreateDialog@CDUIDialog@@MAEXPAVElement@DirectUI@@@Z, _OnSize@CDUIDialog@@MAE_NIJAAJ@Z, _OnCreate@CDUIDialog@@MAE_NIJAAJ@Z, _OnDestroy@CDUIDialog@@MAE_NIJAAJ@Z, _OnNCDestroy@CDUIDialog@@MAE_NIJAAJ@Z, _OnActivate@CDUIDialog@@MAE_NIJAAJ@Z, _OnSysCommand@CDUIDialog@@MAE_NIJAAJ@Z, _OnClose@CDUIDialog@@MAE_NIJAAJ@Z, _OnShowWindow@CDUIDialog@@MAE_NIJAAJ@Z, _ShowDialog@CDUIDialog@@MAEJPAUHWND__@@PAUtagPOINT@@@Z, _FilterMessage@CDUIDialog@@MAEHPAUtagMSG@@@Z, __1CDUIDialog@@UAE@XZ, _GetColor@CCustomColor@@CGKW4EUIType@@@Z, __1CMsgFilter@@QAE@XZ, __ZeroRelease@Value@DirectUI@@AAEXXZ, _Count@CPerfMonitor@@QAEHH@Z, _Elapsed@CPerfMonitor@@QAENH@Z, _End@CPerfMonitor@@QAENH@Z, _Start@CPerfMonitor@@QAENH@Z, _g_LogonPerfMonitor@@3VCLogonPerfMonitor@@A, _ParentProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _DesiredSizeProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _GetValue@Element@DirectUI@@QBEPAVValue@2@PBUPropertyInfo@2@H@Z, _EnabledProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _SetValue@Element@DirectUI@@QAEJPBUPropertyInfo@2@HPAVValue@2@@Z, _PaddingProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _CreateRect@Value@DirectUI@@SGPAV12@HHHH@Z, _CreateInt@Value@DirectUI@@SGPAV12@H@Z, _CSConfigGetAttributeValue@@YGJPB_W0AAV_$CStringT@_WV_$StrTraitATL@_WV_$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z, _QueryInterface@CPerfMonitor@@UAGJABU_GUID@@PAPAX@Z, DUserMessageHook, MsnCoreUnInitProcess, MsnCoreUnInitThread, MsnCoreInitThread, MsnCoreInitProcess, GetMessageExW, _FilterMessage@CMsgFilterHolder@@SGHPAUtagMSG@@@Z, _LayoutPosProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _SelectedProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _CreateBool@Value@DirectUI@@SGPAV12@_N@Z, InvalidateGadget, GetGadgetRect, _GetRootHWND@HWNDElement@DirectUI@@SGPAUHWND__@@PAVElement@2@@Z, _RMLoadColorRef@@YGKPB_WKK0@Z, _BackgroundProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _CreateColor@Value@DirectUI@@SGPAV12@KEE@Z, _GetHWND@NativeHWNDHost@DirectUI@@QAEPAUHWND__@@XZ, _WidthProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _HeightProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _ChildrenProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _ExtentProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _KeyFocusedProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _IDProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _VisibleProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _Destroy@Element@DirectUI@@QAEJ_N@Z, _ContentProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _CreateString@Value@DirectUI@@SGPAV12@PB_WPAUHINSTANCE__@@I@Z, _ActiveProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _ClassProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _CreateAtom@Value@DirectUI@@SGPAV12@PB_W@Z, _AccessibleProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _AccRoleProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _AccNameProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _AccDescProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _WindowActiveProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _DropFocusProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _g_dwElSlot@DirectUI@@3KA, _PressedProp@Button@DirectUI@@2PAUPropertyInfo@2@A, _AggressiveUpdateProp@HWNDHost@DirectUI@@2PAUPropertyInfo@2@A, _PositionProp@Progress@DirectUI@@2PAUPropertyInfo@2@A, _Attach@CRMDUIParser@@QAEJPAVElement@DirectUI@@@Z, _Add@Element@DirectUI@@QAEJPAV12@@Z, _DestroyAll@Element@DirectUI@@QAEJXZ, _LoadAndCreateElement@CRMDUIParser@@QAEJIPB_WPAPAVElement@DirectUI@@PAV23@K0@Z, __0CRMDUIParser@@QAE@XZ, _RMLoadString@@YGIIPA_WIKPB_W@Z, _OnInitDialog@CDUIDialog@@MAE_NIJAAJ@Z, _OnCommand@CDUIDialog@@MAE_NIJAAJ@Z, _ShowWindow@NativeHWNDHost@DirectUI@@QAEXH@Z, _KillTimer@SyncTimerHandler@@QAEXIK@Z, _SetRichEditStyle@WLEditT@@QAEJH@Z, _GetRichEditStyle@WLEditT@@QBEHXZ, _Class@CExpandoH@@2PAUIClassInfo@DirectUI@@A, _Class@Constrainer@DirectUI@@2PAUIClassInfo@2@A, _Class@Progress@DirectUI@@2PAUIClassInfo@2@A, _Initialize@NativeHWNDHost@DirectUI@@QAEJPB_W0PAUHWND__@@PAUHICON__@@HHHHHHHPAUHINSTANCE__@@I@Z, _RemoveLocalValue@Element@DirectUI@@QAEJPBUPropertyInfo@2@@Z, _ForceCaretRefresh@WLEditT@@QAEJXZ, _SyncRect@WLEditT@@QAEJUtagSIZE@@@Z, GetGadgetFocus, _ShowElement@@YGJPAVElement@DirectUI@@PB_WH@Z, SetGadgetRootInfo, _Class@CmdButton@@2PAUIClassInfo@DirectUI@@A, SetElementContentFromImageResource, __1CFramelessHost@@UAE@XZ, __1SyncTimerHandler@@UAE@XZ, _AdjustElementSize@@YGJPAVElement@DirectUI@@PAUtagSIZE@@K@Z, _IsChildElement@@YGHPAVElement@DirectUI@@0@Z, _ElementFromGadget@DirectUI@@YGPAVElement@1@PAUHGADGET__@@@Z, FindGadgetFromPoint, _m_crDefaultFrameColor@CFramelessHost@@1KA, SetElementPropertyFromImageResource, _IconProp@Button@DirectUI@@2PAUPropertyInfo@2@A, _Remove@Element@DirectUI@@QAEJPAV12@@Z, _SelectElement@@YGJPAVElement@DirectUI@@PB_WH@Z, _SetDefaultFocusID@NativeHWNDHost@DirectUI@@QAEXPB_W@Z, _SetTimer@SyncTimerHandler@@QAEIIIK@Z, ___7CMsgFilter@@6B@, __0CFramelessHost@@QAE@XZ, _SetFramelessCaption@CFramelessHost@@QAE_NQB_W@Z, _SetActiveWindow@CMsgFilter@@IAEXXZ, _RMLoadStringBSTR@@YGPA_WIKPB_W@Z, _RemoveListener@Element@DirectUI@@QAEXPAUIElementListener@2@@Z, _OnMessage@CFramelessHost@@UAEJIIJAAJ@Z, RevokeDropTarget, _OnSysChange@CCustomColor@@SGXXZ, _Insert@Element@DirectUI@@QAEJPAV12@I@Z, _AddListener@Element@DirectUI@@QAEJPAUIElementListener@2@@Z, _Initialize@CFramelessHost@@QAEJXZ, _Host@NativeHWNDHost@DirectUI@@QAEXPAVElement@2@@Z, BuildDropTarget, _Create@HWNDContainer@@SGJPAVNativeHWNDHost@DirectUI@@PAUIDropTarget@@PAPAVElement@3@@Z, _TooltipProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _RMIsResourceAvailable@@YG_NPB_W0K0@Z, _SetDefaultFrameColor@CFramelessHost@@SGKK@Z, __0_$IElementListenerImpl@VElement@DirectUI@@@DirectUI@@QAE@XZ, _OnListenerAttach@_$IElementListenerImpl@VElement@DirectUI@@@DirectUI@@UAEXPAVElement@2@@Z, _OnListenedPropertyChanging@_$IElementListenerImpl@VElement@DirectUI@@@DirectUI@@UAE_NPAVElement@2@PAUPropertyInfo@2@HPAVValue@2@2@Z, _OnListenedPropertyChanged@_$IElementListenerImpl@VElement@DirectUI@@@DirectUI@@UAEXPAVElement@2@PAUPropertyInfo@2@HPAVValue@2@2@Z, _OnListenedInput@_$IElementListenerImpl@VElement@DirectUI@@@DirectUI@@UAEXPAVElement@2@PAUInputEvent@2@@Z, _OnListenedEvent@_$IElementListenerImpl@VElement@DirectUI@@@DirectUI@@UAEXPAVElement@2@PAUEvent@2@@Z, _OnListenedWindowMessage@_$IElementListenerImpl@VElement@DirectUI@@@DirectUI@@UAE_NPAVElement@2@PAUHWND__@@IIJPAJ@Z, __1_$ListenedElementPtr@VElement@DirectUI@@@DirectUI@@QAE@XZ, __B_$ListenedElementPtr@VElement@DirectUI@@@DirectUI@@QBEPAVElement@1@XZ, __4_$ListenedElementPtr@VElement@DirectUI@@@DirectUI@@QAEPBVElement@1@PAV21@@Z, __0_$ListenedElementPtr@VElement@DirectUI@@@DirectUI@@QAE@PAVElement@1@@Z, _UpdateFrame@CFramelessHost@@IAEXXZ, _IsDescendent@Element@DirectUI@@QAE_NPAV12@@Z, _PerformFramelessHitTest@CFramelessHost@@IAEJUtagPOINT@@PAPAVElement@DirectUI@@@Z, _RMUpdateResourceSet@@YG_NPB_WK00@Z, _RMTerminate@@YGXXZ, _RMInitialize@@YGXXZ, _Class@Checkbox@DirectUI@@2PAUIClassInfo@2@A, _CheckedProp@Checkbox@DirectUI@@2PAUPropertyInfo@2@A, _UpdateStateProp@Checkbox@DirectUI@@IAEJH@Z, _FirstStart@CPerfMonitor@@QAENH@Z, _ElementMinimizeMemoryUsage@DirectUI@@YGXXZ, _EventEnd@CPerfMonitor@@UAGXH@Z, _EventStart@CPerfMonitor@@UAGXH@Z, _Init@CCustomColor@@SGJXZ, _DirectionProp@Element@DirectUI@@2PAUPropertyInfo@2@A, __0CmdButton@@QAE@XZ, _OnPropertyChanging@Element@DirectUI@@UAE_NPAUPropertyInfo@2@HPAVValue@2@1@Z, _OnGroupChanged@Element@DirectUI@@UAEXH_N@Z, _OnKeyFocusMoved@Element@DirectUI@@UAEXPAV12@0@Z, _OnMouseFocusMoved@Element@DirectUI@@UAEXPAV12@0@Z, _OnDestroy@Element@DirectUI@@UAEXXZ, _OnEvent@CmdButton@@UAEXPAUEvent@DirectUI@@@Z, _Paint@CmdButton@@UAEXPAUHDC__@@PAUHBITMAP__@@PAUtagDIBSECTION@@PBUtagRECT@@3PAU5@4@Z, _GetContentSize@Element@DirectUI@@UAE_AUtagSIZE@@HHPAVSurface@2@@Z, _Add@Element@DirectUI@@UAEJPAPAV12@I@Z, _Insert@Element@DirectUI@@UAEJPAPAV12@II@Z, _Remove@Element@DirectUI@@UAEJPAPAV12@I@Z, _GetAdjacent@Element@DirectUI@@UAEPAV12@PAV12@HPBUNavReference@2@K@Z, _EnsureVisible@Element@DirectUI@@UAE_NHHHH@Z, _SetKeyFocus@Element@DirectUI@@UAEXXZ, _MessageCallback@Element@DirectUI@@UAEIPAUtagGMSG@@@Z, __SelfLayoutDoLayout@Element@DirectUI@@MAEXHH@Z, __SelfLayoutUpdateDesiredSize@Element@DirectUI@@MAE_AUtagSIZE@@HHPAVSurface@2@@Z, _OnHosted@Button@DirectUI@@UAEXPAVElement@2@@Z, _OnUnHosted@Element@DirectUI@@MAEXPAV12@@Z, _GetAccessibleImpl@Button@DirectUI@@UAEJPAPAUIAccessible@@@Z, _DefaultAction@Button@DirectUI@@UAEJXZ, _UpdateCue@Button@DirectUI@@MAEJXZ, __1CmdButton@@UAE@XZ, _g_hHeap@DirectUI@@3PAXA, _AlphaProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _Initialize@PNGGraphic@@QAEJI@Z, _OnEvent@Element@DirectUI@@UAEXPAUEvent@2@@Z, _Click@Button@DirectUI@@2PAEA, _OnInput@Element@DirectUI@@UAEXPAUInputEvent@2@@Z, UtilDrawBlendRect, _AllocatePropertyIndex@Element@DirectUI@@SGIXZ, _AllocateClassIndex@Element@DirectUI@@SGIXZ, _GetPciMap@Element@DirectUI@@SGPAV_$BTreeLookup@PAUIClassInfo@DirectUI@@@2@XZ, _InvalidateElement@@YGHPAVElement@DirectUI@@@Z, __1CRMResource@@UAE@XZ, __0CRMResource@@QAE@PB_W0K0PAK@Z, _pvBoolTrue@Value@DirectUI@@2PAV12@A, _OnPropertyChanged@Element@DirectUI@@UAEXPAUPropertyInfo@2@HPAVValue@2@1@Z, _Paint@Element@DirectUI@@UAEXPAUHDC__@@PAUHBITMAP__@@PAUtagDIBSECTION@@PBUtagRECT@@3PAU6@4@Z, _OnHosted@Element@DirectUI@@MAEXPAV12@@Z, _GetAccessibleImpl@Element@DirectUI@@UAEJPAPAUIAccessible@@@Z, _DefaultAction@Element@DirectUI@@UAEJXZ, __1Element@DirectUI@@UAE@XZ, _OnPropertyChanged@Selector@DirectUI@@UAEXPAUPropertyInfo@2@HPAVValue@2@1@Z, _OnInput@Selector@DirectUI@@UAEXPAUInputEvent@2@@Z, _OnKeyFocusMoved@Selector@DirectUI@@UAEXPAVElement@2@0@Z, _OnMouseFocusMoved@Selector@DirectUI@@UAEXPAVElement@2@0@Z, _GetAdjacent@Selector@DirectUI@@UAEPAVElement@2@PAV32@HPBUNavReference@2@K@Z, _Class@Selector@DirectUI@@2PAUIClassInfo@2@A, __1CRMDUIParser@@UAE@XZ, _Initialize@Element@DirectUI@@QAEJI@Z, _pvBoolFalse@Value@DirectUI@@2PAV12@A, _pvIntZero@Value@DirectUI@@2PAV12@A, _DoModal@CDUIDialog@@QAEHGPB_WPAUHWND__@@PAUtagPOINT@@0_N0@Z, _SelectionProp@Selector@DirectUI@@2PAUPropertyInfo@2@A, _CreateElementRef@Value@DirectUI@@SGPAV12@PAVElement@2@@Z, _Class@Button@DirectUI@@2PAUIClassInfo@2@A, _CmdIdProp@CmdButton@@2PAUPropertyInfo@DirectUI@@A, _FindDialogElement@CDUIDialog@@IAEPAVElement@DirectUI@@PB_W@Z, _RMLoadStringA@@YGIIPADIKPB_W@Z, _CmdIDProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _TextProp@Button@DirectUI@@2PAUPropertyInfo@2@A, _Class@TabControl@DirectUI@@2PAUIClassInfo@2@A, _Class@TabButton@DirectUI@@2PAUIClassInfo@2@A, _SetDataContext@Element@DirectUI@@QAEJPAUIUnknown@@@Z, _RMLoadInt@@YGHIHKPB_W@Z, __1NativeHWNDHost@DirectUI@@UAE@XZ, __0NativeHWNDHost@DirectUI@@QAE@XZ, _SetFocusOnChild@TabControl@DirectUI@@QAEJPAVElement@2@_N@Z, _GetTabButtons@TabControl@DirectUI@@QAEPAV_$DynamicArray@PAVElement@DirectUI@@@2@XZ, _GetTabPages@TabControl@DirectUI@@QAEPAV_$DynamicArray@PAVElement@DirectUI@@@2@XZ, _AsyncSelectionChange@TabControl@DirectUI@@2PAEA, _SetBinding@Element@DirectUI@@QAEJPAUPropertyInfo@2@PAVBinding@2@@Z, _TagProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _BorderColorProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _ForegroundProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _ColorizeProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _CreateColorize@Value@DirectUI@@SGPAV12@K@Z, _Class@TabPage@DirectUI@@2PAUIClassInfo@2@A, _AccValueProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _Initialize@Button@DirectUI@@QAEJI@Z, _pvUnset@Value@DirectUI@@2PAV12@A, _RMLoadIcon@@YGPAUHICON__@@PB_WK0@Z, _ShortcutProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _MaximumProp@Progress@DirectUI@@2PAUPropertyInfo@2@A, _MinimumProp@Progress@DirectUI@@2PAUPropertyInfo@2@A, _DoModeless@CDUIDialog@@QAEJGPB_WPAUHWND__@@PAUtagPOINT@@0_N330@Z, _FireEvent@Element@DirectUI@@QAEXPAUEvent@2@_N@Z, _IdResProp@PNGGraphic@@2PAUPropertyInfo@DirectUI@@A, _Class@PNGGraphic@@2PAUIClassInfo@DirectUI@@A, __1PNGGraphic@@UAE@XZ, _OnInput@Button@DirectUI@@UAEXPAUInputEvent@2@@Z, __0PNGGraphic@@QAE@XZ, _OnPropertyChanged@Button@DirectUI@@UAEXPAUPropertyInfo@2@HPAVValue@2@1@Z, _OnPropertyChanged@PNGGraphic@@UAEXPAUPropertyInfo@DirectUI@@HPAVValue@3@1@Z, _PostEvent@Element@DirectUI@@QAEXPAUEvent@2@@Z, GetGadgetStyle, _KeyboardNavigate@Element@DirectUI@@2PAEA, _DUI2Win32Message@CDUI2WindowMsg@@IAEJPAUInputEvent@DirectUI@@PAV_$DynamicArray@UCWinMsg@CDUI2WindowMsg@@@3@@Z, _OnPropertyChanged@HWNDHost@DirectUI@@UAEXPAUPropertyInfo@2@HPAVValue@2@1@Z, _OnInput@HWNDHost@DirectUI@@UAEXPAUInputEvent@2@@Z, _OnDestroy@HWNDHost@DirectUI@@UAEXXZ, _Paint@HWNDHost@DirectUI@@UAEXPAUHDC__@@PAUHBITMAP__@@PAUtagDIBSECTION@@PBUtagRECT@@3PAU6@4@Z, _MessageCallback@HWNDHost@DirectUI@@UAEIPAUtagGMSG@@@Z, _OnHosted@HWNDHost@DirectUI@@MAEXPAVElement@2@@Z, _OnUnHosted@HWNDHost@DirectUI@@MAEXPAVElement@2@@Z, _GetAccessibleImpl@HWNDHost@DirectUI@@UAEJPAPAUIAccessible@@@Z, _OnNotify@HWNDHost@DirectUI@@UAE_NIIJPAJ@Z, _OnMessage@HWNDHost@DirectUI@@UAE_NIIJPAJ@Z, _OnAdjustWindowSize@HWNDHost@DirectUI@@UAEHHHI@Z, _CreateHWND@HWNDHost@DirectUI@@MAEPAUHWND__@@PAU3@@Z, _SyncFont@HWNDHost@DirectUI@@MAEXXZ, _Class@HWNDHost@DirectUI@@2PAUIClassInfo@2@A, _Initialize@HWNDHost@DirectUI@@QAEJII@Z, _pvStringNull@Value@DirectUI@@2PAV12@A, _TransferImageToPNG@PNGGraphic@@QAEJAAVCMSGRImage@ATL@@@Z, _HideWindow@NativeHWNDHost@DirectUI@@QAEXXZ, _NotifyAccessibilityEvent@DirectUI@@YGXKPAVElement@1@@Z, _OnMessage@NativeHWNDHost@DirectUI@@UAEJIIJAAJ@Z, _SetActiveWindow@CMsgFilterHolder@@SGXPAVCMsgFilter@@@Z, _LayoutProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _CreateLayout@Value@DirectUI@@SGPAV12@PAVLayout@2@@Z, _ContentAlignProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _IsDefaultProp@Button@DirectUI@@2PAUPropertyInfo@2@A, SetElementContentFromIconResource, _Create@FlowLayout@DirectUI@@SGJHIIIPAPAVLayout@2@@Z, _OnPropertyChanged@CmdButton@@UAEXPAUPropertyInfo@DirectUI@@HPAVValue@3@1@Z, _OnInput@CmdButton@@UAEXPAUInputEvent@DirectUI@@@Z, _Init@NavReference@DirectUI@@QAEXPAVElement@2@PAUtagRECT@@@Z, _KeyWithinProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _MouseWithinProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _AccStateProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _ButtonStyleProp@CmdButton@@2PAUPropertyInfo@DirectUI@@A, _IsEqual@Value@DirectUI@@QAE_NPAV12@@Z, GetGadgetAnimation, _pvAtomZero@Value@DirectUI@@2PAV12@A, __0WLEditT@@QAE@XZ, _OnPropertyChanged@WLEditT@@UAEXPAUPropertyInfo@DirectUI@@HPAVValue@3@1@Z, _OnInput@WLEditT@@UAEXPAUInputEvent@DirectUI@@@Z, _OnKeyFocusMoved@WLEditT@@UAEXPAVElement@DirectUI@@0@Z, _OnEvent@WLEditT@@UAEXPAUEvent@DirectUI@@@Z, _Paint@WLEditT@@UAEXPAUHDC__@@PAUHBITMAP__@@PAUtagDIBSECTION@@PBUtagRECT@@3PAU5@4@Z, _GetContentSize@WLEditT@@UAE_AUtagSIZE@@HHPAVSurface@DirectUI@@@Z, _MessageCallback@WLEditT@@UAEIPAUtagGMSG@@@Z, __SelfLayoutDoLayout@WLEditT@@MAEXHH@Z, __SelfLayoutUpdateDesiredSize@WLEditT@@MAE_AUtagSIZE@@HHPAVSurface@DirectUI@@@Z, _OnHosted@WLEditT@@MAEXPAVElement@DirectUI@@@Z, _GetAccessibleImpl@WLEditT@@UAEJPAPAUIAccessible@@@Z, _Initialize@WLEditT@@UAEJI@Z, _AdjustInvalidationRect@WLEditT@@UAEXPAUtagRECT@@@Z, _OnPhysicalExtentChanged@WLEditT@@UAEXUtagSIZE@@@Z, _OnDragEnter@WLEditT@@UAEJPAUIDataObject@@@Z, _GetEditTextString@WLEditT@@UAEHAAV_$CStringT@_WV_$StrTraitATL@_WV_$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@_N1@Z, _OnVirtualExtentChanged@WLEditT@@MAEXUtagSIZE@@@Z, _SyncText@WLEditT@@MAEJPB_W@Z, _CreateTextHost@WLEditT@@MAEJXZ, _OnTimer@WLEditT@@UAEXIKK@Z, _GetTimerHwndElement@WLEditT@@UAEPAVHWNDElement@DirectUI@@XZ, _SendMessageW@WLEditT@@UAEJIIJAAJ@Z, _PostMessageW@WLEditT@@UAEJIIJAAJ@Z, _SetFocus@WLEditT@@UAEJXZ, _IsFocused@WLEditT@@UAEHXZ, _SetCursor@WLEditT@@UAEJPAUHICON__@@@Z, _GetScrollInfo@WLEditT@@UAEJHPAUtagSCROLLINFO@@@Z, _ClientToScreen@WLEditT@@UAEJPAUtagPOINT@@@Z, _ScreenToClient@WLEditT@@UAEJPAUtagPOINT@@@Z, _InvalidateRect@WLEditT@@UAEJPAUtagRECT@@H@Z, _GetClientRect@WLEditT@@UAEJPAUtagRECT@@@Z, _GetWindowRect@WLEditT@@UAEJPAUtagRECT@@@Z, _ImmGetContext@WLEditT@@UAEPAUHIMC__@@XZ, _ImmReleaseContext@WLEditT@@UAEXPAUHIMC__@@@Z, _GetDC@WLEditT@@UAEPAUHDC__@@XZ, _ReleaseDC@WLEditT@@UAEHPAUHDC__@@@Z, _OnMessage@WLEditT@@UAEJIIJAAJ@Z, _OnInitContextMenu@WLEditT@@UAEJPAUHMENU__@@@Z, __1WLEditT@@UAE@XZ, _Class@WLEditT@@2PAUIClassInfo@DirectUI@@A, _GetFirstLineHeight@WLEditT@@QBEHXZ, _GetLabel@WLEditT@@QBEGXZ, _SetYScrollable@WLEditT@@QAEJ_N@Z, _SetXScrollable@WLEditT@@QAEJ_N@Z, _Initialize@WLEditT@@QAEJIH@Z, _VerticalProp@ScrollBar@DirectUI@@2PAUPropertyInfo@2@A, _OnPropertyChanging@ScrollBar@DirectUI@@UAE_NPAUPropertyInfo@2@HPAVValue@2@1@Z, _OnPropertyChanged@ScrollBar@DirectUI@@UAEXPAUPropertyInfo@2@HPAVValue@2@1@Z, _OnEvent@ScrollBar@DirectUI@@UAEXPAUEvent@2@@Z, __SelfLayoutDoLayout@ScrollBar@DirectUI@@UAEXHH@Z, __SelfLayoutUpdateDesiredSize@ScrollBar@DirectUI@@UAE_AUtagSIZE@@HHPAVSurface@2@@Z, _CreateButtons@ScrollBar@DirectUI@@MAEJXZ, _SetButtonsTag@ScrollBar@DirectUI@@MAEX_N@Z, _Class@ScrollBar@DirectUI@@2PAUIClassInfo@2@A, _Initialize@ScrollBar@DirectUI@@QAEJ_N@Z, _GetTopHWNDParent@DirectUI@@YGPAUHWND__@@PAU2@H@Z, _PositionProp@ScrollBar@DirectUI@@2PAUPropertyInfo@2@A, _m_fPaintingFrozen@CMsgFilterHolder@@1HA, _CursorProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _CreateCursor@Value@DirectUI@@SGPAV12@PAUHICON__@@@Z, _CapturedProp@Button@DirectUI@@2PAUPropertyInfo@2@A, _MapElementPoint@Element@DirectUI@@QAEXPAV12@PBUtagPOINT@@PAU3@@Z, _Drag@Thumb@DirectUI@@2PAEA, _MarginProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _SizeInLayoutProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _GetImmediateChild@Element@DirectUI@@QAEPAV12@PAV12@@Z, __UpdateDesiredSize@Element@DirectUI@@QAE_AUtagSIZE@@HHPAVSurface@2@@Z, __UpdateLayoutSize@Element@DirectUI@@QAEXHH@Z, __UpdateLayoutPosition@Element@DirectUI@@QAEXHH@Z, _RMLoadMenu@@YGPAUHMENU__@@PB_WK0@Z, _Context@Button@DirectUI@@2PAEA, _BorderThicknessProp@Element@DirectUI@@2PAUPropertyInfo@2@A, _ProcessForEllipsis@WLEditT@@IAEJPAUHDC__@@AAUtagSIZE@@@Z
> WS2_32.dll: WSCEnumProtocols, WSCGetProviderPath, getnameinfo, WSAIoctl, WSACloseEvent, getaddrinfo, freeaddrinfo, WSACreateEvent
> COMCTL32.dll: ImageList_Remove, ImageList_DrawEx, ImageList_ReplaceIcon, -, -, InitCommonControlsEx, ImageList_Destroy, ImageList_AddMasked, -, ImageList_Create, -, ImageList_GetIcon, ImageList_Draw, ImageList_Add
> CRYPT32.dll: CertVerifyCertificateChainPolicy, CryptVerifyMessageSignature, CertCreateCertificateChainEngine, CertGetCertificateChain, CertFreeCertificateChain, CertFreeCertificateChainEngine, CryptFormatObject, CryptHashPublicKeyInfo, CryptMsgOpenToDecode, CryptMsgUpdate, CryptMsgGetParam, CertFindAttribute, CryptMsgClose, CryptDecodeObjectEx, CertGetNameStringW, CertFreeCertificateContext
> VERSION.dll: GetFileVersionInfoSizeW, GetFileVersionInfoA, VerQueryValueW, GetFileVersionInfoW, GetFileVersionInfoSizeA, VerQueryValueA
> WINMM.dll: waveInGetNumDevs, waveOutGetNumDevs
> IMM32.dll: ImmGetContext, ImmGetCompositionStringW, ImmSetConversionStatus, ImmGetConversionStatus, ImmAssociateContext, ImmReleaseContext
> WININET.dll: InternetSetOptionW, GetUrlCacheEntryInfoW, InternetQueryOptionW, InternetInitializeAutoProxyDll
> iphlpapi.dll: GetAdaptersInfo, GetIpAddrTable, GetIfEntry, NotifyRouteChange
> MSACM32.dll: acmStreamOpen, acmStreamClose, acmStreamUnprepareHeader, acmStreamConvert, acmStreamPrepareHeader, acmFormatSuggest, acmMetrics, acmStreamSize
> RPCRT4.dll: UuidFromStringA
> msidcrl40.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -
> ContactsUX.dll: _QueryStatus@CABPopupMenu@@UAGJPBU_GUID@@KPAU_tagOLECMD@@PAU_tagOLECMDTEXT@@@Z, __1CABPopupMenu@@MAE@XZ, _GetResource@CABPopupMenu@@MAEIXZ, _OnTimer@CABPopupMenu@@MAEXXZ, _GetParentGroup@CABPopupMenu@@MAEJPAPAUIGroup@@@Z, _IsReadOnlyGrouping@CABPopupMenu@@MAEJPA_N_N@Z, _ShowPopup@CABPopupMenu@@UAEJPAUtagPOINT@@PAVElement@DirectUI@@@Z, _SetDuiElement@CABPopupMenu@@UAEJPAVElement@DirectUI@@@Z, _SetReferencedEmail@CABPopupMenu@@UAEJPB_W@Z, _SetReferencedObject@CABPopupMenu@@UAEJPAUIStoreObject@@@Z, _Exec@CABPopupMenu@@UAGJPBU_GUID@@KKPAUtagVARIANT@@1@Z, __0CABPopupMenu@@IAE@XZ, _GetDataContextAs@CABPopupMenu@@IAEJABU_GUID@@PAPAX@Z, _IsCommandSupportedByExec@CABPopupMenu@@MAE_NKU_GUID@@@Z, _GetElementSealId@CListItemElement@@IAEKXZ, _OnEvent@CContactElement@@UAEXPAUEvent@DirectUI@@@Z, _ChangeInlineEditState@CListItemElement@@IAEX_N@Z, _GetData@CContactElement@@IAEJPAPAUCONTACT@@@Z, _OnInput@CContactElement@@UAEXPAUInputEvent@DirectUI@@@Z, _Class@CListItemElement@@2PAUIClassInfo@DirectUI@@A, _GetDataContextAs@CListItemElement@@IAEJABU_GUID@@PAPAX@Z, __1CContactElement@@UAE@XZ, _QueryStatus@CListItemElement@@UAGJPBU_GUID@@KPAU_tagOLECMD@@PAU_tagOLECMDTEXT@@@Z, _IsEditInlineCmd@CContactElement@@MAE_NK@Z, _EnsurePopupMenuObject@CListItemElement@@MAEJXZ, _ShouldShowContextMenu@CContactElement@@MAE_NXZ, _OnDoubleClick@CContactElement@@MAE_NXZ, _ExecuteDefaultAction@CListItemElement@@UAE_NXZ, _DefaultAction@CListItemElement@@UAEJXZ, _Insert@CABListItemArray@@QAEHPAUIStoreObject@@K@Z, _g_wzDream15@CDonationManager@@2PA_WA, _g_wzDream14@CDonationManager@@2PA_WA, _g_wzDream13@CDonationManager@@2PA_WA, _g_wzDream12@CDonationManager@@2PA_WA, _g_wzDream11@CDonationManager@@2PA_WA, _g_wzDream10@CDonationManager@@2PA_WA, _DelayedExec@CABPopupMenu@@UAEJKU_GUID@@@Z, _g_wzDream8@CDonationManager@@2PA_WA, _g_wzDream7@CDonationManager@@2PA_WA, _g_wzDream6@CDonationManager@@2PA_WA, _g_wzDream5@CDonationManager@@2PA_WA, _g_wzDream4@CDonationManager@@2PA_WA, _g_wzDream3@CDonationManager@@2PA_WA, _g_wzDream2@CDonationManager@@2PA_WA, _g_wzDream1@CDonationManager@@2PA_WA, _SetProxyUser@Contacts@@YGXPB_W@Z, _UpdatePolicy@Contacts@@YGJPB_W@Z, _GetSubCollection@Contacts@@YGJW4STOREOBJECTTYPE@@PAUIObjectFilterer@@PAPAUIObjectPoolView@@_N@Z, _DeleteItemFromSeal@Contacts@@YGJK@Z, _CreateSqmAdapter@Contacts@@YGJABW4eSQMSessionType@@PAPAUIUnknown@@@Z, _CanMobileMessage@@YG_NPBUCONTACT@@@Z, _IsContactSomeKindOfBuddy@@YG_NPBUCONTACT@@@Z, _LaunchContactPicker@Contacts@@YGJW4ContactPickerStyle@@PAUHWND__@@PAPAUIContactPickerDialog@@@Z, __0CGroupElement@@QAE@XZ, _OnPropertyChanged@CListItemElement@@UAEXPAUPropertyInfo@DirectUI@@HPAVValue@3@1@Z, __0CContactElement@@QAE@XZ, _OnDrop@CBuddyListElement@@MAE_NPAUQueryDropEvent@@@Z, _GetRootHWNDOfElement@@YGPAUHWND__@@PAVElement@DirectUI@@@Z, _OnQueryDropEffect@CBuddyListElement@@MAEXPAUQueryDropEvent@@@Z, _OnDoubleClick@CGroupElement@@MAE_NXZ, _ShouldShowContextMenu@CGroupElement@@MAE_NXZ, _IsEditInlineCmd@CGroupElement@@MAE_NK@Z, __1CGroupElement@@UAE@XZ, _OnInput@CGroupElement@@UAEXPAUInputEvent@DirectUI@@@Z, _IsReadOnlyGroup@CGroupElement@@QAE_NXZ, _GetData@CGroupElement@@IAEJPAPAUCONTACTGROUP@@@Z, _GetIGroupFromGroupName@Contacts@@YGJPB_WPAPAUIGroup@@@Z, _OnEvent@CGroupElement@@UAEXPAUEvent@DirectUI@@@Z, _IsPublicContactFilesEncryptionEnabled@Contacts@@YGJPA_N@Z, _ConvertPublicContactFiles@Contacts@@YGJ_N@Z, _findCtry@CtryCode@@SGJKPA_WPAI@Z, _LoadCountryFromRegistry@CPhoneRegUtil@@SGKPAUHWND__@@KPBD1@Z, _InitComboBox@CtryCode@@SGJPAUHWND__@@HK@Z, _g_wzDream9@CDonationManager@@2PA_WA, _CreateUIContact@CBaseGrouping@@IAEJIPAPAUIContact@@K@Z, _OnUnHosted@CListItemElement@@UAEXPAVElement@DirectUI@@@Z, _g_wzDream16@CDonationManager@@2PA_WA, _GetSigninUserName@Contacts@@YGXAAVCStr@@@Z, _ABCMDToPhoneType@@YG_AW4SoftphoneContactPhoneType@@K@Z, _SetHost@Contacts@@YGJPAUIBuddyListHost@@@Z, _IsContactWvidBuddy@@YG_NPBUCONTACT@@@Z, _ConvertCodesToMap@CtryCode@@SGXPB_WAAV_$CRBMap@KEV_$CElementTraits@K@ATL@@V_$CElementTraits@E@2@@ATL@@@Z, _GetManager@Contacts@@YGJPAPAUIManager@1@@Z, InitializeSeal, RegisterMsnContactElements, MsnContactUnInitProcess, TerminateSeal, _GetContactCount@Contacts@@YGKPAPAUIObjectPoolView@@@Z, _GetGroupCount@Contacts@@YGKPAPAUIObjectPoolView@@@Z, _GetNumPendingRequests@Contacts@@YGKXZ, _IsAbchFailure@Contacts@@YG_NJ@Z, _GetIContactFromPhoneNumber@Contacts@@YGJPB_WPAPAUIContact@@@Z, _GetIContactFromEmail@Contacts@@YGJPB_WPAPAUIContact@@@Z, _CommitContactProperty@Contacts@@YGJABVCUpdateProperties@@@Z, _Synchronize@Contacts@@YGJW4ESyncTrigger@1@@Z, _SetStorageServer@Contacts@@YGXPBD0@Z, _LaunchContactDeleteDialog@Contacts@@YGJPAUIContact@@PAUHWND__@@@Z, _LaunchContactEditDialog@Contacts@@YGJPAUIContact@@_NPAUHWND__@@PAPAUIContactDialog@@@Z, _LaunchGroupEditDialog@Contacts@@YGJPAUIGroup@@PAUHWND__@@@Z, _LaunchGroupDeleteDialog@Contacts@@YGJKPAUHWND__@@@Z, _SetUseSsl@Contacts@@YGX_N@Z, _EnsureDefaultUiGroups@Contacts@@YGJPAUIStoreTransactionCallback@@PAPAUIUnknown@@@Z, _ReadyHelperObjects@Contacts@@YGXXZ, _LaunchContactEditDialog@Contacts@@YGJPB_WW4EEditDialogFillField@1@PAUHWND__@@_N@Z, _GetMeContact@Contacts@@YGJPAPAUIContact@@@Z, _SetCountingOfSocialNetworkRequests@Contacts@@YGJH@Z, _SetMarket@Contacts@@YGJPB_W@Z, _SetDefaultTransform@Contacts@@YGJPAVElement@DirectUI@@@Z, IsSpaceSet, _IsContactMe@@YG_NPAUIContact@@@Z, _SubscribeToLiveContactProfile@Contacts@@YGJPAUIContact@@@Z, _ViewMap@Contacts@@YGJPAUIContact@@W4EAddressType@@@Z, IsContactProfileSet, IsProfileSet, _ContactHasPhone@@YG_NPAUIContact@@@Z, _QueryContactCommand@@YGJPAUIBuddyListHost@@PAUIContact@@HAA_N2@Z, _IsContactMe@@YG_NPAUCONTACT@@@Z, _GetHost@Contacts@@YGJPAPAUIBuddyListHost@@@Z, _SetPolicyFlags@Contacts@@YGXW4EPolicyFlags@1@@Z, _GetStoreInfoFromDataObject@@YGJPAUIDataObject@@ABU_GUID@@PAPAXPAPAUIStoreObject@@@Z, _GetGroupContacts@Contacts@@YGJKPAPAUIObjectPoolView@@@Z, _SetAuth@Contacts@@YGXPB_W00@Z, _IsSyncOwner@Contacts@@YG_NXZ, _ReadyAbch@Contacts@@YGXXZ, __1CContactElemBase@@UAE@XZ, _OnDestroy@CContactElemBase@@UAEXXZ, _OnEvent@CContactElemBase@@UAEXPAUEvent@DirectUI@@@Z, _UpdateList@CContactElemBase@@MAEJ_N@Z, _ShouldSelectFirstItemInWordWheel@CContactElemBase@@UAE_NXZ, _Setup@CContactElemBase@@MAEJXZ, _CreateViewFilter@CContactElemBase@@MAEJXZ, _EnsureView@CContactElemBase@@MAEJK@Z, _DestroyAndReleaseElements@CContactElemBase@@MAEJXZ, _FindElements@CContactElemBase@@MAEJXZ, _EnsureFilter@CContactElemBase@@MAEJK_N@Z, _CheckForZeroListItems@CContactElemBase@@MAEXXZ, _SetSelectionOnChildren@CContactElemBase@@MAEJPAUIUnknown@@@Z, _SetDataSourceFilter@CContactElemBase@@MAEJXZ, _OnListenedPropertyChanged@CContactElemBase@@UAEXPAVElement@DirectUI@@PAUPropertyInfo@3@HPAVValue@3@2@Z, _GetSelection@CContactElemBase@@UAEJPAPAUIUnknown@@@Z, _SetSelection@CContactElemBase@@UAEJPAUIUnknown@@@Z, _AffectParticipant@CContactElemBase@@UAEJPAUIParticipant@@W4ParticipantModificationOperation@@@Z, _AffectParticipant@CContactElemBase@@UAEJABUPARTICIPANT@@W4ParticipantModificationOperation@@@Z, _GetSelectionChangeCallback@CContactElemBase@@UAEJPAPAUIParticipantSelectionControl@Contacts@@@Z, _SetSelectionChangeCallback@CContactElemBase@@UAEJPAUIParticipantSelectionControl@Contacts@@@Z, _UpdateList@CContactElemBase@@UAEJPAUIABViewFilter@@_N@Z, _GetSelectedObject@CContactElemBase@@UAEJPAPAUIUnknown@@@Z, _GetCmdTarget@CContactElemBase@@UAEJPAPAUIOleCommandTarget@@@Z, _SetWordWheelUpdateEnabled@CContactElemBase@@UAEX_N@Z, _SetFocusOnItem@CContactElemBase@@UAEJJ@Z, _OnTimer@CContactElemBase@@UAEXIKK@Z, _GetTimerHwndElement@CContactElemBase@@UAEPAVHWNDElement@DirectUI@@XZ, _Cleanup@CContactElemBase@@IAEXXZ, _QueryStatus@CContactElemBase@@UAGJPBU_GUID@@KPAU_tagOLECMD@@PAU_tagOLECMDTEXT@@@Z, _CannotMobileMessage@@YG_NPBUCONTACT@@@Z, _Class@CWordWheelElement@@2PAUIClassInfo@DirectUI@@A, _GroupingProp@CContactElemBase@@2PAUPropertyInfo@DirectUI@@A, _GetSigninCookie@Contacts@@YGKXZ, _GetFilterFromSettings@CContactElemBase@@IAEHXZ, _GetViewFromSettings@CContactElemBase@@IAEHXZ, _OnPropertyChanged@CContactElemBase@@UAEXPAUPropertyInfo@DirectUI@@HPAVValue@3@1@Z, _Class@CContactElemBase@@2PAUIClassInfo@DirectUI@@A, _AddToList@CBaseGrouping@@MAEJKPAUIABDataSource@@AAVCABListItemArray@@@Z, __0CContactElemBase@@QAE@XZ, _Create@CABDataSource@@SGJKPAPAUIABDataSource@@W4ESORTBYCOLUMN@@@Z, _Initialize@CContactElemBase@@QAEJXZ, _AddToList@CPartitionedGrouping@@UAEJKPAUIABDataSource@@AAVCABListItemArray@@@Z, _DetermineZeroContactsState@CContactElemBase@@MAE_AW4EZeroContactsElement@@_N@Z, _IsInOtherGroup@@YG_NPBUCONTACT@@@Z, __0CFilteredGrouping@@QAE@IIP6G_NPBUCONTACT@@@Z111@Z, _IsContactNotSomeBuddy@@YG_NPBUCONTACT@@@Z, __0CWordWheelGrouping@@QAE@I@Z, _IsWordWheelInUse@CContactElemBase@@QAE_NXZ, _SetGroupViewToSettings@CContactElemBase@@IAEXK@Z, _GetGroupViewFromSettings@CContactElemBase@@IAEHXZ, _Register@CContactElemBase@@SGJXZ, _EnsureView@CWordWheelElement@@QAEJW4eWordWheelView@@@Z, _Exec@CContactElemBase@@UAGJPBU_GUID@@KKPAUtagVARIANT@@1@Z, __0CBuddyListElement@@QAE@XZ, _OnInput@CBuddyListElementBase@@UAEXPAUInputEvent@DirectUI@@@Z, _OnDestroy@CBuddyListElementBase@@UAEXXZ, _OnEvent@CBuddyListElementBase@@UAEXPAUEvent@DirectUI@@@Z, _OnHosted@CBuddyListElementBase@@UAEXPAVElement@DirectUI@@@Z, _OnUnHosted@CBuddyListElementBase@@UAEXPAVElement@DirectUI@@@Z, _Initialize@CBuddyListElementBase@@UAEJXZ, _ClearSelection@CBuddyListElementBase@@UAEXXZ, _IsWordWheelUpdateEnabled@CBuddyListElementBase@@UAE_NXZ, _IsWordWheelFilteringEnabled@CBuddyListElement@@UAE_NXZ, _IsContactBuddy@@YG_NPBUCONTACT@@@Z, _SetFocusOnItem@CBuddyListElementBase@@UAEJJ@Z, _CreateItemList@CBuddyListElementBase@@MAEJXZ, _OnVirtualListCreated@CBuddyListElementBase@@MAEJPAVCBuddyVirtualList@@@Z, _OnScrollBarsChanged@CBuddyListElementBase@@MAEXPAVElement@DirectUI@@@Z, _GetHandleInputValue@CBuddyListElementBase@@MAE_AW4EHandleInput@@XZ, _GetSelectionMode@CBuddyListElementBase@@MAE_AW4VirtualListSelectionMode@@XZ, _ExecCommit@CBuddyListElementBase@@MAEJXZ, _ExpandCollapseItem@CBuddyListElementBase@@MAEJPAUIListItem@@_N@Z, _OnPoolViewEvent@CBuddyListElementBase@@UAEXW4EEvent@IObjectPoolViewCallback@@PAUIObjectPoolView@@@Z, _OnBegin@CBuddyListElementBase@@UAEXXZ, _OnInsert@CBuddyListElementBase@@UAEXPAUIStoreObject@@@Z, _OnChange@CBuddyListElementBase@@UAEXPAUIStoreObject@@PAUIObjectChangeDescription@@@Z, _OnDelete@CBuddyListElementBase@@UAEXPAUIStoreObject@@@Z, _OnEnd@CBuddyListElementBase@@UAEXXZ, _GetDataSource@CBuddyListElementBase@@UAEJPAPAUIUnknown@@@Z, _SetDataSource@CBuddyListElementBase@@UAEJPAUIUnknown@@@Z, _GetSelection@CBuddyListElementBase@@UAEJPAPAUIUnknown@@@Z, _SetSelection@CBuddyListElementBase@@UAEJPAUIUnknown@@@Z, _AffectParticipant@CBuddyListElementBase@@UAEJPAUIParticipant@@W4ParticipantModificationOperation@@@Z, _AffectParticipant@CBuddyListElementBase@@UAEJABUPARTICIPANT@@W4ParticipantModificationOperation@@@Z, _GetSelectionChangeCallback@CBuddyListElementBase@@UAEJPAPAUIParticipantSelectionControl@Contacts@@@Z, _SetSelectionChangeCallback@CBuddyListElementBase@@UAEJPAUIParticipantSelectionControl@Contacts@@@Z, _OnTimer@CBuddyListElementBase@@UAEXIKK@Z, _GetTimerHwndElement@CBuddyListElementBase@@UAEPAVHWNDElement@DirectUI@@XZ, __1CBuddyListElement@@UAE@XZ, _OnCanDrop@CBuddyListElement@@MAEXPAUQueryDropEvent@@@Z, _Class@CBuddyListElement@@2PAUIClassInfo@DirectUI@@A, _Register@CBuddyListElement@@SGJXZ, _OnHosted@CListItemElement@@UAEXPAVElement@DirectUI@@@Z
> SETUPAPI.dll: SetupIterateCabinetW
> CRYPTNET.dll: CryptRetrieveObjectByUrlW
> Secur32.dll: FreeContextBuffer, FreeCredentialsHandle, InitSecurityInterfaceW, DeleteSecurityContext

