Rootkit sous vista
Résolu
kev_du_53
-
kevin.m Messages postés 62 Date d'inscription Statut Membre Dernière intervention -
kevin.m Messages postés 62 Date d'inscription Statut Membre Dernière intervention -
Bonjour,
J'ai un ordinateur avec vista que j'ai depuis un an et quand je lance internet explorer mon anti virus (celui de sfr) me dit que j'ai un rootkit sur mon PC (Rootkit:W32/TDSS.BK) ensuite il me demande ce que je veux faire donc je met nettoyer(recomander) puis il scan mon disc dur ensuite il me dit que il a réussit a nettoyer le le virus donc je met ok en suite je peut surfer sur le net mais cela est limiter car il y a de nombreux site que je ne peut pas visiter.
Le problème c'est que à chaque fois que je relance internet explorer il me dit le même message!! et je peux refaire la manip' autant de fois que je le veux mais ça ne marche pas.
je ne sait pas quoi faire je suis aller voir sur des forum j'ai essayer plusieurs proposition mais j'ai toujours le même message.
Si quelqu'un à le même rootkit ou connait le moyen de le supprimer définitivement je serait très content qu'il réponde a ce message!
merci d'avance!
J'ai un ordinateur avec vista que j'ai depuis un an et quand je lance internet explorer mon anti virus (celui de sfr) me dit que j'ai un rootkit sur mon PC (Rootkit:W32/TDSS.BK) ensuite il me demande ce que je veux faire donc je met nettoyer(recomander) puis il scan mon disc dur ensuite il me dit que il a réussit a nettoyer le le virus donc je met ok en suite je peut surfer sur le net mais cela est limiter car il y a de nombreux site que je ne peut pas visiter.
Le problème c'est que à chaque fois que je relance internet explorer il me dit le même message!! et je peux refaire la manip' autant de fois que je le veux mais ça ne marche pas.
je ne sait pas quoi faire je suis aller voir sur des forum j'ai essayer plusieurs proposition mais j'ai toujours le même message.
Si quelqu'un à le même rootkit ou connait le moyen de le supprimer définitivement je serait très content qu'il réponde a ce message!
merci d'avance!
A voir également:
- Rootkit sous vista
- Windows vista - Télécharger - Divers Utilitaires
- Clé windows vista - Guide
- Windows Vista SP1 - Télécharger - Divers Utilitaires
- Pdf vista - Télécharger - PDF
- Rootkit - Télécharger - Antivirus & Antimalwares
82 réponses
Salut,
fais ceci stp :
protocole à suivre pour Windows Vista :
*Désactiver le contrôle des comptes utilisateurs ou UAC (le réactiver seulement à la fin de la désinfection) :
Aller dans "démarrer" puis "panneau de configuration" :
--->Sur la droite de la fenêtre , cliques sur " affichage classique "
--->Double-Cliquer sur l'icône "Comptes d'utilisateurs"
--->Cliquer ensuite sur "Activer ou désactiver le contrôle ..." .
--->Décocher la case "utlisiser le contrôle ..." et cliquer sur OK .
--->Redémarrer le PC !
Tuto : https://forum.malekal.com/viewtopic.php?f=59&t=6517
* Important :
Pour installer ou pour lancer les outils, que tu utiliseras au court de la désinfection, fais toujours ainsi :
clique DROIT ( sur le setup d'installe ou sur l'outil ) -> choisis " Exécuter entant qu'administrateur " .
Fais ceci systématiquement ! ...
une fois ceci fait et pris en compte , commence par ce qui suit :
===========================
2- Télécharge ZHPDiag de Nicolas Coolman sur ton bureau :
-> http://www.premiumorange.com/zeb-help-process/download/ZHPDiag.zip
-> https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
!! déconnecte toi et ferme toutes tes applications en cours !!
* Clique droit sur le .zip que tu viens de télécharger et choisis " extraire tout " sur ton bureau ...
* Double-clique sur "ZHPDiag.exe" pour lancer l'outil :
> Clique sur le bouton " Tous " ( important ).
> puis clique sur le bouton de "la loupe" pour lancer le scan .
Laisses travailler l'outil ...
> Une fois terminé , le rapport s'affiche : clique sur bouton "appareil photo" pour sauvegarder le rapport obtenu ...
Enregistres bien ZHPDiag.txt de façon à le retrouver facilement ( sur le bureau par exemple ).
Puis ferme le programme ...
Enfin , fais un copier/coller du contenu du rapport sauvegardé dans ta prochaine réponse pour analyse ...
fais ceci stp :
protocole à suivre pour Windows Vista :
*Désactiver le contrôle des comptes utilisateurs ou UAC (le réactiver seulement à la fin de la désinfection) :
Aller dans "démarrer" puis "panneau de configuration" :
--->Sur la droite de la fenêtre , cliques sur " affichage classique "
--->Double-Cliquer sur l'icône "Comptes d'utilisateurs"
--->Cliquer ensuite sur "Activer ou désactiver le contrôle ..." .
--->Décocher la case "utlisiser le contrôle ..." et cliquer sur OK .
--->Redémarrer le PC !
Tuto : https://forum.malekal.com/viewtopic.php?f=59&t=6517
* Important :
Pour installer ou pour lancer les outils, que tu utiliseras au court de la désinfection, fais toujours ainsi :
clique DROIT ( sur le setup d'installe ou sur l'outil ) -> choisis " Exécuter entant qu'administrateur " .
Fais ceci systématiquement ! ...
une fois ceci fait et pris en compte , commence par ce qui suit :
===========================
2- Télécharge ZHPDiag de Nicolas Coolman sur ton bureau :
-> http://www.premiumorange.com/zeb-help-process/download/ZHPDiag.zip
-> https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
!! déconnecte toi et ferme toutes tes applications en cours !!
* Clique droit sur le .zip que tu viens de télécharger et choisis " extraire tout " sur ton bureau ...
* Double-clique sur "ZHPDiag.exe" pour lancer l'outil :
> Clique sur le bouton " Tous " ( important ).
> puis clique sur le bouton de "la loupe" pour lancer le scan .
Laisses travailler l'outil ...
> Une fois terminé , le rapport s'affiche : clique sur bouton "appareil photo" pour sauvegarder le rapport obtenu ...
Enregistres bien ZHPDiag.txt de façon à le retrouver facilement ( sur le bureau par exemple ).
Puis ferme le programme ...
Enfin , fais un copier/coller du contenu du rapport sauvegardé dans ta prochaine réponse pour analyse ...
bien ...
on a en plus une belle infection wareout ... dans le genre détournement de DNS , t'ai gavé ...
essaye de faire ce qui suit dans l'ordre ... si tu rencontre le moindre soucis , fait m'en part :
1- Télécharge Rooter de l'équipe IDN sur ton bureau :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/Rooter.exe?attachauth=ANoY7cpzQksLcJt-e1z30LGu7t4JjUhh8amzWs_oSPSJpXbXp8ythGbW2WF8ysioh5NNlarrn7zMnYCRfsT5rCwNrfw5_CZYELApylTiY_MGu0G6uKzWpLEF2YXM3tF7nKZZAWj0JSAajXlZhd8dIyI3MrZ-lAIT5ZrAdcrct9_7bshwVpaZRPizuMTv9SDvmvY31BX4Vvvh2F2Brp1cy_K0jtTTfjttEA%3D%3D&attredirects=2
! Déconnecte toi d'internet et ferme toutes applications en cours !
* Exécute Rooter et laisse travailler l'outil .
* Une fois terminé, poste le rapport obtenu pour analyse ...
=============================
2- Télécharge MalwareByte's :
ici http://www.commentcamarche.net/telecharger/telecharger 34055379 malwarebytes anti malware
ou ici : http://www.malwarebytes.org/mbam.php
* Installe le ( choisis bien "francais" ; ne modifie pas les paramètres d'instale ) et mets le à jour .
(NB : S'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : https://www.malekal.com/tutorial-aboutbuster/ )
* Potasse le tuto pour te familiariser avec le prg :
https://forum.pcastuces.com/sujet.asp?f=31&s=3
( cela dis, il est très simple d'utilisation ).
! Déconnecte toi et ferme toutes applications en cours !
* Lance Malwarebyte's .
Fais un examen dit "Rapide" .
--> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
--> à la fin tu cliques sur "résultat" .
--> Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .
Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !
Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date),
accompagné d'un nouveau rapport ZHPDiag pour analyse ...
on a en plus une belle infection wareout ... dans le genre détournement de DNS , t'ai gavé ...
essaye de faire ce qui suit dans l'ordre ... si tu rencontre le moindre soucis , fait m'en part :
1- Télécharge Rooter de l'équipe IDN sur ton bureau :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/Rooter.exe?attachauth=ANoY7cpzQksLcJt-e1z30LGu7t4JjUhh8amzWs_oSPSJpXbXp8ythGbW2WF8ysioh5NNlarrn7zMnYCRfsT5rCwNrfw5_CZYELApylTiY_MGu0G6uKzWpLEF2YXM3tF7nKZZAWj0JSAajXlZhd8dIyI3MrZ-lAIT5ZrAdcrct9_7bshwVpaZRPizuMTv9SDvmvY31BX4Vvvh2F2Brp1cy_K0jtTTfjttEA%3D%3D&attredirects=2
! Déconnecte toi d'internet et ferme toutes applications en cours !
* Exécute Rooter et laisse travailler l'outil .
* Une fois terminé, poste le rapport obtenu pour analyse ...
=============================
2- Télécharge MalwareByte's :
ici http://www.commentcamarche.net/telecharger/telecharger 34055379 malwarebytes anti malware
ou ici : http://www.malwarebytes.org/mbam.php
* Installe le ( choisis bien "francais" ; ne modifie pas les paramètres d'instale ) et mets le à jour .
(NB : S'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : https://www.malekal.com/tutorial-aboutbuster/ )
* Potasse le tuto pour te familiariser avec le prg :
https://forum.pcastuces.com/sujet.asp?f=31&s=3
( cela dis, il est très simple d'utilisation ).
! Déconnecte toi et ferme toutes applications en cours !
* Lance Malwarebyte's .
Fais un examen dit "Rapide" .
--> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
--> à la fin tu cliques sur "résultat" .
--> Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .
Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !
Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date),
accompagné d'un nouveau rapport ZHPDiag pour analyse ...
merci de répondre si rapidement a mes message!!
donc voila le rapport de l'analyse de rooter:
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz )
BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
USER : Kevin MONTHERAT ( Administrator )
BOOT : Normal boot
Firewall : Pack sécurité 8.00 8.00 (Activated)
C:\ (Local Disk) - NTFS - Total:228 Go (Free:163 Go)
D:\ (Local Disk) - NTFS - Total:227 Go (Free:73 Go)
E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (CD or DVD)
K:\ (CD or DVD)
L:\ (CD or DVD)
05/03/2009|19:59
----------------------\\ Search..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters]
NameServer REG_SZ 85.255.112.39,85.255.112.40
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters]
NameServer REG_SZ 85.255.112.39,85.255.112.40
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
NameServer REG_SZ 85.255.112.39,85.255.112.40
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\..\{169CEE27-4969-46D2-AB0F-0C9722446995}]
NameServer REG_SZ 85.255.112.39,85.255.112.40
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\..\{169CEE27-4969-46D2-AB0F-0C9722446995}]
DhcpNameServer REG_SZ 85.255.112.39,85.255.112.40
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\..\{644BFE67-BC46-4979-B811-7674F43C1E1B}]
NameServer REG_SZ 85.255.112.39,85.255.112.40
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\..\{169CEE27-4969-46D2-AB0F-0C9722446995}]
NameServer REG_SZ 85.255.112.39,85.255.112.40
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\..\{169CEE27-4969-46D2-AB0F-0C9722446995}]
DhcpNameServer REG_SZ 85.255.112.39,85.255.112.40
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\..\{644BFE67-BC46-4979-B811-7674F43C1E1B}]
NameServer REG_SZ 85.255.112.39,85.255.112.40
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\..\{169CEE27-4969-46D2-AB0F-0C9722446995}]
NameServer REG_SZ 85.255.112.39,85.255.112.40
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\..\{169CEE27-4969-46D2-AB0F-0C9722446995}]
DhcpNameServer REG_SZ 85.255.112.39,85.255.112.40
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\..\{644BFE67-BC46-4979-B811-7674F43C1E1B}]
NameServer REG_SZ 85.255.112.39,85.255.112.40
[b]==> WAREOUT <==/b
----------------------\\ Cracks & Keygens..
C:\Users\KEVINM~1\AppData\Roaming\Azureus\torrents\Counter_Strike_1_6_Full___Crack.torrent
C:\Users\KEVINM~1\AppData\Roaming\Azureus\torrents\Need.For.Speed.Undercover.Crack.and.Keygen.Only-RELOADED.torrent
C:\Users\KEVINM~1\AppData\Roaming\Azureus\torrents\Need.For.Speed.Undercover.Crack.and.Keygen.RELOADED.zip.torrent
C:\Users\KEVINM~1\AppData\Roaming\Azureus\torrents\Need.for.Speed.Undercover.Keygen.and Crack-RELOADED.torrent
C:\Users\KEVINM~1\AppData\Roaming\Azureus\torrents\Need_for_Speed_Undercover_FULL_working_crack_by_Razor_1911.torrent
C:\Users\KEVINM~1\AppData\Roaming\Azureus\torrents\Need_for_Speed_Undercover_Keygen_and_Crack_RELOADED.torrent
C:\Users\KEVINM~1\AppData\Roaming\Azureus\torrents\Need_For_Speed_Undercover___Key___Crack__No_DVD_.torrent
C:\Users\KEVINM~1\AppData\Roaming\Azureus\torrents\Need_For_Speed_Undercover___Serial_Key_and_Crack.torrent
C:\Users\KEVINM~1\AppData\Roaming\Azureus\torrents\NFS Need For Speed Underground 2 2CD's Inc. Crack & CD Key.torrent
C:\Users\KEVINM~1\AppData\Roaming\Azureus\torrents\NFS.Undercover.Crack.and.Keygen.rar.torrent
C:\Users\KEVINM~1\AppData\Roaming\Azureus\torrents\Power_Iso_4_3___Keygen.torrent
C:\Users\KEVINM~1\AppData\Roaming\Azureus\torrents\Power_ISO_v3_8___keygen_yinyang_release_948891488662_425.torrent
C:\Users\KEVINM~1\AppData\Roaming\Microsoft\Office\R‚cent\ Power ISO v3.8 + keygen yinyang-release!.lnk
C:\Users\KEVINM~1\AppData\Roaming\Microsoft\Office\R‚cent\Counter-Strike 1.6 Full + Crack.lnk
C:\Users\KEVINM~1\AppData\Roaming\Microsoft\Office\R‚cent\Need for Speed Undercover Keygen and Crack-RELOADED.lnk
C:\Users\KEVINM~1\AppData\Roaming\Microsoft\Office\R‚cent\NFS Need For Speed Underground 2 2CD's Inc. Crack & CD Key.lnk
1 - "C:\Rooter$\Rooter_1.txt" - 05/03/2009|19:59
----------------------\\ Scan completed at 19:59
voila le rapport de MalwareByte's:
Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1749
Windows 6.0.6001 Service Pack 1
05/03/2009 20:11:53
mbam-log-2009-03-05 (20-11-33).txt
Type de recherche: Examen rapide
Eléments examinés: 60563
Temps écoulé: 2 minute(s), 36 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 12
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> No action taken.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{169cee27-4969-46d2-ab0f-0c9722446995}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{169cee27-4969-46d2-ab0f-0c9722446995}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{644bfe67-bc46-4979-b811-7674f43c1e1b}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{169cee27-4969-46d2-ab0f-0c9722446995}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{169cee27-4969-46d2-ab0f-0c9722446995}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{644bfe67-bc46-4979-b811-7674f43c1e1b}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{169cee27-4969-46d2-ab0f-0c9722446995}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{169cee27-4969-46d2-ab0f-0c9722446995}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{644bfe67-bc46-4979-b811-7674f43c1e1b}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> No action taken.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Windows\System32\drivers\gaopdxxqecdecr.sys (Trojan.Agent) -> No action taken.
enfin voici le rapport de ZHPDiag que j'ai refait après avoir fait les manip' précédentes:
Rapport de ZHPDiag v1.16.6 par Nicolas Coolman
Enregistré le 05/03/2009 20:21:44
Platform : Windows Vista (TM) Home Premium (6.0.6001) Service Pack 1
MSIE: Internet Explorer v7.0.6001.18000
MFIE: Mozilla Firefox (3.0.6)
---\\ Processus lancés
%ProgramFiles%\Windows Defender\MSASCui.exe
RtHDVCpl.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
C:\Acer\WR_PopUp\WarReg_PopUp.exe
C:\Acer\AcerTour\Reminder.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Windows\ehome\ehTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
%windir%\system32\svchost.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Program Files\SFR\Pack Sécurité\Anti-Virus\fsgk32st.exe
C:\Program Files\SFR\Pack Sécurité\Common\FSMA32.EXE
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\PnkBstrA.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\SearchIndexer.exe
---\\ Modification d'une valeur System.ini (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=explorer.exe
---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2102473
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
---\\ Redirection du fichier Hosts (O1)
O1 - Hosts: ::1 localhost
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\PHPNukeFR\tbPHPN.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office 2007\Office12\GrooveShellExtensions.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll
---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\SFR\Pack Sécurité\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Kevin MONTHERAT\AppData\Local\Google\Update\GoogleUpdate.exe" /c
---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: inetcpl.cpl=no
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll,201
O9 - Extra button: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll,103
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO
---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
---\\ Clé de Registre autorun SharedTaskScheduler (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030}
---\\ Services NT non Microsoft et non désactivés (O23)
O23 - Service: Acer HomeMedia Connect Service (Acer HomeMedia Connect Service) - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: (Ati External Event Utility) - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon
O23 - Service: eDSService.exe (eDataSecurity Service) - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - C:\Program Files\SFR\Pack Sécurité\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Management Agent (FSMA) - C:\Program Files\SFR\Pack Sécurité\Common\FSMA32.EXE
O23 - Service: Google Update Service (gupdate1c98c646521307c) (gupdate1c98c646521307c) - C:\Program Files\Google\Update\GoogleUpdate.exe" /svc
O23 - Service: Google Software Updater (gusvc) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: PnkBstrA (PnkBstrA) - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - C:\Windows\system32\SLsvc.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - C:\Windows\System32\spoolsv.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - C:\Windows\system32\SearchIndexer.exe /Embedding
End of the scan:
donc voila le rapport de l'analyse de rooter:
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz )
BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
USER : Kevin MONTHERAT ( Administrator )
BOOT : Normal boot
Firewall : Pack sécurité 8.00 8.00 (Activated)
C:\ (Local Disk) - NTFS - Total:228 Go (Free:163 Go)
D:\ (Local Disk) - NTFS - Total:227 Go (Free:73 Go)
E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (CD or DVD)
K:\ (CD or DVD)
L:\ (CD or DVD)
05/03/2009|19:59
----------------------\\ Search..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters]
NameServer REG_SZ 85.255.112.39,85.255.112.40
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters]
NameServer REG_SZ 85.255.112.39,85.255.112.40
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
NameServer REG_SZ 85.255.112.39,85.255.112.40
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\..\{169CEE27-4969-46D2-AB0F-0C9722446995}]
NameServer REG_SZ 85.255.112.39,85.255.112.40
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\..\{169CEE27-4969-46D2-AB0F-0C9722446995}]
DhcpNameServer REG_SZ 85.255.112.39,85.255.112.40
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\..\{644BFE67-BC46-4979-B811-7674F43C1E1B}]
NameServer REG_SZ 85.255.112.39,85.255.112.40
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\..\{169CEE27-4969-46D2-AB0F-0C9722446995}]
NameServer REG_SZ 85.255.112.39,85.255.112.40
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\..\{169CEE27-4969-46D2-AB0F-0C9722446995}]
DhcpNameServer REG_SZ 85.255.112.39,85.255.112.40
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\..\{644BFE67-BC46-4979-B811-7674F43C1E1B}]
NameServer REG_SZ 85.255.112.39,85.255.112.40
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\..\{169CEE27-4969-46D2-AB0F-0C9722446995}]
NameServer REG_SZ 85.255.112.39,85.255.112.40
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\..\{169CEE27-4969-46D2-AB0F-0C9722446995}]
DhcpNameServer REG_SZ 85.255.112.39,85.255.112.40
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\..\{644BFE67-BC46-4979-B811-7674F43C1E1B}]
NameServer REG_SZ 85.255.112.39,85.255.112.40
[b]==> WAREOUT <==/b
----------------------\\ Cracks & Keygens..
C:\Users\KEVINM~1\AppData\Roaming\Azureus\torrents\Counter_Strike_1_6_Full___Crack.torrent
C:\Users\KEVINM~1\AppData\Roaming\Azureus\torrents\Need.For.Speed.Undercover.Crack.and.Keygen.Only-RELOADED.torrent
C:\Users\KEVINM~1\AppData\Roaming\Azureus\torrents\Need.For.Speed.Undercover.Crack.and.Keygen.RELOADED.zip.torrent
C:\Users\KEVINM~1\AppData\Roaming\Azureus\torrents\Need.for.Speed.Undercover.Keygen.and Crack-RELOADED.torrent
C:\Users\KEVINM~1\AppData\Roaming\Azureus\torrents\Need_for_Speed_Undercover_FULL_working_crack_by_Razor_1911.torrent
C:\Users\KEVINM~1\AppData\Roaming\Azureus\torrents\Need_for_Speed_Undercover_Keygen_and_Crack_RELOADED.torrent
C:\Users\KEVINM~1\AppData\Roaming\Azureus\torrents\Need_For_Speed_Undercover___Key___Crack__No_DVD_.torrent
C:\Users\KEVINM~1\AppData\Roaming\Azureus\torrents\Need_For_Speed_Undercover___Serial_Key_and_Crack.torrent
C:\Users\KEVINM~1\AppData\Roaming\Azureus\torrents\NFS Need For Speed Underground 2 2CD's Inc. Crack & CD Key.torrent
C:\Users\KEVINM~1\AppData\Roaming\Azureus\torrents\NFS.Undercover.Crack.and.Keygen.rar.torrent
C:\Users\KEVINM~1\AppData\Roaming\Azureus\torrents\Power_Iso_4_3___Keygen.torrent
C:\Users\KEVINM~1\AppData\Roaming\Azureus\torrents\Power_ISO_v3_8___keygen_yinyang_release_948891488662_425.torrent
C:\Users\KEVINM~1\AppData\Roaming\Microsoft\Office\R‚cent\ Power ISO v3.8 + keygen yinyang-release!.lnk
C:\Users\KEVINM~1\AppData\Roaming\Microsoft\Office\R‚cent\Counter-Strike 1.6 Full + Crack.lnk
C:\Users\KEVINM~1\AppData\Roaming\Microsoft\Office\R‚cent\Need for Speed Undercover Keygen and Crack-RELOADED.lnk
C:\Users\KEVINM~1\AppData\Roaming\Microsoft\Office\R‚cent\NFS Need For Speed Underground 2 2CD's Inc. Crack & CD Key.lnk
1 - "C:\Rooter$\Rooter_1.txt" - 05/03/2009|19:59
----------------------\\ Scan completed at 19:59
voila le rapport de MalwareByte's:
Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1749
Windows 6.0.6001 Service Pack 1
05/03/2009 20:11:53
mbam-log-2009-03-05 (20-11-33).txt
Type de recherche: Examen rapide
Eléments examinés: 60563
Temps écoulé: 2 minute(s), 36 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 12
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> No action taken.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{169cee27-4969-46d2-ab0f-0c9722446995}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{169cee27-4969-46d2-ab0f-0c9722446995}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{644bfe67-bc46-4979-b811-7674f43c1e1b}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{169cee27-4969-46d2-ab0f-0c9722446995}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{169cee27-4969-46d2-ab0f-0c9722446995}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{644bfe67-bc46-4979-b811-7674f43c1e1b}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{169cee27-4969-46d2-ab0f-0c9722446995}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{169cee27-4969-46d2-ab0f-0c9722446995}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{644bfe67-bc46-4979-b811-7674f43c1e1b}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> No action taken.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Windows\System32\drivers\gaopdxxqecdecr.sys (Trojan.Agent) -> No action taken.
enfin voici le rapport de ZHPDiag que j'ai refait après avoir fait les manip' précédentes:
Rapport de ZHPDiag v1.16.6 par Nicolas Coolman
Enregistré le 05/03/2009 20:21:44
Platform : Windows Vista (TM) Home Premium (6.0.6001) Service Pack 1
MSIE: Internet Explorer v7.0.6001.18000
MFIE: Mozilla Firefox (3.0.6)
---\\ Processus lancés
%ProgramFiles%\Windows Defender\MSASCui.exe
RtHDVCpl.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
C:\Acer\WR_PopUp\WarReg_PopUp.exe
C:\Acer\AcerTour\Reminder.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Windows\ehome\ehTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
%windir%\system32\svchost.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Program Files\SFR\Pack Sécurité\Anti-Virus\fsgk32st.exe
C:\Program Files\SFR\Pack Sécurité\Common\FSMA32.EXE
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\PnkBstrA.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\SearchIndexer.exe
---\\ Modification d'une valeur System.ini (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=explorer.exe
---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2102473
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
---\\ Redirection du fichier Hosts (O1)
O1 - Hosts: ::1 localhost
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\PHPNukeFR\tbPHPN.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office 2007\Office12\GrooveShellExtensions.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll
---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\SFR\Pack Sécurité\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Kevin MONTHERAT\AppData\Local\Google\Update\GoogleUpdate.exe" /c
---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: inetcpl.cpl=no
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll,201
O9 - Extra button: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll,103
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO
---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
---\\ Clé de Registre autorun SharedTaskScheduler (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030}
---\\ Services NT non Microsoft et non désactivés (O23)
O23 - Service: Acer HomeMedia Connect Service (Acer HomeMedia Connect Service) - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: (Ati External Event Utility) - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon
O23 - Service: eDSService.exe (eDataSecurity Service) - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - C:\Program Files\SFR\Pack Sécurité\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Management Agent (FSMA) - C:\Program Files\SFR\Pack Sécurité\Common\FSMA32.EXE
O23 - Service: Google Update Service (gupdate1c98c646521307c) (gupdate1c98c646521307c) - C:\Program Files\Google\Update\GoogleUpdate.exe" /svc
O23 - Service: Google Software Updater (gusvc) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: PnkBstrA (PnkBstrA) - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - C:\Windows\system32\SLsvc.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - C:\Windows\System32\spoolsv.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - C:\Windows\system32\SearchIndexer.exe /Embedding
End of the scan:
re,
je te conseille fortement de supprimer tes cracks , c'est la 1er cause d'infections !
Puis fais ce qui suit dans l'ordre :
1- Supprime tout ce qui se trouve dans la quarantaine de Malwarebytes.
===========================
2- Télécharge CCleaner :
http://www.commentcamarche.net/telecharger/telecharger 168 ccleaner
ou https://www.pcastuces.com/logitheque/ccleaner.htm
Ce logiciel va permettre de supprimer tous les fichiers temporaires et de corriger ton registre .
Lors de l'installation:
-choisis bien "français" en langue .
-avant de cliquer sur le bouton "installer", décoche toutes les "options supplémentaires" sauf les 2 premières.
Un tuto ( aide ):
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm
---> Utilisation:
*Décocher dans le menu Options - sous-menu Avancé :
Effacer uniquement les fichiers, du dossier temp de Windows, plus vieux que 48 heures .
! déconnecte toi et ferme toutes applications en cours !
* va dans "nettoyeur" : fais -analyse- puis -nettoyage-
* va dans "registre" : fais -chercher les erreurs- et -réparer toutes les erreurs-
( plusieurs fois jusqu'à ce qu'il n'y est plus d'erreur ) .
( CCleaner : soft à garder sur son PC , super utile pour de bons nettoyages ... )
=============================
3- Télécharge et installe le logiciel HijackThis :
ici http://static.commentcamarche.net/www.commentcamarche.net/download/fichiers/HJTInstall.exe
ou ici http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
ou ici https://www.clubic.com/telecharger-fiche17891-hijackthis.html
-->Clique sur le setup pour lancer l'installe : laisse toi guider et ne modifie pas les paramètres d'installation .
A la fin de l'installe , le prg se lance automatiquement : ferme le en cliquant sur la croix rouge .
Au final, tu dois avoir un raccourci sur ton bureau et aussi un cheminement comme :
"C:\ program files\Trend Micro\HijackThis\HijackThis.exe " .
( ne lance pas ce prg pour l'instant et fais la suite ... )
4- Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.
-> http://images.malwareremoval.com/random/RSIT.exe
! Déconnecte toi et ferme toutes tes applications en cours !
Double-clique sur " RSIT.exe " pour le lancer .
-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .
* Devant l'option "List files/folders created ..." , tu choisis : 2 months
* clique ensuite sur " Continue " pour lancer l'analyse ...
-> laisse faire le scan et ne touche pas au PC ...
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).
Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...
Important : poste un rapport, puis l'autre dans la réponse suivante ...
Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum ...
Et si "log.txt" seul, ne passe pas non plus , fais le en 2 fois ... merci ...
( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )
je te conseille fortement de supprimer tes cracks , c'est la 1er cause d'infections !
Puis fais ce qui suit dans l'ordre :
1- Supprime tout ce qui se trouve dans la quarantaine de Malwarebytes.
===========================
2- Télécharge CCleaner :
http://www.commentcamarche.net/telecharger/telecharger 168 ccleaner
ou https://www.pcastuces.com/logitheque/ccleaner.htm
Ce logiciel va permettre de supprimer tous les fichiers temporaires et de corriger ton registre .
Lors de l'installation:
-choisis bien "français" en langue .
-avant de cliquer sur le bouton "installer", décoche toutes les "options supplémentaires" sauf les 2 premières.
Un tuto ( aide ):
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm
---> Utilisation:
*Décocher dans le menu Options - sous-menu Avancé :
Effacer uniquement les fichiers, du dossier temp de Windows, plus vieux que 48 heures .
! déconnecte toi et ferme toutes applications en cours !
* va dans "nettoyeur" : fais -analyse- puis -nettoyage-
* va dans "registre" : fais -chercher les erreurs- et -réparer toutes les erreurs-
( plusieurs fois jusqu'à ce qu'il n'y est plus d'erreur ) .
( CCleaner : soft à garder sur son PC , super utile pour de bons nettoyages ... )
=============================
3- Télécharge et installe le logiciel HijackThis :
ici http://static.commentcamarche.net/www.commentcamarche.net/download/fichiers/HJTInstall.exe
ou ici http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
ou ici https://www.clubic.com/telecharger-fiche17891-hijackthis.html
-->Clique sur le setup pour lancer l'installe : laisse toi guider et ne modifie pas les paramètres d'installation .
A la fin de l'installe , le prg se lance automatiquement : ferme le en cliquant sur la croix rouge .
Au final, tu dois avoir un raccourci sur ton bureau et aussi un cheminement comme :
"C:\ program files\Trend Micro\HijackThis\HijackThis.exe " .
( ne lance pas ce prg pour l'instant et fais la suite ... )
4- Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.
-> http://images.malwareremoval.com/random/RSIT.exe
! Déconnecte toi et ferme toutes tes applications en cours !
Double-clique sur " RSIT.exe " pour le lancer .
-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .
* Devant l'option "List files/folders created ..." , tu choisis : 2 months
* clique ensuite sur " Continue " pour lancer l'analyse ...
-> laisse faire le scan et ne touche pas au PC ...
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).
Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...
Important : poste un rapport, puis l'autre dans la réponse suivante ...
Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum ...
Et si "log.txt" seul, ne passe pas non plus , fais le en 2 fois ... merci ...
( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )
donc j'ai fait toute les manipulation que tu m'a demander de faire avec ccleaner , HijackThis et RSIT. je t'envois donc le rapport log.txt comme demander:
Logfile of random's system information tool 1.05 (written by random/random)
Run by Kevin MONTHERAT at 2009-03-05 21:23:53
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 167 GB (72%) free of 234 GB
Total RAM: 2047 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:23:55, on 05/03/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\SFR\Pack Sécurité\FSGUI\fsguidll.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Kevin MONTHERAT\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
C:\Program Files\RALINK\Common\RaUI.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\system32\conime.exe
C:\Program Files\SFR\Pack Sécurité\FSGUI\scanwizard.exe
C:\Windows\system32\NOTEPAD.EXE
D:\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Kevin MONTHERAT.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2102473
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {1c491116-c175-45e1-a570-6fb14fea8b7b} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1c491116-c175-45e1-a570-6fb14fea8b7b} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office 2007\Office12\GrooveShellExtensions.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: (no name) - {1c491116-c175-45e1-a570-6fb14fea8b7b} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\SFR\Pack Sécurité\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Kevin MONTHERAT\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office 2007\Office12\GrooveSystemServices.dll
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\ORSP Client\fsorsp.exe
O23 - Service: Google Update Service (gupdate1c98c646521307c) (gupdate1c98c646521307c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
Logfile of random's system information tool 1.05 (written by random/random)
Run by Kevin MONTHERAT at 2009-03-05 21:23:53
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 167 GB (72%) free of 234 GB
Total RAM: 2047 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:23:55, on 05/03/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\SFR\Pack Sécurité\FSGUI\fsguidll.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Kevin MONTHERAT\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
C:\Program Files\RALINK\Common\RaUI.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\system32\conime.exe
C:\Program Files\SFR\Pack Sécurité\FSGUI\scanwizard.exe
C:\Windows\system32\NOTEPAD.EXE
D:\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Kevin MONTHERAT.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2102473
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {1c491116-c175-45e1-a570-6fb14fea8b7b} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1c491116-c175-45e1-a570-6fb14fea8b7b} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office 2007\Office12\GrooveShellExtensions.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: (no name) - {1c491116-c175-45e1-a570-6fb14fea8b7b} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\SFR\Pack Sécurité\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Kevin MONTHERAT\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office 2007\Office12\GrooveSystemServices.dll
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\ORSP Client\fsorsp.exe
O23 - Service: Google Update Service (gupdate1c98c646521307c) (gupdate1c98c646521307c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
je t'envoi l'info aussi:
info.txt logfile of random's system information tool 1.05 2009-03-05 21:14:55
======Uninstall list======
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware Scanner"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus Client Security Installer"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Automatic Update Agent"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure DAAS"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure DAAS2"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Diagnostics"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure E-mail Scanning"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure FWES"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure GateKeeper Interface"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Gemini"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure GUI"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Help"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure HIPS"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Internet Shield"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure ISP News"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Localization API"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Management Agent"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure ORSP Client"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Pegasus Engine"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Protocol Scanner"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Spam Control"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Spam Scanner"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure TNB"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Uninstall"
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
Acer Arcade Live Main Page-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}\SETUP.EXE" -uninstall
Acer DV Magician-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F6EFFB76-4A07-11DA-9D78-000129760D75}\SETUP.EXE" -uninstall
Acer DVDivine-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B145EC69-66F5-11D8-9D75-000129760D75}\SETUP.EXE" -uninstall
Acer eDataSecurity Management-->C:\Acer\Empowering Technology\eDataSecurity\eDSnstHelper.exe -Operation UNINSTALL
Acer Empowering Technology-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0x40c -removeonly
Acer ePerformance Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D462BF9E-0C35-4705-BF9B-3DF9F3816643}\setup.exe" -l0x40c -removeonly
Acer HomeMedia Connect-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{132888AE-EF67-41C5-BCA2-7D5D2488AB63}\SETUP.EXE" -uninstall
Acer HomeMedia-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA4BF92B-2AAF-11DA-9D78-000129760D75}\SETUP.EXE" -uninstall
Acer ScreenSaver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly
Acer SlideShow DVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{41581EF5-45A7-11DA-9D78-000129760D75}\SETUP.EXE" -uninstall
Acer Tour-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94389919-B0AA-4882-9BE8-9F0B004ECA35}\setup.exe" -l0x40c -removeonly
Acer VideoMagician-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F79A208D-D929-11D9-9D77-000129760D75}\SETUP.EXE" -uninstall
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70000000000}
Age of Empires III-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{485775E8-AEB8-46BD-922B-242879E03DD5}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{D6E592B3-67DA-4BBB-9783-E1838FB253A2}
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x040c
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
EA Download Manager-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{EF7E931D-DC84-471B-8DB6-A83358095474} /l1036
EAX Unified-->C:\Windows\IsUninst.exe -f"C:\Program Files\Creative\EAX Unified\Uninst.isu"
Fraps-->"C:\Fraps\uninstall.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{43563ACB-371B-4C58-8979-B192B390424C}
GameSpy Arcade-->C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Earth-->MsiExec.exe /X{548EAC70-EE00-11DD-908C-005056806466}
GTI Racing-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{EF0D610C-92BE-4D8F-BD33-9F658F8754F1} /Z"UNINSTALL"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{3CCB732A-E472-4CF9-B1EE-F18365341FE0}
Java(TM) 6 Update 12-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF}
Junk Mail filter update-->MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}
LimeWire PRO 4.12.3-->"C:\Program Files\LimeWire\uninstall.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0120-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Ultimate 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ULTIMATER /dll OSETUP.DLL
Microsoft Office Ultimate 2007-->MsiExec.exe /X{91120000-002E-0000-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFDEBA76AD9C}
Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Navilog1 3.7.5-->"C:\Program Files\Navilog1\unins000.exe"
Need for Speed Underground 2-->D:\jeux\nfs underground 2\EAUninstall.exe
Need for Speed™ Undercover-->MsiExec.exe /X{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}
Nokia Multimedia Converter Pro v2.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\Nokia\MMConverterPro2\Setup\{08A4C07B-204D-11D6-AF25-00B0D0797201}\Setup.exe"
NTI Backup NOW! 4.7-->"C:\Program Files\InstallShield Installation Information\{67ADE9AF-5CD9-4089-8825-55DE4B366799}\setup.exe" -removeonly
NTI CD & DVD-Maker-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1036 CDM7
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Pack sécurité-->"C:\Program Files\SFR\Pack Sécurité\FSGUI\PostInstall.exe" /tUnInstall
PC Optimiseur-->"D:\logiciels installer\PC Optimiseur\unins000.exe"
PHPNukeFR Toolbar-->C:\PROGRA~1\PHPNUK~1\UNWISE.EXE /U C:\PROGRA~1\PHPNUK~1\INSTALL.LOG
PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
Ralink Wireless LAN-->C:\Program Files\InstallShield Installation Information\{E91E8912-769D-42F0-8408-0E329443BABC}\setup.exe -runfromtemp -l0x0009 -removeonly
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
S.T.A.L.K.E.R. - Shadow of Chernobyl-->"D:\jeux\S.T.A.L.K.E.R. - Shadow of Chernobyl\unins000.exe"
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
SEGA Rally-->"C:\Program Files\InstallShield Installation Information\{4A05FF52-4AA8-4681-BC06-5EE7F812A441}\setup.exe" -runfromtemp -l0x040c -removeonly
SEGA Rally-->MsiExec.exe /I{4A05FF52-4AA8-4681-BC06-5EE7F812A441}
SFR - Kit de connexion-->C:\Program Files\SFR\Kit\uninstall.exe
Speed-Link SL-6535 USB Pad-->C:\Program Files\InstallShield Installation Information\{1A9C3B2E-360E-4353-8E17-312342E24194}\setup.exe -runfromtemp -l0x0009 -removeonly
Test Drive Unlimited-->MsiExec.exe /X{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}
Update for Microsoft Office 2007 Help for Common Features (KB957244)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {C8C72583-C907-4D20-8973-C3858D96BD9E}
Update for Microsoft Office Access 2007 Help (KB957241)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {D670F9B9-3E84-47B5-8A4A-618B65DB1593}
Update for Microsoft Office Excel 2007 Help (KB957242)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {51864046-74C8-487B-97CD-6167A4B1DB56}
Update for Microsoft Office InfoPath 2007 Help (KB957243)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {766DF26B-5F03-48ED-9307-5326F2790ED0}
Update for Microsoft Office OneNote 2007 Help (KB957245)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {7332DE60-DC79-4578-A60A-A5EA0D6E032B}
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Microsoft Office Outlook 2007 Help (KB957246)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {6F0E4983-E419-4591-B7DD-EFB0073D3E47}
Update for Microsoft Office PowerPoint 2007 Help (KB957247)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {B20E2C59-EEC5-4102-9E50-5DBB2093C37D}
Update for Microsoft Office Publisher 2007 Help (KB957249)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4E140A5A-4A90-404A-B955-10C2D98CD3EE}
Update for Microsoft Office Word 2007 Help (KB957252)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {54DF3345-0720-4224-9740-C7E00303F565}
Update for Microsoft Script Editor Help (KB957253)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {F21BF703-548C-47B2-B92A-6876E9566C42}
Update for Office 2007 (KB946691)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb959634)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {50C77E2F-5C1C-467D-9BC8-3CA07D28C9F2}
Virtual DJ - Atomix Productions-->C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Vuze-->C:\Program Files\Vuze\uninstall.exe
Windows Live Call-->MsiExec.exe /I{01523985-2098-43AF-9C97-12B07BE02A9B}
Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live Movie Maker Bêta-->MsiExec.exe /X{5ED7F74A-B4AB-4209-B99C-B88012C712F2}
Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}
Zattoo 3.3.1 Beta-->C:\Program Files\Zattoo\uninst.exe
======Security center information======
FW: Pack sécurité 8.00
AS: Windows Defender
System event log
Computer Name: PC-de-Kevin
Event Code: 7036
Message: Le service Service de découverte automatique de Proxy Web pour les services HTTP Windows est entré dans l'état : en cours d'exécution.
Record Number: 57940
Source Name: Service Control Manager
Time Written: 20090305200510.000000-000
Event Type: Information
User:
Computer Name: PC-de-Kevin
Event Code: 8033
Message: L'explorateur a forcé une élection sur le réseau \Device\NetBT_Tcpip_{618CE608-449A-4787-B16D-6CD81C1D674E} car un maître explorateur a été arrêté.
Record Number: 57941
Source Name: BROWSER
Time Written: 20090305200718.000000-000
Event Type: Information
User:
Computer Name: PC-de-Kevin
Event Code: 1103
Message: Votre ordinateur a obtenu une adresse auprès du réseau, et vous pouvez maintenant vous connecter à d'autres ordinateurs.
Record Number: 57942
Source Name: Microsoft-Windows-Dhcp-Client
Time Written: 20090305201146.000000-000
Event Type: Information
User:
Computer Name: PC-de-Kevin
Event Code: 4201
Message: Le système a détecté que la carte réseau Connexion réseau sans fil 2 était connectée au réseau, et a lancé une opération normale.
Record Number: 57943
Source Name: Tcpip
Time Written: 20090305201146.889963-000
Event Type: Information
User:
Computer Name: PC-de-Kevin
Event Code: 4201
Message: Le système a détecté que la carte réseau Connexion réseau sans fil 2 était connectée au réseau, et a lancé une opération normale.
Record Number: 57944
Source Name: Tcpip
Time Written: 20090305201146.889963-000
Event Type: Information
User:
Application event log
Computer Name: PC-de-Kevin
Event Code: 1000
Message: Application défaillante wmplayer.exe, version 11.0.6001.7000, horodatage 0x47919356, module défaillant wmp.dll, version 11.0.6001.7000, horodatage 0x4791a80d, code d’exception 0xc0000005, décalage d’erreur 0x00141d04, ID du processus 0x1224, heure de début de l’application 0x01c99dc7be8731a5.
Record Number: 26865
Source Name: Application Error
Time Written: 20090305192238.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-Kevin
Event Code: 9010
Message: Une demande de désactivation du Gestionnaire de fenêtrage a été effectuée par le processus (Need for Speed Undercover)
Record Number: 26866
Source Name: Desktop Window Manager
Time Written: 20090305193943.000000-000
Event Type: Information
User:
Computer Name: PC-de-Kevin
Event Code: 9013
Message: Le Gestionnaire de fenêtrage n’a pas pu démarrer, car la composition du Bureau a été désactivée par une application en cours d’exécution
Record Number: 26867
Source Name: Desktop Window Manager
Time Written: 20090305193943.000000-000
Event Type: Information
User:
Computer Name: PC-de-Kevin
Event Code: 1000
Message: Application défaillante wmplayer.exe, version 11.0.6001.7000, horodatage 0x47919356, module défaillant FRAPS.DLL_unloaded, version 0.0.0.0, horodatage 0x495f1ca7, code d’exception 0xc0000005, décalage d’erreur 0x6356b8af, ID du processus 0x12c4, heure de début de l’application 0x01c99dcafb1eda75.
Record Number: 26868
Source Name: Application Error
Time Written: 20090305194548.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-Kevin
Event Code: 5
Message: Unsupported service control request (see data below)
Record Number: 26869
Source Name: LightScribeService
Time Written: 20090305201454.000000-000
Event Type: Information
User:
Security event log
Computer Name: PC-de-Kevin
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume2\Program Files\SFR\Pack Sécurité\Common\fswscs.exe
Record Number: 130154
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090303081731.472742-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-Kevin
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume2\Program Files\SFR\Pack Sécurité\Common\fswscs.exe
Record Number: 130155
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090303081731.503942-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-Kevin
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume2\Program Files\SFR\Pack Sécurité\Common\fswscs.exe
Record Number: 130156
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090303081731.535142-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-Kevin
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume2\Program Files\SFR\Pack Sécurité\Common\fswscs.exe
Record Number: 130157
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090303081731.581942-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-Kevin
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume2\Program Files\SFR\Pack Sécurité\Common\fswscs.exe
Record Number: 130158
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090303081731.628742-000
Event Type: Échec de l'audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel
"PROCESSOR_REVISION"=0f0b
"NUMBER_OF_PROCESSORS"=4
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.05 2009-03-05 21:14:55
======Uninstall list======
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware Scanner"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus Client Security Installer"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Automatic Update Agent"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure DAAS"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure DAAS2"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Diagnostics"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure E-mail Scanning"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure FWES"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure GateKeeper Interface"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Gemini"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure GUI"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Help"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure HIPS"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Internet Shield"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure ISP News"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Localization API"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Management Agent"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure ORSP Client"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Pegasus Engine"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Protocol Scanner"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Spam Control"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Spam Scanner"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure TNB"
-->"C:\Program Files\SFR\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Uninstall"
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
Acer Arcade Live Main Page-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}\SETUP.EXE" -uninstall
Acer DV Magician-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F6EFFB76-4A07-11DA-9D78-000129760D75}\SETUP.EXE" -uninstall
Acer DVDivine-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B145EC69-66F5-11D8-9D75-000129760D75}\SETUP.EXE" -uninstall
Acer eDataSecurity Management-->C:\Acer\Empowering Technology\eDataSecurity\eDSnstHelper.exe -Operation UNINSTALL
Acer Empowering Technology-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0x40c -removeonly
Acer ePerformance Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D462BF9E-0C35-4705-BF9B-3DF9F3816643}\setup.exe" -l0x40c -removeonly
Acer HomeMedia Connect-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{132888AE-EF67-41C5-BCA2-7D5D2488AB63}\SETUP.EXE" -uninstall
Acer HomeMedia-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA4BF92B-2AAF-11DA-9D78-000129760D75}\SETUP.EXE" -uninstall
Acer ScreenSaver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly
Acer SlideShow DVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{41581EF5-45A7-11DA-9D78-000129760D75}\SETUP.EXE" -uninstall
Acer Tour-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94389919-B0AA-4882-9BE8-9F0B004ECA35}\setup.exe" -l0x40c -removeonly
Acer VideoMagician-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F79A208D-D929-11D9-9D77-000129760D75}\SETUP.EXE" -uninstall
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70000000000}
Age of Empires III-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{485775E8-AEB8-46BD-922B-242879E03DD5}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{D6E592B3-67DA-4BBB-9783-E1838FB253A2}
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x040c
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
EA Download Manager-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{EF7E931D-DC84-471B-8DB6-A83358095474} /l1036
EAX Unified-->C:\Windows\IsUninst.exe -f"C:\Program Files\Creative\EAX Unified\Uninst.isu"
Fraps-->"C:\Fraps\uninstall.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{43563ACB-371B-4C58-8979-B192B390424C}
GameSpy Arcade-->C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Earth-->MsiExec.exe /X{548EAC70-EE00-11DD-908C-005056806466}
GTI Racing-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{EF0D610C-92BE-4D8F-BD33-9F658F8754F1} /Z"UNINSTALL"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{3CCB732A-E472-4CF9-B1EE-F18365341FE0}
Java(TM) 6 Update 12-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF}
Junk Mail filter update-->MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}
LimeWire PRO 4.12.3-->"C:\Program Files\LimeWire\uninstall.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0120-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Ultimate 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ULTIMATER /dll OSETUP.DLL
Microsoft Office Ultimate 2007-->MsiExec.exe /X{91120000-002E-0000-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFDEBA76AD9C}
Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Navilog1 3.7.5-->"C:\Program Files\Navilog1\unins000.exe"
Need for Speed Underground 2-->D:\jeux\nfs underground 2\EAUninstall.exe
Need for Speed™ Undercover-->MsiExec.exe /X{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}
Nokia Multimedia Converter Pro v2.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\Nokia\MMConverterPro2\Setup\{08A4C07B-204D-11D6-AF25-00B0D0797201}\Setup.exe"
NTI Backup NOW! 4.7-->"C:\Program Files\InstallShield Installation Information\{67ADE9AF-5CD9-4089-8825-55DE4B366799}\setup.exe" -removeonly
NTI CD & DVD-Maker-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1036 CDM7
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Pack sécurité-->"C:\Program Files\SFR\Pack Sécurité\FSGUI\PostInstall.exe" /tUnInstall
PC Optimiseur-->"D:\logiciels installer\PC Optimiseur\unins000.exe"
PHPNukeFR Toolbar-->C:\PROGRA~1\PHPNUK~1\UNWISE.EXE /U C:\PROGRA~1\PHPNUK~1\INSTALL.LOG
PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
Ralink Wireless LAN-->C:\Program Files\InstallShield Installation Information\{E91E8912-769D-42F0-8408-0E329443BABC}\setup.exe -runfromtemp -l0x0009 -removeonly
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
S.T.A.L.K.E.R. - Shadow of Chernobyl-->"D:\jeux\S.T.A.L.K.E.R. - Shadow of Chernobyl\unins000.exe"
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
SEGA Rally-->"C:\Program Files\InstallShield Installation Information\{4A05FF52-4AA8-4681-BC06-5EE7F812A441}\setup.exe" -runfromtemp -l0x040c -removeonly
SEGA Rally-->MsiExec.exe /I{4A05FF52-4AA8-4681-BC06-5EE7F812A441}
SFR - Kit de connexion-->C:\Program Files\SFR\Kit\uninstall.exe
Speed-Link SL-6535 USB Pad-->C:\Program Files\InstallShield Installation Information\{1A9C3B2E-360E-4353-8E17-312342E24194}\setup.exe -runfromtemp -l0x0009 -removeonly
Test Drive Unlimited-->MsiExec.exe /X{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}
Update for Microsoft Office 2007 Help for Common Features (KB957244)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {C8C72583-C907-4D20-8973-C3858D96BD9E}
Update for Microsoft Office Access 2007 Help (KB957241)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {D670F9B9-3E84-47B5-8A4A-618B65DB1593}
Update for Microsoft Office Excel 2007 Help (KB957242)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {51864046-74C8-487B-97CD-6167A4B1DB56}
Update for Microsoft Office InfoPath 2007 Help (KB957243)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {766DF26B-5F03-48ED-9307-5326F2790ED0}
Update for Microsoft Office OneNote 2007 Help (KB957245)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {7332DE60-DC79-4578-A60A-A5EA0D6E032B}
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Microsoft Office Outlook 2007 Help (KB957246)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {6F0E4983-E419-4591-B7DD-EFB0073D3E47}
Update for Microsoft Office PowerPoint 2007 Help (KB957247)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {B20E2C59-EEC5-4102-9E50-5DBB2093C37D}
Update for Microsoft Office Publisher 2007 Help (KB957249)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4E140A5A-4A90-404A-B955-10C2D98CD3EE}
Update for Microsoft Office Word 2007 Help (KB957252)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {54DF3345-0720-4224-9740-C7E00303F565}
Update for Microsoft Script Editor Help (KB957253)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {F21BF703-548C-47B2-B92A-6876E9566C42}
Update for Office 2007 (KB946691)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb959634)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {50C77E2F-5C1C-467D-9BC8-3CA07D28C9F2}
Virtual DJ - Atomix Productions-->C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Vuze-->C:\Program Files\Vuze\uninstall.exe
Windows Live Call-->MsiExec.exe /I{01523985-2098-43AF-9C97-12B07BE02A9B}
Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live Movie Maker Bêta-->MsiExec.exe /X{5ED7F74A-B4AB-4209-B99C-B88012C712F2}
Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}
Zattoo 3.3.1 Beta-->C:\Program Files\Zattoo\uninst.exe
======Security center information======
FW: Pack sécurité 8.00
AS: Windows Defender
System event log
Computer Name: PC-de-Kevin
Event Code: 7036
Message: Le service Service de découverte automatique de Proxy Web pour les services HTTP Windows est entré dans l'état : en cours d'exécution.
Record Number: 57940
Source Name: Service Control Manager
Time Written: 20090305200510.000000-000
Event Type: Information
User:
Computer Name: PC-de-Kevin
Event Code: 8033
Message: L'explorateur a forcé une élection sur le réseau \Device\NetBT_Tcpip_{618CE608-449A-4787-B16D-6CD81C1D674E} car un maître explorateur a été arrêté.
Record Number: 57941
Source Name: BROWSER
Time Written: 20090305200718.000000-000
Event Type: Information
User:
Computer Name: PC-de-Kevin
Event Code: 1103
Message: Votre ordinateur a obtenu une adresse auprès du réseau, et vous pouvez maintenant vous connecter à d'autres ordinateurs.
Record Number: 57942
Source Name: Microsoft-Windows-Dhcp-Client
Time Written: 20090305201146.000000-000
Event Type: Information
User:
Computer Name: PC-de-Kevin
Event Code: 4201
Message: Le système a détecté que la carte réseau Connexion réseau sans fil 2 était connectée au réseau, et a lancé une opération normale.
Record Number: 57943
Source Name: Tcpip
Time Written: 20090305201146.889963-000
Event Type: Information
User:
Computer Name: PC-de-Kevin
Event Code: 4201
Message: Le système a détecté que la carte réseau Connexion réseau sans fil 2 était connectée au réseau, et a lancé une opération normale.
Record Number: 57944
Source Name: Tcpip
Time Written: 20090305201146.889963-000
Event Type: Information
User:
Application event log
Computer Name: PC-de-Kevin
Event Code: 1000
Message: Application défaillante wmplayer.exe, version 11.0.6001.7000, horodatage 0x47919356, module défaillant wmp.dll, version 11.0.6001.7000, horodatage 0x4791a80d, code d’exception 0xc0000005, décalage d’erreur 0x00141d04, ID du processus 0x1224, heure de début de l’application 0x01c99dc7be8731a5.
Record Number: 26865
Source Name: Application Error
Time Written: 20090305192238.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-Kevin
Event Code: 9010
Message: Une demande de désactivation du Gestionnaire de fenêtrage a été effectuée par le processus (Need for Speed Undercover)
Record Number: 26866
Source Name: Desktop Window Manager
Time Written: 20090305193943.000000-000
Event Type: Information
User:
Computer Name: PC-de-Kevin
Event Code: 9013
Message: Le Gestionnaire de fenêtrage n’a pas pu démarrer, car la composition du Bureau a été désactivée par une application en cours d’exécution
Record Number: 26867
Source Name: Desktop Window Manager
Time Written: 20090305193943.000000-000
Event Type: Information
User:
Computer Name: PC-de-Kevin
Event Code: 1000
Message: Application défaillante wmplayer.exe, version 11.0.6001.7000, horodatage 0x47919356, module défaillant FRAPS.DLL_unloaded, version 0.0.0.0, horodatage 0x495f1ca7, code d’exception 0xc0000005, décalage d’erreur 0x6356b8af, ID du processus 0x12c4, heure de début de l’application 0x01c99dcafb1eda75.
Record Number: 26868
Source Name: Application Error
Time Written: 20090305194548.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-Kevin
Event Code: 5
Message: Unsupported service control request (see data below)
Record Number: 26869
Source Name: LightScribeService
Time Written: 20090305201454.000000-000
Event Type: Information
User:
Security event log
Computer Name: PC-de-Kevin
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume2\Program Files\SFR\Pack Sécurité\Common\fswscs.exe
Record Number: 130154
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090303081731.472742-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-Kevin
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume2\Program Files\SFR\Pack Sécurité\Common\fswscs.exe
Record Number: 130155
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090303081731.503942-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-Kevin
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume2\Program Files\SFR\Pack Sécurité\Common\fswscs.exe
Record Number: 130156
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090303081731.535142-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-Kevin
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume2\Program Files\SFR\Pack Sécurité\Common\fswscs.exe
Record Number: 130157
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090303081731.581942-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-Kevin
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume2\Program Files\SFR\Pack Sécurité\Common\fswscs.exe
Record Number: 130158
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090303081731.628742-000
Event Type: Échec de l'audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel
"PROCESSOR_REVISION"=0f0b
"NUMBER_OF_PROCESSORS"=4
-----------------EOF-----------------
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
bon ... encore une belle infection par support amovible en plus ! ... ^^
la suite :
Télécharge ComboFix (par sUBs) sur ton Bureau (et pas ailleurs !):
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
* Impératif :
Branche toutes tes unités externes à ton PC (clé USB, DD externe, flash disk, lecteur MP3, etc...) succeptibles d'avoir été infectés ( mais sans les ouvrir ! ) . Bien vérifier que rien ne soit " bloqué en écriture " ( petit loquet sur certaines clé usb ... ) et que les DD externes soient bien sûr alimentés électriquement ...
--------------------------------- [ ! ATTENTION ! ] ------------------------------------------
!! Déconnecte toi,ferme tes applications en cours ( ainsi que ton navigateur ) et DESACTIVE TOUTES TES DEFENSES (anti-virus, guarde anti spy-ware, pare-feu) le temps de la manipe :
en effet , activés, ils pourraient gêner fortement la procédure de recherche et de nettoyage de l'outil ( voir planter le PC )...Tu les réactiveras donc après !!
--->Important : si tu rencontres des difficultés à ce niveau là, fais m'en part avant de poursuivre ...
Tuto ( aide ) ici : https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
Note : pour XP, bien installer la Console de Récupération de Windows comme il est indiqué dans le tuto ci-dessus ...
--------------------------------------------------------------------------------------------
* Ensuite :
double-clique sur l'icône "combofix.exe" pour lancer l'outil .
Appuie sur la touche Y (Yes) pour démarrer le scan .
Notes importantes :
-> n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi .
-> Il se peut que le PC redémarre de lui même ( pour finaliser le nettoyage ) , laisse le faire .
-> Si l'outil t'anonce ceci : "combofix a détecté la présence de rootkit et a besoin de faire redémarer votre machine", tu acceptes ...
-> si un message d'erreur windows apparait à un momment : clique sur la croix rouge en haut à droite de la fenêtre pour la fermer ( et pas sur autre chose ! sinon pas de rapport ... )
Le rapport sera crée ici : C:\Combofix.txt
Réactive bien tes défenses .
Poste le rapport Combofix pour analyse ...
la suite :
Télécharge ComboFix (par sUBs) sur ton Bureau (et pas ailleurs !):
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
* Impératif :
Branche toutes tes unités externes à ton PC (clé USB, DD externe, flash disk, lecteur MP3, etc...) succeptibles d'avoir été infectés ( mais sans les ouvrir ! ) . Bien vérifier que rien ne soit " bloqué en écriture " ( petit loquet sur certaines clé usb ... ) et que les DD externes soient bien sûr alimentés électriquement ...
--------------------------------- [ ! ATTENTION ! ] ------------------------------------------
!! Déconnecte toi,ferme tes applications en cours ( ainsi que ton navigateur ) et DESACTIVE TOUTES TES DEFENSES (anti-virus, guarde anti spy-ware, pare-feu) le temps de la manipe :
en effet , activés, ils pourraient gêner fortement la procédure de recherche et de nettoyage de l'outil ( voir planter le PC )...Tu les réactiveras donc après !!
--->Important : si tu rencontres des difficultés à ce niveau là, fais m'en part avant de poursuivre ...
Tuto ( aide ) ici : https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
Note : pour XP, bien installer la Console de Récupération de Windows comme il est indiqué dans le tuto ci-dessus ...
--------------------------------------------------------------------------------------------
* Ensuite :
double-clique sur l'icône "combofix.exe" pour lancer l'outil .
Appuie sur la touche Y (Yes) pour démarrer le scan .
Notes importantes :
-> n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi .
-> Il se peut que le PC redémarre de lui même ( pour finaliser le nettoyage ) , laisse le faire .
-> Si l'outil t'anonce ceci : "combofix a détecté la présence de rootkit et a besoin de faire redémarer votre machine", tu acceptes ...
-> si un message d'erreur windows apparait à un momment : clique sur la croix rouge en haut à droite de la fenêtre pour la fermer ( et pas sur autre chose ! sinon pas de rapport ... )
Le rapport sera crée ici : C:\Combofix.txt
Réactive bien tes défenses .
Poste le rapport Combofix pour analyse ...
je vais faire se que tu m'as dit le seul problème c'est que je n'arrive pas pa a désactivé mon anti virus! c'est le pack sécurité de sfr.
Tu cliques droit ( ou gauche ) sur l'icone de F-sécure présent dans la barre des taches ( en bas à droite de l'écran ) ,
tu dois trouver dans les option qui se présente , la possiblité de désactivé la guarde en temps réel de l'antivirus ...
sinon , tu ouvres ton antivirus , et au niveau de l'acceuil , tu dois pouvoir " modifier " la protection ....
tuto F-Secure > http://www.malekal.com/tutorial_FIS2007.php
tu dois trouver dans les option qui se présente , la possiblité de désactivé la guarde en temps réel de l'antivirus ...
sinon , tu ouvres ton antivirus , et au niveau de l'acceuil , tu dois pouvoir " modifier " la protection ....
tuto F-Secure > http://www.malekal.com/tutorial_FIS2007.php
merci pour tes explication.
voila l'analyse de combo fix:
ComboFix 09-03-04.01 - Kevin MONTHERAT 2009-03-06 19:41:30.2 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.2047.1192 [GMT 1:00]
Lancé depuis: c:\users\Kevin MONTHERAT\Desktop\ComboFix.exe
FW: Pack sécurité 8.00 *enabled*
* Resident AV is active
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-02-06 au 2009-03-06 ))))))))))))))))))))))))))))))))))))
.
2009-03-06 18:12 . 2009-03-06 18:12 0 --ah----- c:\windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-03-05 21:14 . 2009-03-05 21:24 <REP> d-------- C:\rsit
2009-03-05 21:12 . 2009-03-05 21:12 <REP> d-------- c:\program files\Trend Micro
2009-03-05 20:05 . 2009-03-05 20:05 <REP> d-------- c:\users\Kevin MONTHERAT\AppData\Roaming\Malwarebytes
2009-03-05 20:05 . 2009-03-05 20:05 <REP> d-------- c:\users\All Users\Malwarebytes
2009-03-05 20:05 . 2009-03-05 20:05 <REP> d-------- c:\programdata\Malwarebytes
2009-03-05 20:05 . 2009-03-05 20:05 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-03-05 20:05 . 2009-02-11 10:19 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2009-03-05 20:05 . 2009-02-11 10:19 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2009-03-05 19:58 . 2009-03-05 20:54 <REP> d-------- C:\Rooter$
2009-03-04 12:57 . 2009-03-04 12:57 <REP> d-------- c:\users\Kevin MONTHERAT\Pavark
2009-03-04 12:52 . 2009-03-04 12:52 <REP> d-------- c:\program files\PHPNukeFR
2009-03-04 11:06 . 2009-03-04 11:06 <REP> d-------- c:\program files\VID_0E8F&PID_0012
2009-03-02 13:27 . 2009-03-02 13:27 <REP> d-------- c:\program files\Conduit
2009-03-02 12:58 . 2009-03-02 13:12 <REP> d-------- c:\program files\Navilog1
2009-02-28 10:49 . 2009-02-28 10:49 <REP> d-------- c:\program files\Java
2009-02-28 10:43 . 2009-02-28 10:47 <REP> d-------- c:\users\Kevin MONTHERAT\.housecall6.6
2009-02-27 19:12 . 2009-03-05 20:56 <REP> d-------- C:\Fraps
2009-02-24 22:55 . 2009-02-24 22:55 55,808 --------- c:\windows\System32\gaopdxpmicngut.0ll
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Videos
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Searches
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Saved Games
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Pictures
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Music
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Links
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Downloads
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Documents
2009-02-24 19:58 . 2009-02-24 19:58 <REP> d-------- c:\users\All Users\Electronic Arts
2009-02-24 19:58 . 2009-02-24 19:58 <REP> d-------- c:\programdata\Electronic Arts
2009-02-24 19:58 . 2009-02-24 19:58 1,590 --a------ c:\windows\System32\ealregsnapshot1.reg
2009-02-24 19:41 . 2009-02-24 19:41 <REP> d-------- c:\program files\EA Games
2009-02-24 18:50 . 2008-03-05 15:56 3,786,760 --a------ c:\windows\System32\D3DX9_37.dll
2009-02-24 18:50 . 2007-10-12 15:14 3,734,536 --a------ c:\windows\System32\d3dx9_36.dll
2009-02-24 18:50 . 2008-03-05 15:56 1,420,824 --a------ c:\windows\System32\D3DCompiler_37.dll
2009-02-24 18:50 . 2007-10-12 15:14 1,374,232 --a------ c:\windows\System32\D3DCompiler_36.dll
2009-02-24 18:50 . 2008-03-05 16:03 479,752 --a------ c:\windows\System32\XAudio2_0.dll
2009-02-24 18:50 . 2008-02-05 23:07 462,864 --a------ c:\windows\System32\d3dx10_37.dll
2009-02-24 18:50 . 2007-10-02 09:56 444,776 --a------ c:\windows\System32\d3dx10_36.dll
2009-02-24 18:50 . 2007-10-22 03:39 267,272 --a------ c:\windows\System32\xactengine2_10.dll
2009-02-24 18:50 . 2007-07-20 00:57 267,112 --a------ c:\windows\System32\xactengine2_9.dll
2009-02-24 18:50 . 2008-03-05 16:03 238,088 --a------ c:\windows\System32\xactengine3_0.dll
2009-02-24 18:50 . 2008-03-05 16:00 25,608 --a------ c:\windows\System32\X3DAudio1_3.dll
2009-02-24 18:50 . 2007-10-22 03:37 17,928 --a------ c:\windows\System32\X3DAudio1_2.dll
2009-02-23 18:49 . 2009-02-23 18:49 <REP> d-------- c:\users\Kevin MONTHERAT\AppData\Roaming\Leadertech
2009-02-22 19:15 . 2009-02-23 19:56 <REP> d-------- c:\program files\PowerISO
2009-02-22 18:46 . 2009-02-22 18:47 <REP> d-------- c:\users\Kevin MONTHERAT\AppData\Roaming\vlc
2009-02-15 03:02 . 2008-12-05 05:32 428,544 --a------ c:\windows\System32\EncDec.dll
2009-02-15 03:02 . 2008-12-05 05:32 293,376 --a------ c:\windows\System32\psisdecd.dll
2009-02-15 03:02 . 2008-12-05 05:31 217,088 --a------ c:\windows\System32\psisrndr.ax
2009-02-15 03:02 . 2008-12-05 05:31 177,664 --a------ c:\windows\System32\mpg2splt.ax
2009-02-15 03:02 . 2008-12-05 05:31 80,896 --a------ c:\windows\System32\MSNP.ax
2009-02-14 15:53 . 2009-02-14 15:53 <REP> d-------- c:\program files\LimeWire
2009-02-14 10:48 . 2009-02-14 10:48 <REP> d-------- c:\program files\PowerQuest
2009-02-14 01:16 . 2009-02-14 01:16 <REP> d-------- c:\users\Kevin MONTHERAT\AppData\Roaming\eSobi
2009-02-11 17:15 . 2009-03-05 19:47 <REP> d-------- c:\users\All Users\Google Updater
2009-02-11 17:15 . 2009-03-05 19:47 <REP> d-------- c:\programdata\Google Updater
2009-02-11 17:15 . 2009-03-01 12:13 <REP> d-------- c:\program files\Google
2009-02-11 11:54 . 2009-01-15 04:36 1,383,424 --a------ c:\windows\System32\mshtml.tlb
2009-02-11 11:54 . 2009-01-15 07:11 827,392 --a------ c:\windows\System32\wininet.dll
2009-02-06 07:03 . 2009-02-06 07:03 0 --ah----- c:\windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-06 17:21 138,184 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2009-03-06 17:20 183,112 ----a-w c:\windows\System32\PnkBstrB.exe
2009-03-05 20:03 --------- d-----w c:\program files\CCleaner
2009-03-05 19:45 --------- d---a-w c:\programdata\TEMP
2009-03-04 10:06 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-03 17:36 --------- d-----w c:\users\Kevin MONTHERAT\AppData\Roaming\Azureus
2009-03-03 16:57 --------- d-----w c:\users\Kevin MONTHERAT\AppData\Roaming\dvdcss
2009-02-28 09:49 410,984 ----a-w c:\windows\System32\deploytk.dll
2009-02-26 17:19 --------- d-----w c:\users\Kevin MONTHERAT\AppData\Roaming\LimeWire
2009-02-25 12:42 413,696 ----a-w c:\windows\System32\wrap_oal.dll
2009-02-25 12:42 110,592 ----a-w c:\windows\System32\OpenAL32.dll
2009-02-25 12:34 --------- d-----w c:\program files\Yahoo!
2009-02-24 20:13 66,872 ----a-w c:\windows\System32\PnkBstrA.exe
2009-02-22 17:44 --------- d-----w c:\program files\VideoLAN
2009-02-22 16:56 --------- d-----w c:\program files\Windows Live
2009-02-22 16:53 --------- d-----w c:\programdata\Media Center Programs
2009-02-14 00:21 --------- d-----w c:\program files\NCH Swift Sound
2009-02-14 00:16 --------- d-----w c:\programdata\eMule
2009-02-13 20:34 --------- d-----w c:\programdata\Test Drive Unlimited
2009-02-12 10:10 --------- d-----w c:\programdata\Microsoft Help
2009-02-12 10:09 --------- d-----w c:\program files\Windows Mail
2009-02-08 16:22 --------- d-----w c:\program files\Vuze
2009-02-06 18:33 --------- d-----w c:\program files\GameSpy Arcade
2009-02-04 12:31 --------- d-----w c:\users\Kevin MONTHERAT\AppData\Roaming\InstallShield
2009-02-04 12:31 --------- d-----w c:\program files\RALINK
2009-02-03 17:43 --------- d-----w c:\program files\Audacity
2009-02-02 16:14 --------- d-----w c:\program files\Microsoft Works
2009-02-01 16:45 --------- d-----w c:\program files\Zattoo
2009-02-01 11:32 --------- d-----w c:\program files\Microsoft CAPICOM 2.1.0.2
2009-01-29 19:31 --------- d-----w c:\program files\Microsoft Silverlight
2009-01-29 19:31 --------- d-----w c:\program files\Microsoft
2009-01-29 19:30 --------- d-----w c:\program files\Microsoft Office Outlook Connector
2009-01-29 19:28 --------- d-----w c:\program files\Microsoft SQL Server Compact Edition
2009-01-29 14:10 174 --sha-w c:\program files\desktop.ini
2009-01-29 14:03 --------- d-----w c:\program files\Windows Sidebar
2009-01-29 14:03 --------- d-----w c:\program files\Windows Photo Gallery
2009-01-29 14:03 --------- d-----w c:\program files\Windows Journal
2009-01-29 14:03 --------- d-----w c:\program files\Windows Collaboration
2009-01-29 14:03 --------- d-----w c:\program files\Windows Calendar
2009-01-29 14:02 --------- d-----w c:\program files\Windows Defender
2009-01-29 13:40 82,432 ----a-w c:\windows\System32\axaltocm.dll
2009-01-29 13:40 101,888 ----a-w c:\windows\System32\ifxcardm.dll
2009-01-28 16:57 33,408 ----a-w c:\windows\system32\drivers\fsbts.sys
2009-01-28 16:53 --------- d-----w c:\users\Kevin MONTHERAT\AppData\Roaming\F-Secure
2009-01-28 16:37 --------- d-----w c:\programdata\f-secure
2009-01-28 16:35 --------- d-----w c:\programdata\fssg
2009-01-28 16:35 --------- d-----w c:\program files\SFR
2009-01-28 16:29 --------- d-----w c:\programdata\Avg7
2009-01-24 10:31 9,847,296 ----a-w c:\windows\System32\NlsData000a.dll
2009-01-23 16:38 61,440 ----a-w c:\windows\System32\winipsec.dll
2009-01-23 16:38 361,984 ----a-w c:\windows\System32\IPSECSVC.DLL
2009-01-23 16:38 28,672 ----a-w c:\windows\System32\FwRemoteSvr.dll
2009-01-23 16:38 272,896 ----a-w c:\windows\System32\polstore.dll
2009-01-23 16:37 94,720 ----a-w c:\windows\System32\PortableDeviceClassExtension.dll
2009-01-23 16:37 241,152 ----a-w c:\windows\System32\PortableDeviceApi.dll
2009-01-23 16:37 160,768 ----a-w c:\windows\System32\PortableDeviceTypes.dll
2009-01-23 16:28 296,960 ----a-w c:\windows\System32\gdi32.dll
2009-01-23 16:27 269,312 ----a-w c:\windows\System32\es.dll
2009-01-23 16:27 212,480 ----a-w c:\windows\system32\drivers\mrxsmb10.sys
2009-01-23 16:26 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll
2009-01-23 16:26 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll
2009-01-23 16:26 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll
2009-01-23 16:26 4,240,384 ----a-w c:\windows\System32\GameUXLegacyGDFs.dll
2009-01-23 16:26 28,672 ----a-w c:\windows\System32\Apphlpdm.dll
2009-01-23 16:26 2,560 ----a-w c:\windows\AppPatch\AcRes.dll
2009-01-23 16:26 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll
2009-01-23 16:26 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll
2009-01-23 16:26 1,695,744 ----a-w c:\windows\System32\gameux.dll
2009-01-23 16:21 988,216 ----a-w c:\windows\System32\winload.exe
2009-01-23 16:21 927,288 ----a-w c:\windows\System32\winresume.exe
2009-01-23 16:21 615,992 ----a-w c:\windows\System32\ci.dll
2009-01-23 16:21 6,656 ----a-w c:\windows\System32\kbd106n.dll
2009-01-23 16:21 46,592 ----a-w c:\windows\System32\setbcdlocale.dll
2009-01-23 16:21 40,960 ----a-w c:\windows\System32\srclient.dll
2009-01-23 16:21 378,368 ----a-w c:\windows\System32\srcore.dll
2009-01-23 16:21 318,464 ----a-w c:\windows\System32\rstrui.exe
2009-01-23 16:21 19,000 ----a-w c:\windows\System32\kd1394.dll
2009-01-23 16:21 14,848 ----a-w c:\windows\System32\srdelayed.exe
2009-01-23 16:18 --------- d-----w c:\program files\MSXML 4.0
2009-01-22 14:29 --------- d-----w c:\programdata\Azureus
2009-01-22 08:39 303,616 ----a-w c:\windows\System32\wmpeffects.dll
2009-01-22 08:38 2,032,640 ----a-w c:\windows\System32\win32k.sys
2009-01-22 08:37 2,048 ----a-w c:\windows\System32\msxml3r.dll
2009-01-22 08:37 1,191,936 ----a-w c:\windows\System32\msxml3.dll
2009-01-22 08:33 2,048 ----a-w c:\windows\System32\tzres.dll
2009-01-22 08:28 2,927,104 ----a-w c:\windows\explorer.exe
2009-01-22 08:20 712,704 ----a-w c:\windows\System32\WindowsCodecs.dll
2009-01-22 08:20 443,392 ----a-w c:\windows\System32\win32spl.dll
2009-01-22 08:20 425,472 ----a-w c:\windows\System32\PhotoMetadataHandler.dll
2009-01-22 08:20 37,888 ----a-w c:\windows\System32\printcom.dll
2009-01-22 08:20 347,648 ----a-w c:\windows\System32\WindowsCodecsExt.dll
2009-01-22 08:19 14,848 ----a-w c:\windows\System32\wshrm.dll
2009-01-22 08:19 113,664 ----a-w c:\windows\system32\drivers\rmcast.sys
2009-01-22 08:18 288,768 ----a-w c:\windows\system32\drivers\srv.sys
2009-01-22 08:17 996,352 ----a-w c:\windows\System32\WMNetMgr.dll
2009-01-22 08:17 98,816 ----a-w c:\windows\System32\mfps.dll
2009-01-22 08:17 94,720 ----a-w c:\windows\System32\logagent.exe
2009-01-22 08:17 53,248 ----a-w c:\windows\System32\rrinstaller.exe
2009-01-22 08:17 24,576 ----a-w c:\windows\System32\mfpmp.exe
2009-01-22 08:17 2,868,736 ----a-w c:\windows\System32\mf.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-03-05_21.56.43,47 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-03-05 19:14:24 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-03-06 17:04:23 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-03-05 19:14:24 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-03-06 17:04:23 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-03-05 20:51:43 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2009-03-06 17:06:01 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
- 2009-03-05 19:15:40 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2009-03-06 17:06:07 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2009-03-06 17:06:07 262,144 ---ha-w c:\windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
- 2009-03-05 20:24:26 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-03-06 18:39:42 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-03-05 20:24:26 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-03-06 18:39:42 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-03-05 20:24:26 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-03-06 18:39:42 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-03-05 20:55:21 104,296 ----a-w c:\windows\System32\perfc009.dat
+ 2009-03-06 17:14:56 104,296 ----a-w c:\windows\System32\perfc009.dat
- 2009-03-05 20:55:21 126,594 ----a-w c:\windows\System32\perfc00C.dat
+ 2009-03-06 17:14:56 126,594 ----a-w c:\windows\System32\perfc00C.dat
- 2009-03-05 20:55:21 594,108 ----a-w c:\windows\System32\perfh009.dat
+ 2009-03-06 17:14:56 594,108 ----a-w c:\windows\System32\perfh009.dat
- 2009-03-05 20:55:21 676,456 ----a-w c:\windows\System32\perfh00C.dat
+ 2009-03-06 17:14:56 676,456 ----a-w c:\windows\System32\perfh00C.dat
- 2009-03-05 19:16:06 13,732 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2565260227-2245687259-2372371746-1000_UserData.bin
+ 2009-03-06 17:06:14 13,800 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2565260227-2245687259-2372371746-1000_UserData.bin
- 2009-03-05 19:16:06 88,888 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2009-03-06 17:06:13 89,082 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2009-03-05 19:16:03 60,358 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-03-06 17:06:07 60,382 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-02-15 151552]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-08-16 167368]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"Google Update"="c:\users\Kevin MONTHERAT\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-03-04 133104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acer Empowering Technology Monitor"="c:\acer\Empowering Technology\SysMonitor.exe" [2007-01-24 319488]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-02-06 464168]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-02-15 151552]
"F-Secure Manager"="c:\program files\SFR\Pack Sécurité\Common\FSM32.EXE" [2008-09-23 182936]
"F-Secure TNB"="c:\program files\SFR\Pack Sécurité\FSGUI\TNBUtil.exe" [2008-09-23 957024]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2008-11-02 167936]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-28 148888]
"RtHDVCpl"="RtHDVCpl.exe" [2007-03-01 c:\windows\RtHDVCpl.exe]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-04-24 528384]
Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
PCM Media Sharing.lnk - c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe [2007-04-24 200812]
Ralink Wireless Utility.lnk - c:\program files\RALINK\Common\RaUI.exe [2009-02-04 946176]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.mkdmp3enc"= c:\progra~1\ACERAR~1\ACERVI~1\Kernel\Burner\MKDMP3Enc.ACM
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{F95798C9-BF0A-4D20-BD7C-6B38E7FF9FEE}"= c:\program files\Acer Arcade Live\Acer Arcade Live Main Page\Acer Arcade Live.exe:Acer Arcade Live
"{A5333138-7820-4A45-A0F8-9FD93BB4D627}"= c:\program files\Acer Arcade Live\Acer DV Magician\Component\ARAWP.exe:DV Magician ARA workprocess
"{D585109C-A3E9-47A0-B1F8-BEF827E9F6D7}"= c:\program files\Acer Arcade Live\Acer DV Magician\Component\DVAX2Process.exe:DV Magician AVAX workprocess
"{31A60708-F002-42F4-9908-B33BD16550DD}"= c:\program files\Acer Arcade Live\SlideShow DVD\Component\CLSLDVD.exe:SlideShow DVD workprocess
"{932D4E56-6D5F-4909-A913-8B5947834283}"= c:\program files\Acer Arcade Live\Acer VideoMagician\VideoMagician.exe:VideoMagician
"{B4E3A7E7-6249-4309-B05F-B68B9B030828}"= c:\program files\Acer Arcade Live\Acer DVDivine\DVDivine.exe:DVDivine
"{383C1570-BA3C-4015-8188-2C4B6D3284C4}"= c:\program files\Acer Arcade Live\Acer HomeMedia\HomeMedia.exe:HomeMedia
"{96FB5B8F-6D95-4F7A-809C-7952FC936ACB}"= c:\program files\Acer Arcade Live\Acer HomeMedia Connect\HomeMedia Connect.exe:HomeMedia Connect
"{4FF06BD9-4370-4B76-ACF7-40542F1CF716}"= c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.EXE:HomeMedia Connect Service
"{98664FF4-6B05-4F6A-9AA8-4AB9AD382F88}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{ACE965AF-3E79-4CEA-88D0-A0B298285A08}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{D86BA326-F11F-48E9-8234-8AE39B834488}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{C39F29EE-DA75-44D0-A759-A2E05856A4A2}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{89B64FBA-3EED-4DB7-A281-2F9BDB2665B0}"= UDP:d:\logiciels installer\call of duty 4\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{89654656-1DB9-4BB8-A900-E9D057DDD2E4}"= TCP:d:\logiciels installer\call of duty 4\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{C47DE0E0-4BD4-4A91-BD8B-0C78813CCB9B}"= UDP:d:\jeux\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)
"{9FD1E30E-7800-4419-8C93-30ECCF58E9E9}"= TCP:d:\jeux\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)
"{134D50B9-E8A3-4C26-85A4-0EE7E0B21114}"= UDP:d:\jeux\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)
"{AF909CFB-2CB9-49B0-88B6-F294A0E36CDE}"= TCP:d:\jeux\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)
"{EE4FFA63-6B21-40EE-A0BE-2C152FBE7618}"= TCP:6004|c:\program files\Microsoft Office 2007\Office12\outlook.exe:Microsoft Office Outlook
"{8C41EABF-CC68-4EB1-AA96-C126DA3F9925}"= UDP:c:\program files\Microsoft Office 2007\Office12\GROOVE.EXE:Microsoft Office Groove
"{856E2AB8-B407-4917-8EBC-C7E2FA31A891}"= TCP:c:\program files\Microsoft Office 2007\Office12\GROOVE.EXE:Microsoft Office Groove
"{8F24B4D6-C4FC-4E7B-B33D-EC3E599039F1}"= UDP:c:\program files\Microsoft Office 2007\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{58AC9DEF-E39F-4733-B55B-6E4E2A514535}"= TCP:c:\program files\Microsoft Office 2007\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{80AF612D-A611-496E-B9BC-DB1B5D1E27FF}"= UDP:c:\program files\Grisoft\AVG7\avginet.exe:avginet.exe
"{80ABE62D-E174-4CC3-9E83-79076FC68605}"= TCP:c:\program files\Grisoft\AVG7\avginet.exe:avginet.exe
"{A0C24512-1D74-451C-B7F6-51072309D723}"= UDP:c:\program files\Grisoft\AVG7\avgamsvr.exe:avgamsvr.exe
"{49F6A9C9-94AF-4957-914D-5D96CF560B74}"= TCP:c:\program files\Grisoft\AVG7\avgamsvr.exe:avgamsvr.exe
"{552A529F-BAF1-4787-B320-3F35F6296502}"= UDP:c:\program files\Grisoft\AVG7\avgcc.exe:avgcc.exe
"{2F26A7D9-26CC-47D3-9C27-A0AB761A3CE0}"= TCP:c:\program files\Grisoft\AVG7\avgcc.exe:avgcc.exe
"{930EFD28-6339-408F-BD20-D99F23FB0161}"= UDP:c:\program files\GameSpy Arcade\Aphex.exe:GameSpy Arcade
"{5B2FE4EE-E54A-4726-A664-FD4FEC2AA1C9}"= TCP:c:\program files\GameSpy Arcade\Aphex.exe:GameSpy Arcade
"TCP Query User{02B441EE-6E51-4EC5-8260-600541CD56D2}c:\\program files\\limewire\\limewire.exe"= UDP:c:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{5AC94F14-3F8E-45A1-A02A-B8FF5C2BFB56}c:\\program files\\limewire\\limewire.exe"= TCP:c:\program files\limewire\limewire.exe:LimeWire
"TCP Query User{F44333BC-15FA-4D16-B460-183FE8C4137E}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{5ADD8998-C2F5-4486-9B03-692A330B7462}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"TCP Query User{90EFDDF3-E873-4DEC-BFA3-A69458219ACE}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus
"UDP Query User{B35586BA-BC48-4745-8538-52D098074F43}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus
"{C39C42F5-BA0A-4946-8E4D-ADCFCD10FE01}"= UDP:c:\program files\Zattoo\Zattoo.exe:Zattoo
"{4D327FB6-A0FC-46BD-9228-6E98BD2BA4FF}"= TCP:c:\program files\Zattoo\Zattoo.exe:Zattoo
"TCP Query User{885A49E5-7C53-4E3E-9D2A-AC6E7C906BB8}c:\\program files\\zattoo\\zattood.exe"= UDP:c:\program files\zattoo\zattood.exe:zattood
"UDP Query User{57AB26D7-53AA-4855-ACC9-DB5D433AE6F2}c:\\program files\\zattoo\\zattood.exe"= TCP:c:\program files\zattoo\zattood.exe:zattood
"TCP Query User{C2D5C423-31AB-4ACB-B8D7-F3DBEAB31BBF}d:\\jeux\\sega rally\\sega rally.exe"= UDP:d:\jeux\sega rally\sega rally.exe:SEGA Rally
"UDP Query User{2CC3FDF7-32F3-4286-B4E5-8CD9D9D8DC15}d:\\jeux\\sega rally\\sega rally.exe"= TCP:d:\jeux\sega rally\sega rally.exe:SEGA Rally
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Acer\\Empowering Technology\\eDataSecurity\\eDSfsu.exe"= c:\acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu
"c:\\Acer\\Empowering Technology\\eDataSecurity\\encryption.exe"= c:\acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption
"c:\\Acer\\Empowering Technology\\eDataSecurity\\decryption.exe"= c:\acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption
R0 fsbts;fsbts;c:\windows\System32\drivers\fsbts.sys [2009-01-28 33408]
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);c:\windows\System32\drivers\sfsync03.sys [2006-07-11 42392]
R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\SFR\Pack Sécurité\HIPS\drivers\fshs.sys [2009-01-28 66720]
R1 FSES;F-Secure Email Scanning Driver;c:\windows\System32\drivers\fses.sys [2009-01-28 35552]
R1 FSFW;F-Secure Firewall Driver;c:\windows\System32\drivers\fsdfw.sys [2009-01-28 70944]
R1 fsvista;F-Secure Vista Support Driver;c:\program files\SFR\Pack Sécurité\Anti-Virus\minifilter\fsvista.sys [2009-01-28 12384]
R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2007-04-24 266343]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\SFR\Pack Sécurité\Anti-Virus\minifilter\fsgk.sys [2009-01-28 84616]
R3 FSORSPClient;F-Secure ORSP Client;c:\program files\SFR\Pack Sécurité\ORSP Client\fsorsp.exe [2009-01-28 55904]
R3 netr73;RT73 USB Wireless LAN Card Driver for Vista;c:\windows\System32\drivers\netr73.sys [2009-02-04 265216]
S2 gupdate1c98c646521307c;Google Update Service (gupdate1c98c646521307c);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-11 133104]
S3 WSVD;WSVD;c:\windows\System32\drivers\WSVD.sys [2007-12-08 80744]
S4 F-Secure Filter;F-Secure File System Filter;c:\program files\SFR\Pack Sécurité\Anti-Virus\win2k\fsfilter.sys [2009-01-28 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\SFR\Pack Sécurité\Anti-Virus\win2k\fsrec.sys [2009-01-28 25184]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\L]
\shell\AutoRun\command - L:\RunGame.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{69961655-fb38-11dc-a182-0019dbacc2ff}]
\shell\AutoRun\command - J:\Autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8cc48b0e-4d11-11dd-b96e-0019dbacc2ff}]
\shell\AutoRun\command - K:\autorun.exe
\shell\directx\command - k:\directx9\dxsetup.exe
\shell\setup\command - K:\install.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b2fc1323-579a-11dc-99db-806e6f6e6963}]
\shell\AutoRun\command - E:\setup.exe
.
Contenu du dossier 'Tâches planifiées'
2009-03-06 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-11 17:15]
2009-03-06 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-11 17:18]
2009-03-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2565260227-2245687259-2372371746-1000.job
- c:\users\Kevin MONTHERAT\AppData\Local\Google\Update\GoogleUpdate.exe [2009-03-04 16:05]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2102473
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uSearchURL,(Default) = hxxp://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
LSP: c:\program files\SFR\Pack Se9,curite9,\FSPS\program\fslsp.dll
FF - ProfilePath - c:\users\Kevin MONTHERAT\AppData\Roaming\Mozilla\Firefox\Profiles\fpq39xcu.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - component: c:\program files\Mozilla Firefox\extensions\{1c491116-c175-45e1-a570-6fb14fea8b7b}\components\FFAlert.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1487.6512\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\Kevin MONTHERAT\AppData\Local\Google\Update\1.2.141.5\npGoogleOneClick7.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-06 19:43:50
Windows 6.0.6001 Service Pack 1 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(964)
c:\program files\SFR\Pack Sécurité\FWES\Program\fsdc32.dll
- - - - - - - > 'lsass.exe'(792)
c:\program files\SFR\Pack Sécurité\FWES\Program\fsdc32.dll
- - - - - - - > 'Explorer.exe'(6016)
c:\program files\SFR\Pack Sécurité\Spam Control\fsscoepl.dll
c:\windows\system32\MsnChatHook.dll
c:\windows\system32\ShowErrMsg.dll
c:\windows\system32\sysenv.dll
c:\windows\system32\BatchCrypto.dll
c:\windows\system32\CryptoAPI.dll
c:\windows\system32\keyManager.dll
- - - - - - - > 'csrss.exe'(676)
c:\program files\SFR\Pack Sécurité\FWES\Program\fsdc32.dll
- - - - - - - > 'csrss.exe'(740)
c:\program files\SFR\Pack Sécurité\FWES\Program\fsdc32.dll
.
Heure de fin: 2009-03-06 19:45:45
ComboFix-quarantined-files.txt 2009-03-06 18:45:41
ComboFix2.txt 2009-03-05 20:58:07
Avant-CF: 174 424 412 160 octets libres
Après-CF: 174,390,992,896 octets libres
383 --- E O F --- 2009-03-06 17:10:19
voila l'analyse de combo fix:
ComboFix 09-03-04.01 - Kevin MONTHERAT 2009-03-06 19:41:30.2 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.2047.1192 [GMT 1:00]
Lancé depuis: c:\users\Kevin MONTHERAT\Desktop\ComboFix.exe
FW: Pack sécurité 8.00 *enabled*
* Resident AV is active
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-02-06 au 2009-03-06 ))))))))))))))))))))))))))))))))))))
.