( 0 exports )
CWSandbox info: http://research.sunbelt-software.com/...

quiche69 · Answer

sinon sa me met sa aussi "Fichier msnmsgr.exe reçu le 2009.01.24 18:34:26 (CET)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE
Résultat: 0/39 (0%)" ( je croi que c pas infecté )

quiche69 · Answer

voici pour oTMmoveIt "========== FILES ==========
File/Folder c:\users\smain\appdata\local\gfrzkd.exe not found.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversio­n\explorer\mountpoints2\{41ab1c85-eb6c-11dc-a7db-001bfcc4fe2­d}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion­\Run not found.
 
OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 01242009_185726"
mais desolé mais je trouve pas le dossier C:\_OTMoveIt\MovedFiles. Alors j'ai copier le resultat

jlpjlp · Answer

Ferme tous tes navigateurs (donc copie ou imprime les instructions avant)

Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :


File::
c:\users\smain\appdata\local\gfrzkd.exe
Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion­\Run]
"gfrzkd"=- 



Enregistre ce fichier sous le nom CFscript


Fait un glisser/déposer de ce fichier CFscrïpt sur le fichier ComboFix.exe

Clique sur le fichier CFScript, maintient le doigt enfoncé et glisse la souris pour que l'icône du CFScript vienne recouvrir l'icône de Combofix. Relache la souris. Combofix va démarrer.

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Une fois le scan achevé, un rapport va s'afficher: poste son contenu.

_____________________

mets le rapport ad remover demandé 


a plus

quiche69 · Answer

je me peut plus utiliser combofix
j'ai une question voila j'ai antivir en antivirus , ZoneAlarm comme pare-feu et spyware terminator pense tu que cela est bon pour mon ordi sinon dit moi je doi mettre quoi comme antivirus et tous le tralala ...!

jlpjlp · Answer

désactive antivir puis télécharge de nouveau combofix et rente de faire ce qui à été demandé . Pour tes protections cela est correct

quiche69 · Answer

voila le rapport que sa ma donné  ( mais c normale que combofix et le fichier cfscript on distaru sur mon bureau)

ComboFix 09-01-19.05 - smain 2009-01-26 17:57:38.2 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium   6.0.6001.1.1252.1.1036.18.894.221 [GMT 1:00]
Lancé depuis: c:\users\smain\Desktop\Killfix.exe
Commutateurs utilisés :: c:\users\smain\Desktop\CFscript.txt
FW: ZoneAlarm Firewall *enabled*
 * Un nouveau point de restauration a été créé

FILE ::
c:\users\smain\appdata\local\gfrzkd.exe
.

((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\smain\AppData\Local\gfrzkd.dat
c:\users\smain\AppData\Local\gfrzkd_nav.dat
c:\users\smain\AppData\Local\gfrzkd_navps.dat

.
(((((((((((((((((((((((((((((   Fichiers créés du 2008-12-26 au 2009-01-26  ))))))))))))))))))))))))))))))))))))
.

Pas de nouveau fichier créé dans ce laps de temps

.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-26 17:00	---------	d-----w	c:\users\smain\AppData\Roaming\Spyware Terminator
2009-01-26 16:44	---------	d-----w	c:\program files\Spyware Terminator
2009-01-26 16:37	352,615	---ha-w	c:\windows\system32\drivers\vsconfig.xml
2009-01-26 16:04	---------	d-----w	c:\programdata\Google Updater
2009-01-26 15:54	---------	d-----w	c:\programdata\Spyware Terminator
2009-01-25 19:13	141,312	----a-w	c:\windows\system32\drivers\sp_rsdrv2.sys
2009-01-25 19:13	---------	d-----w	c:\program files\Crawler
2009-01-25 18:45	---------	d-----w	c:\programdata\CheckPoint
2009-01-25 18:45	---------	d-----w	c:\program files\Zone Labs
2009-01-25 17:49	---------	d-----w	c:\program files\PPMate
2009-01-25 17:31	---------	d-----w	c:\programdata\Avira
2009-01-25 17:31	---------	d-----w	c:\program files\Avira
2009-01-25 17:21	1,048,576	--sha-w	c:\users\Invité\NTUSER.DAT
2009-01-25 17:21	1,048,576	--sha-w	c:\users\Invité\NTUSER.DAT
2009-01-25 16:43	174	--sha-w	c:\program files\desktop.ini
2009-01-25 16:24	---------	d-----w	c:\program files\Windows Sidebar
2009-01-25 16:24	---------	d-----w	c:\program files\Windows Photo Gallery
2009-01-25 16:24	---------	d-----w	c:\program files\Windows Mail
2009-01-25 16:24	---------	d-----w	c:\program files\Windows Journal
2009-01-25 16:24	---------	d-----w	c:\program files\Windows Collaboration
2009-01-25 16:24	---------	d-----w	c:\program files\Windows Calendar
2009-01-25 16:23	---------	d-----w	c:\program files\Windows Defender
2009-01-24 17:12	---------	d-----w	c:\program files\Google
2009-01-24 16:50	---------	d-----w	c:\program files\trend micro
2009-01-23 12:23	---------	d-----w	c:\program files\Microsoft Silverlight
2009-01-23 11:41	---------	d-----w	c:\programdata\Microsoft Help
2009-01-23 10:26	---------	d-----w	c:\program files\MSXML 4.0
2009-01-22 21:05	---------	d-----w	c:\users\smain\AppData\Roaming\Malwarebytes
2009-01-22 21:05	---------	d-----w	c:\programdata\Malwarebytes
2009-01-22 18:55	---------	d-----w	c:\program files\BitDefender
2009-01-22 16:50	---------	d-----w	c:\program files\eMule
2009-01-21 13:37	---------	d-----w	c:\program files\Java
2009-01-20 09:04	---------	d-----w	c:\users\smain\AppData\Roaming\LimeWire
2009-01-17 17:26	---------	d-----w	c:\users\smain\AppData\Roaming\Image Zone Express
2009-01-15 08:59	---------	d-----w	c:\program files\DivX
2009-01-08 13:29	---------	d-----w	c:\program files\Wyzo
2009-01-08 13:18	---------	d-----w	c:\users\smain\AppData\Roaming\.wyzo
2009-01-05 08:23	---------	d-----w	c:\users\smain\AppData\Roaming\Printer Info Cache
2009-01-05 08:19	1,826	----a-w	c:\users\smain\AppData\Roaming\wklnhst.dat
2008-12-28 14:46	---------	d-----w	c:\program files\AliveMedia
2008-12-19 20:50	---------	d-----w	c:\program files\Alwil Software
2008-12-19 20:31	---------	d-----w	c:\programdata\Symantec
2008-12-19 20:31	---------	d-----w	c:\program files\Common Files\Symantec Shared
2008-12-19 20:27	---------	d-----w	c:\program files\Symantec
2008-12-16 02:42	288,768	----a-w	c:\windows\system32\drivers\srv.sys
2008-12-14 09:19	---------	d-----w	c:\users\smain\AppData\Roaming\EoRezo
2008-12-13 18:03	---------	d-----w	c:\program files\MyXOFT
2008-11-01 03:44	541,696	----a-w	c:\windows\AppPatch\AcLayers.dll
2008-11-01 03:44	52,736	----a-w	c:\windows\AppPatch\iebrshim.dll
2008-11-01 03:44	460,288	----a-w	c:\windows\AppPatch\AcSpecfc.dll
2008-11-01 03:44	2,154,496	----a-w	c:\windows\AppPatch\AcGenral.dll
2008-11-01 03:44	173,056	----a-w	c:\windows\AppPatch\AcXtrnal.dll
2008-10-29 06:29	2,927,104	----a-w	c:\windows\explorer.exe
.