2009-03-06 18:12 . 2009-03-06 18:12 0 --ah----- c:\windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-03-05 21:14 . 2009-03-05 21:24 <REP> d-------- C:\rsit
2009-03-05 21:12 . 2009-03-05 21:12 <REP> d-------- c:\program files\Trend Micro
2009-03-05 20:05 . 2009-03-05 20:05 <REP> d-------- c:\users\Kevin MONTHERAT\AppData\Roaming\Malwarebytes
2009-03-05 20:05 . 2009-03-05 20:05 <REP> d-------- c:\users\All Users\Malwarebytes
2009-03-05 20:05 . 2009-03-05 20:05 <REP> d-------- c:\programdata\Malwarebytes
2009-03-05 20:05 . 2009-03-05 20:05 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-03-05 20:05 . 2009-02-11 10:19 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2009-03-05 20:05 . 2009-02-11 10:19 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2009-03-05 19:58 . 2009-03-05 20:54 <REP> d-------- C:\Rooter$
2009-03-04 12:57 . 2009-03-04 12:57 <REP> d-------- c:\users\Kevin MONTHERAT\Pavark
2009-03-04 12:52 . 2009-03-04 12:52 <REP> d-------- c:\program files\PHPNukeFR
2009-03-04 11:06 . 2009-03-04 11:06 <REP> d-------- c:\program files\VID_0E8F&PID_0012
2009-03-02 13:27 . 2009-03-02 13:27 <REP> d-------- c:\program files\Conduit
2009-03-02 12:58 . 2009-03-02 13:12 <REP> d-------- c:\program files\Navilog1
2009-02-28 10:49 . 2009-02-28 10:49 <REP> d-------- c:\program files\Java
2009-02-28 10:43 . 2009-02-28 10:47 <REP> d-------- c:\users\Kevin MONTHERAT\.housecall6.6
2009-02-27 19:12 . 2009-03-05 20:56 <REP> d-------- C:\Fraps
2009-02-24 22:55 . 2009-02-24 22:55 55,808 --------- c:\windows\System32\gaopdxpmicngut.0ll
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Videos
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Searches
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Saved Games
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Pictures
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Music
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Links
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Downloads
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Documents
2009-02-24 19:58 . 2009-02-24 19:58 <REP> d-------- c:\users\All Users\Electronic Arts
2009-02-24 19:58 . 2009-02-24 19:58 <REP> d-------- c:\programdata\Electronic Arts
2009-02-24 19:58 . 2009-02-24 19:58 1,590 --a------ c:\windows\System32\ealregsnapshot1.reg
2009-02-24 19:41 . 2009-02-24 19:41 <REP> d-------- c:\program files\EA Games
2009-02-24 18:50 . 2008-03-05 15:56 3,786,760 --a------ c:\windows\System32\D3DX9_37.dll
2009-02-24 18:50 . 2007-10-12 15:14 3,734,536 --a------ c:\windows\System32\d3dx9_36.dll
2009-02-24 18:50 . 2008-03-05 15:56 1,420,824 --a------ c:\windows\System32\D3DCompiler_37.dll
2009-02-24 18:50 . 2007-10-12 15:14 1,374,232 --a------ c:\windows\System32\D3DCompiler_36.dll
2009-02-24 18:50 . 2008-03-05 16:03 479,752 --a------ c:\windows\System32\XAudio2_0.dll
2009-02-24 18:50 . 2008-02-05 23:07 462,864 --a------ c:\windows\System32\d3dx10_37.dll
2009-02-24 18:50 . 2007-10-02 09:56 444,776 --a------ c:\windows\System32\d3dx10_36.dll
2009-02-24 18:50 . 2007-10-22 03:39 267,272 --a------ c:\windows\System32\xactengine2_10.dll
2009-02-24 18:50 . 2007-07-20 00:57 267,112 --a------ c:\windows\System32\xactengine2_9.dll
2009-02-24 18:50 . 2008-03-05 16:03 238,088 --a------ c:\windows\System32\xactengine3_0.dll
2009-02-24 18:50 . 2008-03-05 16:00 25,608 --a------ c:\windows\System32\X3DAudio1_3.dll
2009-02-24 18:50 . 2007-10-22 03:37 17,928 --a------ c:\windows\System32\X3DAudio1_2.dll
2009-02-23 18:49 . 2009-02-23 18:49 <REP> d-------- c:\users\Kevin MONTHERAT\AppData\Roaming\Leadertech
2009-02-22 19:15 . 2009-02-23 19:56 <REP> d-------- c:\program files\PowerISO
2009-02-22 18:46 . 2009-02-22 18:47 <REP> d-------- c:\users\Kevin MONTHERAT\AppData\Roaming\vlc
2009-02-15 03:02 . 2008-12-05 05:32 428,544 --a------ c:\windows\System32\EncDec.dll
2009-02-15 03:02 . 2008-12-05 05:32 293,376 --a------ c:\windows\System32\psisdecd.dll
2009-02-15 03:02 . 2008-12-05 05:31 217,088 --a------ c:\windows\System32\psisrndr.ax
2009-02-15 03:02 . 2008-12-05 05:31 177,664 --a------ c:\windows\System32\mpg2splt.ax
2009-02-15 03:02 . 2008-12-05 05:31 80,896 --a------ c:\windows\System32\MSNP.ax
2009-02-14 15:53 . 2009-02-14 15:53 <REP> d-------- c:\program files\LimeWire
2009-02-14 10:48 . 2009-02-14 10:48 <REP> d-------- c:\program files\PowerQuest
2009-02-14 01:16 . 2009-02-14 01:16 <REP> d-------- c:\users\Kevin MONTHERAT\AppData\Roaming\eSobi
2009-02-11 17:15 . 2009-03-05 19:47 <REP> d-------- c:\users\All Users\Google Updater
2009-02-11 17:15 . 2009-03-05 19:47 <REP> d-------- c:\programdata\Google Updater
2009-02-11 17:15 . 2009-03-01 12:13 <REP> d-------- c:\program files\Google
2009-02-11 11:54 . 2009-01-15 04:36 1,383,424 --a------ c:\windows\System32\mshtml.tlb
2009-02-11 11:54 . 2009-01-15 07:11 827,392 --a------ c:\windows\System32\wininet.dll
2009-02-06 07:03 . 2009-02-06 07:03 0 --ah----- c:\windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-06 17:21 138,184 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2009-03-06 17:20 183,112 ----a-w c:\windows\System32\PnkBstrB.exe
2009-03-05 20:03 --------- d-----w c:\program files\CCleaner
2009-03-05 19:45 --------- d---a-w c:\programdata\TEMP
2009-03-04 10:06 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-03 17:36 --------- d-----w c:\users\Kevin MONTHERAT\AppData\Roaming\Azureus
2009-03-03 16:57 --------- d-----w c:\users\Kevin MONTHERAT\AppData\Roaming\dvdcss
2009-02-28 09:49 410,984 ----a-w c:\windows\System32\deploytk.dll
2009-02-26 17:19 --------- d-----w c:\users\Kevin MONTHERAT\AppData\Roaming\LimeWire
2009-02-25 12:42 413,696 ----a-w c:\windows\System32\wrap_oal.dll
2009-02-25 12:42 110,592 ----a-w c:\windows\System32\OpenAL32.dll
2009-02-25 12:34 --------- d-----w c:\program files\Yahoo!
2009-02-24 20:13 66,872 ----a-w c:\windows\System32\PnkBstrA.exe
2009-02-22 17:44 --------- d-----w c:\program files\VideoLAN
2009-02-22 16:56 --------- d-----w c:\program files\Windows Live
2009-02-22 16:53 --------- d-----w c:\programdata\Media Center Programs
2009-02-14 00:21 --------- d-----w c:\program files\NCH Swift Sound
2009-02-14 00:16 --------- d-----w c:\programdata\eMule
2009-02-13 20:34 --------- d-----w c:\programdata\Test Drive Unlimited
2009-02-12 10:10 --------- d-----w c:\programdata\Microsoft Help
2009-02-12 10:09 --------- d-----w c:\program files\Windows Mail
2009-02-08 16:22 --------- d-----w c:\program files\Vuze
2009-02-06 18:33 --------- d-----w c:\program files\GameSpy Arcade
2009-02-04 12:31 --------- d-----w c:\users\Kevin MONTHERAT\AppData\Roaming\InstallShield
2009-02-04 12:31 --------- d-----w c:\program files\RALINK
2009-02-03 17:43 --------- d-----w c:\program files\Audacity
2009-02-02 16:14 --------- d-----w c:\program files\Microsoft Works
2009-02-01 16:45 --------- d-----w c:\program files\Zattoo
2009-02-01 11:32 --------- d-----w c:\program files\Microsoft CAPICOM 2.1.0.2
2009-01-29 19:31 --------- d-----w c:\program files\Microsoft Silverlight
2009-01-29 19:31 --------- d-----w c:\program files\Microsoft
2009-01-29 19:30 --------- d-----w c:\program files\Microsoft Office Outlook Connector
2009-01-29 19:28 --------- d-----w c:\program files\Microsoft SQL Server Compact Edition
2009-01-29 14:10 174 --sha-w c:\program files\desktop.ini
2009-01-29 14:03 --------- d-----w c:\program files\Windows Sidebar
2009-01-29 14:03 --------- d-----w c:\program files\Windows Photo Gallery
2009-01-29 14:03 --------- d-----w c:\program files\Windows Journal
2009-01-29 14:03 --------- d-----w c:\program files\Windows Collaboration
2009-01-29 14:03 --------- d-----w c:\program files\Windows Calendar
2009-01-29 14:02 --------- d-----w c:\program files\Windows Defender
2009-01-29 13:40 82,432 ----a-w c:\windows\System32\axaltocm.dll
2009-01-29 13:40 101,888 ----a-w c:\windows\System32\ifxcardm.dll
2009-01-28 16:57 33,408 ----a-w c:\windows\system32\drivers\fsbts.sys
2009-01-28 16:53 --------- d-----w c:\users\Kevin MONTHERAT\AppData\Roaming\F-Secure
2009-01-28 16:37 --------- d-----w c:\programdata\f-secure
2009-01-28 16:35 --------- d-----w c:\programdata\fssg
2009-01-28 16:35 --------- d-----w c:\program files\SFR
2009-01-28 16:29 --------- d-----w c:\programdata\Avg7
2009-01-24 10:31 9,847,296 ----a-w c:\windows\System32\NlsData000a.dll
2009-01-23 16:38 61,440 ----a-w c:\windows\System32\winipsec.dll
2009-01-23 16:38 361,984 ----a-w c:\windows\System32\IPSECSVC.DLL
2009-01-23 16:38 28,672 ----a-w c:\windows\System32\FwRemoteSvr.dll
2009-01-23 16:38 272,896 ----a-w c:\windows\System32\polstore.dll
2009-01-23 16:37 94,720 ----a-w c:\windows\System32\PortableDeviceClassExtension.dll
2009-01-23 16:37 241,152 ----a-w c:\windows\System32\PortableDeviceApi.dll
2009-01-23 16:37 160,768 ----a-w c:\windows\System32\PortableDeviceTypes.dll
2009-01-23 16:28 296,960 ----a-w c:\windows\System32\gdi32.dll
2009-01-23 16:27 269,312 ----a-w c:\windows\System32\es.dll
2009-01-23 16:27 212,480 ----a-w c:\windows\system32\drivers\mrxsmb10.sys
2009-01-23 16:26 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll
2009-01-23 16:26 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll
2009-01-23 16:26 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll
2009-01-23 16:26 4,240,384 ----a-w c:\windows\System32\GameUXLegacyGDFs.dll
2009-01-23 16:26 28,672 ----a-w c:\windows\System32\Apphlpdm.dll
2009-01-23 16:26 2,560 ----a-w c:\windows\AppPatch\AcRes.dll
2009-01-23 16:26 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll
2009-01-23 16:26 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll
2009-01-23 16:26 1,695,744 ----a-w c:\windows\System32\gameux.dll
2009-01-23 16:21 988,216 ----a-w c:\windows\System32\winload.exe
2009-01-23 16:21 927,288 ----a-w c:\windows\System32\winresume.exe
2009-01-23 16:21 615,992 ----a-w c:\windows\System32\ci.dll
2009-01-23 16:21 6,656 ----a-w c:\windows\System32\kbd106n.dll
2009-01-23 16:21 46,592 ----a-w c:\windows\System32\setbcdlocale.dll
2009-01-23 16:21 40,960 ----a-w c:\windows\System32\srclient.dll
2009-01-23 16:21 378,368 ----a-w c:\windows\System32\srcore.dll
2009-01-23 16:21 318,464 ----a-w c:\windows\System32\rstrui.exe
2009-01-23 16:21 19,000 ----a-w c:\windows\System32\kd1394.dll
2009-01-23 16:21 14,848 ----a-w c:\windows\System32\srdelayed.exe
2009-01-23 16:18 --------- d-----w c:\program files\MSXML 4.0
2009-01-22 14:29 --------- d-----w c:\programdata\Azureus
2009-01-22 08:39 303,616 ----a-w c:\windows\System32\wmpeffects.dll
2009-01-22 08:38 2,032,640 ----a-w c:\windows\System32\win32k.sys
2009-01-22 08:37 2,048 ----a-w c:\windows\System32\msxml3r.dll
2009-01-22 08:37 1,191,936 ----a-w c:\windows\System32\msxml3.dll
2009-01-22 08:33 2,048 ----a-w c:\windows\System32\tzres.dll
2009-01-22 08:28 2,927,104 ----a-w c:\windows\explorer.exe
2009-01-22 08:20 712,704 ----a-w c:\windows\System32\WindowsCodecs.dll
2009-01-22 08:20 443,392 ----a-w c:\windows\System32\win32spl.dll
2009-01-22 08:20 425,472 ----a-w c:\windows\System32\PhotoMetadataHandler.dll
2009-01-22 08:20 37,888 ----a-w c:\windows\System32\printcom.dll
2009-01-22 08:20 347,648 ----a-w c:\windows\System32\WindowsCodecsExt.dll
2009-01-22 08:19 14,848 ----a-w c:\windows\System32\wshrm.dll
2009-01-22 08:19 113,664 ----a-w c:\windows\system32\drivers\rmcast.sys
2009-01-22 08:18 288,768 ----a-w c:\windows\system32\drivers\srv.sys
2009-01-22 08:17 996,352 ----a-w c:\windows\System32\WMNetMgr.dll
2009-01-22 08:17 98,816 ----a-w c:\windows\System32\mfps.dll
2009-01-22 08:17 94,720 ----a-w c:\windows\System32\logagent.exe
2009-01-22 08:17 53,248 ----a-w c:\windows\System32\rrinstaller.exe
2009-01-22 08:17 24,576 ----a-w c:\windows\System32\mfpmp.exe
2009-01-22 08:17 2,868,736 ----a-w c:\windows\System32\mf.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-03-05_21.56.43,47 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-03-05 19:14:24 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-03-06 17:04:23 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-03-05 19:14:24 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-03-06 17:04:23 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-03-05 20:51:43 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2009-03-06 17:06:01 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
- 2009-03-05 19:15:40 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2009-03-06 17:06:07 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2009-03-06 17:06:07 262,144 ---ha-w c:\windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
- 2009-03-05 20:24:26 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-03-06 18:39:42 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-03-05 20:24:26 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-03-06 18:39:42 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-03-05 20:24:26 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-03-06 18:39:42 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-03-05 20:55:21 104,296 ----a-w c:\windows\System32\perfc009.dat
+ 2009-03-06 17:14:56 104,296 ----a-w c:\windows\System32\perfc009.dat
- 2009-03-05 20:55:21 126,594 ----a-w c:\windows\System32\perfc00C.dat
+ 2009-03-06 17:14:56 126,594 ----a-w c:\windows\System32\perfc00C.dat
- 2009-03-05 20:55:21 594,108 ----a-w c:\windows\System32\perfh009.dat
+ 2009-03-06 17:14:56 594,108 ----a-w c:\windows\System32\perfh009.dat
- 2009-03-05 20:55:21 676,456 ----a-w c:\windows\System32\perfh00C.dat
+ 2009-03-06 17:14:56 676,456 ----a-w c:\windows\System32\perfh00C.dat
- 2009-03-05 19:16:06 13,732 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2565260227-2245687259-2372371746-1000_UserData.bin
+ 2009-03-06 17:06:14 13,800 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2565260227-2245687259-2372371746-1000_UserData.bin
- 2009-03-05 19:16:06 88,888 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2009-03-06 17:06:13 89,082 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2009-03-05 19:16:03 60,358 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-03-06 17:06:07 60,382 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-02-15 151552]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-08-16 167368]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"Google Update"="c:\users\Kevin MONTHERAT\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-03-04 133104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acer Empowering Technology Monitor"="c:\acer\Empowering Technology\SysMonitor.exe" [2007-01-24 319488]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-02-06 464168]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-02-15 151552]
"F-Secure Manager"="c:\program files\SFR\Pack Sécurité\Common\FSM32.EXE" [2008-09-23 182936]
"F-Secure TNB"="c:\program files\SFR\Pack Sécurité\FSGUI\TNBUtil.exe" [2008-09-23 957024]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2008-11-02 167936]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-28 148888]
"RtHDVCpl"="RtHDVCpl.exe" [2007-03-01 c:\windows\RtHDVCpl.exe]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-04-24 528384]
Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
PCM Media Sharing.lnk - c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe [2007-04-24 200812]
Ralink Wireless Utility.lnk - c:\program files\RALINK\Common\RaUI.exe [2009-02-04 946176]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.mkdmp3enc"= c:\progra~1\ACERAR~1\ACERVI~1\Kernel\Burner\MKDMP3Enc.ACM
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{F95798C9-BF0A-4D20-BD7C-6B38E7FF9FEE}"= c:\program files\Acer Arcade Live\Acer Arcade Live Main Page\Acer Arcade Live.exe:Acer Arcade Live
"{A5333138-7820-4A45-A0F8-9FD93BB4D627}"= c:\program files\Acer Arcade Live\Acer DV Magician\Component\ARAWP.exe:DV Magician ARA workprocess
"{D585109C-A3E9-47A0-B1F8-BEF827E9F6D7}"= c:\program files\Acer Arcade Live\Acer DV Magician\Component\DVAX2Process.exe:DV Magician AVAX workprocess
"{31A60708-F002-42F4-9908-B33BD16550DD}"= c:\program files\Acer Arcade Live\SlideShow DVD\Component\CLSLDVD.exe:SlideShow DVD workprocess
"{932D4E56-6D5F-4909-A913-8B5947834283}"= c:\program files\Acer Arcade Live\Acer VideoMagician\VideoMagician.exe:VideoMagician
"{B4E3A7E7-6249-4309-B05F-B68B9B030828}"= c:\program files\Acer Arcade Live\Acer DVDivine\DVDivine.exe:DVDivine
"{383C1570-BA3C-4015-8188-2C4B6D3284C4}"= c:\program files\Acer Arcade Live\Acer HomeMedia\HomeMedia.exe:HomeMedia
"{96FB5B8F-6D95-4F7A-809C-7952FC936ACB}"= c:\program files\Acer Arcade Live\Acer HomeMedia Connect\HomeMedia Connect.exe:HomeMedia Connect
"{4FF06BD9-4370-4B76-ACF7-40542F1CF716}"= c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.EXE:HomeMedia Connect Service
"{98664FF4-6B05-4F6A-9AA8-4AB9AD382F88}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{ACE965AF-3E79-4CEA-88D0-A0B298285A08}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{D86BA326-F11F-48E9-8234-8AE39B834488}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{C39F29EE-DA75-44D0-A759-A2E05856A4A2}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{89B64FBA-3EED-4DB7-A281-2F9BDB2665B0}"= UDP:d:\logiciels installer\call of duty 4\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{89654656-1DB9-4BB8-A900-E9D057DDD2E4}"= TCP:d:\logiciels installer\call of duty 4\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{C47DE0E0-4BD4-4A91-BD8B-0C78813CCB9B}"= UDP:d:\jeux\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)
"{9FD1E30E-7800-4419-8C93-30ECCF58E9E9}"= TCP:d:\jeux\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)
"{134D50B9-E8A3-4C26-85A4-0EE7E0B21114}"= UDP:d:\jeux\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)
"{AF909CFB-2CB9-49B0-88B6-F294A0E36CDE}"= TCP:d:\jeux\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)
"{EE4FFA63-6B21-40EE-A0BE-2C152FBE7618}"= TCP:6004|c:\program files\Microsoft Office 2007\Office12\outlook.exe:Microsoft Office Outlook
"{8C41EABF-CC68-4EB1-AA96-C126DA3F9925}"= UDP:c:\program files\Microsoft Office 2007\Office12\GROOVE.EXE:Microsoft Office Groove
"{856E2AB8-B407-4917-8EBC-C7E2FA31A891}"= TCP:c:\program files\Microsoft Office 2007\Office12\GROOVE.EXE:Microsoft Office Groove
"{8F24B4D6-C4FC-4E7B-B33D-EC3E599039F1}"= UDP:c:\program files\Microsoft Office 2007\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{58AC9DEF-E39F-4733-B55B-6E4E2A514535}"= TCP:c:\program files\Microsoft Office 2007\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{80AF612D-A611-496E-B9BC-DB1B5D1E27FF}"= UDP:c:\program files\Grisoft\AVG7\avginet.exe:avginet.exe
"{80ABE62D-E174-4CC3-9E83-79076FC68605}"= TCP:c:\program files\Grisoft\AVG7\avginet.exe:avginet.exe
"{A0C24512-1D74-451C-B7F6-51072309D723}"= UDP:c:\program files\Grisoft\AVG7\avgamsvr.exe:avgamsvr.exe
"{49F6A9C9-94AF-4957-914D-5D96CF560B74}"= TCP:c:\program files\Grisoft\AVG7\avgamsvr.exe:avgamsvr.exe
"{552A529F-BAF1-4787-B320-3F35F6296502}"= UDP:c:\program files\Grisoft\AVG7\avgcc.exe:avgcc.exe
"{2F26A7D9-26CC-47D3-9C27-A0AB761A3CE0}"= TCP:c:\program files\Grisoft\AVG7\avgcc.exe:avgcc.exe
"{930EFD28-6339-408F-BD20-D99F23FB0161}"= UDP:c:\program files\GameSpy Arcade\Aphex.exe:GameSpy Arcade
"{5B2FE4EE-E54A-4726-A664-FD4FEC2AA1C9}"= TCP:c:\program files\GameSpy Arcade\Aphex.exe:GameSpy Arcade
"TCP Query User{02B441EE-6E51-4EC5-8260-600541CD56D2}c:\\program files\\limewire\\limewire.exe"= UDP:c:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{5AC94F14-3F8E-45A1-A02A-B8FF5C2BFB56}c:\\program files\\limewire\\limewire.exe"= TCP:c:\program files\limewire\limewire.exe:LimeWire
"TCP Query User{F44333BC-15FA-4D16-B460-183FE8C4137E}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{5ADD8998-C2F5-4486-9B03-692A330B7462}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"TCP Query User{90EFDDF3-E873-4DEC-BFA3-A69458219ACE}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus
"UDP Query User{B35586BA-BC48-4745-8538-52D098074F43}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus
"{C39C42F5-BA0A-4946-8E4D-ADCFCD10FE01}"= UDP:c:\program files\Zattoo\Zattoo.exe:Zattoo
"{4D327FB6-A0FC-46BD-9228-6E98BD2BA4FF}"= TCP:c:\program files\Zattoo\Zattoo.exe:Zattoo
"TCP Query User{885A49E5-7C53-4E3E-9D2A-AC6E7C906BB8}c:\\program files\\zattoo\\zattood.exe"= UDP:c:\program files\zattoo\zattood.exe:zattood
"UDP Query User{57AB26D7-53AA-4855-ACC9-DB5D433AE6F2}c:\\program files\\zattoo\\zattood.exe"= TCP:c:\program files\zattoo\zattood.exe:zattood
"TCP Query User{C2D5C423-31AB-4ACB-B8D7-F3DBEAB31BBF}d:\\jeux\\sega rally\\sega rally.exe"= UDP:d:\jeux\sega rally\sega rally.exe:SEGA Rally
"UDP Query User{2CC3FDF7-32F3-4286-B4E5-8CD9D9D8DC15}d:\\jeux\\sega rally\\sega rally.exe"= TCP:d:\jeux\sega rally\sega rally.exe:SEGA Rally
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Acer\\Empowering Technology\\eDataSecurity\\eDSfsu.exe"= c:\acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu
"c:\\Acer\\Empowering Technology\\eDataSecurity\\encryption.exe"= c:\acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption
"c:\\Acer\\Empowering Technology\\eDataSecurity\\decryption.exe"= c:\acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption
R0 fsbts;fsbts;c:\windows\System32\drivers\fsbts.sys [2009-01-28 33408]
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);c:\windows\System32\drivers\sfsync03.sys [2006-07-11 42392]
R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\SFR\Pack Sécurité\HIPS\drivers\fshs.sys [2009-01-28 66720]
R1 FSES;F-Secure Email Scanning Driver;c:\windows\System32\drivers\fses.sys [2009-01-28 35552]
R1 FSFW;F-Secure Firewall Driver;c:\windows\System32\drivers\fsdfw.sys [2009-01-28 70944]
R1 fsvista;F-Secure Vista Support Driver;c:\program files\SFR\Pack Sécurité\Anti-Virus\minifilter\fsvista.sys [2009-01-28 12384]
R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2007-04-24 266343]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\SFR\Pack Sécurité\Anti-Virus\minifilter\fsgk.sys [2009-01-28 84616]
R3 FSORSPClient;F-Secure ORSP Client;c:\program files\SFR\Pack Sécurité\ORSP Client\fsorsp.exe [2009-01-28 55904]
R3 netr73;RT73 USB Wireless LAN Card Driver for Vista;c:\windows\System32\drivers\netr73.sys [2009-02-04 265216]
S2 gupdate1c98c646521307c;Google Update Service (gupdate1c98c646521307c);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-11 133104]
S3 WSVD;WSVD;c:\windows\System32\drivers\WSVD.sys [2007-12-08 80744]
S4 F-Secure Filter;F-Secure File System Filter;c:\program files\SFR\Pack Sécurité\Anti-Virus\win2k\fsfilter.sys [2009-01-28 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\SFR\Pack Sécurité\Anti-Virus\win2k\fsrec.sys [2009-01-28 25184]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\L]
\shell\AutoRun\command - L:\RunGame.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{69961655-fb38-11dc-a182-0019dbacc2ff}]
\shell\AutoRun\command - J:\Autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8cc48b0e-4d11-11dd-b96e-0019dbacc2ff}]
\shell\AutoRun\command - K:\autorun.exe
\shell\directx\command - k:\directx9\dxsetup.exe
\shell\setup\command - K:\install.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b2fc1323-579a-11dc-99db-806e6f6e6963}]
\shell\AutoRun\command - E:\setup.exe
.
Contenu du dossier 'Tâches planifiées'
2009-03-06 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-11 17:15]
2009-03-06 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-11 17:18]
2009-03-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2565260227-2245687259-2372371746-1000.job
- c:\users\Kevin MONTHERAT\AppData\Local\Google\Update\GoogleUpdate.exe [2009-03-04 16:05]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2102473
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uSearchURL,(Default) = hxxp://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
LSP: c:\program files\SFR\Pack Se9,curite9,\FSPS\program\fslsp.dll
FF - ProfilePath - c:\users\Kevin MONTHERAT\AppData\Roaming\Mozilla\Firefox\Profiles\fpq39xcu.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - component: c:\program files\Mozilla Firefox\extensions\{1c491116-c175-45e1-a570-6fb14fea8b7b}\components\FFAlert.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1487.6512\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\Kevin MONTHERAT\AppData\Local\Google\Update\1.2.141.5\npGoogleOneClick7.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-06 19:43:50
Windows 6.0.6001 Service Pack 1 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(964)
c:\program files\SFR\Pack Sécurité\FWES\Program\fsdc32.dll
- - - - - - - > 'lsass.exe'(792)
c:\program files\SFR\Pack Sécurité\FWES\Program\fsdc32.dll
- - - - - - - > 'Explorer.exe'(6016)
c:\program files\SFR\Pack Sécurité\Spam Control\fsscoepl.dll
c:\windows\system32\MsnChatHook.dll
c:\windows\system32\ShowErrMsg.dll
c:\windows\system32\sysenv.dll
c:\windows\system32\BatchCrypto.dll
c:\windows\system32\CryptoAPI.dll
c:\windows\system32\keyManager.dll
- - - - - - - > 'csrss.exe'(676)
c:\program files\SFR\Pack Sécurité\FWES\Program\fsdc32.dll
- - - - - - - > 'csrss.exe'(740)
c:\program files\SFR\Pack Sécurité\FWES\Program\fsdc32.dll
.
Heure de fin: 2009-03-06 19:45:45
ComboFix-quarantined-files.txt 2009-03-06 18:45:41
ComboFix2.txt 2009-03-05 20:58:07
Avant-CF: 174 424 412 160 octets libres
Après-CF: 174,390,992,896 octets libres
383 --- E O F --- 2009-03-06 17:10:19
re,
Télécharge DirLook de jpshortstuff sur ton bureau :
http://jpshortstuff.247fixes.com/DirLook.exe
* Double-clique sur "DirLook.exe" pour lancer l'outil .
-> Vérifie que "Show Hidden Files" et "BBCode Ouput" soient cochées .
-> Copies/colle le texte ci-dessous dans la fenêtre :
C:\Fraps
* Clique sur le bouton [DirLook] pour lancer l'examen .
( laisse travailler , cela peut être plus ou moins long )
Quand il est terminé, une fenêtre du Bloc-notes s'ouvre avec le résultat du scan.
-> Poste ce rapport dans ta prochaine réponse pour analyse ...
( Note : Le rapport est en outre sauvegardé ici C:\dl_log.txt )
Télécharge DirLook de jpshortstuff sur ton bureau :
http://jpshortstuff.247fixes.com/DirLook.exe
* Double-clique sur "DirLook.exe" pour lancer l'outil .
-> Vérifie que "Show Hidden Files" et "BBCode Ouput" soient cochées .
-> Copies/colle le texte ci-dessous dans la fenêtre :
C:\Fraps
* Clique sur le bouton [DirLook] pour lancer l'examen .
( laisse travailler , cela peut être plus ou moins long )
Quand il est terminé, une fenêtre du Bloc-notes s'ouvre avec le résultat du scan.
-> Poste ce rapport dans ta prochaine réponse pour analyse ...
( Note : Le rapport est en outre sauvegardé ici C:\dl_log.txt )
voila le rapport mais je ne sait pas si c'est le bon!
DirLook.exe v2.0 by jpshortstuff
Log created at 20:49 on 06/03/2009
==================================[b]
Contents of "C:\Fraps"
[/b]
[b][color=blue]---FOLDERS---[/b][/color]
[b]HELP[/b] (Created on 27/02/2009 at 18:12) d-----
[b][color=blue]---FILES---[/b][/color]
[b]changes.txt[/b] (15706 bytes - created on 03/01/2009 at 13:21, modified on 03/01/2009 at 13:21) --a---
[b]fraps.dll[/b] (188416 bytes - created on 03/01/2009 at 08:07, modified on 03/01/2009 at 08:07) --a---
[b]fraps.exe[/b] (1031848 bytes - created on 03/01/2009 at 08:10, modified on 03/01/2009 at 08:10) --a---
[b]fraps64.dat[/b] (74920 bytes - created on 03/01/2009 at 08:09, modified on 03/01/2009 at 08:09) --a---
[b]fraps64.dll[/b] (128512 bytes - created on 03/01/2009 at 08:06, modified on 03/01/2009 at 08:06) --a---
[b]frapslcd.dll[/b] (159744 bytes - created on 03/01/2009 at 08:06, modified on 03/01/2009 at 08:06) --a---
[b]README.HTM[/b] (1852 bytes - created on 01/01/2009 at 12:58, modified on 01/01/2009 at 12:58) --a---
[b]uninstall.exe[/b] (34561 bytes - created on 27/02/2009 at 18:12, modified on 27/02/2009 at 18:12) --a---
==================================
[b][color=blue]=EOF=[/b][/color]
DirLook.exe v2.0 by jpshortstuff
Log created at 20:49 on 06/03/2009
==================================[b]
Contents of "C:\Fraps"
[/b]
[b][color=blue]---FOLDERS---[/b][/color]
[b]HELP[/b] (Created on 27/02/2009 at 18:12) d-----
[b][color=blue]---FILES---[/b][/color]
[b]changes.txt[/b] (15706 bytes - created on 03/01/2009 at 13:21, modified on 03/01/2009 at 13:21) --a---
[b]fraps.dll[/b] (188416 bytes - created on 03/01/2009 at 08:07, modified on 03/01/2009 at 08:07) --a---
[b]fraps.exe[/b] (1031848 bytes - created on 03/01/2009 at 08:10, modified on 03/01/2009 at 08:10) --a---
[b]fraps64.dat[/b] (74920 bytes - created on 03/01/2009 at 08:09, modified on 03/01/2009 at 08:09) --a---
[b]fraps64.dll[/b] (128512 bytes - created on 03/01/2009 at 08:06, modified on 03/01/2009 at 08:06) --a---
[b]frapslcd.dll[/b] (159744 bytes - created on 03/01/2009 at 08:06, modified on 03/01/2009 at 08:06) --a---
[b]README.HTM[/b] (1852 bytes - created on 01/01/2009 at 12:58, modified on 01/01/2009 at 12:58) --a---
[b]uninstall.exe[/b] (34561 bytes - created on 27/02/2009 at 18:12, modified on 27/02/2009 at 18:12) --a---
==================================
[b][color=blue]=EOF=[/b][/color]
bien ...
on va vérifier quelque chose :
1- Avoir accès aux fichiers cachés :
Va dans Menu Démarrer->Poste de travail->Outils->Options des dossiers...->Affichage
* "Afficher les fichiers et dossiers cachés" ---> coché
* "Masquer les extensions des fichiers dont le type est connu" ---> décoché
* "masquer les fichiers du système" ---> décoché
-> valide la modif ( "appliquer" puis "ok" ).
( tu remetteras les paramètres de départ une fois la désinfection terminée , pas avant ... )
2- Rends toi sur ce site :
https://www.virustotal.com/gui/
Copies ce qui suit et colles le dans l'espace pour la recherche :
C:\Fraps\fraps.exe
Clique sur Send File ( = " Envoyer le fichier " ).
Un rapport va s'élaborer ligne à ligne.
Attends bien la fin ... Il doit comprendre la taille du fichier envoyé.
Sauvegarde le rapport avec le bloc-note.
Copie le dans ta prochaine réponse ...
( Si VirusTotal indique que le fichier a déjà été analysé, clique sur le bouton Ré-analyse le fichier maintenant )
Fais de même pour :
C:\Fraps\fraps.dll
C:\Fraps\frapslcd.dll
Poste moi donc ces 3 rapports ( surtout le début avec le listing des AV , et en précisant bien au début de chacuns à quel fichier ils correspondent ) et attends la suite ...
on va vérifier quelque chose :
1- Avoir accès aux fichiers cachés :
Va dans Menu Démarrer->Poste de travail->Outils->Options des dossiers...->Affichage
* "Afficher les fichiers et dossiers cachés" ---> coché
* "Masquer les extensions des fichiers dont le type est connu" ---> décoché
* "masquer les fichiers du système" ---> décoché
-> valide la modif ( "appliquer" puis "ok" ).
( tu remetteras les paramètres de départ une fois la désinfection terminée , pas avant ... )
2- Rends toi sur ce site :
https://www.virustotal.com/gui/
Copies ce qui suit et colles le dans l'espace pour la recherche :
C:\Fraps\fraps.exe
Clique sur Send File ( = " Envoyer le fichier " ).
Un rapport va s'élaborer ligne à ligne.
Attends bien la fin ... Il doit comprendre la taille du fichier envoyé.
Sauvegarde le rapport avec le bloc-note.
Copie le dans ta prochaine réponse ...
( Si VirusTotal indique que le fichier a déjà été analysé, clique sur le bouton Ré-analyse le fichier maintenant )
Fais de même pour :
C:\Fraps\fraps.dll
C:\Fraps\frapslcd.dll
Poste moi donc ces 3 rapports ( surtout le début avec le listing des AV , et en précisant bien au début de chacuns à quel fichier ils correspondent ) et attends la suite ...
Excuse moi de te répondre que maintenant je n'ai pa pu avant!
voila l'analyse pour fraps.exe:
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.03.13 -
AhnLab-V3 5.0.0.2 2009.03.13 -
AntiVir 7.9.0.114 2009.03.13 -
Authentium 5.1.0.4 2009.03.13 -
Avast 4.8.1335.0 2009.03.13 -
AVG 8.0.0.237 2009.03.13 -
BitDefender 7.2 2009.03.13 -
CAT-QuickHeal 10.00 2009.03.13 (Suspicious) - DNAScan
ClamAV 0.94.1 2009.03.13 -
Comodo 1053 2009.03.13 -
DrWeb 4.44.0.09170 2009.03.13 -
eSafe 7.0.17.0 2009.03.12 Win32.Ad.Spyware.loo
eTrust-Vet 31.6.6388 2009.03.09 -
F-Prot 4.4.4.56 2009.03.13 -
F-Secure 8.0.14470.0 2009.03.13 -
Fortinet 3.117.0.0 2009.03.13 -
GData 19 2009.03.13 -
Ikarus T3.1.1.45.0 2009.03.13 -
K7AntiVirus 7.10.668 2009.03.12 -
Kaspersky 7.0.0.125 2009.03.13 -
McAfee 5552 2009.03.13 -
McAfee+Artemis 5552 2009.03.13 -
McAfee-GW-Edition 6.7.6 2009.03.13 -
Microsoft 1.4405 2009.03.13 -
NOD32 3935 2009.03.13 -
Norman 6.00.06 2009.03.13 -
nProtect 2009.1.8.0 2009.03.13 -
Panda 10.0.0.10 2009.03.13 -
PCTools 4.4.2.0 2009.03.13 -
Prevx1 V2 2009.03.13 -
Rising 21.20.42.00 2009.03.13 -
Sophos 4.39.0 2009.03.13 -
Sunbelt 3.2.1858.2 2009.03.13 -
Symantec 1.4.4.12 2009.03.13 -
TheHacker 6.3.3.0.281 2009.03.13 -
TrendMicro 8.700.0.1004 2009.03.13 -
VBA32 3.12.10.1 2009.03.12 -
ViRobot 2009.3.13.1648 2009.03.13 -
VirusBuster 4.6.5.0 2009.03.13 -
Information additionnelle
File size: 1031848 bytes
MD5...: 660a60936e67c926fa9860356cf48eb8
SHA1..: 3dad89b8e2edd5bcb1d713cf07775f57f5c5f77d
SHA256: 36a443cc33ed8f1f4852057c45c564779ed1e1525a469886ef237395219e47db
SHA512: 0e861bee1aeb68d9d8298ae8b3eca96ebae39c15685b4c7e007ad00417f1119c
adad3f6d317b713e05a22757edcb66e84d2c9ee201573e34efbc7b898ce79bae
ssdeep: 24576:T7PWCyy+7UAU2w5ecZ+EFXuyliLXWIbdQiPi4:PWCt1/ecZ1MF64
PEiD..: -
TrID..: File type identification
Generic Win/DOS Executable (49.9%)
DOS Executable Generic (49.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x634c2
timedatestamp.....: 0x495f1c99 (Sat Jan 03 08:06:49 2009)
machinetype.......: 0x14c (I386)
( 8 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x1cd8b 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rdata 0x1e000 0x4272 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.data 0x23000 0x7628 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.text1 0x2b000 0x50000 0x42000 6.47 7bd7b64e9948c9cb0867f29471b8c774
.adata 0x7b000 0x10000 0xd000 0.00 938d6d97628275a512e07c66be5ccecf
.data1 0x8b000 0x20000 0xb000 3.72 5124ff7e5341e2b404b50c8f4ec9139b
.pdata 0xab000 0x80000 0x7b000 7.99 755dfe7bf0ff81675e25e615a2ca04c9
.rsrc 0x12b000 0x17b000 0x25000 5.93 47e772cacf7b6c84deb10c5421eda9b6
( 3 imports )
> KERNEL32.dll: CreateThread, GlobalUnlock, GlobalLock, GlobalAlloc, GetTickCount, WideCharToMultiByte, IsBadReadPtr, GlobalAddAtomA, GlobalAddAtomW, GetModuleHandleA, GlobalFree, GlobalGetAtomNameA, GlobalDeleteAtom, GlobalGetAtomNameW, FreeConsole, GetEnvironmentVariableA, VirtualProtect, VirtualAlloc, GetProcAddress, GetLastError, LoadLibraryA, SetLastError, SetThreadPriority, GetCurrentThread, CreateProcessA, GetCommandLineA, GetStartupInfoA, SetEnvironmentVariableA, ReleaseMutex, WaitForSingleObject, CreateMutexA, OpenMutexA, GetCurrentThreadId, CreateFileA, FindClose, FindFirstFileA, FindFirstFileW, VirtualQueryEx, GetExitCodeProcess, ReadProcessMemory, UnmapViewOfFile, ContinueDebugEvent, SetThreadContext, GetThreadContext, WaitForDebugEvent, SuspendThread, DebugActiveProcess, ResumeThread, CreateProcessW, GetCommandLineW, GetStartupInfoW, CloseHandle, DuplicateHandle, GetCurrentProcess, CreateFileMappingA, VirtualProtectEx, WriteProcessMemory, ExitProcess, FlushFileBuffers, WriteConsoleW, GetConsoleOutputCP, WriteConsoleA, SetStdHandle, GetConsoleMode, GetConsoleCP, SetFilePointer, GetLocaleInfoA, GetStringTypeW, GetStringTypeA, LCMapStringW, MultiByteToWideChar, LCMapStringA, HeapSize, HeapReAlloc, QueryPerformanceCounter, VirtualFree, HeapCreate, HeapDestroy, GetFileType, SetHandleCount, GetEnvironmentStringsW, FreeEnvironmentStringsW, GetEnvironmentStrings, FreeEnvironmentStringsA, RtlUnwind, DeleteCriticalSection, GetStdHandle, WriteFile, TlsFree, TlsSetValue, TlsAlloc, TlsGetValue, Sleep, EnterCriticalSection, LeaveCriticalSection, GetVersionExA, InitializeCriticalSection, GetCurrentProcessId, GetModuleFileNameW, GetShortPathNameW, GetModuleFileNameA, MapViewOfFile, GetShortPathNameA, GetSystemTimeAsFileTime, HeapFree, HeapAlloc, GetProcessHeap, RaiseException, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, GetCPInfo, InterlockedIncrement, InterlockedDecrement, GetACP, GetOEMCP, IsValidCodePage
> USER32.dll: GetDesktopWindow, MoveWindow, SetPropA, EnumThreadWindows, GetPropA, GetMessageA, GetSystemMetrics, SetTimer, GetAsyncKeyState, KillTimer, BeginPaint, EndPaint, SetWindowTextA, GetDlgItem, CreateDialogIndirectParamA, ShowWindow, UpdateWindow, LoadStringA, LoadStringW, FindWindowA, WaitForInputIdle, MessageBoxA, InSendMessage, UnpackDDElParam, FreeDDElParam, DefWindowProcA, LoadCursorA, RegisterClassW, CreateWindowExW, RegisterClassA, CreateWindowExA, GetWindowThreadProcessId, SendMessageW, SendMessageA, PeekMessageA, TranslateMessage, DispatchMessageA, EnumWindows, IsWindowUnicode, PackDDElParam, PostMessageW, PostMessageA, IsWindow, DestroyWindow
> GDI32.dll: CreateDCA, CreateDIBitmap, CreateCompatibleDC, SelectObject, SelectPalette, RealizePalette, BitBlt, DeleteDC, DeleteObject, CreatePalette
( 0 exports )
CWSandbox info: <a href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=660a60936e67c926fa9860356cf48eb8' target='_blank'>http://research.sunbelt-software.com/...
packers (Kaspersky): Armadillo
voila l'analyse pour fraps.exe:
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.03.13 -
AhnLab-V3 5.0.0.2 2009.03.13 -
AntiVir 7.9.0.114 2009.03.13 -
Authentium 5.1.0.4 2009.03.13 -
Avast 4.8.1335.0 2009.03.13 -
AVG 8.0.0.237 2009.03.13 -
BitDefender 7.2 2009.03.13 -
CAT-QuickHeal 10.00 2009.03.13 (Suspicious) - DNAScan
ClamAV 0.94.1 2009.03.13 -
Comodo 1053 2009.03.13 -
DrWeb 4.44.0.09170 2009.03.13 -
eSafe 7.0.17.0 2009.03.12 Win32.Ad.Spyware.loo
eTrust-Vet 31.6.6388 2009.03.09 -
F-Prot 4.4.4.56 2009.03.13 -
F-Secure 8.0.14470.0 2009.03.13 -
Fortinet 3.117.0.0 2009.03.13 -
GData 19 2009.03.13 -
Ikarus T3.1.1.45.0 2009.03.13 -
K7AntiVirus 7.10.668 2009.03.12 -
Kaspersky 7.0.0.125 2009.03.13 -
McAfee 5552 2009.03.13 -
McAfee+Artemis 5552 2009.03.13 -
McAfee-GW-Edition 6.7.6 2009.03.13 -
Microsoft 1.4405 2009.03.13 -
NOD32 3935 2009.03.13 -
Norman 6.00.06 2009.03.13 -
nProtect 2009.1.8.0 2009.03.13 -
Panda 10.0.0.10 2009.03.13 -
PCTools 4.4.2.0 2009.03.13 -
Prevx1 V2 2009.03.13 -
Rising 21.20.42.00 2009.03.13 -
Sophos 4.39.0 2009.03.13 -
Sunbelt 3.2.1858.2 2009.03.13 -
Symantec 1.4.4.12 2009.03.13 -
TheHacker 6.3.3.0.281 2009.03.13 -
TrendMicro 8.700.0.1004 2009.03.13 -
VBA32 3.12.10.1 2009.03.12 -
ViRobot 2009.3.13.1648 2009.03.13 -
VirusBuster 4.6.5.0 2009.03.13 -
Information additionnelle
File size: 1031848 bytes
MD5...: 660a60936e67c926fa9860356cf48eb8
SHA1..: 3dad89b8e2edd5bcb1d713cf07775f57f5c5f77d
SHA256: 36a443cc33ed8f1f4852057c45c564779ed1e1525a469886ef237395219e47db
SHA512: 0e861bee1aeb68d9d8298ae8b3eca96ebae39c15685b4c7e007ad00417f1119c
adad3f6d317b713e05a22757edcb66e84d2c9ee201573e34efbc7b898ce79bae
ssdeep: 24576:T7PWCyy+7UAU2w5ecZ+EFXuyliLXWIbdQiPi4:PWCt1/ecZ1MF64
PEiD..: -
TrID..: File type identification
Generic Win/DOS Executable (49.9%)
DOS Executable Generic (49.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x634c2
timedatestamp.....: 0x495f1c99 (Sat Jan 03 08:06:49 2009)
machinetype.......: 0x14c (I386)
( 8 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x1cd8b 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rdata 0x1e000 0x4272 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.data 0x23000 0x7628 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.text1 0x2b000 0x50000 0x42000 6.47 7bd7b64e9948c9cb0867f29471b8c774
.adata 0x7b000 0x10000 0xd000 0.00 938d6d97628275a512e07c66be5ccecf
.data1 0x8b000 0x20000 0xb000 3.72 5124ff7e5341e2b404b50c8f4ec9139b
.pdata 0xab000 0x80000 0x7b000 7.99 755dfe7bf0ff81675e25e615a2ca04c9
.rsrc 0x12b000 0x17b000 0x25000 5.93 47e772cacf7b6c84deb10c5421eda9b6
( 3 imports )
> KERNEL32.dll: CreateThread, GlobalUnlock, GlobalLock, GlobalAlloc, GetTickCount, WideCharToMultiByte, IsBadReadPtr, GlobalAddAtomA, GlobalAddAtomW, GetModuleHandleA, GlobalFree, GlobalGetAtomNameA, GlobalDeleteAtom, GlobalGetAtomNameW, FreeConsole, GetEnvironmentVariableA, VirtualProtect, VirtualAlloc, GetProcAddress, GetLastError, LoadLibraryA, SetLastError, SetThreadPriority, GetCurrentThread, CreateProcessA, GetCommandLineA, GetStartupInfoA, SetEnvironmentVariableA, ReleaseMutex, WaitForSingleObject, CreateMutexA, OpenMutexA, GetCurrentThreadId, CreateFileA, FindClose, FindFirstFileA, FindFirstFileW, VirtualQueryEx, GetExitCodeProcess, ReadProcessMemory, UnmapViewOfFile, ContinueDebugEvent, SetThreadContext, GetThreadContext, WaitForDebugEvent, SuspendThread, DebugActiveProcess, ResumeThread, CreateProcessW, GetCommandLineW, GetStartupInfoW, CloseHandle, DuplicateHandle, GetCurrentProcess, CreateFileMappingA, VirtualProtectEx, WriteProcessMemory, ExitProcess, FlushFileBuffers, WriteConsoleW, GetConsoleOutputCP, WriteConsoleA, SetStdHandle, GetConsoleMode, GetConsoleCP, SetFilePointer, GetLocaleInfoA, GetStringTypeW, GetStringTypeA, LCMapStringW, MultiByteToWideChar, LCMapStringA, HeapSize, HeapReAlloc, QueryPerformanceCounter, VirtualFree, HeapCreate, HeapDestroy, GetFileType, SetHandleCount, GetEnvironmentStringsW, FreeEnvironmentStringsW, GetEnvironmentStrings, FreeEnvironmentStringsA, RtlUnwind, DeleteCriticalSection, GetStdHandle, WriteFile, TlsFree, TlsSetValue, TlsAlloc, TlsGetValue, Sleep, EnterCriticalSection, LeaveCriticalSection, GetVersionExA, InitializeCriticalSection, GetCurrentProcessId, GetModuleFileNameW, GetShortPathNameW, GetModuleFileNameA, MapViewOfFile, GetShortPathNameA, GetSystemTimeAsFileTime, HeapFree, HeapAlloc, GetProcessHeap, RaiseException, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, GetCPInfo, InterlockedIncrement, InterlockedDecrement, GetACP, GetOEMCP, IsValidCodePage
> USER32.dll: GetDesktopWindow, MoveWindow, SetPropA, EnumThreadWindows, GetPropA, GetMessageA, GetSystemMetrics, SetTimer, GetAsyncKeyState, KillTimer, BeginPaint, EndPaint, SetWindowTextA, GetDlgItem, CreateDialogIndirectParamA, ShowWindow, UpdateWindow, LoadStringA, LoadStringW, FindWindowA, WaitForInputIdle, MessageBoxA, InSendMessage, UnpackDDElParam, FreeDDElParam, DefWindowProcA, LoadCursorA, RegisterClassW, CreateWindowExW, RegisterClassA, CreateWindowExA, GetWindowThreadProcessId, SendMessageW, SendMessageA, PeekMessageA, TranslateMessage, DispatchMessageA, EnumWindows, IsWindowUnicode, PackDDElParam, PostMessageW, PostMessageA, IsWindow, DestroyWindow
> GDI32.dll: CreateDCA, CreateDIBitmap, CreateCompatibleDC, SelectObject, SelectPalette, RealizePalette, BitBlt, DeleteDC, DeleteObject, CreatePalette
( 0 exports )
CWSandbox info: <a href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=660a60936e67c926fa9860356cf48eb8' target='_blank'>http://research.sunbelt-software.com/...