(((((((((((((((((((((((((((((   snapshot@2009-01-22_21.54.20,71   )))))))))))))))))))))))))))))))))))))))))
.
- 2006-11-02 09:46:02	237,568	----a-w	c:\windows\AppPatch\AcRedir.dll
+ 2008-01-19 07:33:41	237,568	----a-w	c:\windows\AppPatch\AcRedir.dll
- 2007-07-12 19:28:20	2,560	----a-w	c:\windows\AppPatch\AcRes.dll
+ 2008-03-08 01:58:43	2,560	----a-w	c:\windows\AppPatch\AcRes.dll
- 2006-11-02 09:46:02	40,960	----a-w	c:\windows\AppPatch\apihex86.dll
+ 2008-01-19 07:33:43	40,960	----a-w	c:\windows\AppPatch\apihex86.dll
- 2007-07-12 20:00:21	781,104	----a-w	c:\windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
+ 2009-01-23 10:41:51	783,744	----a-w	c:\windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
- 2006-11-02 12:35:32	143,360	----a-w	c:\windows\assembly\GAC_32\BDATunePIA\6.0.6000.0__31bf3856ad364e35\BDATunePIA.dll
+ 2008-01-19 07:38:12	144,384	----a-w	c:\windows\assembly\GAC_32\BDATunePIA\6.0.6000.0__31bf3856ad364e35\BDATunePIA.dll
- 2006-10-20 01:13:56	69,120	----a-w	c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2008-01-05 11:26:08	69,120	----a-w	c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2006-10-20 01:14:03	72,192	----a-w	c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2008-01-05 11:26:17	72,192	----a-w	c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2006-11-02 12:35:34	77,824	----a-w	c:\windows\assembly\GAC_32\mcstoredb\6.0.6000.0__31bf3856ad364e35\mcstoredb.dll
+ 2008-01-19 07:38:31	78,336	----a-w	c:\windows\assembly\GAC_32\mcstoredb\6.0.6000.0__31bf3856ad364e35\mcstoredb.dll
- 2006-11-02 12:35:33	136,192	----a-w	c:\windows\assembly\GAC_32\mcupdate\6.0.6000.0__31bf3856ad364e35\mcupdate.exe
+ 2008-01-19 07:38:31	140,288	----a-w	c:\windows\assembly\GAC_32\mcupdate\6.0.6000.0__31bf3856ad364e35\mcupdate.exe
- 2006-11-02 12:35:33	105,472	----a-w	c:\windows\assembly\GAC_32\Mcx2Dvcs\6.0.6000.0__31bf3856ad364e35\Mcx2Dvcs.dll
+ 2008-01-19 07:38:32	106,496	----a-w	c:\windows\assembly\GAC_32\Mcx2Dvcs\6.0.6000.0__31bf3856ad364e35\Mcx2Dvcs.dll
- 2006-11-02 12:35:24	507,904	----a-w	c:\windows\assembly\GAC_32\Microsoft.Ink\6.0.0.0__31bf3856ad364e35\Microsoft.Ink.dll
+ 2008-01-19 07:38:34	507,904	----a-w	c:\windows\assembly\GAC_32\Microsoft.Ink\6.0.0.0__31bf3856ad364e35\Microsoft.Ink.dll
- 2006-11-02 12:36:03	151,552	----a-w	c:\windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-01-05 11:21:39	151,552	----a-w	c:\windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
- 2006-10-20 01:14:15	4,366,336	----a-w	c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2008-01-05 11:26:32	4,444,160	----a-w	c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2006-11-02 09:47:03	39,936	----a-w	c:\windows\assembly\GAC_32\napcrypt\6.0.0.0__31bf3856ad364e35\NAPCRYPT.DLL
+ 2008-01-19 07:38:44	46,080	----a-w	c:\windows\assembly\GAC_32\napcrypt\6.0.0.0__31bf3856ad364e35\NAPCRYPT.DLL
- 2006-11-02 09:47:03	98,816	----a-w	c:\windows\assembly\GAC_32\naphlpr\6.0.0.0__31bf3856ad364e35\NAPHLPR.DLL
+ 2008-01-19 07:38:45	103,936	----a-w	c:\windows\assembly\GAC_32\naphlpr\6.0.0.0__31bf3856ad364e35\NAPHLPR.DLL
- 2006-11-02 12:36:01	3,915,264	----a-w	c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2008-01-05 11:21:53	4,174,336	----a-w	c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2006-10-20 01:14:47	482,304	----a-w	c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2008-01-05 11:26:54	483,840	----a-w	c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2006-10-20 01:14:47	2,894,336	----a-w	c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2008-01-05 11:26:54	3,036,160	----a-w	c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2006-10-20 01:14:51	258,048	----a-w	c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2008-01-05 11:26:55	258,048	----a-w	c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2006-11-02 06:34:22	114,176	----a-w	c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2008-01-19 03:22:55	113,664	----a-w	c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2006-11-02 12:36:01	344,064	----a-w	c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2008-01-05 11:21:55	346,624	----a-w	c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2006-10-20 01:14:53	260,096	----a-w	c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2008-01-05 11:26:59	261,120	----a-w	c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2007-10-03 17:29:13	5,156,864	----a-w	c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2008-01-05 11:26:59	5,431,296	----a-w	c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2006-10-20 01:13:37	10,752	----a-w	c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2008-01-05 11:25:52	10,752	----a-w	c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2007-07-13 04:54:16	315,392	----a-w	c:\windows\assembly\GAC_MSIL\AspNetMMCExt.resources\2.0.0.0_fr_b03f5f7f11d50a3a\aspnetmmcext.resources.dll
+ 2008-01-05 11:26:11	315,392	----a-w	c:\windows\assembly\GAC_MSIL\AspNetMMCExt.resources\2.0.0.0_fr_b03f5f7f11d50a3a\aspnetmmcext.resources.dll
- 2006-10-20 01:13:41	503,808	----a-w	c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2008-01-05 11:25:59	507,904	----a-w	c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2006-11-02 12:36:03	159,744	----a-w	c:\windows\assembly\GAC_MSIL\ComSvcConfig\3.0.0.0__b03f5f7f11d50a3a\ComSvcConfig.exe
+ 2008-01-05 11:21:39	159,744	----a-w	c:\windows\assembly\GAC_MSIL\ComSvcConfig\3.0.0.0__b03f5f7f11d50a3a\ComSvcConfig.exe
- 2006-10-20 01:13:56	13,312	----a-w	c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2008-01-05 11:26:08	13,312	----a-w	c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2006-10-20 01:13:57	5,120	----a-w	c:\windows\assembly\GAC_MSIL\dfsvc\2.0.0.0__b03f5f7f11d50a3a\dfsvc.exe
+ 2008-01-05 11:26:11	5,120	----a-w	c:\windows\assembly\GAC_MSIL\dfsvc\2.0.0.0__b03f5f7f11d50a3a\dfsvc.exe
- 2006-11-02 12:35:34	864,256	----a-w	c:\windows\assembly\GAC_MSIL\ehepg\6.0.6000.0__31bf3856ad364e35\ehepg.dll
+ 2008-01-19 07:38:16	827,392	----a-w	c:\windows\assembly\GAC_MSIL\ehepg\6.0.6000.0__31bf3856ad364e35\ehepg.dll
- 2006-11-02 12:35:28	139,264	----a-w	c:\windows\assembly\GAC_MSIL\ehepgdat\6.0.6000.0__31bf3856ad364e35\ehepgdat.dll
+ 2008-01-19 07:38:16	139,264	----a-w	c:\windows\assembly\GAC_MSIL\ehepgdat\6.0.6000.0__31bf3856ad364e35\ehepgdat.dll
- 2007-07-12 19:31:07	135,168	----a-w	c:\windows\assembly\GAC_MSIL\ehexthost\6.0.6000.0__31bf3856ad364e35\ehexthost.exe
+ 2008-01-19 07:38:17	131,072	----a-w	c:\windows\assembly\GAC_MSIL\ehexthost\6.0.6000.0__31bf3856ad364e35\ehexthost.exe
- 2007-07-12 19:31:08	77,824	----a-w	c:\windows\assembly\GAC_MSIL\ehiExtens\6.0.6000.0__31bf3856ad364e35\ehiExtens.dll
+ 2006-11-02 12:35:28	77,824	----a-w	c:\windows\assembly\GAC_MSIL\ehiExtens\6.0.6000.0__31bf3856ad364e35\ehiExtens.dll
- 2006-11-02 12:35:32	401,408	----a-w	c:\windows\assembly\GAC_MSIL\ehiProxy\6.0.6000.0__31bf3856ad364e35\ehiProxy.dll
+ 2008-01-19 07:38:18	401,408	----a-w	c:\windows\assembly\GAC_MSIL\ehiProxy\6.0.6000.0__31bf3856ad364e35\ehiProxy.dll
- 2006-11-02 12:35:30	19,456	----a-w	c:\windows\assembly\GAC_MSIL\ehiReplay\6.0.6000.0__31bf3856ad364e35\ehiReplay.dll
+ 2008-01-19 07:38:18	19,456	----a-w	c:\windows\assembly\GAC_MSIL\ehiReplay\6.0.6000.0__31bf3856ad364e35\ehiReplay.dll
- 2006-11-02 12:35:32	307,200	----a-w	c:\windows\assembly\GAC_MSIL\ehiVidCtl\6.0.6000.0__31bf3856ad364e35\ehiVidCtl.dll
+ 2008-01-19 07:38:19	307,200	----a-w	c:\windows\assembly\GAC_MSIL\ehiVidCtl\6.0.6000.0__31bf3856ad364e35\ehiVidCtl.dll
- 2006-11-02 12:35:34	143,360	----a-w	c:\windows\assembly\GAC_MSIL\ehiwmp\6.0.6000.0__31bf3856ad364e35\ehiwmp.dll
+ 2008-01-19 07:38:19	143,360	----a-w	c:\windows\assembly\GAC_MSIL\ehiwmp\6.0.6000.0__31bf3856ad364e35\ehiwmp.dll
- 2006-11-02 12:35:29	520,192	----a-w	c:\windows\assembly\GAC_MSIL\ehRecObj\6.0.6000.0__31bf3856ad364e35\ehRecObj.dll
+ 2008-01-19 07:38:19	520,192	----a-w	c:\windows\assembly\GAC_MSIL\ehRecObj\6.0.6000.0__31bf3856ad364e35\ehRecObj.dll
- 2007-07-12 19:31:06	4,370,432	----a-w	c:\windows\assembly\GAC_MSIL\ehshell\6.0.6000.0__31bf3856ad364e35\ehshell.dll
+ 2008-01-19 07:38:21	4,046,848	----a-w	c:\windows\assembly\GAC_MSIL\ehshell\6.0.6000.0__31bf3856ad364e35\ehshell.dll
- 2007-07-13 04:54:07	9,216	----a-w	c:\windows\assembly\GAC_MSIL\EventViewer.Resources\6.0.0.0_fr_31bf3856ad364e35\EventViewer.resources.dll
+ 2008-01-19 07:53:44	9,216	----a-w	c:\windows\assembly\GAC_MSIL\EventViewer.Resources\6.0.0.0_fr_31bf3856ad364e35\EventViewer.resources.dll
- 2006-11-02 09:46:54	364,544	----a-w	c:\windows\assembly\GAC_MSIL\EventViewer\6.0.0.0__31bf3856ad364e35\EventViewer.dll
+ 2008-01-19 07:38:21	364,544	----a-w	c:\windows\assembly\GAC_MSIL\EventViewer\6.0.0.0__31bf3856ad364e35\EventViewer.dll
- 2006-10-20 01:14:02	8,192	----a-w	c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2008-01-05 11:26:12	8,192	----a-w	c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2006-10-20 01:14:02	36,864	----a-w	c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2008-01-05 11:26:12	77,824	----a-w	c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2006-10-20 01:14:02	5,632	----a-w	c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2008-01-05 11:26:13	6,656	----a-w	c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2006-11-02 12:35:29	200,704	----a-w	c:\windows\assembly\GAC_MSIL\mcstore\6.0.6000.0__31bf3856ad364e35\mcstore.dll
+ 2008-01-19 07:38:31	176,128	----a-w	c:\windows\assembly\GAC_MSIL\mcstore\6.0.6000.0__31bf3856ad364e35\mcstore.dll
- 2007-07-13 04:53:12	53,248	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll
+ 2008-01-05 11:26:11	53,248	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll
- 2006-10-20 01:14:03	413,696	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2008-01-05 11:26:17	348,160	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2006-10-20 01:14:03	36,864	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2008-01-05 11:26:17	36,864	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2007-07-13 04:54:21	139,264	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Tasks.resources.dll
+ 2008-01-05 11:26:11	139,264	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Tasks.resources.dll
- 2006-10-20 01:14:03	647,168	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2008-01-05 11:26:17	655,360	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2007-07-13 04:54:15	10,240	----a-w	c:\windows\assembly\GAC_MSIL\microsoft.build.utilities.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Utilities.Resources.dll
+ 2008-01-05 11:26:11	10,752	----a-w	c:\windows\assembly\GAC_MSIL\microsoft.build.utilities.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Utilities.Resources.dll
- 2006-10-20 01:14:04	73,728	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2008-01-05 11:26:17	77,824	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2007-07-13 04:54:24	40,960	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.Ink.Resources\6.0.0.0_fr_31bf3856ad364e35\Microsoft.Ink.Resources.dll
+ 2008-01-19 07:53:49	40,960	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.Ink.Resources\6.0.0.0_fr_31bf3856ad364e35\Microsoft.Ink.Resources.dll
- 2007-07-13 04:53:48	45,056	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.Jscript.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.JScript.Resources.dll
+ 2008-01-05 11:26:11	45,056	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.Jscript.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.JScript.Resources.dll
- 2006-10-20 01:14:04	749,568	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2008-01-05 11:26:19	749,568	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2007-07-13 04:53:22	28,672	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.ManagementConsole.Resources\3.0.0.0_fr_31bf3856ad364e35\Microsoft.ManagementConsole.Resources.dll
+ 2008-01-19 07:53:50	28,672	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.ManagementConsole.Resources\3.0.0.0_fr_31bf3856ad364e35\Microsoft.ManagementConsole.Resources.dll
- 2006-11-02 09:47:01	245,760	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.ManagementConsole\3.0.0.0__31bf3856ad364e35\Microsoft.ManagementConsole.dll
+ 2008-01-19 07:38:35	188,416	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.ManagementConsole\3.0.0.0__31bf3856ad364e35\Microsoft.ManagementConsole.dll
- 2006-11-02 12:35:33	1,196,032	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.MediaCenter.Shell\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.Shell.dll
+ 2008-01-19 07:38:36	1,241,088	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.MediaCenter.Shell\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.Shell.dll
- 2006-11-02 12:35:33	167,936	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.MediaCenter.Sports\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.Sports.dll
+ 2008-01-19 07:38:36	167,936	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.MediaCenter.Sports\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.Sports.dll
- 2007-07-12 19:31:07	2,342,912	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.MediaCenter.UI\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.UI.dll
+ 2008-01-19 07:38:36	1,957,888	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.MediaCenter.UI\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.UI.dll
- 2007-07-12 19:31:07	212,992	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.MediaCenter\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.dll
+ 2008-01-19 07:38:35	204,800	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.MediaCenter\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.dll
- 2007-07-13 04:54:46	28,672	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.resources\3.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Resources.dll
+ 2008-01-05 11:26:41	19,456	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.resources\3.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Resources.dll
- 2006-11-02 12:36:03	352,256	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2008-01-05 11:21:39	397,312	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2007-07-13 04:54:02	9,216	----a-w	c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll
+ 2008-01-05 11:26:17	9,216	----a-w	c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll
- 2006-10-20 01:14:05	110,592	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-01-05 11:26:19	110,592	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2007-07-13 04:53:15	9,728	----a-w	c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll
+ 2008-01-05 11:26:17	9,728	----a-w	c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll
- 2006-10-20 01:14:05	372,736	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2008-01-05 11:26:23	372,736	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2007-07-13 04:54:09	61,440	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
+ 2008-01-05 11:26:11	61,440	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
- 2006-10-20 01:14:05	28,672	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2008-01-05 11:26:23	28,672	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2006-10-20 01:14:05	667,648	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2008-01-05 11:26:23	671,744	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2006-10-20 01:14:05	12,800	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-01-05 11:26:24	12,800	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2006-10-20 01:14:05	32,768	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2008-01-05 11:26:23	32,768	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2007-07-13 04:53:47	1,400,832	----a-w	c:\windows\assembly\GAC_MSIL\MiguiControls.Resources\1.0.0.0_fr_31bf3856ad364e35\MIGUIControls.resources.dll