packers (Kaspersky): Armadillo
Re,
désolé de ne pas te répondre plus vite!!
voila l'analyse pour fraps.dll
a-squared 4.0.0.101 2009.03.17 -
AhnLab-V3 5.0.0.2 2009.03.17 -
AntiVir 7.9.0.116 2009.03.17 -
Authentium 5.1.0.4 2009.03.17 -
Avast 4.8.1335.0 2009.03.17 -
AVG 8.0.0.237 2009.03.17 -
BitDefender 7.2 2009.03.17 -
CAT-QuickHeal 10.00 2009.03.17 -
ClamAV 0.94.1 2009.03.17 -
Comodo 1062 2009.03.17 -
DrWeb 4.44.0.09170 2009.03.17 -
eSafe 7.0.17.0 2009.03.17 -
eTrust-Vet 31.6.6388 2009.03.09 -
F-Prot 4.4.4.56 2009.03.16 -
F-Secure 8.0.14470.0 2009.03.17 -
Fortinet 3.117.0.0 2009.03.17 -
GData 19 2009.03.17 -
Ikarus T3.1.1.45.0 2009.03.17 -
K7AntiVirus 7.10.674 2009.03.17 -
Kaspersky 7.0.0.125 2009.03.17 -
McAfee 5556 2009.03.17 -
McAfee+Artemis 5556 2009.03.17 -
McAfee-GW-Edition 6.7.6 2009.03.17 -
Microsoft 1.4405 2009.03.17 -
NOD32 3943 2009.03.17 -
Norman 6.00.06 2009.03.17 -
nProtect 2009.1.8.0 2009.03.17 -
Panda 10.0.0.10 2009.03.17 -
PCTools 4.4.2.0 2009.03.17 -
Prevx1 V2 2009.03.17 -
Rising 21.21.12.00 2009.03.17 -
Sophos 4.39.0 2009.03.17 -
Sunbelt 3.2.1858.2 2009.03.17 -
Symantec 1.4.4.12 2009.03.17 -
TheHacker 6.3.3.0.283 2009.03.16 -
TrendMicro 8.700.0.1004 2009.03.17 -
VBA32 3.12.10.1 2009.03.16 -
ViRobot 2009.3.17.1652 2009.03.17 -
VirusBuster 4.6.5.0 2009.03.17 -
Information additionnelle
File size: 188416 bytes
MD5...: c1be7bdf79452d5445a33f3002f89060
SHA1..: 2da1d5bedf835130cca377654da43115f6de33b2
SHA256: 5a0006e813c18a7f5f0e607bb6057ab57e9aacf4d3564b23c47da3d6f8f9b984
SHA512: c3784621fd8e832945460417492c022eecff4503e9493dddecac7149f01ad002
7e22d96a2ed6de6b35b2a7ea96bb629d57f305aacb9ef6544c397a418f63d91d
ssdeep: 3072:BfyOrIkqsQAhgVb0O+BLsJ5KokLTLa/h/ujVjS3p3iLTLa/h/ujVjS3p36q
LTLar:gOwVR4OKo4J+yEjI4jZu3r9
PEiD..: -
TrID..: File type identification
Win64 Executable Generic (59.6%)
Win32 Executable MS Visual C++ (generic) (26.2%)
Win32 Executable Generic (5.9%)
Win32 Dynamic Link Library (generic) (5.2%)
Generic Win/DOS Executable (1.3%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x18f08
timedatestamp.....: 0x495f1ca7 (Sat Jan 03 08:07:03 2009)
machinetype.......: 0x14c (I386)
( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x210c4 0x22000 6.71 d31e319f004f82714aa867f958f62bb5
.rdata 0x23000 0x2196 0x3000 4.46 28c679c8a31b703a7f115c716d484576
.data 0x26000 0xf5a0 0x3000 3.87 3b5ed7ff68855ea45b6312be115ce20f
.rsrc 0x36000 0x414 0x1000 3.76 b503637950505882a3e1f539756e65bc
.reloc 0x37000 0x3226 0x4000 5.47 f43a4ce4a772d545b994e71d1c6351a2
( 2 imports )
> KERNEL32.dll: IsBadReadPtr, VirtualAlloc, VirtualFree, CloseHandle, UnmapViewOfFile, FreeLibraryAndExitThread, Sleep, CreateThread, GetSystemDirectoryA, MapViewOfFileEx, OpenFileMappingA, DisableThreadLibraryCalls, GetModuleHandleA, GetProcAddress, TerminateThread, GetCurrentThreadId, GetCommandLineA, HeapFree, GetVersionExA, HeapAlloc, GetProcessHeap, GetCPInfo, InterlockedIncrement, InterlockedDecrement, GetACP, GetOEMCP, IsValidCodePage, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, SetLastError, GetLastError, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, ExitProcess, SetHandleCount, GetStdHandle, GetFileType, GetStartupInfoA, DeleteCriticalSection, GetModuleFileNameA, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStringsW, HeapDestroy, HeapCreate, QueryPerformanceCounter, GetTickCount, GetCurrentProcessId, GetSystemTimeAsFileTime, LCMapStringA, MultiByteToWideChar, LCMapStringW, GetStringTypeA, GetStringTypeW, LeaveCriticalSection, EnterCriticalSection, GetLocaleInfoA, WriteFile, LoadLibraryA, InitializeCriticalSection, HeapReAlloc, RtlUnwind, HeapSize
> USER32.dll: CallNextHookEx, InvalidateRect
( 8 exports )
FrapsCount, FrapsFunc, FrapsKey, FrapsProcCALLWND, FrapsProcCBT, FrapsSetup, FrapsSharedData, FrapsVersion
CWSandbox info: <a href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=c1be7bdf79452d5445a33f3002f89060' target='_blank'>http://research.sunbelt-software.com/...
désolé de ne pas te répondre plus vite!!
voila l'analyse pour fraps.dll
a-squared 4.0.0.101 2009.03.17 -
AhnLab-V3 5.0.0.2 2009.03.17 -
AntiVir 7.9.0.116 2009.03.17 -
Authentium 5.1.0.4 2009.03.17 -
Avast 4.8.1335.0 2009.03.17 -
AVG 8.0.0.237 2009.03.17 -
BitDefender 7.2 2009.03.17 -
CAT-QuickHeal 10.00 2009.03.17 -
ClamAV 0.94.1 2009.03.17 -
Comodo 1062 2009.03.17 -
DrWeb 4.44.0.09170 2009.03.17 -
eSafe 7.0.17.0 2009.03.17 -
eTrust-Vet 31.6.6388 2009.03.09 -
F-Prot 4.4.4.56 2009.03.16 -
F-Secure 8.0.14470.0 2009.03.17 -
Fortinet 3.117.0.0 2009.03.17 -
GData 19 2009.03.17 -
Ikarus T3.1.1.45.0 2009.03.17 -
K7AntiVirus 7.10.674 2009.03.17 -
Kaspersky 7.0.0.125 2009.03.17 -
McAfee 5556 2009.03.17 -
McAfee+Artemis 5556 2009.03.17 -
McAfee-GW-Edition 6.7.6 2009.03.17 -
Microsoft 1.4405 2009.03.17 -
NOD32 3943 2009.03.17 -
Norman 6.00.06 2009.03.17 -
nProtect 2009.1.8.0 2009.03.17 -
Panda 10.0.0.10 2009.03.17 -
PCTools 4.4.2.0 2009.03.17 -
Prevx1 V2 2009.03.17 -
Rising 21.21.12.00 2009.03.17 -
Sophos 4.39.0 2009.03.17 -
Sunbelt 3.2.1858.2 2009.03.17 -
Symantec 1.4.4.12 2009.03.17 -
TheHacker 6.3.3.0.283 2009.03.16 -
TrendMicro 8.700.0.1004 2009.03.17 -
VBA32 3.12.10.1 2009.03.16 -
ViRobot 2009.3.17.1652 2009.03.17 -
VirusBuster 4.6.5.0 2009.03.17 -
Information additionnelle
File size: 188416 bytes
MD5...: c1be7bdf79452d5445a33f3002f89060
SHA1..: 2da1d5bedf835130cca377654da43115f6de33b2
SHA256: 5a0006e813c18a7f5f0e607bb6057ab57e9aacf4d3564b23c47da3d6f8f9b984
SHA512: c3784621fd8e832945460417492c022eecff4503e9493dddecac7149f01ad002
7e22d96a2ed6de6b35b2a7ea96bb629d57f305aacb9ef6544c397a418f63d91d
ssdeep: 3072:BfyOrIkqsQAhgVb0O+BLsJ5KokLTLa/h/ujVjS3p3iLTLa/h/ujVjS3p36q
LTLar:gOwVR4OKo4J+yEjI4jZu3r9
PEiD..: -
TrID..: File type identification
Win64 Executable Generic (59.6%)
Win32 Executable MS Visual C++ (generic) (26.2%)
Win32 Executable Generic (5.9%)
Win32 Dynamic Link Library (generic) (5.2%)
Generic Win/DOS Executable (1.3%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x18f08
timedatestamp.....: 0x495f1ca7 (Sat Jan 03 08:07:03 2009)
machinetype.......: 0x14c (I386)
( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x210c4 0x22000 6.71 d31e319f004f82714aa867f958f62bb5
.rdata 0x23000 0x2196 0x3000 4.46 28c679c8a31b703a7f115c716d484576
.data 0x26000 0xf5a0 0x3000 3.87 3b5ed7ff68855ea45b6312be115ce20f
.rsrc 0x36000 0x414 0x1000 3.76 b503637950505882a3e1f539756e65bc
.reloc 0x37000 0x3226 0x4000 5.47 f43a4ce4a772d545b994e71d1c6351a2
( 2 imports )
> KERNEL32.dll: IsBadReadPtr, VirtualAlloc, VirtualFree, CloseHandle, UnmapViewOfFile, FreeLibraryAndExitThread, Sleep, CreateThread, GetSystemDirectoryA, MapViewOfFileEx, OpenFileMappingA, DisableThreadLibraryCalls, GetModuleHandleA, GetProcAddress, TerminateThread, GetCurrentThreadId, GetCommandLineA, HeapFree, GetVersionExA, HeapAlloc, GetProcessHeap, GetCPInfo, InterlockedIncrement, InterlockedDecrement, GetACP, GetOEMCP, IsValidCodePage, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, SetLastError, GetLastError, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, ExitProcess, SetHandleCount, GetStdHandle, GetFileType, GetStartupInfoA, DeleteCriticalSection, GetModuleFileNameA, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStringsW, HeapDestroy, HeapCreate, QueryPerformanceCounter, GetTickCount, GetCurrentProcessId, GetSystemTimeAsFileTime, LCMapStringA, MultiByteToWideChar, LCMapStringW, GetStringTypeA, GetStringTypeW, LeaveCriticalSection, EnterCriticalSection, GetLocaleInfoA, WriteFile, LoadLibraryA, InitializeCriticalSection, HeapReAlloc, RtlUnwind, HeapSize
> USER32.dll: CallNextHookEx, InvalidateRect
( 8 exports )
FrapsCount, FrapsFunc, FrapsKey, FrapsProcCALLWND, FrapsProcCBT, FrapsSetup, FrapsSharedData, FrapsVersion
CWSandbox info: <a href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=c1be7bdf79452d5445a33f3002f89060' target='_blank'>http://research.sunbelt-software.com/...
et celle pour frapslcd.dll:
a-squared 4.0.0.101 2009.03.17 -
AhnLab-V3 5.0.0.2 2009.03.17 -
AntiVir 7.9.0.116 2009.03.17 -
Authentium 5.1.0.4 2009.03.17 -
Avast 4.8.1335.0 2009.03.17 -
AVG 8.0.0.237 2009.03.17 -
BitDefender 7.2 2009.03.17 -
CAT-QuickHeal 10.00 2009.03.17 -
ClamAV 0.94.1 2009.03.17 -
Comodo 1062 2009.03.17 -
DrWeb 4.44.0.09170 2009.03.17 -
eSafe 7.0.17.0 2009.03.17 -
eTrust-Vet 31.6.6388 2009.03.09 -
F-Prot 4.4.4.56 2009.03.16 -
F-Secure 8.0.14470.0 2009.03.17 -
Fortinet 3.117.0.0 2009.03.17 -
GData 19 2009.03.17 -
Ikarus T3.1.1.45.0 2009.03.17 -
K7AntiVirus 7.10.674 2009.03.17 -
Kaspersky 7.0.0.125 2009.03.17 -
McAfee 5556 2009.03.17 -
McAfee+Artemis 5556 2009.03.17 -
McAfee-GW-Edition 6.7.6 2009.03.17 -
Microsoft 1.4405 2009.03.17 -
NOD32 3943 2009.03.17 -
Norman 6.00.06 2009.03.17 -
nProtect 2009.1.8.0 2009.03.17 -
Panda 10.0.0.10 2009.03.17 -
PCTools 4.4.2.0 2009.03.17 -
Prevx1 V2 2009.03.17 -
Rising 21.21.12.00 2009.03.17 -
Sophos 4.39.0 2009.03.17 -
Sunbelt 3.2.1858.2 2009.03.17 -
Symantec 1.4.4.12 2009.03.17 -
TheHacker 6.3.3.0.283 2009.03.16 -
TrendMicro 8.700.0.1004 2009.03.17 -
VBA32 3.12.10.1 2009.03.16 -
ViRobot 2009.3.17.1652 2009.03.17 -
VirusBuster 4.6.5.0 2009.03.17 -
Information additionnelle
File size: 159744 bytes
MD5...: f4e44bcfba270560b0cbde2d0ed35b45
SHA1..: 112d16eff2303db2be1ba0ebbbcf5313f430bbc7
SHA256: 4bf12cf9de32d10da3e52b95a801ae24db71317b971f0d15bb28992feefda58c
SHA512: bc91b625f4ed0e7d1377157686d10d0d9604e6f838ae1d83f1f12ed82eeadf53
f1480d7e79282275eb87c24bea90319cb75c71d9a34c8dd6755da7ea4cd26af4
ssdeep: 768:/Rj5GDn9Io+I1RRMsyEYvQb9A9Z2RW5vzOpt5isux5ikQ:qDn9IK8gYhHvzO
095i
PEiD..: -
TrID..: File type identification
Win64 Executable Generic (59.6%)
Win32 Executable MS Visual C++ (generic) (26.2%)
Win32 Executable Generic (5.9%)
Win32 Dynamic Link Library (generic) (5.2%)
Generic Win/DOS Executable (1.3%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x3509
timedatestamp.....: 0x495f1c84 (Sat Jan 03 08:06:28 2009)
machinetype.......: 0x14c (I386)
( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x8614 0x9000 6.45 7722cea92934ce4286608076a6164bd2
.rdata 0xa000 0x1d1c 0x2000 5.24 fe67af22be980e44f546fcd9f0f7d2e9
.data 0xc000 0x1c09c 0x18000 0.83 2237359028332eb79a69abfbff00b5ec
.rsrc 0x29000 0x414 0x1000 3.76 fb9fa35b1b6cb42a2467e1204cd710e9
.reloc 0x2a000 0x1154 0x2000 3.05 18e3bdfcb6bfa3cf78ab79fc948d00d1
( 3 imports )
> KERNEL32.dll: DisableThreadLibraryCalls, Sleep, SetThreadPriority, WaitForSingleObject, CloseHandle, QueryPerformanceFrequency, GetCurrentThread, CreateThread, LoadLibraryA, GetProcAddress, GetTickCount, FreeLibrary, GetCurrentThreadId, GetCommandLineA, HeapFree, GetVersionExA, HeapAlloc, GetProcessHeap, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, GetModuleHandleA, ExitProcess, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, InterlockedIncrement, SetLastError, GetLastError, InterlockedDecrement, SetHandleCount, GetStdHandle, GetFileType, GetStartupInfoA, DeleteCriticalSection, GetModuleFileNameA, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStringsW, HeapDestroy, HeapCreate, VirtualFree, QueryPerformanceCounter, GetCurrentProcessId, GetSystemTimeAsFileTime, WriteFile, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, GetCPInfo, GetACP, GetOEMCP, IsValidCodePage, VirtualAlloc, HeapReAlloc, RtlUnwind, HeapSize, MultiByteToWideChar, GetLocaleInfoA, GetStringTypeA, GetStringTypeW, LCMapStringA, LCMapStringW
> USER32.dll: wsprintfA
> ADVAPI32.dll: RegQueryValueExA, RegCloseKey, RegOpenKeyExA
( 3 exports )
LCDInit, LCDStart, LCDStop
CWSandbox info: <a href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=f4e44bcfba270560b0cbde2d0ed35b45' target='_blank'>http://research.sunbelt-software.com/...
a-squared 4.0.0.101 2009.03.17 -
AhnLab-V3 5.0.0.2 2009.03.17 -
AntiVir 7.9.0.116 2009.03.17 -
Authentium 5.1.0.4 2009.03.17 -
Avast 4.8.1335.0 2009.03.17 -
AVG 8.0.0.237 2009.03.17 -
BitDefender 7.2 2009.03.17 -
CAT-QuickHeal 10.00 2009.03.17 -
ClamAV 0.94.1 2009.03.17 -
Comodo 1062 2009.03.17 -
DrWeb 4.44.0.09170 2009.03.17 -
eSafe 7.0.17.0 2009.03.17 -
eTrust-Vet 31.6.6388 2009.03.09 -
F-Prot 4.4.4.56 2009.03.16 -
F-Secure 8.0.14470.0 2009.03.17 -
Fortinet 3.117.0.0 2009.03.17 -
GData 19 2009.03.17 -
Ikarus T3.1.1.45.0 2009.03.17 -
K7AntiVirus 7.10.674 2009.03.17 -
Kaspersky 7.0.0.125 2009.03.17 -
McAfee 5556 2009.03.17 -
McAfee+Artemis 5556 2009.03.17 -
McAfee-GW-Edition 6.7.6 2009.03.17 -
Microsoft 1.4405 2009.03.17 -
NOD32 3943 2009.03.17 -
Norman 6.00.06 2009.03.17 -
nProtect 2009.1.8.0 2009.03.17 -
Panda 10.0.0.10 2009.03.17 -
PCTools 4.4.2.0 2009.03.17 -
Prevx1 V2 2009.03.17 -
Rising 21.21.12.00 2009.03.17 -
Sophos 4.39.0 2009.03.17 -
Sunbelt 3.2.1858.2 2009.03.17 -
Symantec 1.4.4.12 2009.03.17 -
TheHacker 6.3.3.0.283 2009.03.16 -
TrendMicro 8.700.0.1004 2009.03.17 -
VBA32 3.12.10.1 2009.03.16 -
ViRobot 2009.3.17.1652 2009.03.17 -
VirusBuster 4.6.5.0 2009.03.17 -
Information additionnelle
File size: 159744 bytes
MD5...: f4e44bcfba270560b0cbde2d0ed35b45
SHA1..: 112d16eff2303db2be1ba0ebbbcf5313f430bbc7
SHA256: 4bf12cf9de32d10da3e52b95a801ae24db71317b971f0d15bb28992feefda58c
SHA512: bc91b625f4ed0e7d1377157686d10d0d9604e6f838ae1d83f1f12ed82eeadf53
f1480d7e79282275eb87c24bea90319cb75c71d9a34c8dd6755da7ea4cd26af4
ssdeep: 768:/Rj5GDn9Io+I1RRMsyEYvQb9A9Z2RW5vzOpt5isux5ikQ:qDn9IK8gYhHvzO
095i
PEiD..: -
TrID..: File type identification
Win64 Executable Generic (59.6%)
Win32 Executable MS Visual C++ (generic) (26.2%)
Win32 Executable Generic (5.9%)
Win32 Dynamic Link Library (generic) (5.2%)
Generic Win/DOS Executable (1.3%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x3509
timedatestamp.....: 0x495f1c84 (Sat Jan 03 08:06:28 2009)
machinetype.......: 0x14c (I386)
( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x8614 0x9000 6.45 7722cea92934ce4286608076a6164bd2
.rdata 0xa000 0x1d1c 0x2000 5.24 fe67af22be980e44f546fcd9f0f7d2e9
.data 0xc000 0x1c09c 0x18000 0.83 2237359028332eb79a69abfbff00b5ec
.rsrc 0x29000 0x414 0x1000 3.76 fb9fa35b1b6cb42a2467e1204cd710e9
.reloc 0x2a000 0x1154 0x2000 3.05 18e3bdfcb6bfa3cf78ab79fc948d00d1
( 3 imports )
> KERNEL32.dll: DisableThreadLibraryCalls, Sleep, SetThreadPriority, WaitForSingleObject, CloseHandle, QueryPerformanceFrequency, GetCurrentThread, CreateThread, LoadLibraryA, GetProcAddress, GetTickCount, FreeLibrary, GetCurrentThreadId, GetCommandLineA, HeapFree, GetVersionExA, HeapAlloc, GetProcessHeap, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, GetModuleHandleA, ExitProcess, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, InterlockedIncrement, SetLastError, GetLastError, InterlockedDecrement, SetHandleCount, GetStdHandle, GetFileType, GetStartupInfoA, DeleteCriticalSection, GetModuleFileNameA, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStringsW, HeapDestroy, HeapCreate, VirtualFree, QueryPerformanceCounter, GetCurrentProcessId, GetSystemTimeAsFileTime, WriteFile, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, GetCPInfo, GetACP, GetOEMCP, IsValidCodePage, VirtualAlloc, HeapReAlloc, RtlUnwind, HeapSize, MultiByteToWideChar, GetLocaleInfoA, GetStringTypeA, GetStringTypeW, LCMapStringA, LCMapStringW
> USER32.dll: wsprintfA
> ADVAPI32.dll: RegQueryValueExA, RegCloseKey, RegOpenKeyExA
( 3 exports )
LCDInit, LCDStart, LCDStop
CWSandbox info: <a href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=f4e44bcfba270560b0cbde2d0ed35b45' target='_blank'>http://research.sunbelt-software.com/...
Salut,
la suite :
1-Créer un doc texte sur ton bureau :
pointe ta souris sur ton bureau , clique droit : va dans "nouveau" et choisis "document texte" .
Ensuite copie/colle tout le texte présent dans le lien ci-dessous ( et rien d'autre!) dans le fichier texte que tu viens de créer :
> https://www.cjoint.com/?dtumZSEz0R
Puis va dans "fichier" et choisis "enregistrer sous ..." et tu le nommes exactement ainsi :
CFScript puis valide ...
2-Nettoyage :
!! Déconnecte toi, ferme toutes tes applications et désactive TOUTES TES DEFENSES ( tu les réactiveras après ) !!
--->Sur ton bureau, fais glisser avec ta souris le fichier CFScript sur l'icône de ComboFix.exe .
(Regarde ici : http://i261.photobucket.com/albums/ii49/Malekal_morte/CFScript.gif )
Cette manipulation va relancer combofix .
--> Une fenêtre bleue va apparaître: au message qui apparaît "Type 1 to continue, or 2 to abort" : tape 1 puis valide.
Puis patiente le temps du scan.( Le Bureau va disparaître à plusieurs reprises : c'est normal!)
!! Ne touches à rien tant que le scan n'est pas terminé !!
Note : en fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.
Une fois le scan achevé, un rapport va s'afficher : poste le pour analyse ...
( Attention : cette manipe a été fait pour ce PC . Toute réutilisation peut endommager sévèrement le système d'exploitation )
la suite :
1-Créer un doc texte sur ton bureau :
pointe ta souris sur ton bureau , clique droit : va dans "nouveau" et choisis "document texte" .
Ensuite copie/colle tout le texte présent dans le lien ci-dessous ( et rien d'autre!) dans le fichier texte que tu viens de créer :
> https://www.cjoint.com/?dtumZSEz0R
Puis va dans "fichier" et choisis "enregistrer sous ..." et tu le nommes exactement ainsi :
CFScript puis valide ...
2-Nettoyage :
!! Déconnecte toi, ferme toutes tes applications et désactive TOUTES TES DEFENSES ( tu les réactiveras après ) !!
--->Sur ton bureau, fais glisser avec ta souris le fichier CFScript sur l'icône de ComboFix.exe .
(Regarde ici : http://i261.photobucket.com/albums/ii49/Malekal_morte/CFScript.gif )
Cette manipulation va relancer combofix .
--> Une fenêtre bleue va apparaître: au message qui apparaît "Type 1 to continue, or 2 to abort" : tape 1 puis valide.
Puis patiente le temps du scan.( Le Bureau va disparaître à plusieurs reprises : c'est normal!)
!! Ne touches à rien tant que le scan n'est pas terminé !!
Note : en fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.
Une fois le scan achevé, un rapport va s'afficher : poste le pour analyse ...
( Attention : cette manipe a été fait pour ce PC . Toute réutilisation peut endommager sévèrement le système d'exploitation )
J'ai un petit problème combo Fix est expirer!
je doit le télécharger une nouvelle fois??
tout à fait ! Comme cela fait un moment qu'on ne c'est vu , la version n'est plus à jour ... :)
donc supprime celui que tu as ( clique droit dessus / " supprimer " ) .
puis retélécharge le sur ton bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
reprends ensuite la manipe que je viens de te donner et poste moi le rapport demandé ....
je doit le télécharger une nouvelle fois??
tout à fait ! Comme cela fait un moment qu'on ne c'est vu , la version n'est plus à jour ... :)
donc supprime celui que tu as ( clique droit dessus / " supprimer " ) .
puis retélécharge le sur ton bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
reprends ensuite la manipe que je viens de te donner et poste moi le rapport demandé ....
voila le rapport:
ComboFix 09-03-15.01 - Kevin MONTHERAT 2009-03-17 21:18:59.3 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.2047.950 [GMT 1:00]
Lancé depuis: c:\users\Kevin MONTHERAT\Desktop\ComboFix.exe
Commutateurs utilisés :: c:\users\Kevin MONTHERAT\Desktop\CFScript.txt
FW: Pack sécurité 8.00 *enabled*
* Un nouveau point de restauration a été créé
* Resident AV is active
FILE ::
c:\windows\System32\gaopdxpmicngut.0ll
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\System32\gaopdxpmicngut.0ll
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-02-17 au 2009-03-17 ))))))))))))))))))))))))))))))))))))
.
2009-03-16 20:31 . 2008-06-20 02:14 781,344 --a------ c:\windows\System32\PresentationNative_v0300.dll
2009-03-16 20:31 . 2008-06-20 02:14 622,080 --a------ c:\windows\System32\icardagt.exe
2009-03-16 20:31 . 2008-06-20 02:14 326,160 --a------ c:\windows\System32\PresentationHost.exe
2009-03-16 20:31 . 2008-06-20 02:14 105,016 --a------ c:\windows\System32\PresentationCFFRasterizerNative_v0300.dll
2009-03-16 20:31 . 2008-06-20 02:14 97,800 --a------ c:\windows\System32\infocardapi.dll
2009-03-16 20:31 . 2008-06-20 02:14 43,544 --a------ c:\windows\System32\PresentationHostProxy.dll
2009-03-16 20:31 . 2008-06-20 02:14 37,384 --a------ c:\windows\System32\infocardcpl.cpl
2009-03-16 20:31 . 2008-06-20 02:14 11,264 --a------ c:\windows\System32\icardres.dll
2009-03-16 20:23 . 2008-07-27 19:03 282,112 --a------ c:\windows\System32\mscoree.dll
2009-03-16 20:23 . 2008-07-27 19:03 158,720 --a------ c:\windows\System32\mscorier.dll
2009-03-16 20:23 . 2008-07-27 19:03 96,760 --a------ c:\windows\System32\dfshim.dll
2009-03-16 20:23 . 2008-07-27 19:03 83,968 --a------ c:\windows\System32\mscories.dll
2009-03-16 20:23 . 2008-07-27 19:03 41,984 --a------ c:\windows\System32\netfxperf.dll
2009-03-14 20:48 . 2009-03-14 20:48 <REP> d----c--- c:\windows\System32\DRVSTORE
2009-03-14 20:48 . 2009-02-06 18:08 55,280 --a------ c:\windows\System32\drivers\fssfltr.sys
2009-03-14 20:47 . 2009-03-14 20:47 <REP> d-------- c:\program files\Microsoft Sync Framework
2009-03-14 14:15 . 2009-03-14 14:32 <REP> d-------- c:\users\Kevin MONTHERAT\AppData\Roaming\InfraRecorder
2009-03-14 14:15 . 2009-03-14 14:15 <REP> d-------- c:\program files\InfraRecorder
2009-03-11 12:54 . 2008-12-16 04:29 8,147,456 --a------ c:\windows\System32\wmploc.DLL
2009-03-11 12:54 . 2009-02-09 04:10 2,033,152 --a------ c:\windows\System32\win32k.sys
2009-03-11 12:54 . 2008-11-27 05:43 268,288 --a------ c:\windows\System32\schannel.dll
2009-03-11 12:54 . 2008-12-16 06:31 7,680 --a------ c:\windows\System32\spwmp.dll
2009-03-11 12:54 . 2008-12-16 06:31 4,096 --a------ c:\windows\System32\msdxm.ocx
2009-03-11 12:54 . 2008-12-16 06:31 4,096 --a------ c:\windows\System32\dxmasf.dll
2009-03-06 18:12 . 2009-03-06 18:12 0 --ah----- c:\windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-03-05 21:14 . 2009-03-05 21:24 <REP> d-------- C:\rsit
2009-03-05 21:12 . 2009-03-05 21:12 <REP> d-------- c:\program files\Trend Micro
2009-03-05 20:05 . 2009-03-05 20:05 <REP> d-------- c:\users\Kevin MONTHERAT\AppData\Roaming\Malwarebytes
2009-03-05 20:05 . 2009-03-05 20:05 <REP> d-------- c:\users\All Users\Malwarebytes
2009-03-05 20:05 . 2009-03-05 20:05 <REP> d-------- c:\programdata\Malwarebytes
2009-03-05 20:05 . 2009-03-05 20:05 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-03-05 20:05 . 2009-02-11 10:19 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2009-03-05 20:05 . 2009-02-11 10:19 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2009-03-05 19:58 . 2009-03-05 20:54 <REP> d-------- C:\Rooter$
2009-03-04 12:57 . 2009-03-04 12:57 <REP> d-------- c:\users\Kevin MONTHERAT\Pavark
2009-03-04 12:52 . 2009-03-04 12:52 <REP> d-------- c:\program files\PHPNukeFR
2009-03-04 11:06 . 2009-03-04 11:06 <REP> d-------- c:\program files\VID_0E8F&PID_0012
2009-03-02 13:27 . 2009-03-02 13:27 <REP> d-------- c:\program files\Conduit
2009-03-02 12:58 . 2009-03-02 13:12 <REP> d-------- c:\program files\Navilog1
2009-02-28 10:49 . 2009-02-28 10:49 <REP> d-------- c:\program files\Java
2009-02-28 10:43 . 2009-02-28 10:47 <REP> d-------- c:\users\Kevin MONTHERAT\.housecall6.6
2009-02-27 19:12 . 2009-03-05 20:56 <REP> d-------- C:\Fraps
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Videos
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Searches
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Saved Games
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Pictures
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Music
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Links
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Downloads
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Documents
2009-02-24 19:58 . 2009-02-24 19:58 <REP> d-------- c:\users\All Users\Electronic Arts
2009-02-24 19:58 . 2009-02-24 19:58 <REP> d-------- c:\programdata\Electronic Arts
2009-02-24 19:58 . 2009-02-24 19:58 1,590 --a------ c:\windows\System32\ealregsnapshot1.reg
2009-02-24 19:41 . 2009-02-24 19:41 <REP> d-------- c:\program files\EA Games
2009-02-24 18:50 . 2008-03-05 15:56 3,786,760 --a------ c:\windows\System32\D3DX9_37.dll
2009-02-24 18:50 . 2007-10-12 15:14 3,734,536 --a------ c:\windows\System32\d3dx9_36.dll
2009-02-24 18:50 . 2008-03-05 15:56 1,420,824 --a------ c:\windows\System32\D3DCompiler_37.dll
2009-02-24 18:50 . 2007-10-12 15:14 1,374,232 --a------ c:\windows\System32\D3DCompiler_36.dll
2009-02-24 18:50 . 2008-03-05 16:03 479,752 --a------ c:\windows\System32\XAudio2_0.dll
2009-02-24 18:50 . 2008-02-05 23:07 462,864 --a------ c:\windows\System32\d3dx10_37.dll
2009-02-24 18:50 . 2007-10-02 09:56 444,776 --a------ c:\windows\System32\d3dx10_36.dll
2009-02-24 18:50 . 2007-10-22 03:39 267,272 --a------ c:\windows\System32\xactengine2_10.dll
2009-02-24 18:50 . 2007-07-20 00:57 267,112 --a------ c:\windows\System32\xactengine2_9.dll
2009-02-24 18:50 . 2008-03-05 16:03 238,088 --a------ c:\windows\System32\xactengine3_0.dll
2009-02-24 18:50 . 2008-03-05 16:00 25,608 --a------ c:\windows\System32\X3DAudio1_3.dll
2009-02-24 18:50 . 2007-10-22 03:37 17,928 --a------ c:\windows\System32\X3DAudio1_2.dll
2009-02-23 18:49 . 2009-02-23 18:49 <REP> d-------- c:\users\Kevin MONTHERAT\AppData\Roaming\Leadertech
2009-02-22 19:15 . 2009-02-23 19:56 <REP> d-------- c:\program files\PowerISO
2009-02-22 18:46 . 2009-02-22 18:47 <REP> d-------- c:\users\Kevin MONTHERAT\AppData\Roaming\vlc
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-17 19:12 --------- d-----w c:\users\Kevin MONTHERAT\AppData\Roaming\Azureus
2009-03-17 18:06 --------- d-----w c:\programdata\Google Updater
2009-03-14 19:48 --------- d-----w c:\program files\Windows Live
2009-03-14 19:05 138,184 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2009-03-14 19:04 183,112 ----a-w c:\windows\System32\PnkBstrB.exe
2009-03-13 22:29 --------- d-----w c:\programdata\Test Drive Unlimited
2009-03-12 18:18 --------- d-----w c:\program files\Windows Mail
2009-03-12 18:05 --------- d-----w c:\programdata\Microsoft Help
2009-03-08 11:13 --------- d-----w c:\program files\Microsoft Silverlight
2009-03-06 20:19 --------- d-----w c:\program files\Vuze
2009-03-05 20:03 --------- d-----w c:\program files\CCleaner
2009-03-05 19:45 --------- d---a-w c:\programdata\TEMP
2009-03-04 10:06 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-03 16:57 --------- d-----w c:\users\Kevin MONTHERAT\AppData\Roaming\dvdcss
2009-03-01 11:13 --------- d-----w c:\program files\Google
2009-02-28 09:49 410,984 ----a-w c:\windows\System32\deploytk.dll
2009-02-26 17:19 --------- d-----w c:\users\Kevin MONTHERAT\AppData\Roaming\LimeWire
2009-02-25 12:42 413,696 ----a-w c:\windows\System32\wrap_oal.dll
2009-02-25 12:42 110,592 ----a-w c:\windows\System32\OpenAL32.dll
2009-02-25 12:34 --------- d-----w c:\program files\Yahoo!
2009-02-24 20:13 66,872 ----a-w c:\windows\System32\PnkBstrA.exe
2009-02-22 17:44 --------- d-----w c:\program files\VideoLAN
2009-02-22 16:53 --------- d-----w c:\programdata\Media Center Programs
2009-02-14 14:53 --------- d-----w c:\program files\LimeWire
2009-02-14 09:48 --------- d-----w c:\program files\PowerQuest
2009-02-14 00:21 --------- d-----w c:\program files\NCH Swift Sound
2009-02-14 00:16 --------- d-----w c:\users\Kevin MONTHERAT\AppData\Roaming\eSobi
2009-02-14 00:16 --------- d-----w c:\programdata\eMule
2009-02-06 18:39 308,600 ----a-w c:\windows\WLXPGSS.SCR
2009-02-06 18:33 --------- d-----w c:\program files\GameSpy Arcade
2009-02-06 17:52 49,504 ----a-w c:\windows\System32\sirenacm.dll
2009-02-06 06:03 0 ---ha-w c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-02-04 12:31 --------- d-----w c:\users\Kevin MONTHERAT\AppData\Roaming\InstallShield
2009-02-04 12:31 --------- d-----w c:\program files\RALINK
2009-02-03 17:43 --------- d-----w c:\program files\Audacity
2009-02-02 16:14 --------- d-----w c:\program files\Microsoft Works
2009-02-01 16:45 --------- d-----w c:\program files\Zattoo
2009-02-01 11:32 --------- d-----w c:\program files\Microsoft CAPICOM 2.1.0.2
2009-01-29 19:31 --------- d-----w c:\program files\Microsoft
2009-01-29 19:30 --------- d-----w c:\program files\Microsoft Office Outlook Connector
2009-01-29 19:28 --------- d-----w c:\program files\Microsoft SQL Server Compact Edition
2009-01-29 14:10 174 --sha-w c:\program files\desktop.ini
2009-01-29 14:03 --------- d-----w c:\program files\Windows Sidebar
2009-01-29 14:03 --------- d-----w c:\program files\Windows Photo Gallery
2009-01-29 14:03 --------- d-----w c:\program files\Windows Journal
2009-01-29 14:03 --------- d-----w c:\program files\Windows Collaboration
2009-01-29 14:03 --------- d-----w c:\program files\Windows Calendar
2009-01-29 14:02 --------- d-----w c:\program files\Windows Defender
2009-01-29 13:40 82,432 ----a-w c:\windows\System32\axaltocm.dll
2009-01-29 13:40 101,888 ----a-w c:\windows\System32\ifxcardm.dll
2009-01-28 16:57 33,408 ----a-w c:\windows\system32\drivers\fsbts.sys
2009-01-28 16:53 --------- d-----w c:\users\Kevin MONTHERAT\AppData\Roaming\F-Secure
2009-01-28 16:37 --------- d-----w c:\programdata\f-secure
2009-01-28 16:35 --------- d-----w c:\programdata\fssg
2009-01-28 16:35 --------- d-----w c:\program files\SFR
2009-01-28 16:29 --------- d-----w c:\programdata\Avg7
2009-01-24 10:31 9,847,296 ----a-w c:\windows\System32\NlsData000a.dll
2009-01-23 16:38 61,440 ----a-w c:\windows\System32\winipsec.dll
2009-01-23 16:38 361,984 ----a-w c:\windows\System32\IPSECSVC.DLL
2009-01-23 16:38 28,672 ----a-w c:\windows\System32\FwRemoteSvr.dll
2009-01-23 16:38 272,896 ----a-w c:\windows\System32\polstore.dll
2009-01-23 16:37 94,720 ----a-w c:\windows\System32\PortableDeviceClassExtension.dll
2009-01-23 16:37 241,152 ----a-w c:\windows\System32\PortableDeviceApi.dll
2009-01-23 16:37 160,768 ----a-w c:\windows\System32\PortableDeviceTypes.dll
2009-01-23 16:28 296,960 ----a-w c:\windows\System32\gdi32.dll
2009-01-23 16:27 269,312 ----a-w c:\windows\System32\es.dll
2009-01-23 16:27 212,480 ----a-w c:\windows\system32\drivers\mrxsmb10.sys
2009-01-23 16:26 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll
2009-01-23 16:26 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll
2009-01-23 16:26 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll
2009-01-23 16:26 4,240,384 ----a-w c:\windows\System32\GameUXLegacyGDFs.dll
2009-01-23 16:26 28,672 ----a-w c:\windows\System32\Apphlpdm.dll
2009-01-23 16:26 2,560 ----a-w c:\windows\AppPatch\AcRes.dll
2009-01-23 16:26 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll
2009-01-23 16:26 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll
2009-01-23 16:26 1,695,744 ----a-w c:\windows\System32\gameux.dll
2009-01-23 16:21 988,216 ----a-w c:\windows\System32\winload.exe
2009-01-23 16:21 927,288 ----a-w c:\windows\System32\winresume.exe
2009-01-23 16:21 615,992 ----a-w c:\windows\System32\ci.dll
2009-01-23 16:21 6,656 ----a-w c:\windows\System32\kbd106n.dll
2009-01-23 16:21 46,592 ----a-w c:\windows\System32\setbcdlocale.dll
2009-01-23 16:21 40,960 ----a-w c:\windows\System32\srclient.dll
2009-01-23 16:21 378,368 ----a-w c:\windows\System32\srcore.dll
2009-01-23 16:21 318,464 ----a-w c:\windows\System32\rstrui.exe
2009-01-23 16:21 19,000 ----a-w c:\windows\System32\kd1394.dll
2009-01-23 16:21 14,848 ----a-w c:\windows\System32\srdelayed.exe
2009-01-23 16:18 --------- d-----w c:\program files\MSXML 4.0
2009-01-22 14:29 --------- d-----w c:\programdata\Azureus
2009-01-22 08:39 303,616 ----a-w c:\windows\System32\wmpeffects.dll
2009-01-22 08:37 2,048 ----a-w c:\windows\System32\msxml3r.dll
2009-01-22 08:37 1,191,936 ----a-w c:\windows\System32\msxml3.dll
2009-01-22 08:33 2,048 ----a-w c:\windows\System32\tzres.dll
2009-01-22 08:28 2,927,104 ----a-w c:\windows\explorer.exe
2009-01-22 08:20 712,704 ----a-w c:\windows\System32\WindowsCodecs.dll
2009-01-22 08:20 443,392 ----a-w c:\windows\System32\win32spl.dll
2009-01-22 08:20 425,472 ----a-w c:\windows\System32\PhotoMetadataHandler.dll
2009-01-22 08:20 37,888 ----a-w c:\windows\System32\printcom.dll
2009-01-22 08:20 347,648 ----a-w c:\windows\System32\WindowsCodecsExt.dll
2009-01-22 08:19 14,848 ----a-w c:\windows\System32\wshrm.dll
2009-01-22 08:19 113,664 ----a-w c:\windows\system32\drivers\rmcast.sys
.
((((((((((((((((((((((((((((( SnapShot@2009-03-05_21.56.43,47 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-01-05 11:26:08 69,120 ----a-w c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2008-07-27 18:03:11 69,120 ----a-w c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2008-01-05 11:26:17 72,192 ----a-w c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2008-07-27 18:03:12 72,192 ----a-w c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2008-01-05 11:21:39 151,552 ----a-w c:\windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-06-20 01:14:31 163,840 ----a-w c:\windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
- 2008-01-05 11:26:32 4,444,160 ----a-w c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2008-10-13 22:26:54 4,546,560 ----a-w c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2008-01-05 11:21:53 4,174,336 ----a-w c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2008-11-24 23:34:46 4,210,688 ----a-w c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2008-11-24 23:34:49 1,736,528 ----a-w c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\wpfgfx_v0300.dll
- 2008-01-05 11:26:54 483,840 ----a-w c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2008-10-13 22:26:57 486,400 ----a-w c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2008-01-05 11:26:54 3,036,160 ----a-w c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2008-07-27 18:03:15 2,933,248 ----a-w c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2008-01-05 11:26:55 258,048 ----a-w c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2008-07-27 18:03:15 258,048 ----a-w c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2008-01-19 03:22:55 113,664 ----a-w c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2008-07-27 18:22:54 113,664 ----a-w c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2008-01-05 11:21:55 346,624 ----a-w c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2008-06-20 01:14:43 368,640 ----a-w c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2008-01-05 11:26:59 261,120 ----a-w c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2008-07-27 18:03:15 261,632 ----a-w c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2008-01-05 11:26:59 5,431,296 ----a-w c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2008-10-13 22:26:58 5,242,880 ----a-w c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2008-01-05 11:25:52 10,752 ----a-w c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2008-07-27 18:03:10 10,752 ----a-w c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2008-01-05 11:26:11 315,392 ----a-w c:\windows\assembly\GAC_MSIL\AspNetMMCExt.resources\2.0.0.0_fr_b03f5f7f11d50a3a\aspnetmmcext.resources.dll
+ 2008-07-27 18:03:10 315,392 ----a-w c:\windows\assembly\GAC_MSIL\AspNetMMCExt.resources\2.0.0.0_fr_b03f5f7f11d50a3a\aspnetmmcext.resources.dll
- 2008-01-05 11:25:59 507,904 ----a-w c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2008-07-27 18:03:11 507,904 ----a-w c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2008-01-05 11:21:39 159,744 ----a-w c:\windows\assembly\GAC_MSIL\ComSvcConfig\3.0.0.0__b03f5f7f11d50a3a\ComSvcConfig.exe
+ 2008-06-20 01:14:31 168,968 ----a-w c:\windows\assembly\GAC_MSIL\ComSvcConfig\3.0.0.0__b03f5f7f11d50a3a\ComSvcConfig.exe
- 2008-01-05 11:26:08 13,312 ----a-w c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2008-07-27 18:03:11 13,312 ----a-w c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2008-01-05 11:26:11 5,120 ----a-w c:\windows\assembly\GAC_MSIL\dfsvc\2.0.0.0__b03f5f7f11d50a3a\dfsvc.exe
+ 2008-07-27 18:03:11 5,120 ----a-w c:\windows\assembly\GAC_MSIL\dfsvc\2.0.0.0__b03f5f7f11d50a3a\dfsvc.exe
- 2008-01-05 11:26:12 8,192 ----a-w c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2008-07-27 18:03:12 8,192 ----a-w c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2008-01-05 11:26:12 77,824 ----a-w c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2008-07-27 18:03:12 77,824 ----a-w c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2008-01-05 11:26:13 6,656 ----a-w c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2008-07-27 18:03:12 6,656 ----a-w c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2009-03-16 19:36:54 106,496 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.dll
- 2008-01-05 11:26:11 53,248 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll
+ 2008-07-27 18:03:10 53,248 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll
- 2008-01-05 11:26:17 348,160 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2008-07-27 18:03:12 348,160 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-03-16 19:36:55 733,184 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2008-01-05 11:26:17 36,864 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2008-07-27 18:03:12 36,864 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2009-03-16 19:36:55 36,864 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2008-01-05 11:26:11 139,264 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Tasks.resources.dll
+ 2008-07-27 18:03:10 139,264 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Tasks.resources.dll
+ 2009-03-16 19:36:55 802,816 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.dll
- 2008-01-05 11:26:17 655,360 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2008-07-27 18:03:12 655,360 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2008-01-05 11:26:11 10,752 ----a-w c:\windows\assembly\GAC_MSIL\microsoft.build.utilities.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Utilities.Resources.dll
+ 2008-07-27 18:03:10 10,752 ----a-w c:\windows\assembly\GAC_MSIL\microsoft.build.utilities.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Utilities.Resources.dll
+ 2009-03-16 19:36:56 94,208 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll
- 2008-01-05 11:26:17 77,824 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2008-07-27 18:03:12 77,824 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2008-01-05 11:26:11 45,056 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Jscript.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.JScript.Resources.dll
+ 2008-07-27 18:03:10 45,056 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Jscript.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.JScript.Resources.dll
- 2008-01-05 11:26:19 749,568 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2008-07-27 18:03:12 749,568 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2006-11-02 15:46:12 5,120 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.Dtc.resources\3.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.Resources.dll
+ 2008-07-11 19:39:09 5,120 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.Dtc.resources\3.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.Resources.dll
- 2008-01-05 11:26:41 19,456 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.resources\3.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Resources.dll
+ 2008-07-11 19:39:09 19,456 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.resources\3.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Resources.dll
- 2008-01-05 11:21:39 397,312 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2008-06-20 01:14:31 397,312 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2008-01-05 11:26:17 9,216 ----a-w c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll
+ 2008-07-27 18:03:10 9,216 ----a-w c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll
- 2008-01-05 11:26:19 110,592 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-07-27 18:03:12 110,592 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2008-01-05 11:26:17 9,728 ----a-w c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll
+ 2008-07-27 18:03:10 9,728 ----a-w c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll
- 2008-01-05 11:26:23 372,736 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2008-07-27 18:03:12 372,736 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2008-01-05 11:26:11 61,440 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
+ 2008-07-27 18:03:10 61,440 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
- 2008-01-05 11:26:23 28,672 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-27 18:03:12 28,672 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2008-01-05 11:26:23 671,744 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2008-07-27 18:03:12 659,456 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2009-03-16 19:36:55 41,984 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll
- 2006-10-20 01:14:05 5,632 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2008-07-27 18:03:12 5,632 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2008-01-05 11:26:24 12,800 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-07-27 18:03:12 12,800 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2008-01-05 11:26:23 32,768 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2008-07-27 18:03:12 32,768 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2006-10-20 01:14:05 7,168 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2008-07-27 18:03:12 7,168 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2008-01-05 11:26:12 311,296 ----a-w c:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.Resources.dll
+ 2008-07-27 18:03:10 311,296 ----a-w c:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.Resources.dll
- 2006-11-02 15:46:13 57,344 ----a-w c:\windows\assembly\GAC_MSIL\PresentationBuildTasks.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationBuildTasks.resources.dll
+ 2008-07-11 19:39:10 53,248 ----a-w c:\windows\assembly\GAC_MSIL\PresentationBuildTasks.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationBuildTasks.resources.dll
- 2008-01-05 11:21:52 602,112 ----a-w c:\windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
+ 2008-06-20 01:14:42 598,016 ----a-w c:\windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
- 2008-01-05 11:21:52 32,768 ----a-w c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
+ 2008-06-20 01:14:44 32,768 ----a-w c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
- 2006-11-02 15:46:11 110,592 ----a-w c:\windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationCore.resources.dll
+ 2008-07-11 19:39:10 110,592 ----a-w c:\windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationCore.resources.dll
- 2008-01-05 11:21:53 36,864 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
+ 2008-06-20 01:14:44 46,104 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
- 2008-01-05 11:21:53 184,320 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2008-06-20 01:14:43 196,608 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
- 2008-01-05 11:21:53 131,072 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2008-06-20 01:14:43 139,264 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
- 2008-01-05 11:21:53 376,832 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2008-06-20 01:14:43 397,312 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
- 2006-11-02 15:46:16 253,952 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationFramework.resources.dll
+ 2008-07-11 19:39:10 245,760 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationFramework.resources.dll
- 2008-01-05 11:21:54 151,552 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2008-06-20 01:14:43 163,840 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
- 2008-01-05 11:21:53 5,210,112 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2008-11-24 23:34:47 5,283,840 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
- 2006-11-02 15:46:08 372,736 ----a-w c:\windows\assembly\GAC_MSIL\PresentationUI.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationUI.resources.dll
+ 2008-07-11 19:39:10 372,736 ----a-w c:\windows\assembly\GAC_MSIL\PresentationUI.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationUI.resources.dll
- 2008-01-05 11:21:55 897,024 ----a-w c:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2008-06-20 01:14:44 864,256 ----a-w c:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
- 2006-11-02 15:46:11 40,960 ----a-w c:\windows\assembly\GAC_MSIL\ReachFramework.resources\3.0.0.0_fr_31bf3856ad364e35\ReachFramework.resources.dll
+ 2008-07-11 19:39:10 40,960 ----a-w c:\windows\assembly\GAC_MSIL\ReachFramework.resources\3.0.0.0_fr_31bf3856ad364e35\ReachFramework.resources.dll
- 2008-01-05 11:21:55 528,384 ----a-w c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2008-06-20 01:14:43 528,384 ----a-w c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2009-03-16 19:36:56 5,632 ----a-w c:\windows\assembly\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll
- 2008-01-05 11:21:39 61,440 ----a-w c:\windows\assembly\GAC_MSIL\ServiceModelReg\3.0.0.0__b03f5f7f11d50a3a\ServiceModelReg.exe
+ 2008-06-20 01:14:31 156,688 ----a-w c:\windows\assembly\GAC_MSIL\ServiceModelReg\3.0.0.0__b03f5f7f11d50a3a\ServiceModelReg.exe
- 2006-11-02 15:46:11 5,120 ----a-w c:\windows\assembly\GAC_MSIL\SMDiagnostics.resources\3.0.0.0_fr_b77a5c561934e089\SMDiagnostics.resources.dll
+ 2008-07-11 19:39:09 5,120 ----a-w c:\windows\assembly\GAC_MSIL\SMDiagnostics.resources\3.0.0.0_fr_b77a5c561934e089\SMDiagnostics.resources.dll
- 2008-01-05 11:21:39 102,400 ----a-w c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2008-06-20 01:14:31 110,592 ----a-w c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
- 2008-01-05 11:21:39 122,880 ----a-w c:\windows\assembly\GAC_MSIL\SMSvcHost\3.0.0.0__b03f5f7f11d50a3a\SMSvcHost.exe
+ 2008-06-20 01:14:31 132,096 ----a-w c:\windows\assembly\GAC_MSIL\SMSvcHost\3.0.0.0__b03f5f7f11d50a3a\SMSvcHost.exe
- 2008-01-05 11:26:12 10,752 ----a-w c:\windows\assembly\GAC_MSIL\sysglobl.resources\2.0.0.0_fr_b03f5f7f11d50a3a\sysglobl.resources.dll
+ 2008-07-27 18:03:10 10,752 ----a-w c:\windows\assembly\GAC_MSIL\sysglobl.resources\2.0.0.0_fr_b03f5f7f11d50a3a\sysglobl.resources.dll
- 2008-01-05 11:26:54 110,592 ----a-w c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2008-07-27 18:03:14 110,592 ----a-w c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2008-11-06 18:25:27 47,832 ----a-w c:\windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2009-03-16 19:36:58 45,056 ----a-w c:\windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2009-03-16 19:36:58 163,840 ----a-w c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
+ 2009-03-16 19:37:04 57,344 ----a-w c:\windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
- 2008-01-05 11:26:12 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration.Install.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Configuration.Install.Resources.dll
+ 2008-07-27 18:03:10 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration.Install.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Configuration.Install.Resources.dll
- 2008-01-05 11:26:54 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2008-07-27 18:03:14 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2008-01-05 11:26:12 49,152 ----a-w c:\windows\assembly\GAC_MSIL\system.configuration.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Configuration.resources.dll
+ 2008-07-27 18:03:10 49,152 ----a-w c:\windows\assembly\GAC_MSIL\system.configuration.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Configuration.resources.dll
- 2008-01-05 11:26:54 425,984 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2008-07-27 18:03:14 425,984 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2009-03-16 19:36:59 667,648 ----a-w c:\windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
+ 2009-03-16 19:36:59 53,248 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2009-03-16 19:37:00 229,376 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll
+ 2009-03-16 19:37:00 2,879,488 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.Entity\3.5.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2009-03-16 19:36:52 684,032 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll
- 2008-01-05 11:26:12 110,592 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.OracleClient.resources\2.0.0.0_fr_b77a5c561934e089\System.Data.OracleClient.resources.dll
+ 2008-07-27 18:03:10 110,592 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.OracleClient.resources\2.0.0.0_fr_b77a5c561934e089\System.Data.OracleClient.resources.dll
- 2008-01-05 11:26:13 344,064 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_fr_b77a5c561934e089\System.Data.Resources.dll
+ 2008-07-27 18:03:10 352,256 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_fr_b77a5c561934e089\System.Data.Resources.dll
+ 2009-03-16 19:37:46 294,912 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2009-03-16 19:36:51 114,688 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.Services.Design\3.5.0.0__b77a5c561934e089\System.Data.Services.Design.dll
+ 2009-03-16 19:37:46 442,368 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll
- 2008-01-05 11:26:13 36,864 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.SqlXml.resources\2.0.0.0_fr_b77a5c561934e089\system.data.sqlxml.resources.dll
+ 2008-07-27 18:03:10 36,864 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.SqlXml.resources\2.0.0.0_fr_b77a5c561934e089\system.data.sqlxml.resources.dll
- 2008-01-05 11:26:55 741,376 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2008-07-27 18:03:15 745,472 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2008-01-05 11:26:14 389,120 ----a-w c:\windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Deployment.resources.dll
+ 2008-07-27 18:03:10 413,696 ----a-w c:\windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Deployment.resources.dll
- 2008-01-05 11:26:55 933,888 ----a-w c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2008-07-27 18:03:15 970,752 ----a-w c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2008-01-05 11:26:14 544,768 ----a-w c:\windows\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Design.Resources.dll
+ 2008-07-27 18:03:10 548,864 ----a-w c:\windows\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Design.Resources.dll
- 2008-01-05 11:26:55 5,070,848 ----a-w c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2008-07-27 18:03:15 5,062,656 ----a-w c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2009-03-16 19:36:52 286,720 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
- 2008-01-05 11:26:14 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.DirectoryServices.Protocols.resources.dll
+ 2008-07-27 18:03:10 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.DirectoryServices.Protocols.resources.dll
- 2008-01-05 11:26:55 188,416 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2008-07-27 18:03:15 188,416 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2008-01-05 11:26:16 40,960 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.DirectoryServices.Resources.dll
+ 2008-07-27 18:03:10 40,960 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.DirectoryServices.Resources.dll
- 2008-01-05 11:26:55 401,408 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2008-07-27 18:03:15 401,408 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2008-01-05 11:26:16 6,144 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing.Design.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Drawing.Design.Resources.dll
+ 2008-07-27 18:03:10 6,144 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing.Design.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Drawing.Design.Resources.dll
- 2008-01-05 11:26:55 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2008-07-27 18:03:15 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2008-01-05 11:26:16 15,360 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Drawing.Resources.dll
+ 2008-07-27 18:03:10 15,360 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Drawing.Resources.dll
- 2008-01-05 11:26:55 630,784 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2008-07-27 18:03:15 626,688 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2008-01-05 11:26:17 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.EnterpriseServices.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.EnterpriseServices.Resources.dll
+ 2008-07-27 18:03:10 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.EnterpriseServices.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.EnterpriseServices.Resources.dll
- 2008-01-05 11:26:37 65,536 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.resources\3.0.0.0_fr_b77a5c561934e089\System.IdentityModel.Resources.dll
+ 2008-07-11 19:39:09 65,536 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.resources\3.0.0.0_fr_b77a5c561934e089\System.IdentityModel.Resources.dll
- 2008-01-05 11:26:39 57,344 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors.resources\3.0.0.0_fr_b77a5c561934e089\System.IdentityModel.Selectors.Resources.dll
+ 2008-07-11 19:39:09 57,344 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors.resources\3.0.0.0_fr_b77a5c561934e089\System.IdentityModel.Selectors.Resources.dll
- 2008-01-05 11:21:38 126,976 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2008-06-20 01:14:29 126,976 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2008-01-05 11:21:37 430,080 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2008-06-20 01:14:29 430,080 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2006-11-02 15:46:11 12,288 ----a-w c:\windows\assembly\GAC_MSIL\System.IO.Log.resources\3.0.0.0_fr_b03f5f7f11d50a3a\System.IO.Log.Resources.dll
+ 2008-07-11 19:39:09 12,288 ----a-w c:\windows\assembly\GAC_MSIL\System.IO.Log.resources\3.0.0.0_fr_b03f5f7f11d50a3a\System.IO.Log.Resources.dll
- 2008-01-05 11:21:38 131,072 ----a-w c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2008-06-20 01:14:29 131,072 ----a-w c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2009-03-16 19:37:01 143,360 ----a-w c:\windows\assembly\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
- 2008-01-05 11:26:17 13,312 ----a-w c:\windows\assembly\GAC_MSIL\System.Management.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Management.Resources.dll
+ 2008-07-27 18:03:10 13,312 ----a-w c:\windows\assembly\GAC_MSIL\System.Management.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Management.Resources.dll
- 2008-01-05 11:26:58 372,736 ----a-w c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2008-07-27 18:03:15 372,736 ----a-w c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2008-01-05 11:26:17 61,440 ----a-w c:\windows\assembly\GAC_MSIL\System.Messaging.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Messaging.Resources.dll
+ 2008-07-27 18:03:10 61,440 ----a-w c:\windows\assembly\GAC_MSIL\System.Messaging.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Messaging.Resources.dll
- 2008-01-05 11:26:58 258,048 ----a-w c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2008-07-27 18:03:15 258,048 ----a-w c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2009-03-16 19:37:04 233,472 ----a-w c:\windows\assembly\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2006-11-02 15:46:11 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Printing.resources\3.0.0.0_fr_31bf3856ad364e35\System.Printing.resources.dll
+ 2008-07-11 19:39:10 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Printing.resources\3.0.0.0_fr_31bf3856ad364e35\System.Printing.resources.dll
- 2008-01-05 11:26:17 212,992 ----a-w c:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_fr_b77a5c561934e089\system.Resources.dll
+ 2008-07-27 18:03:10 212,992 ----a-w c:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_fr_b77a5c561934e089\system.Resources.dll
- 2008-01-05 11:26:17 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_fr_b77a5c561934e089\System.Runtime.Remoting.Resources.dll
+ 2008-07-27 18:03:10 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_fr_b77a5c561934e089\System.Runtime.Remoting.Resources.dll
- 2008-01-05 11:26:58 299,008 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2008-07-27 18:03:15 303,104 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2008-01-05 11:26:17 11,776 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
+ 2008-07-27 18:03:10 11,776 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
- 2008-01-05 11:26:58 131,072 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-07-27 18:03:15 131,072 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2008-01-05 11:26:41 98,304 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_fr_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
+ 2008-07-11 19:39:09 102,400 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_fr_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
- 2008-01-05 11:21:38 929,792 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2008-06-20 01:14:29 966,656 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2008-01-05 11:26:17 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Security.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Security.Resources.dll
+ 2008-07-27 18:03:10 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Security.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Security.Resources.dll
- 2008-01-05 11:26:58 258,048 ----a-w c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2008-07-27 18:03:15 258,048 ----a-w c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2006-11-02 15:46:12 40,960 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install.resources\3.0.0.0_fr_b77a5c561934e089\System.ServiceModel.Install.Resources.dll
+ 2008-07-11 19:39:09 36,864 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install.resources\3.0.0.0_fr_b77a5c561934e089\System.ServiceModel.Install.Resources.dll
- 2008-01-05 11:21:40 159,744 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll
+ 2008-06-20 01:14:32 73,728 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll
- 2008-01-05 11:26:41 499,712 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_fr_b77a5c561934e089\System.ServiceModel.Resources.dll
+ 2008-07-11 19:39:09 499,712 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_fr_b77a5c561934e089\System.ServiceModel.Resources.dll
- 2008-01-05 11:21:40 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2008-06-20 01:14:33 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2009-03-16 19:36:50 569,344 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll
- 2008-01-05 11:21:38 5,971,968 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2008-11-24 23:34:36 5,931,008 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2008-01-05 11:26:17 40,960 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.ServiceProcess.Resources.dll
+ 2008-07-27 18:03:10 40,960 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.ServiceProcess.Resources.dll
- 2008-01-05 11:26:58 114,688 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2008-07-27 18:03:15 114,688 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2006-11-02 15:46:13 65,536 ----a-w c:\windows\assembly\GAC_MSIL\System.Speech.resources\3.0.0.0_fr_31bf3856ad364e35\System.Speech.resources.dll
+ 2008-07-11 19:39:10 61,440 ----a-w c:\windows\assembly\GAC_MSIL\System.Speech.resources\3.0.0.0_fr_31bf3856ad364e35\System.Speech.resources.dll
- 2008-01-05 11:26:17 16,896 ----a-w c:\windows\assembly\GAC_MSIL\System.Transactions.resources\2.0.0.0_fr_b77a5c561934e089\System.Transactions.resources.dll
+ 2008-07-27 18:03:10 16,896 ----a-w c:\windows\assembly\GAC_MSIL\System.Transactions.resources\2.0.0.0_fr_b77a5c561934e089\System.Transactions.resources.dll
+ 2009-03-16 19:37:06 77,824 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Abstractions\3.5.0.0__31bf3856ad364e35\System.Web.Abstractions.dll
+ 2009-03-16 19:37:06 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll
+ 2009-03-16 19:37:46 229,376 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll
+ 2009-03-16 19:37:02 131,072 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Entity.Design\3.5.0.0__b77a5c561934e089\System.Web.Entity.Design.dll
+ 2009-03-16 19:37:46 139,264 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll
+ 2009-03-16 19:37:07 335,872 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll
+ 2009-03-16 19:37:47 1,277,952 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
- 2008-01-05 11:26:17 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Mobile.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Web.Mobile.resources.dll
+ 2008-07-27 18:03:10 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Mobile.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Web.Mobile.resources.dll
- 2008-01-05 11:26:59 884,736 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2008-07-27 18:03:15 835,584 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2008-01-05 11:26:59 90,112 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2008-07-27 18:03:15 77,824 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2008-01-05 11:26:17 618,496 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Web.Resources.dll
+ 2008-07-27 18:03:10 622,592 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Web.Resources.dll
+ 2009-03-16 19:37:08 61,440 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\System.Web.Routing.dll
- 2008-01-05 11:26:17 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Web.Services.Resources.dll
+ 2008-07-27 18:03:10 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Web.Services.Resources.dll
- 2008-01-05 11:27:00 839,680 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2008-07-27 18:03:15 839,680 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2008-01-05 11:26:17 430,080 ----a-w c:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_fr_b77a5c561934e089\System.Windows.Forms.Resources.dll
+ 2008-07-27 18:03:10 430,080 ----a-w c:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_fr_b77a5c561934e089\System.Windows.Forms.Resources.dll
- 2008-01-05 11:27:02 5,013,504 ----a-w c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2008-07-27 18:03:15 5,025,792 ----a-w c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2009-03-16 19:37:03 12,288 ----a-w c:\windows\assembly\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2008-01-05 11:26:54 193,592 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Activities.resources\3.0.0.0_fr_31bf3856ad364e35\System.Workflow.Activities.resources.dll
+ 2008-07-11 19:39:10 184,320 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Activities.resources\3.0.0.0_fr_31bf3856ad364e35\System.Workflow.Activities.resources.dll
- 2008-01-05 11:22:14 1,152,040 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
+ 2008-06-20 01:14:46 1,138,688 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
- 2008-01-05 11:26:54 320,576 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel.resources\3.0.0.0_fr_31bf3856ad364e35\System.Workflow.ComponentModel.resources.dll
+ 2008-07-11 19:39:10 311,296 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel.resources\3.0.0.0_fr_31bf3856ad364e35\System.Workflow.ComponentModel.resources.dll
- 2008-01-05 11:22:15 1,635,376 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
+ 2008-06-20 01:14:47 1,630,208 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
- 2008-01-05 11:26:54 46,136 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime.resources\3.0.0.0_fr_31bf3856ad364e35\System.Workflow.Runtime.resources.dll
+ 2008-07-11 19:39:10 36,864 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime.resources\3.0.0.0_fr_31bf3856ad364e35\System.Workflow.Runtime.resources.dll
- 2008-01-05 11:22:15 578,592 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
+ 2008-06-20 01:14:47 540,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
+ 2009-03-16 19:36:50 507,904 ----a-w c:\windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll
+ 2009-03-16 19:37:03 139,264 ----a-w c:\windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll
- 2008-01-05 11:26:17 167,936 ----a-w c:\windows\assembly\GAC_MSIL\System.XML.resources\2.0.0.0_fr_b77a5c561934e089\System.xml.Resources.dll
+ 2008-07-27 18:03:10 167,936 ----a-w c:\windows\assembly\GAC_MSIL\System.XML.resources\2.0.0.0_fr_b77a5c561934e089\System.xml.Resources.dll
- 2008-01-05 11:27:03 2,068,480 ----a-w c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2008-10-13 22:26:58 2,048,000 ----a-w c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2008-01-05 11:26:55 3,076,096 ----a-w c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2008-07-27 18:03:15 3,149,824 ----a-w c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2006-11-02 15:46:08 9,728 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClient.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationClient.resources.dll
+ 2008-07-11 19:39:10 4,096 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClient.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationClient.resources.dll
- 2008-01-05 11:21:56 163,840 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2008-06-20 01:14:43 167,936 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
- 2006-11-02 15:46:13 10,240 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationClientsideProviders.resources.dll
+ 2008-07-11 19:39:10 12,288 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationClientsideProviders.resources.dll
- 2008-01-05 11:22:00 372,736 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2008-06-20 01:14:43 385,024 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
- 2006-11-02 15:46:16 4,096 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationProvider.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationProvider.resources.dll
+ 2008-07-11 19:39:10 4,096 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationProvider.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationProvider.resources.dll
- 2008-01-05 11:22:00 32,768 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2008-06-20 01:14:43 40,960 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2006-11-02 15:46:16 7,680 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationTypes.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationTypes.resources.dll
+ 2008-07-11 19:39:10 10,240 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationTypes.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationTypes.resources.dll
- 2008-01-05 11:22:00 86,016 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2008-06-20 01:14:43 98,304 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
- 2006-11-02 15:46:14 90,112 ----a-w c:\windows\assembly\GAC_MSIL\WindowsBase.resources\3.0.0.0_fr_31bf3856ad364e35\WindowsBase.resources.dll
+ 2008-07-11 19:39:10 90,112 ----a-w c:\windows\assembly\GAC_MSIL\WindowsBase.resources\3.0.0.0_fr_31bf3856ad364e35\WindowsBase.resources.dll
- 2008-01-05 11:22:00 1,204,224 ----a-w c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2008-06-20 01:14:44 1,245,184 ----a-w c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
- 2006-11-02 15:46:15 5,120 ----a-w c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration.resources\3.0.0.0_fr_31bf3856ad364e35\WindowsFormsIntegration.resources.dll
+ 2008-07-11 19:39:10 5,120 ----a-w c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration.resources\3.0.0.0_fr_31bf3856ad364e35\WindowsFormsIntegration.resources.dll
- 2008-01-05 11:22:01 81,920 ----a-w c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf38
ComboFix 09-03-15.01 - Kevin MONTHERAT 2009-03-17 21:18:59.3 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.2047.950 [GMT 1:00]
Lancé depuis: c:\users\Kevin MONTHERAT\Desktop\ComboFix.exe
Commutateurs utilisés :: c:\users\Kevin MONTHERAT\Desktop\CFScript.txt
FW: Pack sécurité 8.00 *enabled*
* Un nouveau point de restauration a été créé
* Resident AV is active
FILE ::
c:\windows\System32\gaopdxpmicngut.0ll
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\System32\gaopdxpmicngut.0ll
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-02-17 au 2009-03-17 ))))))))))))))))))))))))))))))))))))
.
2009-03-16 20:31 . 2008-06-20 02:14 781,344 --a------ c:\windows\System32\PresentationNative_v0300.dll
2009-03-16 20:31 . 2008-06-20 02:14 622,080 --a------ c:\windows\System32\icardagt.exe
2009-03-16 20:31 . 2008-06-20 02:14 326,160 --a------ c:\windows\System32\PresentationHost.exe
2009-03-16 20:31 . 2008-06-20 02:14 105,016 --a------ c:\windows\System32\PresentationCFFRasterizerNative_v0300.dll
2009-03-16 20:31 . 2008-06-20 02:14 97,800 --a------ c:\windows\System32\infocardapi.dll
2009-03-16 20:31 . 2008-06-20 02:14 43,544 --a------ c:\windows\System32\PresentationHostProxy.dll
2009-03-16 20:31 . 2008-06-20 02:14 37,384 --a------ c:\windows\System32\infocardcpl.cpl
2009-03-16 20:31 . 2008-06-20 02:14 11,264 --a------ c:\windows\System32\icardres.dll
2009-03-16 20:23 . 2008-07-27 19:03 282,112 --a------ c:\windows\System32\mscoree.dll
2009-03-16 20:23 . 2008-07-27 19:03 158,720 --a------ c:\windows\System32\mscorier.dll
2009-03-16 20:23 . 2008-07-27 19:03 96,760 --a------ c:\windows\System32\dfshim.dll
2009-03-16 20:23 . 2008-07-27 19:03 83,968 --a------ c:\windows\System32\mscories.dll
2009-03-16 20:23 . 2008-07-27 19:03 41,984 --a------ c:\windows\System32\netfxperf.dll
2009-03-14 20:48 . 2009-03-14 20:48 <REP> d----c--- c:\windows\System32\DRVSTORE
2009-03-14 20:48 . 2009-02-06 18:08 55,280 --a------ c:\windows\System32\drivers\fssfltr.sys
2009-03-14 20:47 . 2009-03-14 20:47 <REP> d-------- c:\program files\Microsoft Sync Framework
2009-03-14 14:15 . 2009-03-14 14:32 <REP> d-------- c:\users\Kevin MONTHERAT\AppData\Roaming\InfraRecorder
2009-03-14 14:15 . 2009-03-14 14:15 <REP> d-------- c:\program files\InfraRecorder
2009-03-11 12:54 . 2008-12-16 04:29 8,147,456 --a------ c:\windows\System32\wmploc.DLL
2009-03-11 12:54 . 2009-02-09 04:10 2,033,152 --a------ c:\windows\System32\win32k.sys
2009-03-11 12:54 . 2008-11-27 05:43 268,288 --a------ c:\windows\System32\schannel.dll
2009-03-11 12:54 . 2008-12-16 06:31 7,680 --a------ c:\windows\System32\spwmp.dll
2009-03-11 12:54 . 2008-12-16 06:31 4,096 --a------ c:\windows\System32\msdxm.ocx
2009-03-11 12:54 . 2008-12-16 06:31 4,096 --a------ c:\windows\System32\dxmasf.dll
2009-03-06 18:12 . 2009-03-06 18:12 0 --ah----- c:\windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-03-05 21:14 . 2009-03-05 21:24 <REP> d-------- C:\rsit
2009-03-05 21:12 . 2009-03-05 21:12 <REP> d-------- c:\program files\Trend Micro
2009-03-05 20:05 . 2009-03-05 20:05 <REP> d-------- c:\users\Kevin MONTHERAT\AppData\Roaming\Malwarebytes
2009-03-05 20:05 . 2009-03-05 20:05 <REP> d-------- c:\users\All Users\Malwarebytes
2009-03-05 20:05 . 2009-03-05 20:05 <REP> d-------- c:\programdata\Malwarebytes
2009-03-05 20:05 . 2009-03-05 20:05 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-03-05 20:05 . 2009-02-11 10:19 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2009-03-05 20:05 . 2009-02-11 10:19 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2009-03-05 19:58 . 2009-03-05 20:54 <REP> d-------- C:\Rooter$
2009-03-04 12:57 . 2009-03-04 12:57 <REP> d-------- c:\users\Kevin MONTHERAT\Pavark
2009-03-04 12:52 . 2009-03-04 12:52 <REP> d-------- c:\program files\PHPNukeFR
2009-03-04 11:06 . 2009-03-04 11:06 <REP> d-------- c:\program files\VID_0E8F&PID_0012
2009-03-02 13:27 . 2009-03-02 13:27 <REP> d-------- c:\program files\Conduit
2009-03-02 12:58 . 2009-03-02 13:12 <REP> d-------- c:\program files\Navilog1
2009-02-28 10:49 . 2009-02-28 10:49 <REP> d-------- c:\program files\Java
2009-02-28 10:43 . 2009-02-28 10:47 <REP> d-------- c:\users\Kevin MONTHERAT\.housecall6.6
2009-02-27 19:12 . 2009-03-05 20:56 <REP> d-------- C:\Fraps
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Videos
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Searches
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Saved Games
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Pictures
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Music
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Links
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Downloads
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Documents
2009-02-24 19:58 . 2009-02-24 19:58 <REP> d-------- c:\users\All Users\Electronic Arts
2009-02-24 19:58 . 2009-02-24 19:58 <REP> d-------- c:\programdata\Electronic Arts
2009-02-24 19:58 . 2009-02-24 19:58 1,590 --a------ c:\windows\System32\ealregsnapshot1.reg
2009-02-24 19:41 . 2009-02-24 19:41 <REP> d-------- c:\program files\EA Games
2009-02-24 18:50 . 2008-03-05 15:56 3,786,760 --a------ c:\windows\System32\D3DX9_37.dll
2009-02-24 18:50 . 2007-10-12 15:14 3,734,536 --a------ c:\windows\System32\d3dx9_36.dll
2009-02-24 18:50 . 2008-03-05 15:56 1,420,824 --a------ c:\windows\System32\D3DCompiler_37.dll
2009-02-24 18:50 . 2007-10-12 15:14 1,374,232 --a------ c:\windows\System32\D3DCompiler_36.dll
2009-02-24 18:50 . 2008-03-05 16:03 479,752 --a------ c:\windows\System32\XAudio2_0.dll
2009-02-24 18:50 . 2008-02-05 23:07 462,864 --a------ c:\windows\System32\d3dx10_37.dll
2009-02-24 18:50 . 2007-10-02 09:56 444,776 --a------ c:\windows\System32\d3dx10_36.dll
2009-02-24 18:50 . 2007-10-22 03:39 267,272 --a------ c:\windows\System32\xactengine2_10.dll
2009-02-24 18:50 . 2007-07-20 00:57 267,112 --a------ c:\windows\System32\xactengine2_9.dll
2009-02-24 18:50 . 2008-03-05 16:03 238,088 --a------ c:\windows\System32\xactengine3_0.dll
2009-02-24 18:50 . 2008-03-05 16:00 25,608 --a------ c:\windows\System32\X3DAudio1_3.dll
2009-02-24 18:50 . 2007-10-22 03:37 17,928 --a------ c:\windows\System32\X3DAudio1_2.dll
2009-02-23 18:49 . 2009-02-23 18:49 <REP> d-------- c:\users\Kevin MONTHERAT\AppData\Roaming\Leadertech
2009-02-22 19:15 . 2009-02-23 19:56 <REP> d-------- c:\program files\PowerISO
2009-02-22 18:46 . 2009-02-22 18:47 <REP> d-------- c:\users\Kevin MONTHERAT\AppData\Roaming\vlc
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-17 19:12 --------- d-----w c:\users\Kevin MONTHERAT\AppData\Roaming\Azureus
2009-03-17 18:06 --------- d-----w c:\programdata\Google Updater
2009-03-14 19:48 --------- d-----w c:\program files\Windows Live
2009-03-14 19:05 138,184 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2009-03-14 19:04 183,112 ----a-w c:\windows\System32\PnkBstrB.exe
2009-03-13 22:29 --------- d-----w c:\programdata\Test Drive Unlimited
2009-03-12 18:18 --------- d-----w c:\program files\Windows Mail
2009-03-12 18:05 --------- d-----w c:\programdata\Microsoft Help
2009-03-08 11:13 --------- d-----w c:\program files\Microsoft Silverlight
2009-03-06 20:19 --------- d-----w c:\program files\Vuze
2009-03-05 20:03 --------- d-----w c:\program files\CCleaner
2009-03-05 19:45 --------- d---a-w c:\programdata\TEMP
2009-03-04 10:06 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-03 16:57 --------- d-----w c:\users\Kevin MONTHERAT\AppData\Roaming\dvdcss
2009-03-01 11:13 --------- d-----w c:\program files\Google
2009-02-28 09:49 410,984 ----a-w c:\windows\System32\deploytk.dll
2009-02-26 17:19 --------- d-----w c:\users\Kevin MONTHERAT\AppData\Roaming\LimeWire
2009-02-25 12:42 413,696 ----a-w c:\windows\System32\wrap_oal.dll
2009-02-25 12:42 110,592 ----a-w c:\windows\System32\OpenAL32.dll
2009-02-25 12:34 --------- d-----w c:\program files\Yahoo!
2009-02-24 20:13 66,872 ----a-w c:\windows\System32\PnkBstrA.exe
2009-02-22 17:44 --------- d-----w c:\program files\VideoLAN
2009-02-22 16:53 --------- d-----w c:\programdata\Media Center Programs
2009-02-14 14:53 --------- d-----w c:\program files\LimeWire
2009-02-14 09:48 --------- d-----w c:\program files\PowerQuest
2009-02-14 00:21 --------- d-----w c:\program files\NCH Swift Sound
2009-02-14 00:16 --------- d-----w c:\users\Kevin MONTHERAT\AppData\Roaming\eSobi
2009-02-14 00:16 --------- d-----w c:\programdata\eMule
2009-02-06 18:39 308,600 ----a-w c:\windows\WLXPGSS.SCR
2009-02-06 18:33 --------- d-----w c:\program files\GameSpy Arcade
2009-02-06 17:52 49,504 ----a-w c:\windows\System32\sirenacm.dll
2009-02-06 06:03 0 ---ha-w c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-02-04 12:31 --------- d-----w c:\users\Kevin MONTHERAT\AppData\Roaming\InstallShield
2009-02-04 12:31 --------- d-----w c:\program files\RALINK
2009-02-03 17:43 --------- d-----w c:\program files\Audacity
2009-02-02 16:14 --------- d-----w c:\program files\Microsoft Works
2009-02-01 16:45 --------- d-----w c:\program files\Zattoo
2009-02-01 11:32 --------- d-----w c:\program files\Microsoft CAPICOM 2.1.0.2
2009-01-29 19:31 --------- d-----w c:\program files\Microsoft
2009-01-29 19:30 --------- d-----w c:\program files\Microsoft Office Outlook Connector
2009-01-29 19:28 --------- d-----w c:\program files\Microsoft SQL Server Compact Edition
2009-01-29 14:10 174 --sha-w c:\program files\desktop.ini
2009-01-29 14:03 --------- d-----w c:\program files\Windows Sidebar
2009-01-29 14:03 --------- d-----w c:\program files\Windows Photo Gallery
2009-01-29 14:03 --------- d-----w c:\program files\Windows Journal
2009-01-29 14:03 --------- d-----w c:\program files\Windows Collaboration
2009-01-29 14:03 --------- d-----w c:\program files\Windows Calendar
2009-01-29 14:02 --------- d-----w c:\program files\Windows Defender
2009-01-29 13:40 82,432 ----a-w c:\windows\System32\axaltocm.dll
2009-01-29 13:40 101,888 ----a-w c:\windows\System32\ifxcardm.dll
2009-01-28 16:57 33,408 ----a-w c:\windows\system32\drivers\fsbts.sys
2009-01-28 16:53 --------- d-----w c:\users\Kevin MONTHERAT\AppData\Roaming\F-Secure
2009-01-28 16:37 --------- d-----w c:\programdata\f-secure
2009-01-28 16:35 --------- d-----w c:\programdata\fssg
2009-01-28 16:35 --------- d-----w c:\program files\SFR
2009-01-28 16:29 --------- d-----w c:\programdata\Avg7
2009-01-24 10:31 9,847,296 ----a-w c:\windows\System32\NlsData000a.dll
2009-01-23 16:38 61,440 ----a-w c:\windows\System32\winipsec.dll
2009-01-23 16:38 361,984 ----a-w c:\windows\System32\IPSECSVC.DLL
2009-01-23 16:38 28,672 ----a-w c:\windows\System32\FwRemoteSvr.dll
2009-01-23 16:38 272,896 ----a-w c:\windows\System32\polstore.dll
2009-01-23 16:37 94,720 ----a-w c:\windows\System32\PortableDeviceClassExtension.dll
2009-01-23 16:37 241,152 ----a-w c:\windows\System32\PortableDeviceApi.dll
2009-01-23 16:37 160,768 ----a-w c:\windows\System32\PortableDeviceTypes.dll
2009-01-23 16:28 296,960 ----a-w c:\windows\System32\gdi32.dll
2009-01-23 16:27 269,312 ----a-w c:\windows\System32\es.dll
2009-01-23 16:27 212,480 ----a-w c:\windows\system32\drivers\mrxsmb10.sys
2009-01-23 16:26 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll
2009-01-23 16:26 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll
2009-01-23 16:26 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll
2009-01-23 16:26 4,240,384 ----a-w c:\windows\System32\GameUXLegacyGDFs.dll
2009-01-23 16:26 28,672 ----a-w c:\windows\System32\Apphlpdm.dll
2009-01-23 16:26 2,560 ----a-w c:\windows\AppPatch\AcRes.dll
2009-01-23 16:26 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll
2009-01-23 16:26 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll
2009-01-23 16:26 1,695,744 ----a-w c:\windows\System32\gameux.dll
2009-01-23 16:21 988,216 ----a-w c:\windows\System32\winload.exe
2009-01-23 16:21 927,288 ----a-w c:\windows\System32\winresume.exe
2009-01-23 16:21 615,992 ----a-w c:\windows\System32\ci.dll
2009-01-23 16:21 6,656 ----a-w c:\windows\System32\kbd106n.dll
2009-01-23 16:21 46,592 ----a-w c:\windows\System32\setbcdlocale.dll
2009-01-23 16:21 40,960 ----a-w c:\windows\System32\srclient.dll
2009-01-23 16:21 378,368 ----a-w c:\windows\System32\srcore.dll
2009-01-23 16:21 318,464 ----a-w c:\windows\System32\rstrui.exe
2009-01-23 16:21 19,000 ----a-w c:\windows\System32\kd1394.dll
2009-01-23 16:21 14,848 ----a-w c:\windows\System32\srdelayed.exe
2009-01-23 16:18 --------- d-----w c:\program files\MSXML 4.0
2009-01-22 14:29 --------- d-----w c:\programdata\Azureus
2009-01-22 08:39 303,616 ----a-w c:\windows\System32\wmpeffects.dll
2009-01-22 08:37 2,048 ----a-w c:\windows\System32\msxml3r.dll
2009-01-22 08:37 1,191,936 ----a-w c:\windows\System32\msxml3.dll
2009-01-22 08:33 2,048 ----a-w c:\windows\System32\tzres.dll
2009-01-22 08:28 2,927,104 ----a-w c:\windows\explorer.exe
2009-01-22 08:20 712,704 ----a-w c:\windows\System32\WindowsCodecs.dll
2009-01-22 08:20 443,392 ----a-w c:\windows\System32\win32spl.dll
2009-01-22 08:20 425,472 ----a-w c:\windows\System32\PhotoMetadataHandler.dll
2009-01-22 08:20 37,888 ----a-w c:\windows\System32\printcom.dll
2009-01-22 08:20 347,648 ----a-w c:\windows\System32\WindowsCodecsExt.dll
2009-01-22 08:19 14,848 ----a-w c:\windows\System32\wshrm.dll
2009-01-22 08:19 113,664 ----a-w c:\windows\system32\drivers\rmcast.sys
.