+ 2008-01-19 07:53:52	1,515,520	----a-w	c:\windows\assembly\GAC_MSIL\MiguiControls.Resources\1.0.0.0_fr_31bf3856ad364e35\MIGUIControls.resources.dll
- 2006-11-02 09:47:03	3,100,672	----a-w	c:\windows\assembly\GAC_MSIL\MiguiControls\1.0.0.0__31bf3856ad364e35\MIGUIControls.dll
+ 2008-01-19 07:38:41	3,371,008	----a-w	c:\windows\assembly\GAC_MSIL\MiguiControls\1.0.0.0__31bf3856ad364e35\MIGUIControls.dll
- 2006-11-02 09:47:03	413,696	----a-w	c:\windows\assembly\GAC_MSIL\MMCEx\3.0.0.0__31bf3856ad364e35\MMCEx.dll
+ 2008-01-19 07:38:41	417,792	----a-w	c:\windows\assembly\GAC_MSIL\MMCEx\3.0.0.0__31bf3856ad364e35\MMCEx.dll
- 2007-07-13 04:54:17	311,296	----a-w	c:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.Resources.dll
+ 2008-01-05 11:26:12	311,296	----a-w	c:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.Resources.dll
- 2006-11-02 09:47:03	65,536	----a-w	c:\windows\assembly\GAC_MSIL\napinit\6.0.0.0__31bf3856ad364e35\NAPINIT.DLL
+ 2008-01-19 07:38:45	65,536	----a-w	c:\windows\assembly\GAC_MSIL\napinit\6.0.0.0__31bf3856ad364e35\NAPINIT.DLL
- 2007-07-13 04:54:19	245,760	----a-w	c:\windows\assembly\GAC_MSIL\napsnap.resources\6.0.0.0_fr_31bf3856ad364e35\napsnap.resources.dll
+ 2008-01-19 07:53:54	245,760	----a-w	c:\windows\assembly\GAC_MSIL\napsnap.resources\6.0.0.0_fr_31bf3856ad364e35\napsnap.resources.dll
- 2006-11-02 09:47:04	458,752	----a-w	c:\windows\assembly\GAC_MSIL\napsnap\6.0.0.0__31bf3856ad364e35\NAPSNAP.DLL
+ 2008-01-19 07:38:45	458,752	----a-w	c:\windows\assembly\GAC_MSIL\napsnap\6.0.0.0__31bf3856ad364e35\NAPSNAP.DLL
- 2006-11-02 12:36:00	593,920	----a-w	c:\windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
+ 2008-01-05 11:21:52	602,112	----a-w	c:\windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
- 2006-11-02 12:36:00	32,768	----a-w	c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
+ 2008-01-05 11:21:52	32,768	----a-w	c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
- 2006-11-02 12:36:01	36,864	----a-w	c:\windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
+ 2008-01-05 11:21:53	36,864	----a-w	c:\windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
- 2006-11-02 12:36:01	184,320	----a-w	c:\windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2008-01-05 11:21:53	184,320	----a-w	c:\windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
- 2006-11-02 12:36:01	126,976	----a-w	c:\windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2008-01-05 11:21:53	131,072	----a-w	c:\windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
- 2006-11-02 12:36:01	376,832	----a-w	c:\windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2008-01-05 11:21:53	376,832	----a-w	c:\windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
- 2006-11-02 12:36:01	151,552	----a-w	c:\windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2008-01-05 11:21:54	151,552	----a-w	c:\windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
- 2006-11-02 12:36:01	4,972,544	----a-w	c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2008-01-05 11:21:53	5,210,112	----a-w	c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
- 2006-11-02 12:36:00	897,024	----a-w	c:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2008-01-05 11:21:55	897,024	----a-w	c:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
- 2006-11-02 12:36:00	528,384	----a-w	c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2008-01-05 11:21:55	528,384	----a-w	c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2006-11-02 12:36:03	61,440	----a-w	c:\windows\assembly\GAC_MSIL\ServiceModelReg\3.0.0.0__b03f5f7f11d50a3a\ServiceModelReg.exe
+ 2008-01-05 11:21:39	61,440	----a-w	c:\windows\assembly\GAC_MSIL\ServiceModelReg\3.0.0.0__b03f5f7f11d50a3a\ServiceModelReg.exe
- 2006-11-02 12:36:03	94,208	----a-w	c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2008-01-05 11:21:39	102,400	----a-w	c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
- 2006-11-02 12:36:02	122,880	----a-w	c:\windows\assembly\GAC_MSIL\SMSvcHost\3.0.0.0__b03f5f7f11d50a3a\SMSvcHost.exe
+ 2008-01-05 11:21:39	122,880	----a-w	c:\windows\assembly\GAC_MSIL\SMSvcHost\3.0.0.0__b03f5f7f11d50a3a\SMSvcHost.exe
- 2007-07-13 04:54:05	10,752	----a-w	c:\windows\assembly\GAC_MSIL\sysglobl.resources\2.0.0.0_fr_b03f5f7f11d50a3a\sysglobl.resources.dll
+ 2008-01-05 11:26:12	10,752	----a-w	c:\windows\assembly\GAC_MSIL\sysglobl.resources\2.0.0.0_fr_b03f5f7f11d50a3a\sysglobl.resources.dll
- 2006-10-20 01:14:46	110,592	----a-w	c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2008-01-05 11:26:54	110,592	----a-w	c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2007-07-13 04:53:23	28,672	----a-w	c:\windows\assembly\GAC_MSIL\System.Configuration.Install.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Configuration.Install.Resources.dll
+ 2008-01-05 11:26:12	28,672	----a-w	c:\windows\assembly\GAC_MSIL\System.Configuration.Install.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Configuration.Install.Resources.dll
- 2006-10-20 01:14:46	81,920	----a-w	c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2008-01-05 11:26:54	81,920	----a-w	c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2007-07-13 04:53:23	49,152	----a-w	c:\windows\assembly\GAC_MSIL\system.configuration.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Configuration.resources.dll
+ 2008-01-05 11:26:12	49,152	----a-w	c:\windows\assembly\GAC_MSIL\system.configuration.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Configuration.resources.dll
- 2006-10-20 01:14:46	413,696	----a-w	c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2008-01-05 11:26:54	425,984	----a-w	c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2007-07-13 04:54:22	110,592	----a-w	c:\windows\assembly\GAC_MSIL\System.Data.OracleClient.resources\2.0.0.0_fr_b77a5c561934e089\System.Data.OracleClient.resources.dll
+ 2008-01-05 11:26:12	110,592	----a-w	c:\windows\assembly\GAC_MSIL\System.Data.OracleClient.resources\2.0.0.0_fr_b77a5c561934e089\System.Data.OracleClient.resources.dll
- 2007-07-13 04:53:20	335,872	----a-w	c:\windows\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_fr_b77a5c561934e089\System.Data.Resources.dll
+ 2008-01-05 11:26:13	344,064	----a-w	c:\windows\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_fr_b77a5c561934e089\System.Data.Resources.dll
- 2007-07-13 04:54:03	36,864	----a-w	c:\windows\assembly\GAC_MSIL\System.Data.SqlXml.resources\2.0.0.0_fr_b77a5c561934e089\system.data.sqlxml.resources.dll
+ 2008-01-05 11:26:13	36,864	----a-w	c:\windows\assembly\GAC_MSIL\System.Data.SqlXml.resources\2.0.0.0_fr_b77a5c561934e089\system.data.sqlxml.resources.dll
- 2006-10-20 01:14:48	716,800	----a-w	c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2008-01-05 11:26:55	741,376	----a-w	c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2007-07-13 04:53:50	385,024	----a-w	c:\windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Deployment.resources.dll
+ 2008-01-05 11:26:14	389,120	----a-w	c:\windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Deployment.resources.dll
- 2006-10-20 01:14:49	888,832	----a-w	c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2008-01-05 11:26:55	933,888	----a-w	c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2007-07-13 04:53:17	544,768	----a-w	c:\windows\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Design.Resources.dll
+ 2008-01-05 11:26:14	544,768	----a-w	c:\windows\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Design.Resources.dll
- 2006-10-20 01:14:49	5,050,368	----a-w	c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2008-01-05 11:26:55	5,070,848	----a-w	c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2007-07-13 04:54:09	28,672	----a-w	c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.DirectoryServices.Protocols.resources.dll
+ 2008-01-05 11:26:14	28,672	----a-w	c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.DirectoryServices.Protocols.resources.dll
- 2006-10-20 01:14:50	188,416	----a-w	c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2008-01-05 11:26:55	188,416	----a-w	c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2007-07-13 04:54:21	40,960	----a-w	c:\windows\assembly\GAC_MSIL\System.DirectoryServices.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.DirectoryServices.Resources.dll
+ 2008-01-05 11:26:16	40,960	----a-w	c:\windows\assembly\GAC_MSIL\System.DirectoryServices.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.DirectoryServices.Resources.dll
- 2006-10-20 01:14:50	397,312	----a-w	c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2008-01-05 11:26:55	401,408	----a-w	c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2007-07-13 04:54:17	6,144	----a-w	c:\windows\assembly\GAC_MSIL\System.Drawing.Design.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Drawing.Design.Resources.dll
+ 2008-01-05 11:26:16	6,144	----a-w	c:\windows\assembly\GAC_MSIL\System.Drawing.Design.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Drawing.Design.Resources.dll
- 2006-10-20 01:14:51	81,920	----a-w	c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2008-01-05 11:26:55	81,920	----a-w	c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2007-07-13 04:53:47	15,360	----a-w	c:\windows\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Drawing.Resources.dll
+ 2008-01-05 11:26:16	15,360	----a-w	c:\windows\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Drawing.Resources.dll
- 2006-10-20 01:14:51	704,512	----a-w	c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2008-01-05 11:26:55	630,784	----a-w	c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2007-07-13 04:53:19	32,768	----a-w	c:\windows\assembly\GAC_MSIL\System.EnterpriseServices.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.EnterpriseServices.Resources.dll
+ 2008-01-05 11:26:17	32,768	----a-w	c:\windows\assembly\GAC_MSIL\System.EnterpriseServices.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.EnterpriseServices.Resources.dll
- 2007-07-13 04:54:46	65,536	----a-w	c:\windows\assembly\GAC_MSIL\System.IdentityModel.resources\3.0.0.0_fr_b77a5c561934e089\System.IdentityModel.Resources.dll
+ 2008-01-05 11:26:37	65,536	----a-w	c:\windows\assembly\GAC_MSIL\System.IdentityModel.resources\3.0.0.0_fr_b77a5c561934e089\System.IdentityModel.Resources.dll
- 2007-07-13 04:54:46	53,248	----a-w	c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors.resources\3.0.0.0_fr_b77a5c561934e089\System.IdentityModel.Selectors.Resources.dll
+ 2008-01-05 11:26:39	57,344	----a-w	c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors.resources\3.0.0.0_fr_b77a5c561934e089\System.IdentityModel.Selectors.Resources.dll
- 2006-11-02 12:36:02	126,976	----a-w	c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2008-01-05 11:21:38	126,976	----a-w	c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2006-11-02 12:36:02	413,696	----a-w	c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2008-01-05 11:21:37	430,080	----a-w	c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2006-11-02 12:36:02	131,072	----a-w	c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2008-01-05 11:21:38	131,072	----a-w	c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
- 2007-07-13 04:54:12	13,312	----a-w	c:\windows\assembly\GAC_MSIL\System.Management.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Management.Resources.dll
+ 2008-01-05 11:26:17	13,312	----a-w	c:\windows\assembly\GAC_MSIL\System.Management.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Management.Resources.dll
- 2006-10-20 01:14:52	368,640	----a-w	c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2008-01-05 11:26:58	372,736	----a-w	c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2007-07-13 04:53:22	61,440	----a-w	c:\windows\assembly\GAC_MSIL\System.Messaging.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Messaging.Resources.dll
+ 2008-01-05 11:26:17	61,440	----a-w	c:\windows\assembly\GAC_MSIL\System.Messaging.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Messaging.Resources.dll
- 2006-10-20 01:14:52	258,048	----a-w	c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2008-01-05 11:26:58	258,048	----a-w	c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2007-07-13 04:54:22	212,992	----a-w	c:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_fr_b77a5c561934e089\system.Resources.dll
+ 2008-01-05 11:26:17	212,992	----a-w	c:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_fr_b77a5c561934e089\system.Resources.dll
- 2007-07-13 04:54:05	32,768	----a-w	c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_fr_b77a5c561934e089\System.Runtime.Remoting.Resources.dll
+ 2008-01-05 11:26:17	32,768	----a-w	c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_fr_b77a5c561934e089\System.Runtime.Remoting.Resources.dll
- 2006-10-20 01:14:53	299,008	----a-w	c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2008-01-05 11:26:58	299,008	----a-w	c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2007-07-13 04:53:52	11,776	----a-w	c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
+ 2008-01-05 11:26:17	11,776	----a-w	c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
- 2006-10-20 01:14:53	131,072	----a-w	c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-01-05 11:26:58	131,072	----a-w	c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2007-07-13 04:54:45	94,208	----a-w	c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_fr_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
+ 2008-01-05 11:26:41	98,304	----a-w	c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_fr_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
- 2006-11-02 12:36:03	888,832	----a-w	c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2008-01-05 11:21:38	929,792	----a-w	c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2007-07-13 04:53:55	28,672	----a-w	c:\windows\assembly\GAC_MSIL\System.Security.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Security.Resources.dll
+ 2008-01-05 11:26:17	28,672	----a-w	c:\windows\assembly\GAC_MSIL\System.Security.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Security.Resources.dll
- 2006-10-20 01:14:53	258,048	----a-w	c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2008-01-05 11:26:58	258,048	----a-w	c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2006-11-02 12:36:02	159,744	----a-w	c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll
+ 2008-01-05 11:21:40	159,744	----a-w	c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll
- 2007-07-13 04:54:45	475,136	----a-w	c:\windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_fr_b77a5c561934e089\System.ServiceModel.Resources.dll
+ 2008-01-05 11:26:41	499,712	----a-w	c:\windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_fr_b77a5c561934e089\System.ServiceModel.Resources.dll
- 2006-11-02 12:36:03	16,384	----a-w	c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2008-01-05 11:21:40	32,768	----a-w	c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
- 2006-11-02 12:36:03	5,672,960	----a-w	c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2008-01-05 11:21:38	5,971,968	----a-w	c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2007-07-13 04:54:05	40,960	----a-w	c:\windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.ServiceProcess.Resources.dll
+ 2008-01-05 11:26:17	40,960	----a-w	c:\windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.ServiceProcess.Resources.dll
- 2006-10-20 01:14:53	114,688	----a-w	c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2008-01-05 11:26:58	114,688	----a-w	c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2006-11-02 12:36:01	688,128	----a-w	c:\windows\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2008-01-05 11:21:55	688,128	----a-w	c:\windows\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll
- 2007-07-13 04:53:23	16,896	----a-w	c:\windows\assembly\GAC_MSIL\System.Transactions.resources\2.0.0.0_fr_b77a5c561934e089\System.Transactions.resources.dll
+ 2008-01-05 11:26:17	16,896	----a-w	c:\windows\assembly\GAC_MSIL\System.Transactions.resources\2.0.0.0_fr_b77a5c561934e089\System.Transactions.resources.dll
- 2007-07-13 04:54:16	81,920	----a-w	c:\windows\assembly\GAC_MSIL\System.Web.Mobile.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Web.Mobile.resources.dll
+ 2008-01-05 11:26:17	81,920	----a-w	c:\windows\assembly\GAC_MSIL\System.Web.Mobile.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Web.Mobile.resources.dll
- 2006-10-20 01:14:54	835,584	----a-w	c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2008-01-05 11:26:59	884,736	----a-w	c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2006-10-20 01:14:55	86,016	----a-w	c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2008-01-05 11:26:59	90,112	----a-w	c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2007-10-03 17:29:14	618,496	----a-w	c:\windows\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Web.Resources.dll
+ 2008-01-05 11:26:17	618,496	----a-w	c:\windows\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Web.Resources.dll
- 2007-07-13 04:54:18	81,920	----a-w	c:\windows\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Web.Services.Resources.dll
+ 2008-01-05 11:26:17	81,920	----a-w	c:\windows\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Web.Services.Resources.dll
- 2006-10-20 01:14:55	823,296	----a-w	c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2008-01-05 11:27:00	839,680	----a-w	c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2007-07-13 04:53:15	430,080	----a-w	c:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_fr_b77a5c561934e089\System.Windows.Forms.Resources.dll
+ 2008-01-05 11:26:17	430,080	----a-w	c:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_fr_b77a5c561934e089\System.Windows.Forms.Resources.dll
- 2006-10-20 01:14:56	5,414,912	----a-w	c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2008-01-05 11:27:02	5,013,504	----a-w	c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2007-07-13 04:54:45	191,304	----a-w	c:\windows\assembly\GAC_MSIL\System.Workflow.Activities.resources\3.0.0.0_fr_31bf3856ad364e35\System.Workflow.Activities.resources.dll
+ 2008-01-05 11:26:54	193,592	----a-w	c:\windows\assembly\GAC_MSIL\System.Workflow.Activities.resources\3.0.0.0_fr_31bf3856ad364e35\System.Workflow.Activities.resources.dll
- 2006-11-02 12:36:00	1,108,784	----a-w	c:\windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
+ 2008-01-05 11:22:14	1,152,040	----a-w	c:\windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
- 2007-07-13 04:54:47	318,288	----a-w	c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel.resources\3.0.0.0_fr_31bf3856ad364e35\System.Workflow.ComponentModel.resources.dll
+ 2008-01-05 11:26:54	320,576	----a-w	c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel.resources\3.0.0.0_fr_31bf3856ad364e35\System.Workflow.ComponentModel.resources.dll
- 2006-11-02 12:36:00	1,641,272	----a-w	c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
+ 2008-01-05 11:22:15	1,635,376	----a-w	c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
- 2007-07-13 04:54:47	43,840	----a-w	c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime.resources\3.0.0.0_fr_31bf3856ad364e35\System.Workflow.Runtime.resources.dll
+ 2008-01-05 11:26:54	46,136	----a-w	c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime.resources\3.0.0.0_fr_31bf3856ad364e35\System.Workflow.Runtime.resources.dll
- 2006-11-02 12:36:00	588,592	----a-w	c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
+ 2008-01-05 11:22:15	578,592	----a-w	c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
- 2007-07-13 04:53:21	167,936	----a-w	c:\windows\assembly\GAC_MSIL\System.XML.resources\2.0.0.0_fr_b77a5c561934e089\System.xml.Resources.dll
+ 2008-01-05 11:26:17	167,936	----a-w	c:\windows\assembly\GAC_MSIL\System.XML.resources\2.0.0.0_fr_b77a5c561934e089\System.xml.Resources.dll
- 2006-10-20 01:14:58	2,039,808	----a-w	c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2008-01-05 11:27:03	2,068,480	----a-w	c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2006-10-20 01:14:51	3,035,136	----a-w	c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2008-01-05 11:26:55	3,076,096	----a-w	c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2007-07-13 04:54:02	7,680	----a-w	c:\windows\assembly\GAC_MSIL\TaskScheduler.Resources\6.0.0.0_fr_31bf3856ad364e35\TaskScheduler.resources.dll
+ 2008-01-19 07:54:01	7,680	----a-w	c:\windows\assembly\GAC_MSIL\TaskScheduler.Resources\6.0.0.0_fr_31bf3856ad364e35\TaskScheduler.resources.dll
- 2006-11-02 09:47:22	163,840	----a-w	c:\windows\assembly\GAC_MSIL\TaskScheduler\6.0.0.0__31bf3856ad364e35\TaskScheduler.dll
+ 2008-01-19 07:39:26	163,840	----a-w	c:\windows\assembly\GAC_MSIL\TaskScheduler\6.0.0.0__31bf3856ad364e35\TaskScheduler.dll
- 2006-11-02 12:36:01	163,840	----a-w	c:\windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2008-01-05 11:21:56	163,840	----a-w	c:\windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
- 2006-11-02 12:36:01	372,736	----a-w	c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2008-01-05 11:22:00	372,736	----a-w	c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
- 2006-11-02 12:36:01	32,768	----a-w	c:\windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2008-01-05 11:22:00	32,768	----a-w	c:\windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2006-11-02 12:36:00	86,016	----a-w	c:\windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2008-01-05 11:22:00	86,016	----a-w	c:\windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
- 2006-11-02 12:36:00	1,167,360	----a-w	c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2008-01-05 11:22:00	1,204,224	----a-w	c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
- 2006-11-02 12:36:01	81,920	----a-w	c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2008-01-05 11:22:01	81,920	----a-w	c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
- 2006-11-02 12:36:03	143,360	----a-w	c:\windows\assembly\GAC_MSIL\WsatConfig\3.0.0.0__b03f5f7f11d50a3a\WsatConfig.exe
+ 2008-01-05 11:21:40	143,360	----a-w	c:\windows\assembly\GAC_MSIL\WsatConfig\3.0.0.0__b03f5f7f11d50a3a\WsatConfig.exe
+ 2009-01-25 16:47:13	27,136	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\e2170385d6492ce6539124c5a3b361a8\Accessibility.ni.dll
+ 2009-01-25 17:08:07	425,984	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\BDATunePIA\7b38b32ba60b3eb9195c4e1fcc2c3b9d\BDATunePIA.ni.dll
+ 2009-01-25 17:08:17	503,808	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\a29c71731e54f91d32ccc55d5493126d\ComSvcConfig.ni.exe
+ 2009-01-25 16:47:35	17,920	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\ce2416df0a2df3ab6f06673c545d71de\Microsoft.VisualC.ni.dll
+ 2009-01-25 16:45:02	11,722,752	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5b3e3b0551bcaa722c27dbb089c431e4\mscorlib.ni.dll
+ 2009-01-25 16:47:37	40,960	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\b4a8dfd870b136a2c16abd23850b99cb\PresentationCFFRasterizer.ni.dll
+ 2009-01-25 16:46:18	12,570,624	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\adcba7206e27f493c9f161339a668cd1\PresentationCore.ni.dll
+ 2009-01-25 16:46:23	49,152	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\f4bbb8d27bd38e1aec2ee0a0a9646b31\PresentationFontCache.ni.exe
+ 2009-01-25 16:48:36	552,960	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\4bd2d5a15bb5178df5c5d24ef9003bb6\PresentationFramework.Luna.ni.dll
+ 2009-01-25 16:48:32	393,216	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\75438038f0d98e04583d0168d671981e\PresentationFramework.Aero.ni.dll
+ 2009-01-25 16:48:24	15,040,512	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7606ee23b2b3fd1d5d3d1c10011d3ecc\PresentationFramework.ni.dll
+ 2009-01-25 16:48:37	274,432	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e5c191994a86a85fa0b73041297bf650\PresentationFramework.Royale.ni.dll
+ 2009-01-25 16:48:33	245,760	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\edbcf79ab063533f570e1f4820a9e49b\PresentationFramework.Classic.ni.dll
+ 2009-01-25 16:46:43	163,840	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\6f7e20306614996eb09c1422c2ab49b3\System.Configuration.Install.ni.dll
+ 2009-01-25 16:46:25	1,011,712	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\15366cc16c2550064601b5167821667d\System.Configuration.ni.dll
+ 2009-01-25 16:46:38	2,756,608	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\797e38c8e8319f00da96c1786e07ab7a\System.Data.SqlXml.ni.dll
+ 2009-01-25 16:49:12	7,049,216	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\11afb76c8f51ad01fb460ab76e120f7c\System.Data.ni.dll
+ 2009-01-25 16:47:24	1,798,144	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\6167eaea1fb0a1067fc1fd17afe580ef\System.Deployment.ni.dll
+ 2009-01-25 16:49:48	10,969,088	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\d31a050a04e1f59f2c81298515d40e69\System.Design.ni.dll
+ 2009-01-25 17:08:27	1,224,704	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\b6dfa3ee72dae0f0aa3d072d3b5af2a6\System.DirectoryServices.ni.dll
+ 2009-01-25 16:49:57	229,376	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\ee20eccec1e7d1e4ea6d033fb998e252\System.Drawing.Design.ni.dll
+ 2009-01-25 16:46:50	1,667,072	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\a35f567c4c67d6b1ca9a0023852847a2\System.Drawing.ni.dll
+ 2009-01-25 17:08:21	659,456	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\954db9046cf0977e8baeda9160910bc0\System.EnterpriseServices.ni.dll
+ 2009-01-25 17:08:21	294,912	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\954db9046cf0977e8baeda9160910bc0\System.EnterpriseServices.Wrapper.dll
+ 2009-01-25 16:46:46	339,968	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bf712f7f1c6a43d6b08a3911e99159a0\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2009-01-25 16:46:41	733,184	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\e3c0d1967dc5ac085e43f5a52c9cdc88\System.Security.ni.dll
+ 2009-01-25 16:46:24	233,472	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\80a3d0416c6660b86e245bd1f6b66fd8\System.ServiceProcess.ni.dll
+ 2009-01-25 17:08:24	679,936	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\62dc499efc246da6806ba0b74ac447f1\System.Transactions.ni.dll
+ 2009-01-25 16:47:10	13,193,216	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\45ee94a63c463b93e3ff694c6ecd0820\System.Windows.Forms.ni.dll
+ 2009-01-25 16:50:12	3,084,288	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\d8f1a140d3e4aa0c9d6d5cb35bc97b66\System.Workflow.Activities.ni.dll
+ 2009-01-25 16:50:27	4,579,328	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\8fb4ec7c0a4438b4a06657f6e6c44b71\System.Workflow.ComponentModel.ni.dll
+ 2009-01-25 16:50:40	2,088,960	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\6774fc258b3b8cd8eb5256a76e0ffa67\System.Workflow.Runtime.ni.dll
+ 2009-01-25 16:46:33	5,771,264	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\[u]0/u2cf61328d59df9b3ec09544f449a781\System.Xml.ni.dll
+ 2009-01-25 16:45:40	8,265,728	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\System\267d4c344058092e6950c11594244f90\System.ni.dll
+ 2009-01-25 16:47:36	50,688	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\6742ace9668464c5323b28febc63ddd2\UIAutomationProvider.ni.dll
+ 2009-01-25 16:47:36	196,608	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\c9b8f70286ecf69cbf8c0d09dbcbf69a\UIAutomationTypes.ni.dll
+ 2009-01-25 16:45:45	3,395,584	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\fcdc39d38a36b04796da6d0e66c48c7c\WindowsBase.ni.dll
- 2006-11-02 09:44:51	50,176	----a-w	c:\windows\bfsvc.exe
+ 2008-01-19 07:33:01	58,880	----a-w	c:\windows\bfsvc.exe
+ 2008-01-05 11:23:07	2,048	----a-w	c:\windows\Boot\DVD\PCAT\etfsboot.com
- 2006-11-02 09:51:56	386,664	----a-w	c:\windows\Boot\PCAT\memtest.exe
+ 2008-01-19 07:43:59	406,584	----a-w	c:\windows\Boot\PCAT\memtest.exe
- 2006-11-02 12:34:30	892,928	----a-w	c:\windows\DigitalLocker\digitalx.exe
+ 2008-01-19 07:33:06	894,976	----a-w	c:\windows\DigitalLocker\digitalx.exe
- 2006-11-02 12:35:32	143,360	----a-w	c:\windows\ehome\BDATunePIA.dll
+ 2008-01-19 07:38:12	144,384	----a-w	c:\windows\ehome\BDATunePIA.dll
- 2006-11-02 12:35:34	180,224	----a-w	c:\windows\ehome\cbva.dll
+ 2008-01-19 07:36:08	180,224	----a-w	c:\windows\ehome\cbva.dll
- 2006-11-02 12:35:30	9,533,440	----a-w	c:\windows\ehome\CreateDisc\SBEServer.exe
+ 2008-01-19 07:33:27	9,539,072	----a-w	c:\windows\ehome\CreateDisc\SBEServer.exe
- 2006-11-02 12:35:34	96,256	----a-w	c:\windows\ehome\CreateDisc\SFXPlugins\StandardFX_Plugin.dll
+ 2008-01-19 07:36:36	96,256	----a-w	c:\windows\ehome\CreateDisc\SFXPlugins\StandardFX_Plugin.dll
- 2006-11-02 12:35:32	24,064	----a-w	c:\windows\ehome\ehcett.dll
+ 2008-01-19 07:34:08	24,576	----a-w	c:\windows\ehome\ehcett.dll
- 2006-11-02 12:35:28	241,152	----a-w	c:\windows\ehome\ehchhime.dll
+ 2008-01-19 07:34:08	241,152	----a-w	c:\windows\ehome\ehchhime.dll
- 2006-11-02 12:35:28	1,353,216	----a-w	c:\windows\ehome\ehchsime.dll
+ 2008-01-19 07:34:08	1,353,216	----a-w	c:\windows\ehome\ehchsime.dll
- 2006-11-02 12:35:30	24,576	----a-w	c:\windows\ehome\ehcyrtt.dll
+ 2008-01-19 07:34:08	25,088	----a-w	c:\windows\ehome\ehcyrtt.dll
- 2007-07-12 19:31:07	21,504	----a-w	c:\windows\ehome\ehdebug.dll
+ 2006-11-02 12:35:32	21,504	----a-w	c:\windows\ehome\ehdebug.dll
- 2006-11-02 12:35:32	312,832	----a-w	c:\windows\ehome\ehdrop.dll
+ 2008-01-19 07:34:08	312,832	----a-w	c:\windows\ehome\ehdrop.dll
- 2006-11-02 12:35:32	41,984	----a-w	c:\windows\ehome\ehentt.dll
+ 2008-01-19 07:34:08	41,984	----a-w	c:\windows\ehome\ehentt.dll
- 2006-11-02 12:35:34	864,256	----a-w	c:\windows\ehome\ehepg.dll
+ 2008-01-19 07:38:16	827,392	----a-w	c:\windows\ehome\ehepg.dll
- 2006-11-02 12:35:28	139,264	----a-w	c:\windows\ehome\ehepgdat.dll
+ 2008-01-19 07:38:16	139,264	----a-w	c:\windows\ehome\ehepgdat.dll
- 2007-07-12 19:31:07	135,168	----a-w	c:\windows\ehome\ehexthost.exe
+ 2008-01-19 07:38:17	131,072	----a-w	c:\windows\ehome\ehexthost.exe
- 2006-11-02 12:35:32	372,224	----a-w	c:\windows\ehome\ehglid.dll
+ 2008-01-19 07:34:08	373,248	----a-w	c:\windows\ehome\ehglid.dll
- 2007-07-12 19:31:08	77,824	----a-w	c:\windows\ehome\ehiExtens.dll
+ 2006-11-02 12:35:28	77,824	----a-w	c:\windows\ehome\ehiExtens.dll
- 2006-11-02 12:35:32	401,408	----a-w	c:\windows\ehome\ehiProxy.dll
+ 2008-01-19 07:38:18	401,408	----a-w	c:\windows\ehome\ehiProxy.dll
- 2006-11-02 12:35:30	19,456	----a-w	c:\windows\ehome\ehiReplay.dll
+ 2008-01-19 07:38:18	19,456	----a-w	c:\windows\ehome\ehiReplay.dll
- 2006-11-02 12:35:32	307,200	----a-w	c:\windows\ehome\ehiVidCtl.dll
+ 2008-01-19 07:38:19	307,200	----a-w	c:\windows\ehome\ehiVidCtl.dll
- 2006-11-02 12:35:34	143,360	----a-w	c:\windows\ehome\ehiwmp.dll
+ 2008-01-19 07:38:19	143,360	----a-w	c:\windows\ehome\ehiwmp.dll
- 2006-11-02 12:35:32	171,008	----a-w	c:\windows\ehome\ehkeyctl.dll
+ 2008-01-19 07:34:08	171,008	----a-w	c:\windows\ehome\ehkeyctl.dll
- 2006-11-02 12:35:32	36,864	----a-w	c:\windows\ehome\ehkorime.dll
+ 2008-01-19 07:34:08	37,376	----a-w	c:\windows\ehome\ehkorime.dll
- 2006-11-02 12:35:32	37,376	----a-w	c:\windows\ehome\ehmsas.exe
+ 2008-01-19 07:33:09	37,376	----a-w	c:\windows\ehome\ehmsas.exe
- 2006-11-02 12:35:33	278,016	----a-w	c:\windows\ehome\ehPlayer.dll
+ 2008-01-19 07:34:08	278,016	----a-w	c:\windows\ehome\ehPlayer.dll
- 2007-07-12 19:31:08	103,936	----a-w	c:\windows\ehome\ehPresenter.dll
+ 2008-01-19 07:34:08	103,936	----a-w	c:\windows\ehome\ehPresenter.dll
- 2006-11-02 12:35:29	210,432	----a-w	c:\windows\ehome\ehprivjob.exe

quiche69 · Answer

alors tes las tu me repond plus

jlpjlp · Answer

encore des soucis?

mets un nouveau rapport *RSIT et un rapport antivir


a plus

quiche69 · Answer

voici le rapport rsit


Logfile of random's system information tool 1.05 (written by random/random)
Run by smain at 2009-02-01 18:55:31
Microsoft® Windows Vista™ Édition Familiale Premium  Service Pack 1
System drive C: has 192 GB (83%) free of 230 GB
Total RAM: 894 MB (21% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:56:29, on 01/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32	askeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Windows\System32undll32.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\smain\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Windows\System32undll32.exe
C:\Users\smain\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\smain\Desktop\RSIT.exe
C:\Program Files	rend micro\smain.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1	oolbar.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE	oolbar.dll (file missing)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32
vsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Startup: Outil de notification Live Search.lnk = C:\Users\smain\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix: 
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D1548A26-B8F6-4E86-AE74-E7062CCC2E2A} (igLoader Content on Demand) - http://www.miniclip.com/igloader/igloader.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe

jlpjlp · Answer

1/ # Télécharge RavAntivirus d'Evosla : http://ww25.evosla.com/compteur.php?soft=rav_antivirus # Si tu as une clé USB, disque dur externe, etc, branche-les sans les ouvrir avant de lancer ce FIX # Fais un clic droit sur le fichier .ZIP > Extraire sur > le Bureau # Doucle-clique sur >> RAV.exe << afin de lancer l'outil. # Une fois RAV ANTIVIRUS lancé, laisse-le réagir , il scanne automatiquement tout les lecteurs (disques fixes et amovibles) # Si infection > un log s'établira, sinon le soft affichera (très rapide) ==>Votre Ordinateur est sain . # Retire tes disques amovibles et redémarrez votre ordinateur. # Poste le rapport, si infection! 2/ Télécharge sur le bureau Flash Disinfector (de SUBS) à cette adresse : http://www.techsupportforum.com/sectools/sUBs/Flash_Disinfector.exe Double-clique sur l’icône. Les icônes vont disparaître. C’est normal. Si un rapport est généré en cas d'infection, sauvegarde-le sur le bureau, et poste le ensuite Redémarre ensuite le PC. 3/ Télécharges AD-Remover ( de Cyrildu17 / C_XX ) sur ton bureau : http://sd-1.archive-host.com/membres/up/16506160323759868/AD-R.exe /!\ Déconnectes toi et fermes toutes applications en cours ● Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( C:\Program files ) ● Double clique sur l'icône Ad-removersituée sur ton bureau ● Au menu principal choisi l'option "A" ● Postes le rapport qui apparait à la fin . ( le rapport est sauvegardé aussi sous C:\Ad-report(date).log ) (CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller ) Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

Virus( important)

28 réponses

Discussions similaires