((((((((((((((((((((((((((((( SnapShot@2009-03-05_21.56.43,47 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-01-05 11:26:08 69,120 ----a-w c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2008-07-27 18:03:11 69,120 ----a-w c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2008-01-05 11:26:17 72,192 ----a-w c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2008-07-27 18:03:12 72,192 ----a-w c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2008-01-05 11:21:39 151,552 ----a-w c:\windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-06-20 01:14:31 163,840 ----a-w c:\windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
- 2008-01-05 11:26:32 4,444,160 ----a-w c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2008-10-13 22:26:54 4,546,560 ----a-w c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2008-01-05 11:21:53 4,174,336 ----a-w c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2008-11-24 23:34:46 4,210,688 ----a-w c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2008-11-24 23:34:49 1,736,528 ----a-w c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\wpfgfx_v0300.dll
- 2008-01-05 11:26:54 483,840 ----a-w c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2008-10-13 22:26:57 486,400 ----a-w c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2008-01-05 11:26:54 3,036,160 ----a-w c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2008-07-27 18:03:15 2,933,248 ----a-w c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2008-01-05 11:26:55 258,048 ----a-w c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2008-07-27 18:03:15 258,048 ----a-w c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2008-01-19 03:22:55 113,664 ----a-w c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2008-07-27 18:22:54 113,664 ----a-w c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2008-01-05 11:21:55 346,624 ----a-w c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2008-06-20 01:14:43 368,640 ----a-w c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2008-01-05 11:26:59 261,120 ----a-w c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2008-07-27 18:03:15 261,632 ----a-w c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2008-01-05 11:26:59 5,431,296 ----a-w c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2008-10-13 22:26:58 5,242,880 ----a-w c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2008-01-05 11:25:52 10,752 ----a-w c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2008-07-27 18:03:10 10,752 ----a-w c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2008-01-05 11:26:11 315,392 ----a-w c:\windows\assembly\GAC_MSIL\AspNetMMCExt.resources\2.0.0.0_fr_b03f5f7f11d50a3a\aspnetmmcext.resources.dll
+ 2008-07-27 18:03:10 315,392 ----a-w c:\windows\assembly\GAC_MSIL\AspNetMMCExt.resources\2.0.0.0_fr_b03f5f7f11d50a3a\aspnetmmcext.resources.dll
- 2008-01-05 11:25:59 507,904 ----a-w c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2008-07-27 18:03:11 507,904 ----a-w c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2008-01-05 11:21:39 159,744 ----a-w c:\windows\assembly\GAC_MSIL\ComSvcConfig\3.0.0.0__b03f5f7f11d50a3a\ComSvcConfig.exe
+ 2008-06-20 01:14:31 168,968 ----a-w c:\windows\assembly\GAC_MSIL\ComSvcConfig\3.0.0.0__b03f5f7f11d50a3a\ComSvcConfig.exe
- 2008-01-05 11:26:08 13,312 ----a-w c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2008-07-27 18:03:11 13,312 ----a-w c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2008-01-05 11:26:11 5,120 ----a-w c:\windows\assembly\GAC_MSIL\dfsvc\2.0.0.0__b03f5f7f11d50a3a\dfsvc.exe
+ 2008-07-27 18:03:11 5,120 ----a-w c:\windows\assembly\GAC_MSIL\dfsvc\2.0.0.0__b03f5f7f11d50a3a\dfsvc.exe
- 2008-01-05 11:26:12 8,192 ----a-w c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2008-07-27 18:03:12 8,192 ----a-w c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2008-01-05 11:26:12 77,824 ----a-w c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2008-07-27 18:03:12 77,824 ----a-w c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2008-01-05 11:26:13 6,656 ----a-w c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2008-07-27 18:03:12 6,656 ----a-w c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2009-03-16 19:36:54 106,496 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.dll
- 2008-01-05 11:26:11 53,248 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll
+ 2008-07-27 18:03:10 53,248 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll
- 2008-01-05 11:26:17 348,160 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2008-07-27 18:03:12 348,160 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-03-16 19:36:55 733,184 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2008-01-05 11:26:17 36,864 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2008-07-27 18:03:12 36,864 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2009-03-16 19:36:55 36,864 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2008-01-05 11:26:11 139,264 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Tasks.resources.dll
+ 2008-07-27 18:03:10 139,264 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Tasks.resources.dll
+ 2009-03-16 19:36:55 802,816 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.dll
- 2008-01-05 11:26:17 655,360 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2008-07-27 18:03:12 655,360 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2008-01-05 11:26:11 10,752 ----a-w c:\windows\assembly\GAC_MSIL\microsoft.build.utilities.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Utilities.Resources.dll
+ 2008-07-27 18:03:10 10,752 ----a-w c:\windows\assembly\GAC_MSIL\microsoft.build.utilities.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Utilities.Resources.dll
+ 2009-03-16 19:36:56 94,208 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll
- 2008-01-05 11:26:17 77,824 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2008-07-27 18:03:12 77,824 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2008-01-05 11:26:11 45,056 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Jscript.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.JScript.Resources.dll
+ 2008-07-27 18:03:10 45,056 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Jscript.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.JScript.Resources.dll
- 2008-01-05 11:26:19 749,568 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2008-07-27 18:03:12 749,568 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2006-11-02 15:46:12 5,120 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.Dtc.resources\3.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.Resources.dll
+ 2008-07-11 19:39:09 5,120 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.Dtc.resources\3.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.Resources.dll
- 2008-01-05 11:26:41 19,456 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.resources\3.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Resources.dll
+ 2008-07-11 19:39:09 19,456 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.resources\3.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Resources.dll
- 2008-01-05 11:21:39 397,312 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2008-06-20 01:14:31 397,312 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2008-01-05 11:26:17 9,216 ----a-w c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll
+ 2008-07-27 18:03:10 9,216 ----a-w c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll
- 2008-01-05 11:26:19 110,592 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-07-27 18:03:12 110,592 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2008-01-05 11:26:17 9,728 ----a-w c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll
+ 2008-07-27 18:03:10 9,728 ----a-w c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll
- 2008-01-05 11:26:23 372,736 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2008-07-27 18:03:12 372,736 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2008-01-05 11:26:11 61,440 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
+ 2008-07-27 18:03:10 61,440 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
- 2008-01-05 11:26:23 28,672 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-27 18:03:12 28,672 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2008-01-05 11:26:23 671,744 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2008-07-27 18:03:12 659,456 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2009-03-16 19:36:55 41,984 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll
- 2006-10-20 01:14:05 5,632 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2008-07-27 18:03:12 5,632 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2008-01-05 11:26:24 12,800 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-07-27 18:03:12 12,800 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2008-01-05 11:26:23 32,768 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2008-07-27 18:03:12 32,768 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2006-10-20 01:14:05 7,168 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2008-07-27 18:03:12 7,168 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2008-01-05 11:26:12 311,296 ----a-w c:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.Resources.dll
+ 2008-07-27 18:03:10 311,296 ----a-w c:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.Resources.dll
- 2006-11-02 15:46:13 57,344 ----a-w c:\windows\assembly\GAC_MSIL\PresentationBuildTasks.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationBuildTasks.resources.dll
+ 2008-07-11 19:39:10 53,248 ----a-w c:\windows\assembly\GAC_MSIL\PresentationBuildTasks.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationBuildTasks.resources.dll
- 2008-01-05 11:21:52 602,112 ----a-w c:\windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
+ 2008-06-20 01:14:42 598,016 ----a-w c:\windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
- 2008-01-05 11:21:52 32,768 ----a-w c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
+ 2008-06-20 01:14:44 32,768 ----a-w c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
- 2006-11-02 15:46:11 110,592 ----a-w c:\windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationCore.resources.dll
+ 2008-07-11 19:39:10 110,592 ----a-w c:\windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationCore.resources.dll
- 2008-01-05 11:21:53 36,864 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
+ 2008-06-20 01:14:44 46,104 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
- 2008-01-05 11:21:53 184,320 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2008-06-20 01:14:43 196,608 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
- 2008-01-05 11:21:53 131,072 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2008-06-20 01:14:43 139,264 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
- 2008-01-05 11:21:53 376,832 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2008-06-20 01:14:43 397,312 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
- 2006-11-02 15:46:16 253,952 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationFramework.resources.dll
+ 2008-07-11 19:39:10 245,760 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationFramework.resources.dll
- 2008-01-05 11:21:54 151,552 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2008-06-20 01:14:43 163,840 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
- 2008-01-05 11:21:53 5,210,112 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2008-11-24 23:34:47 5,283,840 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
- 2006-11-02 15:46:08 372,736 ----a-w c:\windows\assembly\GAC_MSIL\PresentationUI.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationUI.resources.dll
+ 2008-07-11 19:39:10 372,736 ----a-w c:\windows\assembly\GAC_MSIL\PresentationUI.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationUI.resources.dll
- 2008-01-05 11:21:55 897,024 ----a-w c:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2008-06-20 01:14:44 864,256 ----a-w c:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
- 2006-11-02 15:46:11 40,960 ----a-w c:\windows\assembly\GAC_MSIL\ReachFramework.resources\3.0.0.0_fr_31bf3856ad364e35\ReachFramework.resources.dll
+ 2008-07-11 19:39:10 40,960 ----a-w c:\windows\assembly\GAC_MSIL\ReachFramework.resources\3.0.0.0_fr_31bf3856ad364e35\ReachFramework.resources.dll
- 2008-01-05 11:21:55 528,384 ----a-w c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2008-06-20 01:14:43 528,384 ----a-w c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2009-03-16 19:36:56 5,632 ----a-w c:\windows\assembly\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll
- 2008-01-05 11:21:39 61,440 ----a-w c:\windows\assembly\GAC_MSIL\ServiceModelReg\3.0.0.0__b03f5f7f11d50a3a\ServiceModelReg.exe
+ 2008-06-20 01:14:31 156,688 ----a-w c:\windows\assembly\GAC_MSIL\ServiceModelReg\3.0.0.0__b03f5f7f11d50a3a\ServiceModelReg.exe
- 2006-11-02 15:46:11 5,120 ----a-w c:\windows\assembly\GAC_MSIL\SMDiagnostics.resources\3.0.0.0_fr_b77a5c561934e089\SMDiagnostics.resources.dll
+ 2008-07-11 19:39:09 5,120 ----a-w c:\windows\assembly\GAC_MSIL\SMDiagnostics.resources\3.0.0.0_fr_b77a5c561934e089\SMDiagnostics.resources.dll
- 2008-01-05 11:21:39 102,400 ----a-w c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2008-06-20 01:14:31 110,592 ----a-w c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
- 2008-01-05 11:21:39 122,880 ----a-w c:\windows\assembly\GAC_MSIL\SMSvcHost\3.0.0.0__b03f5f7f11d50a3a\SMSvcHost.exe
+ 2008-06-20 01:14:31 132,096 ----a-w c:\windows\assembly\GAC_MSIL\SMSvcHost\3.0.0.0__b03f5f7f11d50a3a\SMSvcHost.exe
- 2008-01-05 11:26:12 10,752 ----a-w c:\windows\assembly\GAC_MSIL\sysglobl.resources\2.0.0.0_fr_b03f5f7f11d50a3a\sysglobl.resources.dll
+ 2008-07-27 18:03:10 10,752 ----a-w c:\windows\assembly\GAC_MSIL\sysglobl.resources\2.0.0.0_fr_b03f5f7f11d50a3a\sysglobl.resources.dll
- 2008-01-05 11:26:54 110,592 ----a-w c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2008-07-27 18:03:14 110,592 ----a-w c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2008-11-06 18:25:27 47,832 ----a-w c:\windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2009-03-16 19:36:58 45,056 ----a-w c:\windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2009-03-16 19:36:58 163,840 ----a-w c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
+ 2009-03-16 19:37:04 57,344 ----a-w c:\windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
- 2008-01-05 11:26:12 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration.Install.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Configuration.Install.Resources.dll
+ 2008-07-27 18:03:10 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration.Install.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Configuration.Install.Resources.dll
- 2008-01-05 11:26:54 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2008-07-27 18:03:14 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2008-01-05 11:26:12 49,152 ----a-w c:\windows\assembly\GAC_MSIL\system.configuration.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Configuration.resources.dll
+ 2008-07-27 18:03:10 49,152 ----a-w c:\windows\assembly\GAC_MSIL\system.configuration.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Configuration.resources.dll
- 2008-01-05 11:26:54 425,984 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2008-07-27 18:03:14 425,984 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2009-03-16 19:36:59 667,648 ----a-w c:\windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
+ 2009-03-16 19:36:59 53,248 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2009-03-16 19:37:00 229,376 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll
+ 2009-03-16 19:37:00 2,879,488 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.Entity\3.5.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2009-03-16 19:36:52 684,032 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll
- 2008-01-05 11:26:12 110,592 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.OracleClient.resources\2.0.0.0_fr_b77a5c561934e089\System.Data.OracleClient.resources.dll
+ 2008-07-27 18:03:10 110,592 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.OracleClient.resources\2.0.0.0_fr_b77a5c561934e089\System.Data.OracleClient.resources.dll
- 2008-01-05 11:26:13 344,064 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_fr_b77a5c561934e089\System.Data.Resources.dll
+ 2008-07-27 18:03:10 352,256 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_fr_b77a5c561934e089\System.Data.Resources.dll
+ 2009-03-16 19:37:46 294,912 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2009-03-16 19:36:51 114,688 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.Services.Design\3.5.0.0__b77a5c561934e089\System.Data.Services.Design.dll
+ 2009-03-16 19:37:46 442,368 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll
- 2008-01-05 11:26:13 36,864 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.SqlXml.resources\2.0.0.0_fr_b77a5c561934e089\system.data.sqlxml.resources.dll
+ 2008-07-27 18:03:10 36,864 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.SqlXml.resources\2.0.0.0_fr_b77a5c561934e089\system.data.sqlxml.resources.dll
- 2008-01-05 11:26:55 741,376 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2008-07-27 18:03:15 745,472 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2008-01-05 11:26:14 389,120 ----a-w c:\windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Deployment.resources.dll
+ 2008-07-27 18:03:10 413,696 ----a-w c:\windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Deployment.resources.dll
- 2008-01-05 11:26:55 933,888 ----a-w c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2008-07-27 18:03:15 970,752 ----a-w c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2008-01-05 11:26:14 544,768 ----a-w c:\windows\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Design.Resources.dll
+ 2008-07-27 18:03:10 548,864 ----a-w c:\windows\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Design.Resources.dll
- 2008-01-05 11:26:55 5,070,848 ----a-w c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2008-07-27 18:03:15 5,062,656 ----a-w c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2009-03-16 19:36:52 286,720 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
- 2008-01-05 11:26:14 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.DirectoryServices.Protocols.resources.dll
+ 2008-07-27 18:03:10 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.DirectoryServices.Protocols.resources.dll
- 2008-01-05 11:26:55 188,416 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2008-07-27 18:03:15 188,416 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2008-01-05 11:26:16 40,960 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.DirectoryServices.Resources.dll
+ 2008-07-27 18:03:10 40,960 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.DirectoryServices.Resources.dll
- 2008-01-05 11:26:55 401,408 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2008-07-27 18:03:15 401,408 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2008-01-05 11:26:16 6,144 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing.Design.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Drawing.Design.Resources.dll
+ 2008-07-27 18:03:10 6,144 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing.Design.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Drawing.Design.Resources.dll
- 2008-01-05 11:26:55 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2008-07-27 18:03:15 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2008-01-05 11:26:16 15,360 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Drawing.Resources.dll
+ 2008-07-27 18:03:10 15,360 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Drawing.Resources.dll
- 2008-01-05 11:26:55 630,784 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2008-07-27 18:03:15 626,688 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2008-01-05 11:26:17 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.EnterpriseServices.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.EnterpriseServices.Resources.dll
+ 2008-07-27 18:03:10 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.EnterpriseServices.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.EnterpriseServices.Resources.dll
- 2008-01-05 11:26:37 65,536 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.resources\3.0.0.0_fr_b77a5c561934e089\System.IdentityModel.Resources.dll
+ 2008-07-11 19:39:09 65,536 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.resources\3.0.0.0_fr_b77a5c561934e089\System.IdentityModel.Resources.dll
- 2008-01-05 11:26:39 57,344 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors.resources\3.0.0.0_fr_b77a5c561934e089\System.IdentityModel.Selectors.Resources.dll
+ 2008-07-11 19:39:09 57,344 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors.resources\3.0.0.0_fr_b77a5c561934e089\System.IdentityModel.Selectors.Resources.dll
- 2008-01-05 11:21:38 126,976 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2008-06-20 01:14:29 126,976 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2008-01-05 11:21:37 430,080 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2008-06-20 01:14:29 430,080 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2006-11-02 15:46:11 12,288 ----a-w c:\windows\assembly\GAC_MSIL\System.IO.Log.resources\3.0.0.0_fr_b03f5f7f11d50a3a\System.IO.Log.Resources.dll
+ 2008-07-11 19:39:09 12,288 ----a-w c:\windows\assembly\GAC_MSIL\System.IO.Log.resources\3.0.0.0_fr_b03f5f7f11d50a3a\System.IO.Log.Resources.dll
- 2008-01-05 11:21:38 131,072 ----a-w c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2008-06-20 01:14:29 131,072 ----a-w c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2009-03-16 19:37:01 143,360 ----a-w c:\windows\assembly\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
- 2008-01-05 11:26:17 13,312 ----a-w c:\windows\assembly\GAC_MSIL\System.Management.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Management.Resources.dll
+ 2008-07-27 18:03:10 13,312 ----a-w c:\windows\assembly\GAC_MSIL\System.Management.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Management.Resources.dll
- 2008-01-05 11:26:58 372,736 ----a-w c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2008-07-27 18:03:15 372,736 ----a-w c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2008-01-05 11:26:17 61,440 ----a-w c:\windows\assembly\GAC_MSIL\System.Messaging.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Messaging.Resources.dll
+ 2008-07-27 18:03:10 61,440 ----a-w c:\windows\assembly\GAC_MSIL\System.Messaging.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Messaging.Resources.dll
- 2008-01-05 11:26:58 258,048 ----a-w c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2008-07-27 18:03:15 258,048 ----a-w c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2009-03-16 19:37:04 233,472 ----a-w c:\windows\assembly\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2006-11-02 15:46:11 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Printing.resources\3.0.0.0_fr_31bf3856ad364e35\System.Printing.resources.dll
+ 2008-07-11 19:39:10 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Printing.resources\3.0.0.0_fr_31bf3856ad364e35\System.Printing.resources.dll
- 2008-01-05 11:26:17 212,992 ----a-w c:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_fr_b77a5c561934e089\system.Resources.dll
+ 2008-07-27 18:03:10 212,992 ----a-w c:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_fr_b77a5c561934e089\system.Resources.dll
- 2008-01-05 11:26:17 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_fr_b77a5c561934e089\System.Runtime.Remoting.Resources.dll
+ 2008-07-27 18:03:10 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_fr_b77a5c561934e089\System.Runtime.Remoting.Resources.dll
- 2008-01-05 11:26:58 299,008 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2008-07-27 18:03:15 303,104 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2008-01-05 11:26:17 11,776 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
+ 2008-07-27 18:03:10 11,776 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
- 2008-01-05 11:26:58 131,072 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-07-27 18:03:15 131,072 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2008-01-05 11:26:41 98,304 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_fr_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
+ 2008-07-11 19:39:09 102,400 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_fr_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
- 2008-01-05 11:21:38 929,792 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2008-06-20 01:14:29 966,656 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2008-01-05 11:26:17 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Security.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Security.Resources.dll
+ 2008-07-27 18:03:10 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Security.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Security.Resources.dll
- 2008-01-05 11:26:58 258,048 ----a-w c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2008-07-27 18:03:15 258,048 ----a-w c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2006-11-02 15:46:12 40,960 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install.resources\3.0.0.0_fr_b77a5c561934e089\System.ServiceModel.Install.Resources.dll
+ 2008-07-11 19:39:09 36,864 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install.resources\3.0.0.0_fr_b77a5c561934e089\System.ServiceModel.Install.Resources.dll
- 2008-01-05 11:21:40 159,744 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll
+ 2008-06-20 01:14:32 73,728 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll
- 2008-01-05 11:26:41 499,712 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_fr_b77a5c561934e089\System.ServiceModel.Resources.dll
+ 2008-07-11 19:39:09 499,712 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_fr_b77a5c561934e089\System.ServiceModel.Resources.dll
- 2008-01-05 11:21:40 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2008-06-20 01:14:33 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2009-03-16 19:36:50 569,344 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll
- 2008-01-05 11:21:38 5,971,968 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2008-11-24 23:34:36 5,931,008 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2008-01-05 11:26:17 40,960 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.ServiceProcess.Resources.dll
+ 2008-07-27 18:03:10 40,960 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.ServiceProcess.Resources.dll
- 2008-01-05 11:26:58 114,688 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2008-07-27 18:03:15 114,688 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2006-11-02 15:46:13 65,536 ----a-w c:\windows\assembly\GAC_MSIL\System.Speech.resources\3.0.0.0_fr_31bf3856ad364e35\System.Speech.resources.dll
+ 2008-07-11 19:39:10 61,440 ----a-w c:\windows\assembly\GAC_MSIL\System.Speech.resources\3.0.0.0_fr_31bf3856ad364e35\System.Speech.resources.dll
- 2008-01-05 11:26:17 16,896 ----a-w c:\windows\assembly\GAC_MSIL\System.Transactions.resources\2.0.0.0_fr_b77a5c561934e089\System.Transactions.resources.dll
+ 2008-07-27 18:03:10 16,896 ----a-w c:\windows\assembly\GAC_MSIL\System.Transactions.resources\2.0.0.0_fr_b77a5c561934e089\System.Transactions.resources.dll
+ 2009-03-16 19:37:06 77,824 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Abstractions\3.5.0.0__31bf3856ad364e35\System.Web.Abstractions.dll
+ 2009-03-16 19:37:06 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll
+ 2009-03-16 19:37:46 229,376 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll
+ 2009-03-16 19:37:02 131,072 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Entity.Design\3.5.0.0__b77a5c561934e089\System.Web.Entity.Design.dll
+ 2009-03-16 19:37:46 139,264 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll
+ 2009-03-16 19:37:07 335,872 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll
+ 2009-03-16 19:37:47 1,277,952 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
- 2008-01-05 11:26:17 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Mobile.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Web.Mobile.resources.dll
+ 2008-07-27 18:03:10 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Mobile.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Web.Mobile.resources.dll
- 2008-01-05 11:26:59 884,736 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2008-07-27 18:03:15 835,584 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2008-01-05 11:26:59 90,112 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2008-07-27 18:03:15 77,824 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2008-01-05 11:26:17 618,496 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Web.Resources.dll
+ 2008-07-27 18:03:10 622,592 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Web.Resources.dll
+ 2009-03-16 19:37:08 61,440 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\System.Web.Routing.dll
- 2008-01-05 11:26:17 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Web.Services.Resources.dll
+ 2008-07-27 18:03:10 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Web.Services.Resources.dll
- 2008-01-05 11:27:00 839,680 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2008-07-27 18:03:15 839,680 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2008-01-05 11:26:17 430,080 ----a-w c:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_fr_b77a5c561934e089\System.Windows.Forms.Resources.dll
+ 2008-07-27 18:03:10 430,080 ----a-w c:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_fr_b77a5c561934e089\System.Windows.Forms.Resources.dll
- 2008-01-05 11:27:02 5,013,504 ----a-w c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2008-07-27 18:03:15 5,025,792 ----a-w c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2009-03-16 19:37:03 12,288 ----a-w c:\windows\assembly\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2008-01-05 11:26:54 193,592 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Activities.resources\3.0.0.0_fr_31bf3856ad364e35\System.Workflow.Activities.resources.dll
+ 2008-07-11 19:39:10 184,320 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Activities.resources\3.0.0.0_fr_31bf3856ad364e35\System.Workflow.Activities.resources.dll
- 2008-01-05 11:22:14 1,152,040 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
+ 2008-06-20 01:14:46 1,138,688 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
- 2008-01-05 11:26:54 320,576 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel.resources\3.0.0.0_fr_31bf3856ad364e35\System.Workflow.ComponentModel.resources.dll
+ 2008-07-11 19:39:10 311,296 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel.resources\3.0.0.0_fr_31bf3856ad364e35\System.Workflow.ComponentModel.resources.dll
- 2008-01-05 11:22:15 1,635,376 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
+ 2008-06-20 01:14:47 1,630,208 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
- 2008-01-05 11:26:54 46,136 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime.resources\3.0.0.0_fr_31bf3856ad364e35\System.Workflow.Runtime.resources.dll
+ 2008-07-11 19:39:10 36,864 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime.resources\3.0.0.0_fr_31bf3856ad364e35\System.Workflow.Runtime.resources.dll
- 2008-01-05 11:22:15 578,592 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
+ 2008-06-20 01:14:47 540,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
+ 2009-03-16 19:36:50 507,904 ----a-w c:\windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll
+ 2009-03-16 19:37:03 139,264 ----a-w c:\windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll
- 2008-01-05 11:26:17 167,936 ----a-w c:\windows\assembly\GAC_MSIL\System.XML.resources\2.0.0.0_fr_b77a5c561934e089\System.xml.Resources.dll
+ 2008-07-27 18:03:10 167,936 ----a-w c:\windows\assembly\GAC_MSIL\System.XML.resources\2.0.0.0_fr_b77a5c561934e089\System.xml.Resources.dll
- 2008-01-05 11:27:03 2,068,480 ----a-w c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2008-10-13 22:26:58 2,048,000 ----a-w c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2008-01-05 11:26:55 3,076,096 ----a-w c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2008-07-27 18:03:15 3,149,824 ----a-w c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2006-11-02 15:46:08 9,728 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClient.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationClient.resources.dll
+ 2008-07-11 19:39:10 4,096 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClient.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationClient.resources.dll
- 2008-01-05 11:21:56 163,840 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2008-06-20 01:14:43 167,936 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
- 2006-11-02 15:46:13 10,240 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationClientsideProviders.resources.dll
+ 2008-07-11 19:39:10 12,288 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationClientsideProviders.resources.dll
- 2008-01-05 11:22:00 372,736 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2008-06-20 01:14:43 385,024 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
- 2006-11-02 15:46:16 4,096 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationProvider.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationProvider.resources.dll
+ 2008-07-11 19:39:10 4,096 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationProvider.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationProvider.resources.dll
- 2008-01-05 11:22:00 32,768 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2008-06-20 01:14:43 40,960 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2006-11-02 15:46:16 7,680 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationTypes.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationTypes.resources.dll
+ 2008-07-11 19:39:10 10,240 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationTypes.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationTypes.resources.dll
- 2008-01-05 11:22:00 86,016 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2008-06-20 01:14:43 98,304 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
- 2006-11-02 15:46:14 90,112 ----a-w c:\windows\assembly\GAC_MSIL\WindowsBase.resources\3.0.0.0_fr_31bf3856ad364e35\WindowsBase.resources.dll
+ 2008-07-11 19:39:10 90,112 ----a-w c:\windows\assembly\GAC_MSIL\WindowsBase.resources\3.0.0.0_fr_31bf3856ad364e35\WindowsBase.resources.dll
- 2008-01-05 11:22:00 1,204,224 ----a-w c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2008-06-20 01:14:44 1,245,184 ----a-w c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
- 2006-11-02 15:46:15 5,120 ----a-w c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration.resources\3.0.0.0_fr_31bf3856ad364e35\WindowsFormsIntegration.resources.dll
+ 2008-07-11 19:39:10 5,120 ----a-w c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration.resources\3.0.0.0_fr_31bf3856ad364e35\WindowsFormsIntegration.resources.dll
- 2008-01-05 11:22:01 81,920 ----a-w c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf38
voila le rapport:
ComboFix 09-03-15.01 - Kevin MONTHERAT 2009-03-17 21:18:59.3 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.2047.950 [GMT 1:00]
Lancé depuis: c:\users\Kevin MONTHERAT\Desktop\ComboFix.exe
Commutateurs utilisés :: c:\users\Kevin MONTHERAT\Desktop\CFScript.txt
FW: Pack sécurité 8.00 *enabled*
* Un nouveau point de restauration a été créé
* Resident AV is active
FILE ::
c:\windows\System32\gaopdxpmicngut.0ll
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\System32\gaopdxpmicngut.0ll
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-02-17 au 2009-03-17 ))))))))))))))))))))))))))))))))))))
.
2009-03-16 20:31 . 2008-06-20 02:14 781,344 --a------ c:\windows\System32\PresentationNative_v0300.dll
2009-03-16 20:31 . 2008-06-20 02:14 622,080 --a------ c:\windows\System32\icardagt.exe
2009-03-16 20:31 . 2008-06-20 02:14 326,160 --a------ c:\windows\System32\PresentationHost.exe
2009-03-16 20:31 . 2008-06-20 02:14 105,016 --a------ c:\windows\System32\PresentationCFFRasterizerNative_v0300.dll
2009-03-16 20:31 . 2008-06-20 02:14 97,800 --a------ c:\windows\System32\infocardapi.dll
2009-03-16 20:31 . 2008-06-20 02:14 43,544 --a------ c:\windows\System32\PresentationHostProxy.dll
2009-03-16 20:31 . 2008-06-20 02:14 37,384 --a------ c:\windows\System32\infocardcpl.cpl
2009-03-16 20:31 . 2008-06-20 02:14 11,264 --a------ c:\windows\System32\icardres.dll
2009-03-16 20:23 . 2008-07-27 19:03 282,112 --a------ c:\windows\System32\mscoree.dll
2009-03-16 20:23 . 2008-07-27 19:03 158,720 --a------ c:\windows\System32\mscorier.dll
2009-03-16 20:23 . 2008-07-27 19:03 96,760 --a------ c:\windows\System32\dfshim.dll
2009-03-16 20:23 . 2008-07-27 19:03 83,968 --a------ c:\windows\System32\mscories.dll
2009-03-16 20:23 . 2008-07-27 19:03 41,984 --a------ c:\windows\System32\netfxperf.dll
2009-03-14 20:48 . 2009-03-14 20:48 <REP> d----c--- c:\windows\System32\DRVSTORE
2009-03-14 20:48 . 2009-02-06 18:08 55,280 --a------ c:\windows\System32\drivers\fssfltr.sys
2009-03-14 20:47 . 2009-03-14 20:47 <REP> d-------- c:\program files\Microsoft Sync Framework
2009-03-14 14:15 . 2009-03-14 14:32 <REP> d-------- c:\users\Kevin MONTHERAT\AppData\Roaming\InfraRecorder
2009-03-14 14:15 . 2009-03-14 14:15 <REP> d-------- c:\program files\InfraRecorder
2009-03-11 12:54 . 2008-12-16 04:29 8,147,456 --a------ c:\windows\System32\wmploc.DLL
2009-03-11 12:54 . 2009-02-09 04:10 2,033,152 --a------ c:\windows\System32\win32k.sys
2009-03-11 12:54 . 2008-11-27 05:43 268,288 --a------ c:\windows\System32\schannel.dll
2009-03-11 12:54 . 2008-12-16 06:31 7,680 --a------ c:\windows\System32\spwmp.dll
2009-03-11 12:54 . 2008-12-16 06:31 4,096 --a------ c:\windows\System32\msdxm.ocx
2009-03-11 12:54 . 2008-12-16 06:31 4,096 --a------ c:\windows\System32\dxmasf.dll
2009-03-06 18:12 . 2009-03-06 18:12 0 --ah----- c:\windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-03-05 21:14 . 2009-03-05 21:24 <REP> d-------- C:\rsit
2009-03-05 21:12 . 2009-03-05 21:12 <REP> d-------- c:\program files\Trend Micro
2009-03-05 20:05 . 2009-03-05 20:05 <REP> d-------- c:\users\Kevin MONTHERAT\AppData\Roaming\Malwarebytes
2009-03-05 20:05 . 2009-03-05 20:05 <REP> d-------- c:\users\All Users\Malwarebytes
2009-03-05 20:05 . 2009-03-05 20:05 <REP> d-------- c:\programdata\Malwarebytes
2009-03-05 20:05 . 2009-03-05 20:05 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-03-05 20:05 . 2009-02-11 10:19 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2009-03-05 20:05 . 2009-02-11 10:19 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2009-03-05 19:58 . 2009-03-05 20:54 <REP> d-------- C:\Rooter$
2009-03-04 12:57 . 2009-03-04 12:57 <REP> d-------- c:\users\Kevin MONTHERAT\Pavark
2009-03-04 12:52 . 2009-03-04 12:52 <REP> d-------- c:\program files\PHPNukeFR
2009-03-04 11:06 . 2009-03-04 11:06 <REP> d-------- c:\program files\VID_0E8F&PID_0012
2009-03-02 13:27 . 2009-03-02 13:27 <REP> d-------- c:\program files\Conduit
2009-03-02 12:58 . 2009-03-02 13:12 <REP> d-------- c:\program files\Navilog1
2009-02-28 10:49 . 2009-02-28 10:49 <REP> d-------- c:\program files\Java
2009-02-28 10:43 . 2009-02-28 10:47 <REP> d-------- c:\users\Kevin MONTHERAT\.housecall6.6
2009-02-27 19:12 . 2009-03-05 20:56 <REP> d-------- C:\Fraps
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Videos
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Searches
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Saved Games
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Pictures
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Music
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Links
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Downloads
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Documents
2009-02-24 19:58 . 2009-02-24 19:58 <REP> d-------- c:\users\All Users\Electronic Arts
2009-02-24 19:58 . 2009-02-24 19:58 <REP> d-------- c:\programdata\Electronic Arts
2009-02-24 19:58 . 2009-02-24 19:58 1,590 --a------ c:\windows\System32\ealregsnapshot1.reg
2009-02-24 19:41 . 2009-02-24 19:41 <REP> d-------- c:\program files\EA Games
2009-02-24 18:50 . 2008-03-05 15:56 3,786,760 --a------ c:\windows\System32\D3DX9_37.dll
2009-02-24 18:50 . 2007-10-12 15:14 3,734,536 --a------ c:\windows\System32\d3dx9_36.dll
2009-02-24 18:50 . 2008-03-05 15:56 1,420,824 --a------ c:\windows\System32\D3DCompiler_37.dll
2009-02-24 18:50 . 2007-10-12 15:14 1,374,232 --a------ c:\windows\System32\D3DCompiler_36.dll
2009-02-24 18:50 . 2008-03-05 16:03 479,752 --a------ c:\windows\System32\XAudio2_0.dll
2009-02-24 18:50 . 2008-02-05 23:07 462,864 --a------ c:\windows\System32\d3dx10_37.dll
2009-02-24 18:50 . 2007-10-02 09:56 444,776 --a------ c:\windows\System32\d3dx10_36.dll
2009-02-24 18:50 . 2007-10-22 03:39 267,272 --a------ c:\windows\System32\xactengine2_10.dll
2009-02-24 18:50 . 2007-07-20 00:57 267,112 --a------ c:\windows\System32\xactengine2_9.dll
2009-02-24 18:50 . 2008-03-05 16:03 238,088 --a------ c:\windows\System32\xactengine3_0.dll
2009-02-24 18:50 . 2008-03-05 16:00 25,608 --a------ c:\windows\System32\X3DAudio1_3.dll
2009-02-24 18:50 . 2007-10-22 03:37 17,928 --a------ c:\windows\System32\X3DAudio1_2.dll
2009-02-23 18:49 . 2009-02-23 18:49 <REP> d-------- c:\users\Kevin MONTHERAT\AppData\Roaming\Leadertech
2009-02-22 19:15 . 2009-02-23 19:56 <REP> d-------- c:\program files\PowerISO
2009-02-22 18:46 . 2009-02-22 18:47 <REP> d-------- c:\users\Kevin MONTHERAT\AppData\Roaming\vlc
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-17 19:12 --------- d-----w c:\users\Kevin MONTHERAT\AppData\Roaming\Azureus
2009-03-17 18:06 --------- d-----w c:\programdata\Google Updater
2009-03-14 19:48 --------- d-----w c:\program files\Windows Live
2009-03-14 19:05 138,184 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2009-03-14 19:04 183,112 ----a-w c:\windows\System32\PnkBstrB.exe
2009-03-13 22:29 --------- d-----w c:\programdata\Test Drive Unlimited
2009-03-12 18:18 --------- d-----w c:\program files\Windows Mail
2009-03-12 18:05 --------- d-----w c:\programdata\Microsoft Help
2009-03-08 11:13 --------- d-----w c:\program files\Microsoft Silverlight
2009-03-06 20:19 --------- d-----w c:\program files\Vuze
2009-03-05 20:03 --------- d-----w c:\program files\CCleaner
2009-03-05 19:45 --------- d---a-w c:\programdata\TEMP
2009-03-04 10:06 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-03 16:57 --------- d-----w c:\users\Kevin MONTHERAT\AppData\Roaming\dvdcss
2009-03-01 11:13 --------- d-----w c:\program files\Google
2009-02-28 09:49 410,984 ----a-w c:\windows\System32\deploytk.dll
2009-02-26 17:19 --------- d-----w c:\users\Kevin MONTHERAT\AppData\Roaming\LimeWire
2009-02-25 12:42 413,696 ----a-w c:\windows\System32\wrap_oal.dll
2009-02-25 12:42 110,592 ----a-w c:\windows\System32\OpenAL32.dll
2009-02-25 12:34 --------- d-----w c:\program files\Yahoo!
2009-02-24 20:13 66,872 ----a-w c:\windows\System32\PnkBstrA.exe
2009-02-22 17:44 --------- d-----w c:\program files\VideoLAN
2009-02-22 16:53 --------- d-----w c:\programdata\Media Center Programs
2009-02-14 14:53 --------- d-----w c:\program files\LimeWire
2009-02-14 09:48 --------- d-----w c:\program files\PowerQuest
2009-02-14 00:21 --------- d-----w c:\program files\NCH Swift Sound
2009-02-14 00:16 --------- d-----w c:\users\Kevin MONTHERAT\AppData\Roaming\eSobi
2009-02-14 00:16 --------- d-----w c:\programdata\eMule
2009-02-06 18:39 308,600 ----a-w c:\windows\WLXPGSS.SCR
2009-02-06 18:33 --------- d-----w c:\program files\GameSpy Arcade
2009-02-06 17:52 49,504 ----a-w c:\windows\System32\sirenacm.dll
2009-02-06 06:03 0 ---ha-w c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-02-04 12:31 --------- d-----w c:\users\Kevin MONTHERAT\AppData\Roaming\InstallShield
2009-02-04 12:31 --------- d-----w c:\program files\RALINK
2009-02-03 17:43 --------- d-----w c:\program files\Audacity
2009-02-02 16:14 --------- d-----w c:\program files\Microsoft Works
2009-02-01 16:45 --------- d-----w c:\program files\Zattoo
2009-02-01 11:32 --------- d-----w c:\program files\Microsoft CAPICOM 2.1.0.2
2009-01-29 19:31 --------- d-----w c:\program files\Microsoft
2009-01-29 19:30 --------- d-----w c:\program files\Microsoft Office Outlook Connector
2009-01-29 19:28 --------- d-----w c:\program files\Microsoft SQL Server Compact Edition
2009-01-29 14:10 174 --sha-w c:\program files\desktop.ini
2009-01-29 14:03 --------- d-----w c:\program files\Windows Sidebar
2009-01-29 14:03 --------- d-----w c:\program files\Windows Photo Gallery
2009-01-29 14:03 --------- d-----w c:\program files\Windows Journal
2009-01-29 14:03 --------- d-----w c:\program files\Windows Collaboration
2009-01-29 14:03 --------- d-----w c:\program files\Windows Calendar
2009-01-29 14:02 --------- d-----w c:\program files\Windows Defender
2009-01-29 13:40 82,432 ----a-w c:\windows\System32\axaltocm.dll
2009-01-29 13:40 101,888 ----a-w c:\windows\System32\ifxcardm.dll
2009-01-28 16:57 33,408 ----a-w c:\windows\system32\drivers\fsbts.sys
2009-01-28 16:53 --------- d-----w c:\users\Kevin MONTHERAT\AppData\Roaming\F-Secure
2009-01-28 16:37 --------- d-----w c:\programdata\f-secure
2009-01-28 16:35 --------- d-----w c:\programdata\fssg
2009-01-28 16:35 --------- d-----w c:\program files\SFR
2009-01-28 16:29 --------- d-----w c:\programdata\Avg7
2009-01-24 10:31 9,847,296 ----a-w c:\windows\System32\NlsData000a.dll
2009-01-23 16:38 61,440 ----a-w c:\windows\System32\winipsec.dll
2009-01-23 16:38 361,984 ----a-w c:\windows\System32\IPSECSVC.DLL
2009-01-23 16:38 28,672 ----a-w c:\windows\System32\FwRemoteSvr.dll
2009-01-23 16:38 272,896 ----a-w c:\windows\System32\polstore.dll
2009-01-23 16:37 94,720 ----a-w c:\windows\System32\PortableDeviceClassExtension.dll
2009-01-23 16:37 241,152 ----a-w c:\windows\System32\PortableDeviceApi.dll
2009-01-23 16:37 160,768 ----a-w c:\windows\System32\PortableDeviceTypes.dll
2009-01-23 16:28 296,960 ----a-w c:\windows\System32\gdi32.dll
2009-01-23 16:27 269,312 ----a-w c:\windows\System32\es.dll
2009-01-23 16:27 212,480 ----a-w c:\windows\system32\drivers\mrxsmb10.sys
2009-01-23 16:26 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll
2009-01-23 16:26 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll
2009-01-23 16:26 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll
2009-01-23 16:26 4,240,384 ----a-w c:\windows\System32\GameUXLegacyGDFs.dll
2009-01-23 16:26 28,672 ----a-w c:\windows\System32\Apphlpdm.dll
2009-01-23 16:26 2,560 ----a-w c:\windows\AppPatch\AcRes.dll
2009-01-23 16:26 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll
2009-01-23 16:26 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll
2009-01-23 16:26 1,695,744 ----a-w c:\windows\System32\gameux.dll
2009-01-23 16:21 988,216 ----a-w c:\windows\System32\winload.exe
2009-01-23 16:21 927,288 ----a-w c:\windows\System32\winresume.exe
2009-01-23 16:21 615,992 ----a-w c:\windows\System32\ci.dll
2009-01-23 16:21 6,656 ----a-w c:\windows\System32\kbd106n.dll
2009-01-23 16:21 46,592 ----a-w c:\windows\System32\setbcdlocale.dll
2009-01-23 16:21 40,960 ----a-w c:\windows\System32\srclient.dll
2009-01-23 16:21 378,368 ----a-w c:\windows\System32\srcore.dll
2009-01-23 16:21 318,464 ----a-w c:\windows\System32\rstrui.exe
2009-01-23 16:21 19,000 ----a-w c:\windows\System32\kd1394.dll
2009-01-23 16:21 14,848 ----a-w c:\windows\System32\srdelayed.exe
2009-01-23 16:18 --------- d-----w c:\program files\MSXML 4.0
2009-01-22 14:29 --------- d-----w c:\programdata\Azureus
2009-01-22 08:39 303,616 ----a-w c:\windows\System32\wmpeffects.dll
2009-01-22 08:37 2,048 ----a-w c:\windows\System32\msxml3r.dll
2009-01-22 08:37 1,191,936 ----a-w c:\windows\System32\msxml3.dll
2009-01-22 08:33 2,048 ----a-w c:\windows\System32\tzres.dll
2009-01-22 08:28 2,927,104 ----a-w c:\windows\explorer.exe
2009-01-22 08:20 712,704 ----a-w c:\windows\System32\WindowsCodecs.dll
2009-01-22 08:20 443,392 ----a-w c:\windows\System32\win32spl.dll
2009-01-22 08:20 425,472 ----a-w c:\windows\System32\PhotoMetadataHandler.dll
2009-01-22 08:20 37,888 ----a-w c:\windows\System32\printcom.dll
2009-01-22 08:20 347,648 ----a-w c:\windows\System32\WindowsCodecsExt.dll
2009-01-22 08:19 14,848 ----a-w c:\windows\System32\wshrm.dll
2009-01-22 08:19 113,664 ----a-w c:\windows\system32\drivers\rmcast.sys
.
((((((((((((((((((((((((((((( SnapShot@2009-03-05_21.56.43,47 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-01-05 11:26:08 69,120 ----a-w c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2008-07-27 18:03:11 69,120 ----a-w c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2008-01-05 11:26:17 72,192 ----a-w c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2008-07-27 18:03:12 72,192 ----a-w c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2008-01-05 11:21:39 151,552 ----a-w c:\windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-06-20 01:14:31 163,840 ----a-w c:\windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
- 2008-01-05 11:26:32 4,444,160 ----a-w c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2008-10-13 22:26:54 4,546,560 ----a-w c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2008-01-05 11:21:53 4,174,336 ----a-w c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2008-11-24 23:34:46 4,210,688 ----a-w c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2008-11-24 23:34:49 1,736,528 ----a-w c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\wpfgfx_v0300.dll
- 2008-01-05 11:26:54 483,840 ----a-w c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2008-10-13 22:26:57 486,400 ----a-w c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2008-01-05 11:26:54 3,036,160 ----a-w c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2008-07-27 18:03:15 2,933,248 ----a-w c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2008-01-05 11:26:55 258,048 ----a-w c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2008-07-27 18:03:15 258,048 ----a-w c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2008-01-19 03:22:55 113,664 ----a-w c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2008-07-27 18:22:54 113,664 ----a-w c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2008-01-05 11:21:55 346,624 ----a-w c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2008-06-20 01:14:43 368,640 ----a-w c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2008-01-05 11:26:59 261,120 ----a-w c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2008-07-27 18:03:15 261,632 ----a-w c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2008-01-05 11:26:59 5,431,296 ----a-w c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2008-10-13 22:26:58 5,242,880 ----a-w c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2008-01-05 11:25:52 10,752 ----a-w c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2008-07-27 18:03:10 10,752 ----a-w c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2008-01-05 11:26:11 315,392 ----a-w c:\windows\assembly\GAC_MSIL\AspNetMMCExt.resources\2.0.0.0_fr_b03f5f7f11d50a3a\aspnetmmcext.resources.dll
+ 2008-07-27 18:03:10 315,392 ----a-w c:\windows\assembly\GAC_MSIL\AspNetMMCExt.resources\2.0.0.0_fr_b03f5f7f11d50a3a\aspnetmmcext.resources.dll
- 2008-01-05 11:25:59 507,904 ----a-w c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2008-07-27 18:03:11 507,904 ----a-w c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2008-01-05 11:21:39 159,744 ----a-w c:\windows\assembly\GAC_MSIL\ComSvcConfig\3.0.0.0__b03f5f7f11d50a3a\ComSvcConfig.exe
+ 2008-06-20 01:14:31 168,968 ----a-w c:\windows\assembly\GAC_MSIL\ComSvcConfig\3.0.0.0__b03f5f7f11d50a3a\ComSvcConfig.exe
- 2008-01-05 11:26:08 13,312 ----a-w c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2008-07-27 18:03:11 13,312 ----a-w c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2008-01-05 11:26:11 5,120 ----a-w c:\windows\assembly\GAC_MSIL\dfsvc\2.0.0.0__b03f5f7f11d50a3a\dfsvc.exe
+ 2008-07-27 18:03:11 5,120 ----a-w c:\windows\assembly\GAC_MSIL\dfsvc\2.0.0.0__b03f5f7f11d50a3a\dfsvc.exe
- 2008-01-05 11:26:12 8,192 ----a-w c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2008-07-27 18:03:12 8,192 ----a-w c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2008-01-05 11:26:12 77,824 ----a-w c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2008-07-27 18:03:12 77,824 ----a-w c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2008-01-05 11:26:13 6,656 ----a-w c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2008-07-27 18:03:12 6,656 ----a-w c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2009-03-16 19:36:54 106,496 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.dll
- 2008-01-05 11:26:11 53,248 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll
+ 2008-07-27 18:03:10 53,248 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll
- 2008-01-05 11:26:17 348,160 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2008-07-27 18:03:12 348,160 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-03-16 19:36:55 733,184 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2008-01-05 11:26:17 36,864 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2008-07-27 18:03:12 36,864 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2009-03-16 19:36:55 36,864 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2008-01-05 11:26:11 139,264 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Tasks.resources.dll
+ 2008-07-27 18:03:10 139,264 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Tasks.resources.dll
+ 2009-03-16 19:36:55 802,816 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.dll
- 2008-01-05 11:26:17 655,360 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2008-07-27 18:03:12 655,360 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2008-01-05 11:26:11 10,752 ----a-w c:\windows\assembly\GAC_MSIL\microsoft.build.utilities.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Utilities.Resources.dll
+ 2008-07-27 18:03:10 10,752 ----a-w c:\windows\assembly\GAC_MSIL\microsoft.build.utilities.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Utilities.Resources.dll
+ 2009-03-16 19:36:56 94,208 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll
- 2008-01-05 11:26:17 77,824 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2008-07-27 18:03:12 77,824 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2008-01-05 11:26:11 45,056 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Jscript.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.JScript.Resources.dll
+ 2008-07-27 18:03:10 45,056 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Jscript.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.JScript.Resources.dll
- 2008-01-05 11:26:19 749,568 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2008-07-27 18:03:12 749,568 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2006-11-02 15:46:12 5,120 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.Dtc.resources\3.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.Resources.dll
+ 2008-07-11 19:39:09 5,120 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.Dtc.resources\3.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.Resources.dll
- 2008-01-05 11:26:41 19,456 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.resources\3.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Resources.dll
+ 2008-07-11 19:39:09 19,456 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.resources\3.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Resources.dll
- 2008-01-05 11:21:39 397,312 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2008-06-20 01:14:31 397,312 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2008-01-05 11:26:17 9,216 ----a-w c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll
+ 2008-07-27 18:03:10 9,216 ----a-w c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll
- 2008-01-05 11:26:19 110,592 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-07-27 18:03:12 110,592 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2008-01-05 11:26:17 9,728 ----a-w c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll
+ 2008-07-27 18:03:10 9,728 ----a-w c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll
- 2008-01-05 11:26:23 372,736 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2008-07-27 18:03:12 372,736 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2008-01-05 11:26:11 61,440 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
+ 2008-07-27 18:03:10 61,440 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
- 2008-01-05 11:26:23 28,672 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-27 18:03:12 28,672 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2008-01-05 11:26:23 671,744 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2008-07-27 18:03:12 659,456 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2009-03-16 19:36:55 41,984 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll
- 2006-10-20 01:14:05 5,632 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2008-07-27 18:03:12 5,632 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2008-01-05 11:26:24 12,800 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-07-27 18:03:12 12,800 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2008-01-05 11:26:23 32,768 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2008-07-27 18:03:12 32,768 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2006-10-20 01:14:05 7,168 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2008-07-27 18:03:12 7,168 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2008-01-05 11:26:12 311,296 ----a-w c:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.Resources.dll
+ 2008-07-27 18:03:10 311,296 ----a-w c:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.Resources.dll
- 2006-11-02 15:46:13 57,344 ----a-w c:\windows\assembly\GAC_MSIL\PresentationBuildTasks.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationBuildTasks.resources.dll
+ 2008-07-11 19:39:10 53,248 ----a-w c:\windows\assembly\GAC_MSIL\PresentationBuildTasks.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationBuildTasks.resources.dll
- 2008-01-05 11:21:52 602,112 ----a-w c:\windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
+ 2008-06-20 01:14:42 598,016 ----a-w c:\windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
- 2008-01-05 11:21:52 32,768 ----a-w c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
+ 2008-06-20 01:14:44 32,768 ----a-w c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
- 2006-11-02 15:46:11 110,592 ----a-w c:\windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationCore.resources.dll
+ 2008-07-11 19:39:10 110,592 ----a-w c:\windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationCore.resources.dll
- 2008-01-05 11:21:53 36,864 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
+ 2008-06-20 01:14:44 46,104 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
- 2008-01-05 11:21:53 184,320 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2008-06-20 01:14:43 196,608 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
- 2008-01-05 11:21:53 131,072 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2008-06-20 01:14:43 139,264 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
- 2008-01-05 11:21:53 376,832 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2008-06-20 01:14:43 397,312 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
- 2006-11-02 15:46:16 253,952 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationFramework.resources.dll
+ 2008-07-11 19:39:10 245,760 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationFramework.resources.dll
- 2008-01-05 11:21:54 151,552 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2008-06-20 01:14:43 163,840 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
- 2008-01-05 11:21:53 5,210,112 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2008-11-24 23:34:47 5,283,840 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
- 2006-11-02 15:46:08 372,736 ----a-w c:\windows\assembly\GAC_MSIL\PresentationUI.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationUI.resources.dll
+ 2008-07-11 19:39:10 372,736 ----a-w c:\windows\assembly\GAC_MSIL\PresentationUI.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationUI.resources.dll
- 2008-01-05 11:21:55 897,024 ----a-w c:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2008-06-20 01:14:44 864,256 ----a-w c:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
- 2006-11-02 15:46:11 40,960 ----a-w c:\windows\assembly\GAC_MSIL\ReachFramework.resources\3.0.0.0_fr_31bf3856ad364e35\ReachFramework.resources.dll
+ 2008-07-11 19:39:10 40,960 ----a-w c:\windows\assembly\GAC_MSIL\ReachFramework.resources\3.0.0.0_fr_31bf3856ad364e35\ReachFramework.resources.dll
- 2008-01-05 11:21:55 528,384 ----a-w c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2008-06-20 01:14:43 528,384 ----a-w c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2009-03-16 19:36:56 5,632 ----a-w c:\windows\assembly\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll
- 2008-01-05 11:21:39 61,440 ----a-w c:\windows\assembly\GAC_MSIL\ServiceModelReg\3.0.0.0__b03f5f7f11d50a3a\ServiceModelReg.exe
+ 2008-06-20 01:14:31 156,688 ----a-w c:\windows\assembly\GAC_MSIL\ServiceModelReg\3.0.0.0__b03f5f7f11d50a3a\ServiceModelReg.exe
- 2006-11-02 15:46:11 5,120 ----a-w c:\windows\assembly\GAC_MSIL\SMDiagnostics.resources\3.0.0.0_fr_b77a5c561934e089\SMDiagnostics.resources.dll
+ 2008-07-11 19:39:09 5,120 ----a-w c:\windows\assembly\GAC_MSIL\SMDiagnostics.resources\3.0.0.0_fr_b77a5c561934e089\SMDiagnostics.resources.dll
- 2008-01-05 11:21:39 102,400 ----a-w c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2008-06-20 01:14:31 110,592 ----a-w c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
- 2008-01-05 11:21:39 122,880 ----a-w c:\windows\assembly\GAC_MSIL\SMSvcHost\3.0.0.0__b03f5f7f11d50a3a\SMSvcHost.exe
+ 2008-06-20 01:14:31 132,096 ----a-w c:\windows\assembly\GAC_MSIL\SMSvcHost\3.0.0.0__b03f5f7f11d50a3a\SMSvcHost.exe
- 2008-01-05 11:26:12 10,752 ----a-w c:\windows\assembly\GAC_MSIL\sysglobl.resources\2.0.0.0_fr_b03f5f7f11d50a3a\sysglobl.resources.dll
+ 2008-07-27 18:03:10 10,752 ----a-w c:\windows\assembly\GAC_MSIL\sysglobl.resources\2.0.0.0_fr_b03f5f7f11d50a3a\sysglobl.resources.dll
- 2008-01-05 11:26:54 110,592 ----a-w c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2008-07-27 18:03:14 110,592 ----a-w c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2008-11-06 18:25:27 47,832 ----a-w c:\windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2009-03-16 19:36:58 45,056 ----a-w c:\windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2009-03-16 19:36:58 163,840 ----a-w c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
+ 2009-03-16 19:37:04 57,344 ----a-w c:\windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
- 2008-01-05 11:26:12 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration.Install.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Configuration.Install.Resources.dll
+ 2008-07-27 18:03:10 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration.Install.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Configuration.Install.Resources.dll
- 2008-01-05 11:26:54 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2008-07-27 18:03:14 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2008-01-05 11:26:12 49,152 ----a-w c:\windows\assembly\GAC_MSIL\system.configuration.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Configuration.resources.dll
+ 2008-07-27 18:03:10 49,152 ----a-w c:\windows\assembly\GAC_MSIL\system.configuration.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Configuration.resources.dll
- 2008-01-05 11:26:54 425,984 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2008-07-27 18:03:14 425,984 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2009-03-16 19:36:59 667,648 ----a-w c:\windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
+ 2009-03-16 19:36:59 53,248 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2009-03-16 19:37:00 229,376 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll
+ 2009-03-16 19:37:00 2,879,488 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.Entity\3.5.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2009-03-16 19:36:52 684,032 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll
- 2008-01-05 11:26:12 110,592 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.OracleClient.resources\2.0.0.0_fr_b77a5c561934e089\System.Data.OracleClient.resources.dll
+ 2008-07-27 18:03:10 110,592 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.OracleClient.resources\2.0.0.0_fr_b77a5c561934e089\System.Data.OracleClient.resources.dll
- 2008-01-05 11:26:13 344,064 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_fr_b77a5c561934e089\System.Data.Resources.dll
+ 2008-07-27 18:03:10 352,256 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_fr_b77a5c561934e089\System.Data.Resources.dll
+ 2009-03-16 19:37:46 294,912 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2009-03-16 19:36:51 114,688 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.Services.Design\3.5.0.0__b77a5c561934e089\System.Data.Services.Design.dll
+ 2009-03-16 19:37:46 442,368 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll
- 2008-01-05 11:26:13 36,864 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.SqlXml.resources\2.0.0.0_fr_b77a5c561934e089\system.data.sqlxml.resources.dll
+ 2008-07-27 18:03:10 36,864 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.SqlXml.resources\2.0.0.0_fr_b77a5c561934e089\system.data.sqlxml.resources.dll
- 2008-01-05 11:26:55 741,376 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2008-07-27 18:03:15 745,472 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2008-01-05 11:26:14 389,120 ----a-w c:\windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Deployment.resources.dll
+ 2008-07-27 18:03:10 413,696 ----a-w c:\windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Deployment.resources.dll
- 2008-01-05 11:26:55 933,888 ----a-w c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2008-07-27 18:03:15 970,752 ----a-w c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2008-01-05 11:26:14 544,768 ----a-w c:\windows\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Design.Resources.dll
+ 2008-07-27 18:03:10 548,864 ----a-w c:\windows\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Design.Resources.dll
- 2008-01-05 11:26:55 5,070,848 ----a-w c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2008-07-27 18:03:15 5,062,656 ----a-w c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2009-03-16 19:36:52 286,720 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
- 2008-01-05 11:26:14 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.DirectoryServices.Protocols.resources.dll
+ 2008-07-27 18:03:10 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.DirectoryServices.Protocols.resources.dll
- 2008-01-05 11:26:55 188,416 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2008-07-27 18:03:15 188,416 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2008-01-05 11:26:16 40,960 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.DirectoryServices.Resources.dll
+ 2008-07-27 18:03:10 40,960 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.DirectoryServices.Resources.dll
- 2008-01-05 11:26:55 401,408 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2008-07-27 18:03:15 401,408 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2008-01-05 11:26:16 6,144 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing.Design.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Drawing.Design.Resources.dll
+ 2008-07-27 18:03:10 6,144 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing.Design.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Drawing.Design.Resources.dll
- 2008-01-05 11:26:55 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2008-07-27 18:03:15 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2008-01-05 11:26:16 15,360 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Drawing.Resources.dll
+ 2008-07-27 18:03:10 15,360 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Drawing.Resources.dll
- 2008-01-05 11:26:55 630,784 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2008-07-27 18:03:15 626,688 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2008-01-05 11:26:17 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.EnterpriseServices.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.EnterpriseServices.Resources.dll
+ 2008-07-27 18:03:10 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.EnterpriseServices.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.EnterpriseServices.Resources.dll
- 2008-01-05 11:26:37 65,536 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.resources\3.0.0.0_fr_b77a5c561934e089\System.IdentityModel.Resources.dll
+ 2008-07-11 19:39:09 65,536 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.resources\3.0.0.0_fr_b77a5c561934e089\System.IdentityModel.Resources.dll
- 2008-01-05 11:26:39 57,344 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors.resources\3.0.0.0_fr_b77a5c561934e089\System.IdentityModel.Selectors.Resources.dll
+ 2008-07-11 19:39:09 57,344 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors.resources\3.0.0.0_fr_b77a5c561934e089\System.IdentityModel.Selectors.Resources.dll
- 2008-01-05 11:21:38 126,976 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2008-06-20 01:14:29 126,976 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2008-01-05 11:21:37 430,080 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2008-06-20 01:14:29 430,080 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2006-11-02 15:46:11 12,288 ----a-w c:\windows\assembly\GAC_MSIL\System.IO.Log.resources\3.0.0.0_fr_b03f5f7f11d50a3a\System.IO.Log.Resources.dll
+ 2008-07-11 19:39:09 12,288 ----a-w c:\windows\assembly\GAC_MSIL\System.IO.Log.resources\3.0.0.0_fr_b03f5f7f11d50a3a\System.IO.Log.Resources.dll
- 2008-01-05 11:21:38 131,072 ----a-w c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2008-06-20 01:14:29 131,072 ----a-w c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2009-03-16 19:37:01 143,360 ----a-w c:\windows\assembly\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
- 2008-01-05 11:26:17 13,312 ----a-w c:\windows\assembly\GAC_MSIL\System.Management.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Management.Resources.dll
+ 2008-07-27 18:03:10 13,312 ----a-w c:\windows\assembly\GAC_MSIL\System.Management.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Management.Resources.dll
- 2008-01-05 11:26:58 372,736 ----a-w c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2008-07-27 18:03:15 372,736 ----a-w c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2008-01-05 11:26:17 61,440 ----a-w c:\windows\assembly\GAC_MSIL\System.Messaging.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Messaging.Resources.dll
+ 2008-07-27 18:03:10 61,440 ----a-w c:\windows\assembly\GAC_MSIL\System.Messaging.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Messaging.Resources.dll
- 2008-01-05 11:26:58 258,048 ----a-w c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2008-07-27 18:03:15 258,048 ----a-w c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2009-03-16 19:37:04 233,472 ----a-w c:\windows\assembly\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2006-11-02 15:46:11 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Printing.resources\3.0.0.0_fr_31bf3856ad364e35\System.Printing.resources.dll
+ 2008-07-11 19:39:10 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Printing.resources\3.0.0.0_fr_31bf3856ad364e35\System.Printing.resources.dll
- 2008-01-05 11:26:17 212,992 ----a-w c:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_fr_b77a5c561934e089\system.Resources.dll
+ 2008-07-27 18:03:10 212,992 ----a-w c:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_fr_b77a5c561934e089\system.Resources.dll
- 2008-01-05 11:26:17 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_fr_b77a5c561934e089\System.Runtime.Remoting.Resources.dll
+ 2008-07-27 18:03:10 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_fr_b77a5c561934e089\System.Runtime.Remoting.Resources.dll
- 2008-01-05 11:26:58 299,008 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2008-07-27 18:03:15 303,104 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2008-01-05 11:26:17 11,776 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
+ 2008-07-27 18:03:10 11,776 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
- 2008-01-05 11:26:58 131,072 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-07-27 18:03:15 131,072 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2008-01-05 11:26:41 98,304 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_fr_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
+ 2008-07-11 19:39:09 102,400 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_fr_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
- 2008-01-05 11:21:38 929,792 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2008-06-20 01:14:29 966,656 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2008-01-05 11:26:17 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Security.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Security.Resources.dll
+ 2008-07-27 18:03:10 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Security.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Security.Resources.dll
- 2008-01-05 11:26:58 258,048 ----a-w c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2008-07-27 18:03:15 258,048 ----a-w c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2006-11-02 15:46:12 40,960 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install.resources\3.0.0.0_fr_b77a5c561934e089\System.ServiceModel.Install.Resources.dll
+ 2008-07-11 19:39:09 36,864 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install.resources\3.0.0.0_fr_b77a5c561934e089\System.ServiceModel.Install.Resources.dll
- 2008-01-05 11:21:40 159,744 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll
+ 2008-06-20 01:14:32 73,728 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll
- 2008-01-05 11:26:41 499,712 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_fr_b77a5c561934e089\System.ServiceModel.Resources.dll
+ 2008-07-11 19:39:09 499,712 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_fr_b77a5c561934e089\System.ServiceModel.Resources.dll
- 2008-01-05 11:21:40 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2008-06-20 01:14:33 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2009-03-16 19:36:50 569,344 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll
- 2008-01-05 11:21:38 5,971,968 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2008-11-24 23:34:36 5,931,008 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2008-01-05 11:26:17 40,960 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.ServiceProcess.Resources.dll
+ 2008-07-27 18:03:10 40,960 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.ServiceProcess.Resources.dll
- 2008-01-05 11:26:58 114,688 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2008-07-27 18:03:15 114,688 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2006-11-02 15:46:13 65,536 ----a-w c:\windows\assembly\GAC_MSIL\System.Speech.resources\3.0.0.0_fr_31bf3856ad364e35\System.Speech.resources.dll
+ 2008-07-11 19:39:10 61,440 ----a-w c:\windows\assembly\GAC_MSIL\System.Speech.resources\3.0.0.0_fr_31bf3856ad364e35\System.Speech.resources.dll
- 2008-01-05 11:26:17 16,896 ----a-w c:\windows\assembly\GAC_MSIL\System.Transactions.resources\2.0.0.0_fr_b77a5c561934e089\System.Transactions.resources.dll
+ 2008-07-27 18:03:10 16,896 ----a-w c:\windows\assembly\GAC_MSIL\System.Transactions.resources\2.0.0.0_fr_b77a5c561934e089\System.Transactions.resources.dll
+ 2009-03-16 19:37:06 77,824 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Abstractions\3.5.0.0__31bf3856ad364e35\System.Web.Abstractions.dll
+ 2009-03-16 19:37:06 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll
+ 2009-03-16 19:37:46 229,376 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll
+ 2009-03-16 19:37:02 131,072 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Entity.Design\3.5.0.0__b77a5c561934e089\System.Web.Entity.Design.dll
+ 2009-03-16 19:37:46 139,264 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll
+ 2009-03-16 19:37:07 335,872 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll
+ 2009-03-16 19:37:47 1,277,952 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
- 2008-01-05 11:26:17 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Mobile.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Web.Mobile.resources.dll
+ 2008-07-27 18:03:10 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Mobile.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Web.Mobile.resources.dll
- 2008-01-05 11:26:59 884,736 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2008-07-27 18:03:15 835,584 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2008-01-05 11:26:59 90,112 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2008-07-27 18:03:15 77,824 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2008-01-05 11:26:17 618,496 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Web.Resources.dll
+ 2008-07-27 18:03:10 622,592 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Web.Resources.dll
+ 2009-03-16 19:37:08 61,440 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\System.Web.Routing.dll
- 2008-01-05 11:26:17 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Web.Services.Resources.dll
+ 2008-07-27 18:03:10 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Web.Services.Resources.dll
- 2008-01-05 11:27:00 839,680 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2008-07-27 18:03:15 839,680 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2008-01-05 11:26:17 430,080 ----a-w c:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_fr_b77a5c561934e089\System.Windows.Forms.Resources.dll
+ 2008-07-27 18:03:10 430,080 ----a-w c:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_fr_b77a5c561934e089\System.Windows.Forms.Resources.dll
- 2008-01-05 11:27:02 5,013,504 ----a-w c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2008-07-27 18:03:15 5,025,792 ----a-w c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2009-03-16 19:37:03 12,288 ----a-w c:\windows\assembly\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2008-01-05 11:26:54 193,592 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Activities.resources\3.0.0.0_fr_31bf3856ad364e35\System.Workflow.Activities.resources.dll
+ 2008-07-11 19:39:10 184,320 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Activities.resources\3.0.0.0_fr_31bf3856ad364e35\System.Workflow.Activities.resources.dll
- 2008-01-05 11:22:14 1,152,040 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
+ 2008-06-20 01:14:46 1,138,688 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
- 2008-01-05 11:26:54 320,576 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel.resources\3.0.0.0_fr_31bf3856ad364e35\System.Workflow.ComponentModel.resources.dll
+ 2008-07-11 19:39:10 311,296 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel.resources\3.0.0.0_fr_31bf3856ad364e35\System.Workflow.ComponentModel.resources.dll
- 2008-01-05 11:22:15 1,635,376 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
+ 2008-06-20 01:14:47 1,630,208 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
- 2008-01-05 11:26:54 46,136 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime.resources\3.0.0.0_fr_31bf3856ad364e35\System.Workflow.Runtime.resources.dll
+ 2008-07-11 19:39:10 36,864 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime.resources\3.0.0.0_fr_31bf3856ad364e35\System.Workflow.Runtime.resources.dll
- 2008-01-05 11:22:15 578,592 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
+ 2008-06-20 01:14:47 540,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
+ 2009-03-16 19:36:50 507,904 ----a-w c:\windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll
+ 2009-03-16 19:37:03 139,264 ----a-w c:\windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll
- 2008-01-05 11:26:17 167,936 ----a-w c:\windows\assembly\GAC_MSIL\System.XML.resources\2.0.0.0_fr_b77a5c561934e089\System.xml.Resources.dll
+ 2008-07-27 18:03:10 167,936 ----a-w c:\windows\assembly\GAC_MSIL\System.XML.resources\2.0.0.0_fr_b77a5c561934e089\System.xml.Resources.dll
- 2008-01-05 11:27:03 2,068,480 ----a-w c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2008-10-13 22:26:58 2,048,000 ----a-w c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2008-01-05 11:26:55 3,076,096 ----a-w c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2008-07-27 18:03:15 3,149,824 ----a-w c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2006-11-02 15:46:08 9,728 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClient.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationClient.resources.dll
+ 2008-07-11 19:39:10 4,096 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClient.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationClient.resources.dll
- 2008-01-05 11:21:56 163,840 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2008-06-20 01:14:43 167,936 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
- 2006-11-02 15:46:13 10,240 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationClientsideProviders.resources.dll
+ 2008-07-11 19:39:10 12,288 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationClientsideProviders.resources.dll
- 2008-01-05 11:22:00 372,736 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2008-06-20 01:14:43 385,024 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
- 2006-11-02 15:46:16 4,096 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationProvider.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationProvider.resources.dll
+ 2008-07-11 19:39:10 4,096 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationProvider.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationProvider.resources.dll
- 2008-01-05 11:22:00 32,768 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2008-06-20 01:14:43 40,960 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2006-11-02 15:46:16 7,680 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationTypes.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationTypes.resources.dll
+ 2008-07-11 19:39:10 10,240 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationTypes.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationTypes.resources.dll
- 2008-01-05 11:22:00 86,016 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2008-06-20 01:14:43 98,304 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
- 2006-11-02 15:46:14 90,112 ----a-w c:\windows\assembly\GAC_MSIL\WindowsBase.resources\3.0.0.0_fr_31bf3856ad364e35\WindowsBase.resources.dll
+ 2008-07-11 19:39:10 90,112 ----a-w c:\windows\assembly\GAC_MSIL\WindowsBase.resources\3.0.0.0_fr_31bf3856ad364e35\WindowsBase.resources.dll
- 2008-01-05 11:22:00 1,204,224 ----a-w c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2008-06-20 01:14:44 1,245,184 ----a-w c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
- 2006-11-02 15:46:15 5,120 ----a-w c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration.resources\3.0.0.0_fr_31bf3856ad364e35\WindowsFormsIntegration.resources.dll
+ 2008-07-11 19:39:10 5,120 ----a-w c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration.resources\3.0.0.0_fr_31bf3856ad364e35\WindowsFormsIntegration.resources.dll
- 2008-01-05 11:22:01 81,920 ----a-w c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf38
ComboFix 09-03-15.01 - Kevin MONTHERAT 2009-03-17 21:18:59.3 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.2047.950 [GMT 1:00]
Lancé depuis: c:\users\Kevin MONTHERAT\Desktop\ComboFix.exe
Commutateurs utilisés :: c:\users\Kevin MONTHERAT\Desktop\CFScript.txt
FW: Pack sécurité 8.00 *enabled*
* Un nouveau point de restauration a été créé
* Resident AV is active
FILE ::
c:\windows\System32\gaopdxpmicngut.0ll
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\System32\gaopdxpmicngut.0ll
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-02-17 au 2009-03-17 ))))))))))))))))))))))))))))))))))))
.
2009-03-16 20:31 . 2008-06-20 02:14 781,344 --a------ c:\windows\System32\PresentationNative_v0300.dll
2009-03-16 20:31 . 2008-06-20 02:14 622,080 --a------ c:\windows\System32\icardagt.exe
2009-03-16 20:31 . 2008-06-20 02:14 326,160 --a------ c:\windows\System32\PresentationHost.exe
2009-03-16 20:31 . 2008-06-20 02:14 105,016 --a------ c:\windows\System32\PresentationCFFRasterizerNative_v0300.dll
2009-03-16 20:31 . 2008-06-20 02:14 97,800 --a------ c:\windows\System32\infocardapi.dll
2009-03-16 20:31 . 2008-06-20 02:14 43,544 --a------ c:\windows\System32\PresentationHostProxy.dll
2009-03-16 20:31 . 2008-06-20 02:14 37,384 --a------ c:\windows\System32\infocardcpl.cpl
2009-03-16 20:31 . 2008-06-20 02:14 11,264 --a------ c:\windows\System32\icardres.dll
2009-03-16 20:23 . 2008-07-27 19:03 282,112 --a------ c:\windows\System32\mscoree.dll
2009-03-16 20:23 . 2008-07-27 19:03 158,720 --a------ c:\windows\System32\mscorier.dll
2009-03-16 20:23 . 2008-07-27 19:03 96,760 --a------ c:\windows\System32\dfshim.dll
2009-03-16 20:23 . 2008-07-27 19:03 83,968 --a------ c:\windows\System32\mscories.dll
2009-03-16 20:23 . 2008-07-27 19:03 41,984 --a------ c:\windows\System32\netfxperf.dll
2009-03-14 20:48 . 2009-03-14 20:48 <REP> d----c--- c:\windows\System32\DRVSTORE
2009-03-14 20:48 . 2009-02-06 18:08 55,280 --a------ c:\windows\System32\drivers\fssfltr.sys
2009-03-14 20:47 . 2009-03-14 20:47 <REP> d-------- c:\program files\Microsoft Sync Framework
2009-03-14 14:15 . 2009-03-14 14:32 <REP> d-------- c:\users\Kevin MONTHERAT\AppData\Roaming\InfraRecorder
2009-03-14 14:15 . 2009-03-14 14:15 <REP> d-------- c:\program files\InfraRecorder
2009-03-11 12:54 . 2008-12-16 04:29 8,147,456 --a------ c:\windows\System32\wmploc.DLL
2009-03-11 12:54 . 2009-02-09 04:10 2,033,152 --a------ c:\windows\System32\win32k.sys
2009-03-11 12:54 . 2008-11-27 05:43 268,288 --a------ c:\windows\System32\schannel.dll
2009-03-11 12:54 . 2008-12-16 06:31 7,680 --a------ c:\windows\System32\spwmp.dll
2009-03-11 12:54 . 2008-12-16 06:31 4,096 --a------ c:\windows\System32\msdxm.ocx
2009-03-11 12:54 . 2008-12-16 06:31 4,096 --a------ c:\windows\System32\dxmasf.dll
2009-03-06 18:12 . 2009-03-06 18:12 0 --ah----- c:\windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-03-05 21:14 . 2009-03-05 21:24 <REP> d-------- C:\rsit
2009-03-05 21:12 . 2009-03-05 21:12 <REP> d-------- c:\program files\Trend Micro
2009-03-05 20:05 . 2009-03-05 20:05 <REP> d-------- c:\users\Kevin MONTHERAT\AppData\Roaming\Malwarebytes
2009-03-05 20:05 . 2009-03-05 20:05 <REP> d-------- c:\users\All Users\Malwarebytes
2009-03-05 20:05 . 2009-03-05 20:05 <REP> d-------- c:\programdata\Malwarebytes
2009-03-05 20:05 . 2009-03-05 20:05 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-03-05 20:05 . 2009-02-11 10:19 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2009-03-05 20:05 . 2009-02-11 10:19 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2009-03-05 19:58 . 2009-03-05 20:54 <REP> d-------- C:\Rooter$
2009-03-04 12:57 . 2009-03-04 12:57 <REP> d-------- c:\users\Kevin MONTHERAT\Pavark
2009-03-04 12:52 . 2009-03-04 12:52 <REP> d-------- c:\program files\PHPNukeFR
2009-03-04 11:06 . 2009-03-04 11:06 <REP> d-------- c:\program files\VID_0E8F&PID_0012
2009-03-02 13:27 . 2009-03-02 13:27 <REP> d-------- c:\program files\Conduit
2009-03-02 12:58 . 2009-03-02 13:12 <REP> d-------- c:\program files\Navilog1
2009-02-28 10:49 . 2009-02-28 10:49 <REP> d-------- c:\program files\Java
2009-02-28 10:43 . 2009-02-28 10:47 <REP> d-------- c:\users\Kevin MONTHERAT\.housecall6.6
2009-02-27 19:12 . 2009-03-05 20:56 <REP> d-------- C:\Fraps
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Videos
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Searches
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Saved Games
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Pictures
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Music
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Links
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Downloads
2009-02-24 19:58 . 2009-02-24 19:58 <REP> dr------- c:\windows\System32\config\systemprofile\Documents
2009-02-24 19:58 . 2009-02-24 19:58 <REP> d-------- c:\users\All Users\Electronic Arts
2009-02-24 19:58 . 2009-02-24 19:58 <REP> d-------- c:\programdata\Electronic Arts
2009-02-24 19:58 . 2009-02-24 19:58 1,590 --a------ c:\windows\System32\ealregsnapshot1.reg
2009-02-24 19:41 . 2009-02-24 19:41 <REP> d-------- c:\program files\EA Games
2009-02-24 18:50 . 2008-03-05 15:56 3,786,760 --a------ c:\windows\System32\D3DX9_37.dll
2009-02-24 18:50 . 2007-10-12 15:14 3,734,536 --a------ c:\windows\System32\d3dx9_36.dll
2009-02-24 18:50 . 2008-03-05 15:56 1,420,824 --a------ c:\windows\System32\D3DCompiler_37.dll
2009-02-24 18:50 . 2007-10-12 15:14 1,374,232 --a------ c:\windows\System32\D3DCompiler_36.dll
2009-02-24 18:50 . 2008-03-05 16:03 479,752 --a------ c:\windows\System32\XAudio2_0.dll
2009-02-24 18:50 . 2008-02-05 23:07 462,864 --a------ c:\windows\System32\d3dx10_37.dll
2009-02-24 18:50 . 2007-10-02 09:56 444,776 --a------ c:\windows\System32\d3dx10_36.dll
2009-02-24 18:50 . 2007-10-22 03:39 267,272 --a------ c:\windows\System32\xactengine2_10.dll
2009-02-24 18:50 . 2007-07-20 00:57 267,112 --a------ c:\windows\System32\xactengine2_9.dll
2009-02-24 18:50 . 2008-03-05 16:03 238,088 --a------ c:\windows\System32\xactengine3_0.dll
2009-02-24 18:50 . 2008-03-05 16:00 25,608 --a------ c:\windows\System32\X3DAudio1_3.dll
2009-02-24 18:50 . 2007-10-22 03:37 17,928 --a------ c:\windows\System32\X3DAudio1_2.dll
2009-02-23 18:49 . 2009-02-23 18:49 <REP> d-------- c:\users\Kevin MONTHERAT\AppData\Roaming\Leadertech
2009-02-22 19:15 . 2009-02-23 19:56 <REP> d-------- c:\program files\PowerISO
2009-02-22 18:46 . 2009-02-22 18:47 <REP> d-------- c:\users\Kevin MONTHERAT\AppData\Roaming\vlc
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-17 19:12 --------- d-----w c:\users\Kevin MONTHERAT\AppData\Roaming\Azureus
2009-03-17 18:06 --------- d-----w c:\programdata\Google Updater
2009-03-14 19:48 --------- d-----w c:\program files\Windows Live
2009-03-14 19:05 138,184 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2009-03-14 19:04 183,112 ----a-w c:\windows\System32\PnkBstrB.exe
2009-03-13 22:29 --------- d-----w c:\programdata\Test Drive Unlimited
2009-03-12 18:18 --------- d-----w c:\program files\Windows Mail
2009-03-12 18:05 --------- d-----w c:\programdata\Microsoft Help
2009-03-08 11:13 --------- d-----w c:\program files\Microsoft Silverlight
2009-03-06 20:19 --------- d-----w c:\program files\Vuze
2009-03-05 20:03 --------- d-----w c:\program files\CCleaner
2009-03-05 19:45 --------- d---a-w c:\programdata\TEMP
2009-03-04 10:06 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-03 16:57 --------- d-----w c:\users\Kevin MONTHERAT\AppData\Roaming\dvdcss
2009-03-01 11:13 --------- d-----w c:\program files\Google
2009-02-28 09:49 410,984 ----a-w c:\windows\System32\deploytk.dll
2009-02-26 17:19 --------- d-----w c:\users\Kevin MONTHERAT\AppData\Roaming\LimeWire
2009-02-25 12:42 413,696 ----a-w c:\windows\System32\wrap_oal.dll
2009-02-25 12:42 110,592 ----a-w c:\windows\System32\OpenAL32.dll
2009-02-25 12:34 --------- d-----w c:\program files\Yahoo!
2009-02-24 20:13 66,872 ----a-w c:\windows\System32\PnkBstrA.exe
2009-02-22 17:44 --------- d-----w c:\program files\VideoLAN
2009-02-22 16:53 --------- d-----w c:\programdata\Media Center Programs
2009-02-14 14:53 --------- d-----w c:\program files\LimeWire
2009-02-14 09:48 --------- d-----w c:\program files\PowerQuest
2009-02-14 00:21 --------- d-----w c:\program files\NCH Swift Sound
2009-02-14 00:16 --------- d-----w c:\users\Kevin MONTHERAT\AppData\Roaming\eSobi
2009-02-14 00:16 --------- d-----w c:\programdata\eMule
2009-02-06 18:39 308,600 ----a-w c:\windows\WLXPGSS.SCR
2009-02-06 18:33 --------- d-----w c:\program files\GameSpy Arcade
2009-02-06 17:52 49,504 ----a-w c:\windows\System32\sirenacm.dll
2009-02-06 06:03 0 ---ha-w c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-02-04 12:31 --------- d-----w c:\users\Kevin MONTHERAT\AppData\Roaming\InstallShield
2009-02-04 12:31 --------- d-----w c:\program files\RALINK
2009-02-03 17:43 --------- d-----w c:\program files\Audacity
2009-02-02 16:14 --------- d-----w c:\program files\Microsoft Works
2009-02-01 16:45 --------- d-----w c:\program files\Zattoo
2009-02-01 11:32 --------- d-----w c:\program files\Microsoft CAPICOM 2.1.0.2
2009-01-29 19:31 --------- d-----w c:\program files\Microsoft
2009-01-29 19:30 --------- d-----w c:\program files\Microsoft Office Outlook Connector
2009-01-29 19:28 --------- d-----w c:\program files\Microsoft SQL Server Compact Edition
2009-01-29 14:10 174 --sha-w c:\program files\desktop.ini
2009-01-29 14:03 --------- d-----w c:\program files\Windows Sidebar
2009-01-29 14:03 --------- d-----w c:\program files\Windows Photo Gallery
2009-01-29 14:03 --------- d-----w c:\program files\Windows Journal
2009-01-29 14:03 --------- d-----w c:\program files\Windows Collaboration
2009-01-29 14:03 --------- d-----w c:\program files\Windows Calendar
2009-01-29 14:02 --------- d-----w c:\program files\Windows Defender
2009-01-29 13:40 82,432 ----a-w c:\windows\System32\axaltocm.dll
2009-01-29 13:40 101,888 ----a-w c:\windows\System32\ifxcardm.dll
2009-01-28 16:57 33,408 ----a-w c:\windows\system32\drivers\fsbts.sys
2009-01-28 16:53 --------- d-----w c:\users\Kevin MONTHERAT\AppData\Roaming\F-Secure
2009-01-28 16:37 --------- d-----w c:\programdata\f-secure
2009-01-28 16:35 --------- d-----w c:\programdata\fssg
2009-01-28 16:35 --------- d-----w c:\program files\SFR
2009-01-28 16:29 --------- d-----w c:\programdata\Avg7
2009-01-24 10:31 9,847,296 ----a-w c:\windows\System32\NlsData000a.dll
2009-01-23 16:38 61,440 ----a-w c:\windows\System32\winipsec.dll
2009-01-23 16:38 361,984 ----a-w c:\windows\System32\IPSECSVC.DLL
2009-01-23 16:38 28,672 ----a-w c:\windows\System32\FwRemoteSvr.dll
2009-01-23 16:38 272,896 ----a-w c:\windows\System32\polstore.dll
2009-01-23 16:37 94,720 ----a-w c:\windows\System32\PortableDeviceClassExtension.dll
2009-01-23 16:37 241,152 ----a-w c:\windows\System32\PortableDeviceApi.dll
2009-01-23 16:37 160,768 ----a-w c:\windows\System32\PortableDeviceTypes.dll
2009-01-23 16:28 296,960 ----a-w c:\windows\System32\gdi32.dll
2009-01-23 16:27 269,312 ----a-w c:\windows\System32\es.dll
2009-01-23 16:27 212,480 ----a-w c:\windows\system32\drivers\mrxsmb10.sys
2009-01-23 16:26 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll
2009-01-23 16:26 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll
2009-01-23 16:26 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll
2009-01-23 16:26 4,240,384 ----a-w c:\windows\System32\GameUXLegacyGDFs.dll
2009-01-23 16:26 28,672 ----a-w c:\windows\System32\Apphlpdm.dll
2009-01-23 16:26 2,560 ----a-w c:\windows\AppPatch\AcRes.dll
2009-01-23 16:26 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll
2009-01-23 16:26 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll
2009-01-23 16:26 1,695,744 ----a-w c:\windows\System32\gameux.dll
2009-01-23 16:21 988,216 ----a-w c:\windows\System32\winload.exe
2009-01-23 16:21 927,288 ----a-w c:\windows\System32\winresume.exe
2009-01-23 16:21 615,992 ----a-w c:\windows\System32\ci.dll
2009-01-23 16:21 6,656 ----a-w c:\windows\System32\kbd106n.dll
2009-01-23 16:21 46,592 ----a-w c:\windows\System32\setbcdlocale.dll
2009-01-23 16:21 40,960 ----a-w c:\windows\System32\srclient.dll
2009-01-23 16:21 378,368 ----a-w c:\windows\System32\srcore.dll
2009-01-23 16:21 318,464 ----a-w c:\windows\System32\rstrui.exe
2009-01-23 16:21 19,000 ----a-w c:\windows\System32\kd1394.dll
2009-01-23 16:21 14,848 ----a-w c:\windows\System32\srdelayed.exe
2009-01-23 16:18 --------- d-----w c:\program files\MSXML 4.0
2009-01-22 14:29 --------- d-----w c:\programdata\Azureus
2009-01-22 08:39 303,616 ----a-w c:\windows\System32\wmpeffects.dll
2009-01-22 08:37 2,048 ----a-w c:\windows\System32\msxml3r.dll
2009-01-22 08:37 1,191,936 ----a-w c:\windows\System32\msxml3.dll
2009-01-22 08:33 2,048 ----a-w c:\windows\System32\tzres.dll
2009-01-22 08:28 2,927,104 ----a-w c:\windows\explorer.exe
2009-01-22 08:20 712,704 ----a-w c:\windows\System32\WindowsCodecs.dll
2009-01-22 08:20 443,392 ----a-w c:\windows\System32\win32spl.dll
2009-01-22 08:20 425,472 ----a-w c:\windows\System32\PhotoMetadataHandler.dll
2009-01-22 08:20 37,888 ----a-w c:\windows\System32\printcom.dll
2009-01-22 08:20 347,648 ----a-w c:\windows\System32\WindowsCodecsExt.dll
2009-01-22 08:19 14,848 ----a-w c:\windows\System32\wshrm.dll
2009-01-22 08:19 113,664 ----a-w c:\windows\system32\drivers\rmcast.sys
.
((((((((((((((((((((((((((((( SnapShot@2009-03-05_21.56.43,47 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-01-05 11:26:08 69,120 ----a-w c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2008-07-27 18:03:11 69,120 ----a-w c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2008-01-05 11:26:17 72,192 ----a-w c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2008-07-27 18:03:12 72,192 ----a-w c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2008-01-05 11:21:39 151,552 ----a-w c:\windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-06-20 01:14:31 163,840 ----a-w c:\windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
- 2008-01-05 11:26:32 4,444,160 ----a-w c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2008-10-13 22:26:54 4,546,560 ----a-w c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2008-01-05 11:21:53 4,174,336 ----a-w c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2008-11-24 23:34:46 4,210,688 ----a-w c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2008-11-24 23:34:49 1,736,528 ----a-w c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\wpfgfx_v0300.dll
- 2008-01-05 11:26:54 483,840 ----a-w c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2008-10-13 22:26:57 486,400 ----a-w c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2008-01-05 11:26:54 3,036,160 ----a-w c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2008-07-27 18:03:15 2,933,248 ----a-w c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2008-01-05 11:26:55 258,048 ----a-w c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2008-07-27 18:03:15 258,048 ----a-w c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2008-01-19 03:22:55 113,664 ----a-w c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2008-07-27 18:22:54 113,664 ----a-w c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2008-01-05 11:21:55 346,624 ----a-w c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2008-06-20 01:14:43 368,640 ----a-w c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2008-01-05 11:26:59 261,120 ----a-w c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2008-07-27 18:03:15 261,632 ----a-w c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2008-01-05 11:26:59 5,431,296 ----a-w c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2008-10-13 22:26:58 5,242,880 ----a-w c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2008-01-05 11:25:52 10,752 ----a-w c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2008-07-27 18:03:10 10,752 ----a-w c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2008-01-05 11:26:11 315,392 ----a-w c:\windows\assembly\GAC_MSIL\AspNetMMCExt.resources\2.0.0.0_fr_b03f5f7f11d50a3a\aspnetmmcext.resources.dll
+ 2008-07-27 18:03:10 315,392 ----a-w c:\windows\assembly\GAC_MSIL\AspNetMMCExt.resources\2.0.0.0_fr_b03f5f7f11d50a3a\aspnetmmcext.resources.dll
- 2008-01-05 11:25:59 507,904 ----a-w c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2008-07-27 18:03:11 507,904 ----a-w c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2008-01-05 11:21:39 159,744 ----a-w c:\windows\assembly\GAC_MSIL\ComSvcConfig\3.0.0.0__b03f5f7f11d50a3a\ComSvcConfig.exe
+ 2008-06-20 01:14:31 168,968 ----a-w c:\windows\assembly\GAC_MSIL\ComSvcConfig\3.0.0.0__b03f5f7f11d50a3a\ComSvcConfig.exe
- 2008-01-05 11:26:08 13,312 ----a-w c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2008-07-27 18:03:11 13,312 ----a-w c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2008-01-05 11:26:11 5,120 ----a-w c:\windows\assembly\GAC_MSIL\dfsvc\2.0.0.0__b03f5f7f11d50a3a\dfsvc.exe
+ 2008-07-27 18:03:11 5,120 ----a-w c:\windows\assembly\GAC_MSIL\dfsvc\2.0.0.0__b03f5f7f11d50a3a\dfsvc.exe
- 2008-01-05 11:26:12 8,192 ----a-w c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2008-07-27 18:03:12 8,192 ----a-w c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2008-01-05 11:26:12 77,824 ----a-w c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2008-07-27 18:03:12 77,824 ----a-w c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2008-01-05 11:26:13 6,656 ----a-w c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2008-07-27 18:03:12 6,656 ----a-w c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2009-03-16 19:36:54 106,496 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.dll
- 2008-01-05 11:26:11 53,248 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll
+ 2008-07-27 18:03:10 53,248 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll
- 2008-01-05 11:26:17 348,160 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2008-07-27 18:03:12 348,160 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-03-16 19:36:55 733,184 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2008-01-05 11:26:17 36,864 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2008-07-27 18:03:12 36,864 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2009-03-16 19:36:55 36,864 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2008-01-05 11:26:11 139,264 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Tasks.resources.dll
+ 2008-07-27 18:03:10 139,264 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Tasks.resources.dll
+ 2009-03-16 19:36:55 802,816 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.dll
- 2008-01-05 11:26:17 655,360 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2008-07-27 18:03:12 655,360 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2008-01-05 11:26:11 10,752 ----a-w c:\windows\assembly\GAC_MSIL\microsoft.build.utilities.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Utilities.Resources.dll
+ 2008-07-27 18:03:10 10,752 ----a-w c:\windows\assembly\GAC_MSIL\microsoft.build.utilities.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Utilities.Resources.dll
+ 2009-03-16 19:36:56 94,208 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll
- 2008-01-05 11:26:17 77,824 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2008-07-27 18:03:12 77,824 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2008-01-05 11:26:11 45,056 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Jscript.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.JScript.Resources.dll
+ 2008-07-27 18:03:10 45,056 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Jscript.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.JScript.Resources.dll
- 2008-01-05 11:26:19 749,568 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2008-07-27 18:03:12 749,568 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2006-11-02 15:46:12 5,120 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.Dtc.resources\3.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.Resources.dll
+ 2008-07-11 19:39:09 5,120 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.Dtc.resources\3.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.Resources.dll
- 2008-01-05 11:26:41 19,456 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.resources\3.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Resources.dll
+ 2008-07-11 19:39:09 19,456 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.resources\3.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Resources.dll
- 2008-01-05 11:21:39 397,312 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2008-06-20 01:14:31 397,312 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2008-01-05 11:26:17 9,216 ----a-w c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll
+ 2008-07-27 18:03:10 9,216 ----a-w c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll
- 2008-01-05 11:26:19 110,592 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-07-27 18:03:12 110,592 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2008-01-05 11:26:17 9,728 ----a-w c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll
+ 2008-07-27 18:03:10 9,728 ----a-w c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll
- 2008-01-05 11:26:23 372,736 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2008-07-27 18:03:12 372,736 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2008-01-05 11:26:11 61,440 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
+ 2008-07-27 18:03:10 61,440 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
- 2008-01-05 11:26:23 28,672 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-27 18:03:12 28,672 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2008-01-05 11:26:23 671,744 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2008-07-27 18:03:12 659,456 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2009-03-16 19:36:55 41,984 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll
- 2006-10-20 01:14:05 5,632 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2008-07-27 18:03:12 5,632 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2008-01-05 11:26:24 12,800 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-07-27 18:03:12 12,800 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2008-01-05 11:26:23 32,768 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2008-07-27 18:03:12 32,768 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2006-10-20 01:14:05 7,168 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2008-07-27 18:03:12 7,168 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2008-01-05 11:26:12 311,296 ----a-w c:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.Resources.dll
+ 2008-07-27 18:03:10 311,296 ----a-w c:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.Resources.dll
- 2006-11-02 15:46:13 57,344 ----a-w c:\windows\assembly\GAC_MSIL\PresentationBuildTasks.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationBuildTasks.resources.dll
+ 2008-07-11 19:39:10 53,248 ----a-w c:\windows\assembly\GAC_MSIL\PresentationBuildTasks.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationBuildTasks.resources.dll
- 2008-01-05 11:21:52 602,112 ----a-w c:\windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
+ 2008-06-20 01:14:42 598,016 ----a-w c:\windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
- 2008-01-05 11:21:52 32,768 ----a-w c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
+ 2008-06-20 01:14:44 32,768 ----a-w c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
- 2006-11-02 15:46:11 110,592 ----a-w c:\windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationCore.resources.dll
+ 2008-07-11 19:39:10 110,592 ----a-w c:\windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationCore.resources.dll
- 2008-01-05 11:21:53 36,864 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
+ 2008-06-20 01:14:44 46,104 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
- 2008-01-05 11:21:53 184,320 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2008-06-20 01:14:43 196,608 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
- 2008-01-05 11:21:53 131,072 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2008-06-20 01:14:43 139,264 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
- 2008-01-05 11:21:53 376,832 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2008-06-20 01:14:43 397,312 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
- 2006-11-02 15:46:16 253,952 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationFramework.resources.dll
+ 2008-07-11 19:39:10 245,760 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationFramework.resources.dll
- 2008-01-05 11:21:54 151,552 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2008-06-20 01:14:43 163,840 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
- 2008-01-05 11:21:53 5,210,112 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2008-11-24 23:34:47 5,283,840 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
- 2006-11-02 15:46:08 372,736 ----a-w c:\windows\assembly\GAC_MSIL\PresentationUI.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationUI.resources.dll
+ 2008-07-11 19:39:10 372,736 ----a-w c:\windows\assembly\GAC_MSIL\PresentationUI.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationUI.resources.dll
- 2008-01-05 11:21:55 897,024 ----a-w c:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2008-06-20 01:14:44 864,256 ----a-w c:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
- 2006-11-02 15:46:11 40,960 ----a-w c:\windows\assembly\GAC_MSIL\ReachFramework.resources\3.0.0.0_fr_31bf3856ad364e35\ReachFramework.resources.dll
+ 2008-07-11 19:39:10 40,960 ----a-w c:\windows\assembly\GAC_MSIL\ReachFramework.resources\3.0.0.0_fr_31bf3856ad364e35\ReachFramework.resources.dll
- 2008-01-05 11:21:55 528,384 ----a-w c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2008-06-20 01:14:43 528,384 ----a-w c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2009-03-16 19:36:56 5,632 ----a-w c:\windows\assembly\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll
- 2008-01-05 11:21:39 61,440 ----a-w c:\windows\assembly\GAC_MSIL\ServiceModelReg\3.0.0.0__b03f5f7f11d50a3a\ServiceModelReg.exe
+ 2008-06-20 01:14:31 156,688 ----a-w c:\windows\assembly\GAC_MSIL\ServiceModelReg\3.0.0.0__b03f5f7f11d50a3a\ServiceModelReg.exe
- 2006-11-02 15:46:11 5,120 ----a-w c:\windows\assembly\GAC_MSIL\SMDiagnostics.resources\3.0.0.0_fr_b77a5c561934e089\SMDiagnostics.resources.dll
+ 2008-07-11 19:39:09 5,120 ----a-w c:\windows\assembly\GAC_MSIL\SMDiagnostics.resources\3.0.0.0_fr_b77a5c561934e089\SMDiagnostics.resources.dll
- 2008-01-05 11:21:39 102,400 ----a-w c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2008-06-20 01:14:31 110,592 ----a-w c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
- 2008-01-05 11:21:39 122,880 ----a-w c:\windows\assembly\GAC_MSIL\SMSvcHost\3.0.0.0__b03f5f7f11d50a3a\SMSvcHost.exe
+ 2008-06-20 01:14:31 132,096 ----a-w c:\windows\assembly\GAC_MSIL\SMSvcHost\3.0.0.0__b03f5f7f11d50a3a\SMSvcHost.exe
- 2008-01-05 11:26:12 10,752 ----a-w c:\windows\assembly\GAC_MSIL\sysglobl.resources\2.0.0.0_fr_b03f5f7f11d50a3a\sysglobl.resources.dll
+ 2008-07-27 18:03:10 10,752 ----a-w c:\windows\assembly\GAC_MSIL\sysglobl.resources\2.0.0.0_fr_b03f5f7f11d50a3a\sysglobl.resources.dll
- 2008-01-05 11:26:54 110,592 ----a-w c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2008-07-27 18:03:14 110,592 ----a-w c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2008-11-06 18:25:27 47,832 ----a-w c:\windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2009-03-16 19:36:58 45,056 ----a-w c:\windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2009-03-16 19:36:58 163,840 ----a-w c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
+ 2009-03-16 19:37:04 57,344 ----a-w c:\windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
- 2008-01-05 11:26:12 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration.Install.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Configuration.Install.Resources.dll
+ 2008-07-27 18:03:10 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration.Install.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Configuration.Install.Resources.dll
- 2008-01-05 11:26:54 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2008-07-27 18:03:14 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2008-01-05 11:26:12 49,152 ----a-w c:\windows\assembly\GAC_MSIL\system.configuration.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Configuration.resources.dll
+ 2008-07-27 18:03:10 49,152 ----a-w c:\windows\assembly\GAC_MSIL\system.configuration.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Configuration.resources.dll
- 2008-01-05 11:26:54 425,984 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2008-07-27 18:03:14 425,984 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2009-03-16 19:36:59 667,648 ----a-w c:\windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
+ 2009-03-16 19:36:59 53,248 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2009-03-16 19:37:00 229,376 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll
+ 2009-03-16 19:37:00 2,879,488 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.Entity\3.5.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2009-03-16 19:36:52 684,032 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll
- 2008-01-05 11:26:12 110,592 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.OracleClient.resources\2.0.0.0_fr_b77a5c561934e089\System.Data.OracleClient.resources.dll
+ 2008-07-27 18:03:10 110,592 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.OracleClient.resources\2.0.0.0_fr_b77a5c561934e089\System.Data.OracleClient.resources.dll
- 2008-01-05 11:26:13 344,064 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_fr_b77a5c561934e089\System.Data.Resources.dll
+ 2008-07-27 18:03:10 352,256 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_fr_b77a5c561934e089\System.Data.Resources.dll
+ 2009-03-16 19:37:46 294,912 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2009-03-16 19:36:51 114,688 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.Services.Design\3.5.0.0__b77a5c561934e089\System.Data.Services.Design.dll
+ 2009-03-16 19:37:46 442,368 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll
- 2008-01-05 11:26:13 36,864 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.SqlXml.resources\2.0.0.0_fr_b77a5c561934e089\system.data.sqlxml.resources.dll
+ 2008-07-27 18:03:10 36,864 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.SqlXml.resources\2.0.0.0_fr_b77a5c561934e089\system.data.sqlxml.resources.dll
- 2008-01-05 11:26:55 741,376 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2008-07-27 18:03:15 745,472 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2008-01-05 11:26:14 389,120 ----a-w c:\windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Deployment.resources.dll
+ 2008-07-27 18:03:10 413,696 ----a-w c:\windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Deployment.resources.dll
- 2008-01-05 11:26:55 933,888 ----a-w c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2008-07-27 18:03:15 970,752 ----a-w c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2008-01-05 11:26:14 544,768 ----a-w c:\windows\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Design.Resources.dll
+ 2008-07-27 18:03:10 548,864 ----a-w c:\windows\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Design.Resources.dll
- 2008-01-05 11:26:55 5,070,848 ----a-w c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2008-07-27 18:03:15 5,062,656 ----a-w c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2009-03-16 19:36:52 286,720 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
- 2008-01-05 11:26:14 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.DirectoryServices.Protocols.resources.dll
+ 2008-07-27 18:03:10 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.DirectoryServices.Protocols.resources.dll
- 2008-01-05 11:26:55 188,416 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2008-07-27 18:03:15 188,416 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2008-01-05 11:26:16 40,960 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.DirectoryServices.Resources.dll
+ 2008-07-27 18:03:10 40,960 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.DirectoryServices.Resources.dll
- 2008-01-05 11:26:55 401,408 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2008-07-27 18:03:15 401,408 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2008-01-05 11:26:16 6,144 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing.Design.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Drawing.Design.Resources.dll
+ 2008-07-27 18:03:10 6,144 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing.Design.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Drawing.Design.Resources.dll
- 2008-01-05 11:26:55 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2008-07-27 18:03:15 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2008-01-05 11:26:16 15,360 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Drawing.Resources.dll
+ 2008-07-27 18:03:10 15,360 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Drawing.Resources.dll
- 2008-01-05 11:26:55 630,784 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2008-07-27 18:03:15 626,688 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2008-01-05 11:26:17 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.EnterpriseServices.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.EnterpriseServices.Resources.dll
+ 2008-07-27 18:03:10 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.EnterpriseServices.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.EnterpriseServices.Resources.dll
- 2008-01-05 11:26:37 65,536 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.resources\3.0.0.0_fr_b77a5c561934e089\System.IdentityModel.Resources.dll
+ 2008-07-11 19:39:09 65,536 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.resources\3.0.0.0_fr_b77a5c561934e089\System.IdentityModel.Resources.dll
- 2008-01-05 11:26:39 57,344 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors.resources\3.0.0.0_fr_b77a5c561934e089\System.IdentityModel.Selectors.Resources.dll
+ 2008-07-11 19:39:09 57,344 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors.resources\3.0.0.0_fr_b77a5c561934e089\System.IdentityModel.Selectors.Resources.dll
- 2008-01-05 11:21:38 126,976 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2008-06-20 01:14:29 126,976 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2008-01-05 11:21:37 430,080 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2008-06-20 01:14:29 430,080 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2006-11-02 15:46:11 12,288 ----a-w c:\windows\assembly\GAC_MSIL\System.IO.Log.resources\3.0.0.0_fr_b03f5f7f11d50a3a\System.IO.Log.Resources.dll
+ 2008-07-11 19:39:09 12,288 ----a-w c:\windows\assembly\GAC_MSIL\System.IO.Log.resources\3.0.0.0_fr_b03f5f7f11d50a3a\System.IO.Log.Resources.dll
- 2008-01-05 11:21:38 131,072 ----a-w c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2008-06-20 01:14:29 131,072 ----a-w c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2009-03-16 19:37:01 143,360 ----a-w c:\windows\assembly\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
- 2008-01-05 11:26:17 13,312 ----a-w c:\windows\assembly\GAC_MSIL\System.Management.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Management.Resources.dll
+ 2008-07-27 18:03:10 13,312 ----a-w c:\windows\assembly\GAC_MSIL\System.Management.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Management.Resources.dll
- 2008-01-05 11:26:58 372,736 ----a-w c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2008-07-27 18:03:15 372,736 ----a-w c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2008-01-05 11:26:17 61,440 ----a-w c:\windows\assembly\GAC_MSIL\System.Messaging.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Messaging.Resources.dll
+ 2008-07-27 18:03:10 61,440 ----a-w c:\windows\assembly\GAC_MSIL\System.Messaging.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Messaging.Resources.dll
- 2008-01-05 11:26:58 258,048 ----a-w c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2008-07-27 18:03:15 258,048 ----a-w c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2009-03-16 19:37:04 233,472 ----a-w c:\windows\assembly\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2006-11-02 15:46:11 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Printing.resources\3.0.0.0_fr_31bf3856ad364e35\System.Printing.resources.dll
+ 2008-07-11 19:39:10 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Printing.resources\3.0.0.0_fr_31bf3856ad364e35\System.Printing.resources.dll
- 2008-01-05 11:26:17 212,992 ----a-w c:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_fr_b77a5c561934e089\system.Resources.dll
+ 2008-07-27 18:03:10 212,992 ----a-w c:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_fr_b77a5c561934e089\system.Resources.dll
- 2008-01-05 11:26:17 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_fr_b77a5c561934e089\System.Runtime.Remoting.Resources.dll
+ 2008-07-27 18:03:10 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_fr_b77a5c561934e089\System.Runtime.Remoting.Resources.dll
- 2008-01-05 11:26:58 299,008 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2008-07-27 18:03:15 303,104 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2008-01-05 11:26:17 11,776 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
+ 2008-07-27 18:03:10 11,776 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
- 2008-01-05 11:26:58 131,072 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-07-27 18:03:15 131,072 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2008-01-05 11:26:41 98,304 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_fr_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
+ 2008-07-11 19:39:09 102,400 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_fr_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
- 2008-01-05 11:21:38 929,792 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2008-06-20 01:14:29 966,656 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2008-01-05 11:26:17 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Security.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Security.Resources.dll
+ 2008-07-27 18:03:10 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Security.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Security.Resources.dll
- 2008-01-05 11:26:58 258,048 ----a-w c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2008-07-27 18:03:15 258,048 ----a-w c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2006-11-02 15:46:12 40,960 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install.resources\3.0.0.0_fr_b77a5c561934e089\System.ServiceModel.Install.Resources.dll
+ 2008-07-11 19:39:09 36,864 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install.resources\3.0.0.0_fr_b77a5c561934e089\System.ServiceModel.Install.Resources.dll
- 2008-01-05 11:21:40 159,744 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll
+ 2008-06-20 01:14:32 73,728 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll
- 2008-01-05 11:26:41 499,712 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_fr_b77a5c561934e089\System.ServiceModel.Resources.dll
+ 2008-07-11 19:39:09 499,712 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_fr_b77a5c561934e089\System.ServiceModel.Resources.dll
- 2008-01-05 11:21:40 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2008-06-20 01:14:33 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2009-03-16 19:36:50 569,344 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll
- 2008-01-05 11:21:38 5,971,968 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2008-11-24 23:34:36 5,931,008 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2008-01-05 11:26:17 40,960 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.ServiceProcess.Resources.dll
+ 2008-07-27 18:03:10 40,960 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.ServiceProcess.Resources.dll
- 2008-01-05 11:26:58 114,688 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2008-07-27 18:03:15 114,688 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2006-11-02 15:46:13 65,536 ----a-w c:\windows\assembly\GAC_MSIL\System.Speech.resources\3.0.0.0_fr_31bf3856ad364e35\System.Speech.resources.dll
+ 2008-07-11 19:39:10 61,440 ----a-w c:\windows\assembly\GAC_MSIL\System.Speech.resources\3.0.0.0_fr_31bf3856ad364e35\System.Speech.resources.dll
- 2008-01-05 11:26:17 16,896 ----a-w c:\windows\assembly\GAC_MSIL\System.Transactions.resources\2.0.0.0_fr_b77a5c561934e089\System.Transactions.resources.dll
+ 2008-07-27 18:03:10 16,896 ----a-w c:\windows\assembly\GAC_MSIL\System.Transactions.resources\2.0.0.0_fr_b77a5c561934e089\System.Transactions.resources.dll
+ 2009-03-16 19:37:06 77,824 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Abstractions\3.5.0.0__31bf3856ad364e35\System.Web.Abstractions.dll
+ 2009-03-16 19:37:06 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll
+ 2009-03-16 19:37:46 229,376 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll
+ 2009-03-16 19:37:02 131,072 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Entity.Design\3.5.0.0__b77a5c561934e089\System.Web.Entity.Design.dll
+ 2009-03-16 19:37:46 139,264 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll
+ 2009-03-16 19:37:07 335,872 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll
+ 2009-03-16 19:37:47 1,277,952 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
- 2008-01-05 11:26:17 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Mobile.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Web.Mobile.resources.dll
+ 2008-07-27 18:03:10 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Mobile.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Web.Mobile.resources.dll
- 2008-01-05 11:26:59 884,736 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2008-07-27 18:03:15 835,584 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2008-01-05 11:26:59 90,112 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2008-07-27 18:03:15 77,824 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2008-01-05 11:26:17 618,496 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Web.Resources.dll
+ 2008-07-27 18:03:10 622,592 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Web.Resources.dll
+ 2009-03-16 19:37:08 61,440 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\System.Web.Routing.dll
- 2008-01-05 11:26:17 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Web.Services.Resources.dll
+ 2008-07-27 18:03:10 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Web.Services.Resources.dll
- 2008-01-05 11:27:00 839,680 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2008-07-27 18:03:15 839,680 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2008-01-05 11:26:17 430,080 ----a-w c:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_fr_b77a5c561934e089\System.Windows.Forms.Resources.dll
+ 2008-07-27 18:03:10 430,080 ----a-w c:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_fr_b77a5c561934e089\System.Windows.Forms.Resources.dll
- 2008-01-05 11:27:02 5,013,504 ----a-w c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2008-07-27 18:03:15 5,025,792 ----a-w c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2009-03-16 19:37:03 12,288 ----a-w c:\windows\assembly\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2008-01-05 11:26:54 193,592 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Activities.resources\3.0.0.0_fr_31bf3856ad364e35\System.Workflow.Activities.resources.dll
+ 2008-07-11 19:39:10 184,320 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Activities.resources\3.0.0.0_fr_31bf3856ad364e35\System.Workflow.Activities.resources.dll
- 2008-01-05 11:22:14 1,152,040 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
+ 2008-06-20 01:14:46 1,138,688 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
- 2008-01-05 11:26:54 320,576 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel.resources\3.0.0.0_fr_31bf3856ad364e35\System.Workflow.ComponentModel.resources.dll
+ 2008-07-11 19:39:10 311,296 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel.resources\3.0.0.0_fr_31bf3856ad364e35\System.Workflow.ComponentModel.resources.dll
- 2008-01-05 11:22:15 1,635,376 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
+ 2008-06-20 01:14:47 1,630,208 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
- 2008-01-05 11:26:54 46,136 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime.resources\3.0.0.0_fr_31bf3856ad364e35\System.Workflow.Runtime.resources.dll
+ 2008-07-11 19:39:10 36,864 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime.resources\3.0.0.0_fr_31bf3856ad364e35\System.Workflow.Runtime.resources.dll
- 2008-01-05 11:22:15 578,592 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
+ 2008-06-20 01:14:47 540,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
+ 2009-03-16 19:36:50 507,904 ----a-w c:\windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll
+ 2009-03-16 19:37:03 139,264 ----a-w c:\windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll
- 2008-01-05 11:26:17 167,936 ----a-w c:\windows\assembly\GAC_MSIL\System.XML.resources\2.0.0.0_fr_b77a5c561934e089\System.xml.Resources.dll
+ 2008-07-27 18:03:10 167,936 ----a-w c:\windows\assembly\GAC_MSIL\System.XML.resources\2.0.0.0_fr_b77a5c561934e089\System.xml.Resources.dll
- 2008-01-05 11:27:03 2,068,480 ----a-w c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2008-10-13 22:26:58 2,048,000 ----a-w c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2008-01-05 11:26:55 3,076,096 ----a-w c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2008-07-27 18:03:15 3,149,824 ----a-w c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2006-11-02 15:46:08 9,728 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClient.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationClient.resources.dll
+ 2008-07-11 19:39:10 4,096 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClient.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationClient.resources.dll
- 2008-01-05 11:21:56 163,840 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2008-06-20 01:14:43 167,936 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
- 2006-11-02 15:46:13 10,240 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationClientsideProviders.resources.dll
+ 2008-07-11 19:39:10 12,288 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationClientsideProviders.resources.dll
- 2008-01-05 11:22:00 372,736 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2008-06-20 01:14:43 385,024 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
- 2006-11-02 15:46:16 4,096 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationProvider.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationProvider.resources.dll
+ 2008-07-11 19:39:10 4,096 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationProvider.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationProvider.resources.dll
- 2008-01-05 11:22:00 32,768 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2008-06-20 01:14:43 40,960 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2006-11-02 15:46:16 7,680 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationTypes.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationTypes.resources.dll
+ 2008-07-11 19:39:10 10,240 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationTypes.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationTypes.resources.dll
- 2008-01-05 11:22:00 86,016 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2008-06-20 01:14:43 98,304 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
- 2006-11-02 15:46:14 90,112 ----a-w c:\windows\assembly\GAC_MSIL\WindowsBase.resources\3.0.0.0_fr_31bf3856ad364e35\WindowsBase.resources.dll
+ 2008-07-11 19:39:10 90,112 ----a-w c:\windows\assembly\GAC_MSIL\WindowsBase.resources\3.0.0.0_fr_31bf3856ad364e35\WindowsBase.resources.dll
- 2008-01-05 11:22:00 1,204,224 ----a-w c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2008-06-20 01:14:44 1,245,184 ----a-w c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
- 2006-11-02 15:46:15 5,120 ----a-w c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration.resources\3.0.0.0_fr_31bf3856ad364e35\WindowsFormsIntegration.resources.dll
+ 2008-07-11 19:39:10 5,120 ----a-w c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration.resources\3.0.0.0_fr_31bf3856ad364e35\WindowsFormsIntegration.resources.dll
- 2008-01-05 11:22:01 81,920 ----a-w c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf38
voila le rapport mais il est rès long (est-ce normal??):
Rapport de ZHPDiag v1.16.6 par Nicolas Coolman
Enregistré le 04/03/2009 20:03:20
Platform : Windows Vista (TM) Home Premium (6.0.6001) Service Pack 1
MSIE: Internet Explorer v7.0.6001.18000
MFIE: Mozilla Firefox (3.0.6)
---\\ Processus lancés
%ProgramFiles%\Windows Defender\MSASCui.exe
RtHDVCpl.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
C:\Acer\WR_PopUp\WarReg_PopUp.exe
C:\Acer\AcerTour\Reminder.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Windows\ehome\ehTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
%windir%\system32\svchost.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Program Files\SFR\Pack Sécurité\Anti-Virus\fsgk32st.exe
C:\Program Files\SFR\Pack Sécurité\Common\FSMA32.EXE
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\PnkBstrA.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\SearchIndexer.exe
---\\ Modification d'une valeur System.ini (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=explorer.exe
---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2102473
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
---\\ Redirection du fichier Hosts (O1)
O1 - Hosts: ::1 localhost
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\PHPNukeFR\tbPHPN.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office 2007\Office12\GrooveShellExtensions.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll
---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\SFR\Pack Sécurité\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Kevin MONTHERAT\AppData\Local\Google\Update\GoogleUpdate.exe" /c
---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: inetcpl.cpl=no
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll,201
O9 - Extra button: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll,103
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO
---\\ Piratage de domaine (Lop.com) (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{169CEE27-4969-46D2-AB0F-0C9722446995}: 85.255.112.39,85.255.112.40
O17 - HKLM\System\CCS\Services\Tcpip\..\{644BFE67-BC46-4979-B811-7674F43C1E1B}: 85.255.112.39,85.255.112.40
O17 - HKLM\System\CS1\Services\Tcpip\..\{169CEE27-4969-46D2-AB0F-0C9722446995}: 85.255.112.39,85.255.112.40
O17 - HKLM\System\CS1\Services\Tcpip\..\{644BFE67-BC46-4979-B811-7674F43C1E1B}: 85.255.112.39,85.255.112.40
O17 - HKLM\System\CS3\Services\Tcpip\..\{169CEE27-4969-46D2-AB0F-0C9722446995}: 85.255.112.39,85.255.112.40
O17 - HKLM\System\CS3\Services\Tcpip\..\{644BFE67-BC46-4979-B811-7674F43C1E1B}: 85.255.112.39,85.255.112.40
---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
---\\ Clé de Registre autorun SharedTaskScheduler (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030}
---\\ Services NT non Microsoft et non désactivés (O23)
O23 - Service: Acer HomeMedia Connect Service (Acer HomeMedia Connect Service) - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: (Ati External Event Utility) - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon
O23 - Service: eDSService.exe (eDataSecurity Service) - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - C:\Program Files\SFR\Pack Sécurité\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Management Agent (FSMA) - C:\Program Files\SFR\Pack Sécurité\Common\FSMA32.EXE
O23 - Service: Google Update Service (gupdate1c98c646521307c) (gupdate1c98c646521307c) - C:\Program Files\Google\Update\GoogleUpdate.exe" /svc
O23 - Service: Google Software Updater (gusvc) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: PnkBstrA (PnkBstrA) - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - C:\Windows\system32\SLsvc.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - C:\Windows\System32\spoolsv.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - C:\Windows\system32\SearchIndexer.exe /Embedding
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
O40 - ASIC: Internet Explorer - {26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
O40 - ASIC: Browser Customizations - {60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - (not file)
O40 - ASIC: (no name) - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - (not file)
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\wmpdxm.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\Windows\system32\regsvr32.exe /s /n /i:/UserInstall C:\Windows\system32\themeui.dll
O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
O40 - ASIC: (no name) - {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - (not file)
O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)
O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Script 5.6 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)
O40 - ASIC: Dossiers Web - {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - (not file)
O40 - ASIC: Address Book 7 - {7790769C-0471-11d2-AF11-00C04FA35D02} - (not file)
O40 - ASIC: .NET Framework - {7C028AF8-F614-47B3-82DA-BA94E41B1089} - (not file)
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)
O40 - ASIC: .NET Framework - {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - (not file)
O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)
O40 - ASIC: (no name) - {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - (not file)
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} - C:\Windows\system32\Macromed\Flash\Flash10a.ocx
O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: Pilote de média asynchrone RAS (AsyncMac) - C:\WINDOWS\system32\DRIVERS\asyncmac.sys
O41 - Driver: (no object) (atikmdag) - C:\WINDOWS\system32\DRIVERS\atikmdag.sys
O41 - Driver: Filtre de décodeur DRM (Noyau Microsoft) (drmkaud) - C:\WINDOWS\system32\drivers\drmkaud.sys
O41 - Driver: Intel(R) PRO/1000 NDIS 6 Adapter Driver (E1G60) - C:\WINDOWS\system32\DRIVERS\E1G60I32.sys
O41 - Driver: Analog/DVB-T Hybrid Tv Infrared Receiver (EAGLE2RC) - C:\WINDOWS\system32\DRIVERS\Eagle2RC.sys
O41 - Driver: TV tuner device (Eagle2TV) - C:\WINDOWS\System32\Drivers\eagle2tv_B.sys
O41 - Driver: F-Secure File System Filter (F-Secure Filter) - C:\Program Files\SFR\Pack Sécurité\Anti-Virus\Win2K\FSfilter.sys
O41 - Driver: F-Secure Gatekeeper (F-Secure Gatekeeper) - C:\Program Files\SFR\Pack Sécurité\Anti-Virus\minifilter\fsgk.sys
O41 - Driver: F-Secure HIPS Driver (F-Secure HIPS) - C:\Program Files\SFR\Pack Sécurité\HIPS\drivers\fshs.sys
O41 - Driver: F-Secure File System Recognizer (F-Secure Recognizer) - C:\Program Files\SFR\Pack Sécurité\Anti-Virus\Win2K\FSrec.sys
O41 - Driver: fsbts (fsbts) - C:\WINDOWS\system32\Drivers\fsbts.sys
O41 - Driver: F-Secure Email Scanning Driver (FSES) - C:\WINDOWS\System32\drivers\fses.sys
O41 - Driver: F-Secure Vista Support Driver (fsvista) - C:\Program Files\SFR\Pack Sécurité\Anti-Virus\minifilter\fsvista.sys
O41 - Driver: Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio (HdAudAddService) - C:\WINDOWS\system32\drivers\HdAudio.sys
O41 - Driver: int15 (int15) - C:\Acer\Empowering Technology\eRecovery\int15.sys
O41 - Driver: Service for Realtek HD Audio (WDM) (IntcAzAudAddService) - C:\WINDOWS\system32\drivers\RTKVHDA.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32013 (IpFilterDriver) - C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
O41 - Driver: IP in IP Tunnel Driver (IpInIp) - C:\WINDOWS\system32\DRIVERS\ipinip.sys
O41 - Driver: Pilote d’E/S du mappage de découverte de topologie de la couche de liaison (lltdio) - C:\WINDOWS\system32\DRIVERS\lltdio.sys
O41 - Driver: Service Pilote de fonction de classe Moniteur Microsoft (monitor) - C:\WINDOWS\system32\DRIVERS\monitor.sys
O41 - Driver: Proxy de service de répartition Microsoft (MSKSSRV) - C:\WINDOWS\system32\drivers\MSKSSRV.sys
O41 - Driver: Proxy d'horloge de répartition Microsoft (MSPCLOCK) - C:\WINDOWS\system32\drivers\MSPCLOCK.sys
O41 - Driver: Proxy de gestion de qualité de répartition Microsoft (MSPQM) - C:\WINDOWS\system32\drivers\MSPQM.sys
O41 - Driver: Convertisseur en T/site-à-site de répartition Microsoft (MSTEE) - C:\WINDOWS\system32\drivers\MSTEE.sys
O41 - Driver: Filtre NativeWiFi (NativeWifiP) - C:\WINDOWS\system32\DRIVERS\nwifi.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32001 (NdisTapi) - C:\WINDOWS\system32\DRIVERS\ndistapi.sys
O41 - Driver: NDIS mode utilisateur E/S Protocole (Ndisuio) - C:\WINDOWS\system32\DRIVERS\ndisuio.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32002 (NdisWan) - C:\WINDOWS\system32\DRIVERS\ndiswan.sys
O41 - Driver: NetBIOS Interface (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: RT73 USB Wireless LAN Card Driver for Vista (netr73) - C:\WINDOWS\system32\DRIVERS\netr73.sys
O41 - Driver: Upper Class Filter Driver (NTIDrvr) - C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
O41 - Driver: IPX Traffic Filter Driver (NwlnkFlt) - C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
O41 - Driver: IPX Traffic Forwarder Driver (NwlnkFwd) - C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
O41 - Driver: Miniport réseau étendu WAN (PPTP) (PptpMiniport) - C:\WINDOWS\system32\DRIVERS\raspptp.sys
O41 - Driver: @%SystemRoot%\System32\drivers\pacer.sys,-101 (PSched) - C:\WINDOWS\system32\DRIVERS\pacer.sys
O41 - Driver: (no object) (R300) - C:\WINDOWS\system32\DRIVERS\atikmdag.sys
O41 - Driver: Remote Access Auto Connection Driver (RasAcd) - C:\WINDOWS\System32\DRIVERS\rasacd.sys
O41 - Driver: Miniport réseau étendu WAN (L2TP) (Rasl2tp) - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32007 (RasPppoe) - C:\WINDOWS\system32\DRIVERS\raspppoe.sys
O41 - Driver: @%systemroot%\system32\sstpsvc.dll,-202 (RasSstp) - C:\WINDOWS\system32\DRIVERS\rassstp.sys
O41 - Driver: Répondeur de découverte de topologie de la couche de liaison (rspndr) - C:\WINDOWS\system32\DRIVERS\rspndr.sys
O41 - Driver: StarForce Protection Environment Driver (version 1.x) (sfdrv01) - C:\WINDOWS\System32\drivers\sfdrv01.sys
O41 - Driver: StarForce Protection Helper Driver (version 2.x) (sfhlp02) - C:\WINDOWS\System32\drivers\sfhlp02.sys
O41 - Driver: StarForce Protection Synchronization Driver (version 3.x) (sfsync03) - C:\WINDOWS\System32\drivers\sfsync03.sys
O41 - Driver: StarForce Protection VFS Driver (version 2.x) (sfvfs02) - C:\WINDOWS\System32\drivers\sfvfs02.sys
O41 - Driver: @%SystemRoot%\system32\tcpipcfg.dll,-50005 (Smb) - C:\WINDOWS\system32\DRIVERS\smb.sys
O41 - Driver: (no object) (sptd) - C:\WINDOWS\System32\Drivers\sptd.sys
O41 - Driver: Pilote de protocole IPv6 Microsoft (Tcpip6) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: Pilote de carte miniport Microsoft Tun (tunmp) - C:\WINDOWS\system32\DRIVERS\tunmp.sys
O41 - Driver: Pilote de carte miniport Microsoft IPv6 Tunnel (tunnel) - C:\WINDOWS\system32\DRIVERS\tunnel.sys
O41 - Driver: Périphérique vidéo USB (WDM) (usbvideo) - C:\WINDOWS\System32\Drivers\usbvideo.sys
O41 - Driver: (no object) (vga) - C:\WINDOWS\system32\DRIVERS\vgapnp.sys
O41 - Driver: Remote Access IP ARP Driver (Wanarp) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: Remote Access IPv6 ARP Driver (Wanarpv6) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: WpdUsb (WpdUsb) - C:\WINDOWS\system32\DRIVERS\wpdusb.sys
O41 - Driver: WSVD (WSVD) - C:\Windows\system32\drivers\WSVD.sys
O41 - Driver: (no object) (WUDFRd) - C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
O41 - Driver: NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller (yukonwlh) - C:\WINDOWS\system32\DRIVERS\yk60x86.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Audacity 1.2.6
O42 - Logiciel: CCleaner (remove only)
O42 - Logiciel: EAX Unified
O42 - Logiciel: Pack sécurité
O42 - Logiciel: Fraps
O42 - Logiciel: GameSpy Arcade
O42 - Logiciel: NTI CD & DVD-Maker
O42 - Logiciel: Age of Empires III
O42 - Logiciel: SEGA Rally
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM)
O42 - Logiciel: GTI Racing
O42 - Logiciel: EA Download Manager
O42 - Logiciel: Security Update for CAPICOM (KB931906)
O42 - Logiciel: LimeWire PRO 4.12.3
O42 - Logiciel: Mozilla Firefox (3.0.6)
O42 - Logiciel: Navilog1 3.7.5
O42 - Logiciel: PHPNukeFR Toolbar
O42 - Logiciel: PowerISO
O42 - Logiciel: S.T.A.L.K.E.R. - Shadow of Chernobyl
O42 - Logiciel: SFR - Kit de connexion
O42 - Logiciel: PC Optimiseur
O42 - Logiciel: Microsoft Office Ultimate 2007
O42 - Logiciel: Virtual DJ - Atomix Productions
O42 - Logiciel: VLC media player 0.9.8a
O42 - Logiciel: Vuze
O42 - Logiciel: Installation Windows Live
O42 - Logiciel: Archiveur WinRAR
O42 - Logiciel: Zattoo 3.3.1 Beta
O42 - Logiciel: Windows Live Call
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Nokia Multimedia Converter Pro v2.0
O42 - Logiciel: Acer HomeMedia Connect
O42 - Logiciel: Speed-Link SL-6535 USB Pad
O42 - Logiciel: Outil de téléchargement Windows Live
O42 - Logiciel: Windows Live Writer
O42 - Logiciel: MSVCRT
O42 - Logiciel: Java(TM) 6 Update 12
O42 - Logiciel: Acer SlideShow DVD
O42 - Logiciel: Galerie de photos Windows Live
O42 - Logiciel: Junk Mail filter update
O42 - Logiciel: Google Earth
O42 - Logiciel: Microsoft Office Live Add-in 1.3
O42 - Logiciel: Windows Live Movie Maker Bêta
O42 - Logiciel: Windows Live Mail
O42 - Logiciel: NTI Backup NOW! 4.7
O42 - Logiciel: Microsoft Works
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: Acer ScreenSaver
O42 - Logiciel: MSXML 4.0 SP2 (KB954430)
O42 - Logiciel: Microsoft Silverlight
O42 - Logiciel: Choice Guard
O42 - Logiciel: Microsoft Office Professional Edition 2003
O42 - Logiciel: Microsoft Office Access MUI (English) 2007
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 1 (SP1)
O42 - Logiciel: Update for Microsoft Office Access 2007 Help (KB957241)
O42 - Logiciel: Microsoft Office Excel MUI (English) 2007
O42 - Logiciel: Update for Microsoft Office Excel 2007 Help (KB957242)
O42 - Logiciel: Microsoft Office PowerPoint MUI (English) 2007
O42 - Logiciel: Update for Microsoft Office PowerPoint 2007 Help (KB957247)
O42 - Logiciel: Microsoft Office Publisher MUI (English) 2007
O42 - Logiciel: Update for Microsoft Office Publisher 2007 Help (KB957249)
O42 - Logiciel: Microsoft Office Outlook MUI (English) 2007
O42 - Logiciel: Update for Microsoft Office Outlook 2007 Help (KB957246)
O42 - Logiciel: Microsoft Office Word MUI (English) 2007
O42 - Logiciel: Update for Microsoft Office Word 2007 Help (KB957252)
O42 - Logiciel: Microsoft Office Proof (English) 2007
O42 - Logiciel: Microsoft Office Proof (French) 2007
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007
O42 - Logiciel: Microsoft Office Proofing (English) 2007
O42 - Logiciel: Microsoft Office InfoPath MUI (English) 2007
O42 - Logiciel: Update for Microsoft Office InfoPath 2007 Help (KB957243)
O42 - Logiciel: Microsoft Office Shared MUI (English) 2007
O42 - Logiciel: Update for Microsoft Office 2007 Help for Common Features (KB957244)
O42 - Logiciel: Update for Microsoft Script Editor Help (KB957253)
O42 - Logiciel: Microsoft Office OneNote MUI (English) 2007
O42 - Logiciel: Update for Microsoft Office OneNote 2007 Help (KB957245)
O42 - Logiciel: Microsoft Office Groove MUI (English) 2007
O42 - Logiciel: Microsoft Office Groove Setup Metadata MUI (English) 2007
O42 - Logiciel: Microsoft Office Shared Setup Metadata MUI (English) 2007
O42 - Logiciel: Microsoft Office Access Setup Metadata MUI (English) 2007
O42 - Logiciel: Need for Speed Underground 2
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB956358)
O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB952142)
O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (kb959634)
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB951338)
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB954326)
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB958437)
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB958439)
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB951944)
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB956828)
O42 - Logiciel: Update for Office 2007 (KB946691)
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB951550)
O42 - Logiciel: Security Update for Microsoft Office OneNote 2007 (KB950130)
O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB950114)
O42 - Logiciel: Acer Tour
O42 - Logiciel: Microsoft Office Outlook Connector
O42 - Logiciel: Google Update Helper
O42 - Logiciel: Acer HomeMedia
O42 - Logiciel: Acer Empowering Technology
O42 - Logiciel: Adobe Reader 7.0 - Français
O42 - Logiciel: Acer eDataSecurity Management
O42 - Logiciel: Acer DVDivine
O42 - Logiciel: Test Drive Unlimited
O42 - Logiciel: Acer ePerformance Management
O42 - Logiciel: Assistant de connexion Windows Live
O42 - Logiciel: Need for Speed™ Undercover
O42 - Logiciel: Ralink Wireless LAN
O42 - Logiciel: Acer Arcade Live Main Page
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU]
O42 - Logiciel: Realtek High Definition Audio Driver
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Acer DV Magician
O42 - Logiciel: Acer VideoMagician
---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory - C:\Program Files\Common Files\Adobe
O43 - CFD:Common File Directory - C:\Program Files\Common Files\DESIGNER
O43 - CFD:Common File Directory - C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory - C:\Program Files\Common Files\LightScribe
O43 - CFD:Common File Directory - C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory - C:\Program Files\Common Files\muvee Technologies
O43 - CFD:Common File Directory - C:\Program Files\Common Files\NewTech Infosystems
O43 - CFD:Common File Directory - C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory - C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory - C:\Program Files\Common Files\Symantec Shared
O43 - CFD:Common File Directory - C:\Program Files\Common Files\System
O43 - CFD:Common File Directory - C:\Program Files\Common Files\Windows Live
---\\ Derniers fichiers modifiés ou crées sous System32 (O44)
O44 - LFC:Last File Created - C:\Windows\System32\Apphlpdm.dll -->23/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\axaltocm.dll -->29/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\ci.dll -->23/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\connect.dll -->22/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\deploytk.dll -->28/02/2009
O44 - LFC:Last File Created - C:\Windows\System32\ealregsnapshot1.reg -->24/02/2009
O44 - LFC:Last File Created - C:\Windows\System32\EncDec.dll -->05/12/2008
O44 - LFC:Last File Created - C:\Windows\System32\es.dll -->23/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\FNTCACHE.DAT -->29/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\frapsvid.dll -->03/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\FwRemoteSvr.dll -->23/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\gameux.dll -->23/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\GameUXLegacyGDFs.dll -->23/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\gdi32.dll -->23/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\ieapfltr.dat -->23/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\ieframe.dll -->15/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\iertutil.dll -->15/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\ieui.dll -->23/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\ifxcardm.dll -->29/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\inetcomm.dll -->22/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\INETRES.dll -->22/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\IPSECSVC.DLL -->23/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\java.exe -->28/02/2009
O44 - LFC:Last File Created - C:\Windows\System32\javaw.exe -->28/02/2009
O44 - LFC:Last File Created - C:\Windows\System32\javaws.exe -->28/02/2009
O44 - LFC:Last File Created - C:\Windows\System32\jsproxy.dll -->15/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\kbd106n.dll -->23/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\kd1394.dll -->23/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\logagent.exe -->22/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\mf.dll -->22/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\mferror.dll -->22/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\mfpmp.exe -->22/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\mfps.dll -->22/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\Mpeg2Data.ax -->23/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\mpg2splt.ax -->05/12/2008
O44 - LFC:Last File Created - C:\Windows\System32\mrt.exe -->04/02/2009
O44 - LFC:Last File Created - C:\Windows\System32\MSDvbNP.ax -->23/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\msfeeds.dll -->15/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\mshtml.dll -->15/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\mshtml.tlb -->15/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\MSNP.ax -->05/12/2008
O44 - LFC:Last File Created - C:\Windows\System32\mstime.dll -->15/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\msxml3.dll -->22/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\msxml3r.dll -->22/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\msxml6.dll -->22/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\msxml6r.dll -->22/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NaturalLanguage6.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\netapi32.dll -->22/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData0000.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData0001.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData0002.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData0003.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData0007.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData0009.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData000a.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData000c.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData000d.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData000f.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData0010.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData0011.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData0013.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData0018.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData0019.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData001a.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData001b.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData001d.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData0020.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData0021.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData0022.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData0024.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData0026.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData0027.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData002a.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData0039.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData003e.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData0045.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData0046.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData0047.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData0049.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData004a.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData004b.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData004c.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData004e.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData0414.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData0416.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData0816.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData081a.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsData0c1a.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons0001.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons0002.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons0003.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons0007.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons0009.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons000a.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons000c.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons000d.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons000f.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons0010.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons0011.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons0013.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons0018.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons0019.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons001a.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons001b.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons001d.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons0020.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons0021.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons0022.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons0024.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons0026.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons0027.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons002a.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons0039.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons003e.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons0045.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons0046.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons0047.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons0049.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons004a.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons004b.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons004c.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons004e.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons0414.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons0416.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons0816.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons081a.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsLexicons0c1a.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\NlsModels0011.dll -->24/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\ntkrnlpa.exe -->22/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\ntoskrnl.exe -->22/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\OpenAL32.dll -->25/02/2009
O44 - LFC:Last File Created - C:\Windows\System32\perfc009.dat -->02/03/2009
O44 - LFC:Last File Created - C:\Windows\System32\perfc00C.dat -->02/03/2009
O44 - LFC:Last File Created - C:\Windows\System32\perfh009.dat -->02/03/2009
O44 - LFC:Last File Created - C:\Windows\System32\perfh00C.dat -->02/03/2009
O44 - LFC:Last File Created - C:\Windows\System32\PerfStringBackup.INI -->02/03/2009
O44 - LFC:Last File Created - C:\Windows\System32\PhotoMetadataHandler.dll -->22/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\PnkBstrA.exe -->24/02/2009
O44 - LFC:Last File Created - C:\Windows\System32\PnkBstrB.exe -->04/03/2009
O44 - LFC:Last File Created - C:\Windows\System32\polstore.dll -->23/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\PortableDeviceApi.dll -->23/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\PortableDeviceClassExtension.dll -->23/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\PortableDeviceTypes.dll -->23/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\preinst.log -->22/02/2009
O44 - LFC:Last File Created - C:\Windows\System32\printcom.dll -->22/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\psisdecd.dll -->05/12/2008
O44 - LFC:Last File Created - C:\Windows\System32\psisrndr.ax -->05/12/2008
O44 - LFC:Last File Created - C:\Windows\System32\quartz.dll -->22/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\rasctrnm.h -->23/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\rmdrvegp.log -->22/02/2009
O44 - LFC:Last File Created - C:\Windows\System32\rrinstaller.exe -->22/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\rstrui.exe -->23/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\setbcdlocale.dll -->23/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\shell32.dll -->22/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\srclient.dll -->23/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\srcore.dll -->23/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\srdelayed.exe -->23/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\tzres.dll -->22/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\urlmon.dll -->15/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\win32k.sys -->22/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\win32spl.dll -->22/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\WindowsCodecs.dll -->22/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\WindowsCodecsExt.dll -->22/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\wininet.dll -->15/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\winipsec.dll -->23/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\winload.exe -->23/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\winresume.exe -->23/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\WMNetMgr.dll -->22/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\wmpeffects.dll -->22/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\WMVCORE.DLL -->22/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\wrap_oal.dll -->25/02/2009
O44 - LFC:Last File Created - C:\Windows\System32\wshrm.dll -->22/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\wuapi.dll -->21/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\wuapp.exe -->21/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\wuauclt.exe -->21/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\wuaueng.dll -->21/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\wucltux.dll -->21/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\wudriver.dll -->21/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\wups.dll -->21/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\wups2.dll -->21/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\wuwebv.dll -->21/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\drivers\fsbts.sys -->28/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\drivers\mrxsmb10.sys -->23/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf -->06/02/2009
O44 - LFC:Last File Created - C:\Windows\System32\drivers\PnkBstrK.sys -->04/03/2009
O44 - LFC:Last File Created - C:\Windows\System32\drivers\rmcast.sys -->22/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\drivers\srv.sys -->22/01/2009
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgCx_SC1.db -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgCx_SC1.db.trx -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgGlFaultHistory.db -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgGlFgAppHistory.db -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgGlGlobalHistory.db -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-2565260227-2245687259-2372371746-1000.db -->03/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-2565260227-2245687259-2372371746-1000.db -->03/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgRobust.db -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\ATBROKER.EXE-2E15A492.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\ATI2EVXX.EXE-0327F1E7.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AUTOCHK.EXE-1394A593.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AZUREUS.EXE-D24891AB.pf -->03/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\BUBBLES.SCR-7B603539.pf -->03/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\CATCHME.EXE-FE243694.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\CHKNTFS.EXE-4D884E7D.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\CHROME.EXE-5A1054AF.pf -->01/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\CMD.EXE-4A81B364.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\CONIME.EXE-9781FD5F.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\CONSENT.EXE-531BD9EA.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\CONTROL.EXE-817F8F1D.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\CSRSS.EXE-3FE41F7E.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\DEFRAG.EXE-588F90AD.pf -->03/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\DFRGNTFS.EXE-7E4077FE.pf -->03/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\DFRGUI.EXE-C853DD35.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\DLLHOST.EXE-5458ADF9.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\DLLHOST.EXE-6BCB9FAA.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\DLLHOST.EXE-766398D2.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\DLLHOST.EXE-7FAA2E4C.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\DLLHOST.EXE-B2EB1806.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\DRVINST.EXE-4CB4314A.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\FIND.EXE-E2237F6D.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\FINDSTR.EXE-2E9C6FE2.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\FIREFOX.EXE-A606B53C.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\FLASHUTIL10A.EXE-F38539B4.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\FSAV32.EXE-FBCB944F.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\FSDC32.EXE-DBFCF5EA.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\GETPATHS.EXE-E690506B.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\GLB1A2B.EXE-1B16A1B5.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\GLB848A.TMP-F7EE1D7B.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\GNC.EXE-09043862.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\GNC.EXE-324DDC73.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\GNC.EXE-A09CA6F0.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\GNC.EXE-A96714DC.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-FE771DDA.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\GOOGLEUPDATER.EXE-39628337.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\GOOGLEUPDATERSERVICE.EXE-09540BCD.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\I4JDEL0.EXE-9672C712.pf -->03/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\IEUSER.EXE-7C0FE221.pf -->03/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\IEXPLORE.EXE-908C99F8.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\INSTALLER_AVG_ANTI-ROOTKIT_1_-930DB1FA.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\IS-URN5E.TMP-EDC82E96.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\JAVA.EXE-61DA1755.pf -->03/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\JAVA.EXE-E27B75C2.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\Layout.ini -->03/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\LICMGR.EXE-B40EE7D6.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\LOGONUI.EXE-09140401.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\LSASS.EXE-419F2D06.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\LSM.EXE-E22FF25C.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\MFPMP.EXE-26F35380.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\MOBSYNC.EXE-C5E2284F.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\MSNMSGR.EXE-9974F251.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\NAVILOG1.EXE-18CFA349.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\NFS.EXE-E18AFD51.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\NOTEPAD.EXE-86E0E9B9.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\OSV.EXE-4FE3C523.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\PCOPTIMISEUR.EXE-E5EA20F9.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\PfSvPerfStats.bin -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\PNKBSTRB.EXE-09DE69A6.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\POWERISO.EXE-9A234886.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\REG.EXE-E7E8BD26.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\REGSVR32.EXE-8461DBEE.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-07235BB3.pf -->03/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-072673BB.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-072A502E.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-10DFB626.pf -->03/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-230FC512.pf -->03/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-291E88D3.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-29CF3DE6.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-2DEBEED2.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-36D48152.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-3BEC8549.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-56495E00.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-5905E6A3.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-5CC5B13A.pf -->03/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-5D22A0B6.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-5E917145.pf -->03/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-6D2968F1.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-7088F31D.pf -->03/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-70A53FFC.pf -->03/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-70ABA1C8.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-7D1509BB.pf -->03/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-7D15CFE2.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-7D169575.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-8F8963A7.pf -->03/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-A4C8F735.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-A8CEFA83.pf -->03/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-BE9E6A23.pf -->03/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-D203DFA8.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-DB6CBE82.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-DC27FF9C.pf -->03/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-EF8A86AF.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-FB568DC8.pf -->03/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SCANWIZARD.EXE-69FF3C58.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SERVICES.EXE-511D36F4.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SETUP.EXE-9F182B59.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SETUP.EXE-D84C9EF0.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SETUP_WM.EXE-674F654A.pf -->03/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SMSS.EXE-E9C28FC6.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SNDVOL.EXE-5D4CC7D6.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SORT.EXE-99A4F778.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SPEED2.EXE-586C82CD.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SSVAGENT.EXE-42E515EF.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SSVAGENT.EXE-D0A26E22.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SVCHOST.EXE-7CFEDEA3.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SVCHOST.EXE-CFF8C7D9.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SVCHOST.EXE-E2C2633A.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\TASKMGR.EXE-5F5F473D.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\TNBUTIL.EXE-B196F32C.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\TOOLBAR.EXE-C0BA8555.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf -->03/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\UNWISE.EXE-85A24889.pf -->02/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\VERCLSID.EXE-7C52E31C.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\VLC.EXE-A11F73EE.pf -->03/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\VSSVC.EXE-B8AFC319.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WERFAULT.EXE-E69F695A.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WERMGR.EXE-0F2AC88C.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WININIT.EXE-5322684A.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WINLOGON.EXE-B020DC41.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WLCOMM.EXE-272FF9F7.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WMIPRVSE.EXE-1628051C.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WMPLAYER.EXE-BAD6BD53.pf -->04/03/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WSCRIPT.EXE-52CF1F0C.pf -->02/03/2009
---\\ ShellExecuteHooks, Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office 2007\Office12\GrooveShellExtensions.dll
---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export - "C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe"="C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu"
O47 - AAKE:Key Export - "C:\Acer\Empowering Technology\eDataSecurity\encryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption"
O47 - AAKE:Key Export - "C:\Acer\Empowering Technology\eDataSecurity\decryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption"
---\\ Déni du service Local Security Authority (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages - C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages - C:\Windows\System32\scecli.dll
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\volmgrx.sys
End of the scan: