ordi très lent, bugs à gogo, scan bloqué 48%

Question

Bonjour,  



Configuration: Windows 7 / Internet Explorer 7.0

Bonjour à tous, 

Je m'etais déjà tourné vers vous il y a quelques années, concernant un problemes de virus "goldcodec" etle problème avait été solutionné assez rapidement et de maniere tres pro donc encore merci ;-) 

Cependant je reviens vers vous pour un tout autre probleme, 

J'ai un nouveau PC portable depuis 6 mois un ASUS X77J  intel core I5. 
Et depuis 1 semaine ce dernier est tres lent, et remplie de bug en tout genre. 

donc je passe mon scan d'antivirus et ce dernier se bloque à 48%  
je passe malwearbyte et lui aussi se bloque au bout d'un certain temps 
j'ai esseyer de passer adawear lui ne se bloque pas mais est tres tres tres lent et ne trouve rien. 


sympthome, il m'est impossible de lancer photoshop, aller sur internet releve d'un defis de patience ;-) 

de ce fait je suis obliger de passer par le mode sans echeque pour avoir un peu de puissance et encore c'est pas la joie. 

alors je me remet entre vos mains d'experts !

g3n-h@ckm@n · Answer

salut vire ad-aware il est inutile

================================

&#9654 Télécharge Reload_TDSSKiller

&#9654 Lance le 

choisis : lancer le nettoyage

l'outil va automatiquement télécharger la derniere version puis 

TDSSKiller va s'ouvrir , clique sur "Start Scan"

une fois qu'il a terminé , redemarre s'il te le demande pour finir de nettoyer

sinon , ferme tdssKiller et le rapport s'affichera sur le bureau

&#9654 Copie/Colle son contenu dans ta prochaine réponse.

Blacktoon · Answer

Salut je viens de poster un lien qui vas t'aider je te le donne directement(pas sur que sa marche mais ma c'est nikel quand je bug)https://www.iobit.com/en/advancedsystemcarefree.php
tu fait une analyse longue et tu vois si sa marche(tu vas trouver plein de truc la première fois tu vas voir que se petit bijoux est indispensable il est près rapide)
Bonne Chance

Blacktoon · Answer

quik care rapide et l'autre vert a coter c'est long mais rapide^^

Blacktoon · Answer

j'avais comme toi sur un pc fix j'ai installer sa sa marche sans bug
bon a+

g3n-h@ckm@n · Answer

bonjour inutile de proposer un antivirus sans savoir ce qu'à la machine dans le ventre , et meme de contre-ordre !
on ne propose pas , de surcroît , un antivirus sans faire desinstaller celui qui est déjà installé

von_hebrenack · Answer

voila il n'a trouvé aucune infection et voici le rapport :

2011/07/04 21:07:20.0987 2528	TDSS rootkit removing tool 2.5.9.0 Jul  1 2011 18:45:21
2011/07/04 21:07:21.0314 2528	================================================================================
2011/07/04 21:07:21.0314 2528	SystemInfo:
2011/07/04 21:07:21.0314 2528	
2011/07/04 21:07:21.0314 2528	OS Version: 6.1.7600 ServicePack: 0.0
2011/07/04 21:07:21.0314 2528	Product type: Workstation
2011/07/04 21:07:21.0314 2528	ComputerName: RATOU-PC
2011/07/04 21:07:21.0314 2528	UserName: Ratou
2011/07/04 21:07:21.0314 2528	Windows directory: C:\Windows
2011/07/04 21:07:21.0314 2528	System windows directory: C:\Windows
2011/07/04 21:07:21.0314 2528	Running under WOW64
2011/07/04 21:07:21.0314 2528	Processor architecture: Intel x64
2011/07/04 21:07:21.0314 2528	Number of processors: 4
2011/07/04 21:07:21.0314 2528	Page size: 0x1000
2011/07/04 21:07:21.0314 2528	Boot type: Safe boot with network
2011/07/04 21:07:21.0314 2528	================================================================================
2011/07/04 21:07:21.0891 2528	Initialize success
2011/07/04 21:07:25.0167 2560	================================================================================
2011/07/04 21:07:25.0167 2560	Scan started
2011/07/04 21:07:25.0167 2560	Mode: Manual; 
2011/07/04 21:07:25.0167 2560	================================================================================
2011/07/04 21:07:28.0724 2560	1394ohci        (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/07/04 21:07:28.0802 2560	ACPI            (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
2011/07/04 21:07:28.0865 2560	AcpiPmi         (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/07/04 21:07:28.0974 2560	adfs            (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys
2011/07/04 21:07:29.0099 2560	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/07/04 21:07:29.0145 2560	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/07/04 21:07:29.0177 2560	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/07/04 21:07:29.0286 2560	AFD             (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
2011/07/04 21:07:29.0364 2560	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
2011/07/04 21:07:29.0473 2560	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
2011/07/04 21:07:29.0473 2560	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
2011/07/04 21:07:29.0535 2560	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/07/04 21:07:29.0551 2560	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/07/04 21:07:29.0613 2560	amdsata         (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
2011/07/04 21:07:29.0660 2560	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/07/04 21:07:29.0691 2560	amdxata         (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
2011/07/04 21:07:29.0723 2560	AmUStor         (9c7f164b49cadc658d1b3c575782f346) C:\Windows\system32\drivers\AmUStor.SYS
2011/07/04 21:07:29.0879 2560	AppID           (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
2011/07/04 21:07:29.0925 2560	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/07/04 21:07:29.0988 2560	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/07/04 21:07:30.0066 2560	ASMMAP64        (2db34edd17d3a8da7105a19c95a3dd68) C:\Program Files\ATKGFNEX\ASMMAP64.sys
2011/07/04 21:07:30.0159 2560	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/07/04 21:07:30.0191 2560	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
2011/07/04 21:07:30.0253 2560	athr            (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
2011/07/04 21:07:30.0393 2560	atksgt          (4aef9ec86818375495fb78ca58df4e18) C:\Windows\system32\DRIVERS\atksgt.sys
2011/07/04 21:07:30.0456 2560	avgntflt        (39c2e2870fc0c2ae0595b883cbe716b4) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/07/04 21:07:30.0565 2560	avipbb          (c98fa6e5ad0e857d22716bd2b8b1f399) C:\Windows\system32\DRIVERS\avipbb.sys
2011/07/04 21:07:30.0690 2560	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/07/04 21:07:30.0783 2560	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/07/04 21:07:30.0830 2560	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/07/04 21:07:30.0893 2560	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/07/04 21:07:30.0955 2560	bowser          (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
2011/07/04 21:07:31.0111 2560	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/07/04 21:07:31.0142 2560	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/07/04 21:07:31.0173 2560	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/07/04 21:07:31.0205 2560	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/07/04 21:07:31.0251 2560	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/07/04 21:07:31.0267 2560	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/07/04 21:07:31.0314 2560	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/07/04 21:07:31.0376 2560	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/07/04 21:07:31.0423 2560	cdrom           (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
2011/07/04 21:07:31.0470 2560	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/07/04 21:07:31.0517 2560	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/07/04 21:07:31.0641 2560	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/07/04 21:07:31.0657 2560	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
2011/07/04 21:07:31.0735 2560	CNG             (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
2011/07/04 21:07:31.0782 2560	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/07/04 21:07:31.0829 2560	CompositeBus    (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/07/04 21:07:31.0860 2560	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/07/04 21:07:31.0969 2560	DfsC            (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
2011/07/04 21:07:32.0016 2560	dgderdrv        (867fa8b9e9e3078f68c4089904bbf4b0) C:\Windows\system32\drivers\dgderdrv.sys
2011/07/04 21:07:32.0063 2560	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/07/04 21:07:32.0125 2560	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/07/04 21:07:32.0219 2560	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/07/04 21:07:32.0281 2560	DXGKrnl         (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
2011/07/04 21:07:32.0437 2560	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/07/04 21:07:32.0671 2560	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/07/04 21:07:32.0733 2560	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
2011/07/04 21:07:32.0796 2560	ETD             (06c94be9d9e1e6411429433a64a76936) C:\Windows\system32\DRIVERS\ETD.sys
2011/07/04 21:07:32.0843 2560	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/07/04 21:07:32.0874 2560	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/07/04 21:07:32.0921 2560	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/07/04 21:07:32.0967 2560	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/07/04 21:07:32.0983 2560	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/07/04 21:07:33.0139 2560	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/07/04 21:07:33.0217 2560	FltMgr          (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
2011/07/04 21:07:33.0279 2560	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/07/04 21:07:33.0342 2560	fssfltr         (2bf3b36b96d015af666b6aa63ae2e38f) C:\Windows\system32\DRIVERS\fssfltr.sys
2011/07/04 21:07:33.0357 2560	Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/07/04 21:07:33.0420 2560	fvevol          (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/07/04 21:07:33.0467 2560	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/07/04 21:07:33.0591 2560	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/07/04 21:07:33.0623 2560	HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
2011/07/04 21:07:33.0669 2560	HDAudBus        (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/07/04 21:07:33.0701 2560	HECIx64         (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
2011/07/04 21:07:33.0732 2560	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/07/04 21:07:33.0779 2560	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/07/04 21:07:33.0810 2560	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/07/04 21:07:33.0857 2560	HidUsb          (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
2011/07/04 21:07:33.0919 2560	HpSAMD          (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/07/04 21:07:33.0966 2560	HTTP            (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
2011/07/04 21:07:34.0013 2560	hwpolicy        (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
2011/07/04 21:07:34.0059 2560	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/07/04 21:07:34.0122 2560	iaStor          (bbb3b6df1abb0fe35802ede85cc1c011) C:\Windows\system32\DRIVERS\iaStor.sys
2011/07/04 21:07:34.0169 2560	iaStorV         (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
2011/07/04 21:07:34.0465 2560	igfx            (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
2011/07/04 21:07:34.0777 2560	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/07/04 21:07:34.0839 2560	Impcd           (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
2011/07/04 21:07:34.0933 2560	IntcAzAudAddService (51c98815721b44bf70e8aeb3ff3f57d6) C:\Windows\system32\drivers\RTKVHD64.sys
2011/07/04 21:07:35.0089 2560	IntcDAud        (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
2011/07/04 21:07:35.0136 2560	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
2011/07/04 21:07:35.0167 2560	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/07/04 21:07:35.0214 2560	IpFilterDriver  (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/07/04 21:07:35.0245 2560	IPMIDRV         (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/07/04 21:07:35.0276 2560	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/07/04 21:07:35.0323 2560	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/07/04 21:07:35.0354 2560	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
2011/07/04 21:07:35.0401 2560	iScsiPrt        (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/07/04 21:07:35.0432 2560	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/07/04 21:07:35.0541 2560	kbdhid          (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/07/04 21:07:35.0588 2560	kbfiltr         (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
2011/07/04 21:07:35.0604 2560	KSecDD          (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
2011/07/04 21:07:35.0651 2560	KSecPkg         (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
2011/07/04 21:07:35.0682 2560	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/07/04 21:07:35.0807 2560	L1C             (48686c29856f46443952a831424f8d6f) C:\Windows\system32\DRIVERS\L1C62x64.sys
2011/07/04 21:07:35.0916 2560	Lavasoft Kernexplorer (9a7fa6371f68335fd3c3d6488bc5a9f8) C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys
2011/07/04 21:07:35.0994 2560	Lbd             (c8b3131857931ae76798a741cc52b021) C:\Windows\system32\DRIVERS\Lbd.sys
2011/07/04 21:07:36.0072 2560	lirsgt          (b658b7076b1acaa5876524595630f183) C:\Windows\system32\DRIVERS\lirsgt.sys
2011/07/04 21:07:36.0119 2560	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/07/04 21:07:36.0228 2560	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/07/04 21:07:36.0275 2560	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/07/04 21:07:36.0306 2560	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/07/04 21:07:36.0337 2560	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/07/04 21:07:36.0368 2560	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/07/04 21:07:36.0477 2560	MBAMProtector   (ed49fd1373de93617a1f6d128d98fe4d) C:\Windows\system32\drivers\mbam.sys
2011/07/04 21:07:36.0524 2560	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/07/04 21:07:36.0555 2560	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/07/04 21:07:36.0602 2560	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/07/04 21:07:36.0633 2560	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/07/04 21:07:36.0680 2560	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2011/07/04 21:07:36.0727 2560	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/07/04 21:07:36.0743 2560	mountmgr        (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
2011/07/04 21:07:36.0774 2560	mpio            (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
2011/07/04 21:07:36.0805 2560	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/07/04 21:07:36.0836 2560	MRxDAV          (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
2011/07/04 21:07:36.0883 2560	mrxsmb          (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/07/04 21:07:36.0930 2560	mrxsmb10        (a8c2d7673c8a010569390c826a0efaf4) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/07/04 21:07:36.0961 2560	mrxsmb20        (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/07/04 21:07:36.0977 2560	msahci          (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
2011/07/04 21:07:37.0023 2560	msdsm           (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
2011/07/04 21:07:37.0070 2560	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/07/04 21:07:37.0086 2560	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/07/04 21:07:37.0117 2560	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/07/04 21:07:37.0164 2560	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/07/04 21:07:37.0195 2560	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/07/04 21:07:37.0242 2560	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/07/04 21:07:37.0273 2560	MsRPC           (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
2011/07/04 21:07:37.0304 2560	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/07/04 21:07:37.0335 2560	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/07/04 21:07:37.0367 2560	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/07/04 21:07:37.0398 2560	MTsensor        (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys
2011/07/04 21:07:37.0445 2560	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/07/04 21:07:37.0523 2560	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS
wifi.sys
2011/07/04 21:07:37.0569 2560	NDIS            (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers
dis.sys
2011/07/04 21:07:37.0647 2560	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS
discap.sys
2011/07/04 21:07:37.0679 2560	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS
distapi.sys
2011/07/04 21:07:37.0725 2560	Ndisuio         (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS
disuio.sys
2011/07/04 21:07:37.0772 2560	NdisWan         (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS
diswan.sys
2011/07/04 21:07:37.0803 2560	NDProxy         (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
2011/07/04 21:07:37.0866 2560	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS
etbios.sys
2011/07/04 21:07:37.0913 2560	NetBT           (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS
etbt.sys
2011/07/04 21:07:38.0022 2560	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS
frd960.sys
2011/07/04 21:07:38.0069 2560	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/07/04 21:07:38.0100 2560	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers
siproxy.sys
2011/07/04 21:07:38.0178 2560	Ntfs            (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
2011/07/04 21:07:38.0256 2560	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/07/04 21:07:38.0287 2560	nusb3hub        (785298579b5f9b4032152dfbb992fdb6) C:\Windows\system32\DRIVERS
usb3hub.sys
2011/07/04 21:07:38.0334 2560	nusb3xhc        (df2750481b4964814467c974f2b0eef1) C:\Windows\system32\DRIVERS
usb3xhc.sys
2011/07/04 21:07:38.0599 2560	nvlddmkm        (81dc781abe31c367cc5be8cc7d8ec557) C:\Windows\system32\DRIVERS
vlddmkm.sys
2011/07/04 21:07:38.0911 2560	nvpciflt        (a9a4ac994530853a010517f89b85136f) C:\Windows\system32\DRIVERS
vpciflt.sys
2011/07/04 21:07:38.0958 2560	nvraid          (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers
vraid.sys
2011/07/04 21:07:38.0989 2560	nvstor          (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers
vstor.sys
2011/07/04 21:07:39.0051 2560	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS
v_agp.sys
2011/07/04 21:07:39.0083 2560	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/07/04 21:07:39.0145 2560	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/07/04 21:07:39.0176 2560	partmgr         (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
2011/07/04 21:07:39.0239 2560	pccsmcfd        (81b5e63131090879ad6ef9f32109b88d) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
2011/07/04 21:07:39.0270 2560	pci             (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
2011/07/04 21:07:39.0301 2560	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
2011/07/04 21:07:39.0348 2560	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/07/04 21:07:39.0363 2560	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/07/04 21:07:39.0395 2560	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/07/04 21:07:39.0504 2560	PptpMiniport    (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERSaspptp.sys
2011/07/04 21:07:39.0519 2560	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/07/04 21:07:39.0566 2560	Psched          (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
2011/07/04 21:07:39.0629 2560	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/07/04 21:07:39.0691 2560	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/07/04 21:07:39.0722 2560	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/07/04 21:07:39.0753 2560	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERSasacd.sys
2011/07/04 21:07:39.0816 2560	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/07/04 21:07:39.0847 2560	Rasl2tp         (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERSasl2tp.sys
2011/07/04 21:07:39.0878 2560	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERSaspppoe.sys
2011/07/04 21:07:39.0925 2560	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERSassstp.sys
2011/07/04 21:07:39.0956 2560	rdbss           (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERSdbss.sys
2011/07/04 21:07:39.0987 2560	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERSdpbus.sys
2011/07/04 21:07:40.0019 2560	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/07/04 21:07:40.0065 2560	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\driversdpencdd.sys
2011/07/04 21:07:40.0143 2560	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\driversdprefmp.sys
2011/07/04 21:07:40.0159 2560	RDPWD           (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
2011/07/04 21:07:40.0221 2560	rdyboost        (e5dc9ba9e439d6dbdd79f8caacb5bf01) C:\Windows\system32\driversdyboost.sys
2011/07/04 21:07:40.0362 2560	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERSspndr.sys
2011/07/04 21:07:40.0409 2560	sbp2port        (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/07/04 21:07:40.0518 2560	scfilter        (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
2011/07/04 21:07:40.0596 2560	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/07/04 21:07:40.0658 2560	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/07/04 21:07:40.0721 2560	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/07/04 21:07:40.0783 2560	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/07/04 21:07:40.0845 2560	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/07/04 21:07:40.0861 2560	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/07/04 21:07:40.0877 2560	sffp_sd         (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/07/04 21:07:40.0908 2560	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/07/04 21:07:40.0955 2560	Sftfs           (72cd52403efc137290cb5a328510ebca) C:\Windows\system32\DRIVERS\Sftfslh.sys
2011/07/04 21:07:41.0064 2560	Sftplay         (31a36ef71af36eabcc4b4f8ab8f76465) C:\Windows\system32\DRIVERS\Sftplaylh.sys
2011/07/04 21:07:41.0095 2560	Sftredir        (2d969194fcc8eb41ed1d52863bfe7f52) C:\Windows\system32\DRIVERS\Sftredirlh.sys
2011/07/04 21:07:41.0157 2560	Sftvol          (08b36d2f63af3ca2248458a4280c0c50) C:\Windows\system32\DRIVERS\Sftvollh.sys
2011/07/04 21:07:41.0204 2560	SiSGbeLH        (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
2011/07/04 21:07:41.0251 2560	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/07/04 21:07:41.0282 2560	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/07/04 21:07:41.0313 2560	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/07/04 21:07:41.0469 2560	SNP2UVC         (2114518e55b380a3acc28b2c27fd499a) C:\Windows\system32\DRIVERS\snp2uvc.sys
2011/07/04 21:07:41.0563 2560	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/07/04 21:07:41.0672 2560	sptd            (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
2011/07/04 21:07:41.0750 2560	srv             (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
2011/07/04 21:07:41.0797 2560	srv2            (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
2011/07/04 21:07:41.0844 2560	srvnet          (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
2011/07/04 21:07:41.0891 2560	ssadbus         (c1212ba5ab6783191899d194672a5b5c) C:\Windows\system32\DRIVERS\ssadbus.sys
2011/07/04 21:07:41.0937 2560	ssadmdfl        (eb270596d4117c4306442f36ef2c290e) C:\Windows\system32\DRIVERS\ssadmdfl.sys
2011/07/04 21:07:41.0969 2560	ssadmdm         (e29027dfaec246299d1cf88627c5cbe6) C:\Windows\system32\DRIVERS\ssadmdm.sys
2011/07/04 21:07:42.0015 2560	sscdbus         (ed161b91fdf7eaa39469d72d463d5f4e) C:\Windows\system32\DRIVERS\sscdbus.sys
2011/07/04 21:07:42.0062 2560	sscdmdfl        (4cb09e77593dbd8d7af33b37375ca715) C:\Windows\system32\DRIVERS\sscdmdfl.sys
2011/07/04 21:07:42.0078 2560	sscdmdm         (c7b4cf53497a6e5363f3439427663882) C:\Windows\system32\DRIVERS\sscdmdm.sys
2011/07/04 21:07:42.0125 2560	ss_bbus         (ef806d212d34b0e173baeb3564d53e37) C:\Windows\system32\DRIVERS\ss_bbus.sys
2011/07/04 21:07:42.0171 2560	ss_bmdfl        (08b1b34abebeb6ac2dea06900c56411e) C:\Windows\system32\DRIVERS\ss_bmdfl.sys
2011/07/04 21:07:42.0218 2560	ss_bmdm         (71a9da6beaa4cb54dfb827fb78600a5d) C:\Windows\system32\DRIVERS\ss_bmdm.sys
2011/07/04 21:07:42.0249 2560	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/07/04 21:07:42.0265 2560	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
2011/07/04 21:07:42.0374 2560	Tcpip           (61dc720bb065d607d5823f13d2a64321) C:\Windows\system32\drivers	cpip.sys
2011/07/04 21:07:42.0515 2560	TCPIP6          (61dc720bb065d607d5823f13d2a64321) C:\Windows\system32\DRIVERS	cpip.sys
2011/07/04 21:07:42.0577 2560	tcpipreg        (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers	cpipreg.sys
2011/07/04 21:07:42.0624 2560	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers	dpipe.sys
2011/07/04 21:07:42.0639 2560	TDTCP           (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers	dtcp.sys
2011/07/04 21:07:42.0686 2560	tdx             (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS	dx.sys
2011/07/04 21:07:42.0702 2560	TermDD          (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS	ermdd.sys
2011/07/04 21:07:42.0764 2560	TFsExDisk       (ce4b6956e4e12492715a53076e58761f) C:\Windows\System32\Drivers\TFsExDisk.sys
2011/07/04 21:07:42.0889 2560	tssecsrv        (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS	ssecsrv.sys
2011/07/04 21:07:42.0998 2560	tunnel          (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS	unnel.sys
2011/07/04 21:07:43.0061 2560	TurboB          (c45a3e051c65106a28982caed125f855) C:\Windows\system32\DRIVERS\TurboB.sys
2011/07/04 21:07:43.0107 2560	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/07/04 21:07:43.0139 2560	udfs            (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
2011/07/04 21:07:43.0201 2560	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/07/04 21:07:43.0248 2560	umbus           (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
2011/07/04 21:07:43.0279 2560	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/07/04 21:07:43.0373 2560	usbccgp         (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/07/04 21:07:43.0404 2560	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
2011/07/04 21:07:43.0451 2560	usbehci         (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys
2011/07/04 21:07:43.0497 2560	usbhub          (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
2011/07/04 21:07:43.0544 2560	usbohci         (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
2011/07/04 21:07:43.0591 2560	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/07/04 21:07:43.0638 2560	usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
2011/07/04 21:07:43.0669 2560	USBSTOR         (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/07/04 21:07:43.0700 2560	usbuhci         (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
2011/07/04 21:07:43.0747 2560	usbvideo        (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
2011/07/04 21:07:43.0825 2560	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/07/04 21:07:43.0856 2560	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/07/04 21:07:43.0887 2560	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/07/04 21:07:43.0919 2560	vhdmp           (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/07/04 21:07:43.0950 2560	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
2011/07/04 21:07:43.0981 2560	volmgr          (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/07/04 21:07:44.0012 2560	volmgrx         (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
2011/07/04 21:07:44.0043 2560	volsnap         (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
2011/07/04 21:07:44.0090 2560	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/07/04 21:07:44.0121 2560	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
2011/07/04 21:07:44.0137 2560	vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/07/04 21:07:44.0184 2560	vwifimp         (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
2011/07/04 21:07:44.0231 2560	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/07/04 21:07:44.0277 2560	WANARP          (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/04 21:07:44.0293 2560	Wanarpv6        (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/04 21:07:44.0418 2560	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/07/04 21:07:44.0465 2560	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/07/04 21:07:44.0589 2560	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/07/04 21:07:44.0652 2560	WimFltr         (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
2011/07/04 21:07:44.0699 2560	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/07/04 21:07:44.0808 2560	WinUsb          (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/07/04 21:07:44.0855 2560	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/07/04 21:07:44.0933 2560	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/07/04 21:07:44.0995 2560	WudfPf          (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
2011/07/04 21:07:45.0042 2560	WUDFRd          (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/07/04 21:07:45.0104 2560	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
2011/07/04 21:07:45.0135 2560	MBR (0x1B8)     (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
2011/07/04 21:07:45.0151 2560	Boot (0x1200)   (23ec076edfa959cdaae87829e938d416) \Device\Harddisk0\DR0\Partition0
2011/07/04 21:07:45.0167 2560	Boot (0x1200)   (ac3da7af0d759373d436c8c9a92f42c9) \Device\Harddisk0\DR0\Partition1
2011/07/04 21:07:45.0182 2560	Boot (0x1200)   (5f904ff803eafd1ebd3b5194d17942ec) \Device\Harddisk1\DR1\Partition0
2011/07/04 21:07:45.0182 2560	================================================================================
2011/07/04 21:07:45.0182 2560	Scan finished
2011/07/04 21:07:45.0182 2560	================================================================================
2011/07/04 21:07:45.0198 2552	Detected object count: 0
2011/07/04 21:07:45.0198 2552	Actual detected object count: 0

von_hebrenack · Answer

autrement je me suis permis de prendre un peu d'avance voici un rapport de Hijack this

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:04:24, on 04/07/2011
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16800)
Boot mode: Safe mode with network support

Running processes:
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Trend Micro\HijackThis\haaaa.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://abandoned-places.over-blog.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [Boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk"
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application
usb3mon.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [RGSC] D:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10p_ActiveX.exe -update activex
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O13 - Gopher Prefix: 
O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files (x86)\Skyline\TerraExplorer\TerraExplorerX.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64
vinit.dll
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Device Error Recovery Service (dgdersvc) - Devguru Co., Ltd. - C:\Windows\system32\dgdersvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32
etlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32
vvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

g3n-h@ckm@n · Answer

vire spybot si c'est possible

============================

Télécharge ici :OTL

&#9654 enregistre le sur ton Bureau.

si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...." 

sur OTL.exe pour le lancer.

&#9654 => Clique ici pour voir la Configuration

&#9654Clic sur Analyse.

A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).

Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)

&#9654&#9654&#9654 NE LE POSTE PAS SUR LE FORUM (il est trop long)

Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/

&#9654 Clique sur Parcourir et cherche le fichier ci-dessus.

&#9654 Clique sur Ouvrir.

&#9654 Clique sur "Cliquez ici pour déposer le fichier".

juste au niveau du bouton , en fin de chargement du fichier , Un lien de cette forme apparaitra :

http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt

&#9654 Copie ce lien dans ta réponse.

&#9654&#9654 Tu feras la meme chose avec le "Extra.txt" qui logiquement sera aussi sur ton bureau.

von_hebrenack · Answer

voila le fichier otl :

http://www.cijoint.fr/cjlink.php?file=cj201107/cijJu7m0GA.txt 

 et le fichier extrat : 

http://www.cijoint.fr/cjlink.php?file=cj201107/cijrueMXv2.txt

g3n-h@ckm@n · Answer

desinstalle adaware il est bidon , je te l'ai deja dit mais tu n'as pas du le lire
vire aussi spybot s'il est installé
ca :

IObit Malware Fighter

je sais pas ce que c'est mais ca m' a l'air d'une grosse arnaque

========================

desinstalle java on mettra le dernier

====================

il à jour malwarebytes ? il date d'il y a longtemps le dernier scan ?

von_hebrenack · Answer

bonjour,

voila spybot desinstalé, adewear aussi ainsi que iobit.

concernant malwarebytes oui il est a jour et le scan date de la semaine denière.

autrement je ne sais pas si c'est normal mais il y a quelque temps j'ai voulue defragmenter le PC et je n'avais acces qu'au disque D et non au C. ( peut etre une securité windobe 7 )

g3n-h@ckm@n · Answer

ok refais un scan complet sur tous tes disques avec malwarebytes remis à jour (il y a une mise à jour toutes les heures donc , c'est important qu'il soit mis à jour avant le scan

von_hebrenack · Answer

Bonsoir,

Rien de trouvé ! 

Cependant j'ai vue un truc en redemarant en sans echeque, une option qui etait reparer le PC:

Je l'ai prise et ca a reparer " les erreurs systemes " depuis tout à l'air de fonctionner normalement !!

bizard bizard !

g3n-h@ckm@n · Answer

quelle option as-tu prise ? c'etait quoi ? reparation du demarrage ?

von_hebrenack · Answer

oui tout à fait reparation du demarage !

g3n-h@ckm@n · Answer

ok refais un scan OTL

von_hebrenack · Answer

http://www.cijoint.fr/cjlink.php?file=cj201107/cijfC8eIlb.txt 

http://www.cijoint.fr/cjlink.php?file=cj201107/cij5P9x4Lx.txt 


voila !

bon la lenteur est toujours là même si moin présente, enfin je ne suis plus obligé d'etre en sans echeque !

g3n-h@ckm@n · Answer

ATTENTION !!! : Script personnalisé pour cette machine uniquement , ne pas reproduire !! 

si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...." 

sur OTL.exe pour le lancer.


&#9654Copie la liste qui se trouve en gras ci-dessous,

&#9654 colle-la dans la zone sous "Personnalisation" :


:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
Teatimer.exe

:OTL
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM\..\Run: [Setwallpaper]  File not found
O4 - HKLM\..\Run: [NPSStartup]  File not found
O4 - HKCU\..\Run: [AdobeBridge]  File not found
O4 - HKCU\..\Run: [RGSC]  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)     
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)  
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O18 - Protocol\Handler\skyline {3a4f9195-65a8-11d5-85c1-0001023952c1} - Reg Error: Key error. File not found
[2011/07/04 19:34:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy  
[2011/07/04 19:34:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy  
[2011/07/04 19:28:09 | 016,409,960 | ---- | C] (Safer Networking Limited                                    ) -- C:\Users\Ratou\Desktop\spybotsd162.exe      
[2011/07/04 17:56:34 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64p_stats.dat      
[2011/07/04 17:56:34 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64p_rules.dat      
[2011/06/29 09:59:45 | 000,004,524 | ---- | M] () -- C:\Windows\SysWow64	mp.reg    
[2010/09/23 21:32:47 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe  

:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:commands
[CLEARALLRESTOREPOINTS]
[emptytemp]
[start explorer]
[reboot]


&#9654 Clique sur "Correction" pour lancer la suppression.


&#9654 Poste le rapport qui logiquement s'ouvrira tout seul en fin de travail appres le redemarrage.

von_hebrenack · Answer

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
Process iexplore.exe killed successfully!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named Teatimer.exe was found!
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\Locked not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\NoActiveDesktopChanges deleted successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skyline\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3a4f9195-65a8-11d5-85c1-0001023952c1}\ deleted successfully.
File {3a4f9195-65a8-11d5-85c1-0001023952c1} - Reg Error: Key error. File not found not found.
C:\ProgramData\Spybot - Search & Destroy\Recovery folder moved successfully.
C:\ProgramData\Spybot - Search & Destroy\Logs folder moved successfully.
C:\ProgramData\Spybot - Search & Destroy folder moved successfully.
C:\Program Files (x86)\Spybot - Search & Destroy folder moved successfully.
C:\Users\Ratou\Desktop\spybotsd162.exe moved successfully.
C:\Windows\SysWOW64p_stats.dat moved successfully.
C:\Windows\SysWOW64p_rules.dat moved successfully.
C:\Windows\SysWOW64	mp.reg moved successfully.
C:\ProgramData\FullRemove.exe moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\CurrentVersion\Run not found.
========== COMMANDS ==========
Error creating restore point.
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
 
User: Ratou
->Temp folder emptied: 57764702 bytes
->Temporary Internet Files folder emptied: 168044951 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 7907112 bytes
->Flash cache emptied: 52064 bytes
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: UpdatusUser.Ratou-PC
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 58184 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 85414 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 223,00 mb
 
 
OTL by OldTimer - Version 3.2.25.0 log created on 07052011_194358

Files\Folders moved on Reboot...
C:\Users\Ratou\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

g3n-h@ckm@n · Answer

desactive ton antivirus
desactive Windows defender si présent
desactive ton pare-feu

Ferme toutes tes appilications en cours

telecharge et enregistre ceci sur ton bureau :

Pre_Scan

mirroir :

http://www.archive-host.com

s'il n'est pas sur ton bureau coupe-le de ton dossier telechargements et colle-le sur ton bureau

Avertissement: Il y aura une extinction du bureau pendant le scan --> pas de panique. 

une fois telechargé lance-le , laisse faire le scan jusqu'à l'apparition de "Pre_scan.txt" sur le bureau.

si 'outil est bloqué par l'infection utilise cette version : Version .pif

si l'outil detecte un proxy et que tu n'en as pas installé clique sur "supprimer le proxy"

si l'outil semble ne pas avoir fonctionné renomme-le winlogon , ou change son extension en .com ou .scr

 Il se peut qu'une multitude de fenêtres noires clignotent , laisse-le travailler 

Poste Pre_Scan.txt qui apparaitra sur le bureau en fin de scan

&#9654&#9654&#9654 NE LE POSTE PAS SUR LE FORUM (il est trop long)

clique sur ce lien : http://www.cijoint.fr/

&#9654 Clique sur Parcourir et cherche le fichier ci-dessus.

&#9654 Clique sur Ouvrir.

&#9654 Clique sur "Cliquez ici pour déposer le fichier".

Un lien de cette forme :

http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt

est ajouté dans la page.

&#9654 Copie ce lien dans ta réponse.

von_hebrenack · Answer

voila le lien 

http://www.cijoint.fr/cjlink.php?file=cj201107/cijys5HQr8.txt 


tout semble avoir fonctionné normalement et pas de proxy detecté.

g3n-h@ckm@n · Answer

salut t'es-t-il possible de mettre windows à jour ?

von_hebrenack · Answer

je vais esseyer mais je ne garantie rien !

PS : j'ai tenté de refaire un scan malwearbites, planté à 3%
       scan de l'antivirus plante lui maintenant à 24% !

De plus il m'est impossible de reformater, du fait que depuis le debut la gravure des CD de restauration systeme plante elle à la fin du premier DVD.4

Le PC etant encore sous garantie je leur balance à la tête ou dois je m'acharner dessu ? ^^

g3n-h@ckm@n · Answer

tant que les soucis ne sont pas reglés mieux vaut ne pas tenter une resto , essaie de ne pas faire ce que je ne te demande pas , j'ai pas envie de me deplacer si ton pc plante lol ^^

von_hebrenack · Answer

je tente la mise à jour windobe alors ^^ attention ca va fumer ^^

von_hebrenack · Answer

Voila il m'est impossible de telecharger les mises à jours cela fait planter le PC ( ecran figé )

g3n-h@ckm@n · Answer

/!\ ATTENTION SUIVRE A LA LETTRE CES INDICATIONS/!\ __________________________________________________________ >Ce logiciel n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.< >>>>>>>Ne pas utiliser en dehors de ce cas de figure : dangereux!<<<<<<<< ===================================================== ▶ Surtout , pense à l'enregistrement à renommer Combofix en "ton prenom.exe" avant qu'il soit enregistré sur ton disque dur Telecharge ici : Combofix Avant d'utiliser ComboFix : Si tu utilises AVG, IL FAUT IMPERATIVEMENT LE DESINSTALLER avant d'utiliser Combofix car il peut causer des dégâts en interaction avec l'outil pouvant mener à la réinstallation totale du système. La simple désactivation du résident n'est pas suffisante. Télécharge le désinstalleur d'AVG sur ce lien : https://www.avg.com/fr-fr/avg-remover Choisis la version adéquate (32 ou 64 bits)/!\ Les logiciels d'émulation de CD comme Daemon Tools peuvent gêner les outils de désinfection. Utilise Defogger pour les désactiver temporairement : ▶ Télécharge Defogger (de jpshortstuff) sur ton Bureau ▶ Lance le Une fenêtre apparait : clique sur "Disable" ▶ Fais redémarrer l'ordinateur si l'outil te le demande Note : Quand nous aurons terminé la désinfection, tu pourras réactiver ces logiciels en relançant Defogger et en cliquant sur "Re-enable" _________________________________________________________ >> referme les fenêtres de tous les programmes en cours. >> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, >>la protection en temps réel de ton Antivirus et de tes Antispywares, >>qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil. °°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°° si tu as XP => double clique si tu as Vista ou windows 7 => clic droit "executer en tant que...." sur combofix renommé ¤¤¤¤¤¤¤¤¤¤ LAISSE-LE INSTALLER LA CONSOLE DE RECUPERATION S'IL TE LE DEMANDE ¤¤¤¤¤¤¤¤¤¤ ▶ !!!!!NE TOUCHE A RIEN PENDANT LE TRAVAIL DE COMBOFIX (SOURIS/CLAVIER.....)!!!!! ▶ n'oublie pas de reactiver la garde de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet. ▶▶ Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.

von_hebrenack · Answer

voila

ComboFix 11-07-06.01 - Ratou 06/07/2011  11:06:13.1.4 - x64
Microsoft Windows 7 Édition Familiale Premium   6.1.7600.0.1252.33.1036.18.3884.1736 [GMT 2:00]
Lancé depuis: c:\users\Ratou\Desktopatou.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Tarma Installer
c:\programdata\Tarma Installer\{154F68FA-0008-45FB-BFB3-2EB41F107E9F}\_Setup.dll
c:\programdata\Tarma Installer\{154F68FA-0008-45FB-BFB3-2EB41F107E9F}\20101214201943.log
c:\programdata\Tarma Installer\{154F68FA-0008-45FB-BFB3-2EB41F107E9F}\Setup.dat
c:\programdata\Tarma Installer\{154F68FA-0008-45FB-BFB3-2EB41F107E9F}\Setup.exe
c:\programdata\Tarma Installer\{154F68FA-0008-45FB-BFB3-2EB41F107E9F}\Setup.ico
c:\windows\SysWow64\404Fix.exe
c:\windows\SysWow64\Agent.OMZ.Fix.exe
c:\windows\SysWow64\dumphive.exe
c:\windows\SysWow64\IEDFix.C.exe
c:\windows\SysWow64\IEDFix.exe
c:\windows\SysWow64\muzapp.exe
c:\windows\SysWow64\o4Patch.exe
c:\windows\SysWow64\Process.exe
c:\windows\SysWow64\SrchSTS.exe
c:\windows\SysWow64\VACFix.exe
c:\windows\SysWow64\VCCLSID.exe
c:\windows\SysWow64\WS2Fix.exe
.
.
(((((((((((((((((((((((((((((   Fichiers créés du 2011-06-06 au 2011-07-06  ))))))))))))))))))))))))))))))))))))
.
.
2011-07-06 09:25 . 2011-07-06 09:25	--------	d-----w-	c:\users\UpdatusUser\AppData\Local	emp
2011-07-06 09:25 . 2011-07-06 09:25	--------	d-----w-	c:\users\UpdatusUser.Ratou-PC\AppData\Local	emp
2011-07-06 09:25 . 2011-07-06 09:25	--------	d-----w-	c:\users\Default\AppData\Local	emp
2011-07-06 09:02 . 2011-07-06 09:03	--------	d-----w-	C:atou
2011-07-06 08:38 . 2011-07-06 08:38	--------	d-----w-	c:\program files\CCleaner
2011-07-06 00:16 . 2011-07-06 00:16	--------	d-----w-	C:\found.000
2011-07-05 20:53 . 2011-07-05 20:56	--------	d-----w-	C:\Kill'em
2011-07-05 18:48 . 2011-07-05 18:48	--------	d-----w-	c:\users\Ratou\AppData\Roaming\QuickScan
2011-07-05 18:47 . 2011-07-05 18:52	--------	d-----w-	c:\program files\Common Files\BitDefender
2011-07-05 18:24 . 2011-07-06 09:02	107749	----a-w-	c:\programdata\bdinstall.bin
2011-07-05 17:43 . 2011-07-05 17:43	--------	d-----w-	C:\_OTL
2011-07-05 14:19 . 2011-07-05 14:19	--------	d-----w-	c:\programdata\Samsung
2011-07-04 19:12 . 2011-07-04 19:13	--------	d-----w-	c:\users\Ratou\AppData\Roaming\IObit
2011-07-04 19:12 . 2011-07-04 19:13	--------	d-----w-	c:\program files (x86)\IObit
2011-07-04 19:03 . 2011-07-04 19:03	--------	d-----w-	c:\program files (x86)\Trend Micro
2011-06-28 12:09 . 2011-06-28 12:09	--------	d-----w-	c:\users\Ratou\AppData\Roaming\Malwarebytes
2011-06-28 12:08 . 2011-06-28 12:08	--------	d-----w-	c:\programdata\Malwarebytes
2011-06-28 12:08 . 2011-05-29 07:11	25912	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-06-27 21:22 . 2011-06-27 21:22	49752	----a-w-	c:\windows\system32\drivers\SBREDrv.sys
2011-06-27 21:16 . 2011-07-05 09:11	--------	d-----w-	c:\programdata\Lavasoft
2011-06-16 09:51 . 2011-01-17 06:17	197120	----a-w-	c:\windows\system32\d3d10_1.dll
2011-06-16 09:51 . 2011-01-17 05:38	161792	----a-w-	c:\windows\SysWow64\d3d10_1.dll
2011-06-16 09:51 . 2011-04-29 03:13	461312	----a-w-	c:\windows\system32\drivers\srv.sys
2011-06-16 09:51 . 2011-04-29 03:12	399872	----a-w-	c:\windows\system32\drivers\srv2.sys
2011-06-16 09:51 . 2011-04-29 03:12	161792	----a-w-	c:\windows\system32\drivers\srvnet.sys
2011-06-16 09:51 . 2010-12-18 06:13	861184	----a-w-	c:\windows\system32\oleaut32.dll
2011-06-16 09:51 . 2010-12-18 05:31	571904	----a-w-	c:\windows\SysWow64\oleaut32.dll
2011-06-16 09:51 . 2011-05-03 05:21	976896	----a-w-	c:\windows\system32\inetcomm.dll
2011-06-16 09:51 . 2011-05-03 04:50	740864	----a-w-	c:\windows\SysWow64\inetcomm.dll
2011-06-12 22:52 . 2011-06-12 22:52	--------	d-----w-	c:\windows\SysWow64\Adobe
.
.
.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-05 17:58 . 2011-06-05 20:57	303616	----a-w-	c:\windows\system32\drivers\atksgt.sys
2011-07-05 17:58 . 2011-06-05 20:57	35328	----a-w-	c:\windows\system32\drivers\lirsgt.sys
2011-05-03 08:40 . 2011-05-03 08:40	472808	----a-w-	c:\windows\SysWow64\deployJava1.dll
2011-04-22 20:18 . 2011-05-25 12:43	27008	----a-w-	c:\windows\system32\drivers\Diskdump.sys
2011-04-09 06:58 . 2011-05-24 16:43	142336	----a-w-	c:\windows\system32\poqexec.exe
2011-04-09 06:45 . 2011-05-11 19:31	5509504	----a-w-	c:\windows\system32
toskrnl.exe
2011-04-09 06:13 . 2011-05-11 19:31	3957632	----a-w-	c:\windows\SysWow64
tkrnlpa.exe
2011-04-09 06:13 . 2011-05-11 19:31	3901824	----a-w-	c:\windows\SysWow64
toskrnl.exe
2011-04-09 05:56 . 2011-05-24 16:43	123904	----a-w-	c:\windows\SysWow64\poqexec.exe
2010-07-08 08:37 . 2010-07-08 08:37	101544	----a-w-	c:\program files\Common Files\LinkInstaller.exe
.
.
(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"Advanced SystemCare 4"="c:\program files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe" [2011-05-28 412560]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl9"="c:\program files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]
"UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2010-06-24 210216]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Boingo Wi-Fi"="c:\program files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2010-09-23 2429]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2010-01-05 170624]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2010-02-04 7350912]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application
usb3mon.exe" [2009-11-21 106496]
"AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2010-9-23 12862]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-9-23 156952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64
vinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-23 135664]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-01-20 1038088]
R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-23 135664]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [x]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-08-06 118672]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS
vpciflt.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [2011-05-28 353168]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 dgdersvc;Device Error Recovery Service;c:\windows\system32\dgdersvc.exe [2010-05-25 119632]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-03-17 1997416]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-04-24 483688]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [2010-05-25 20568]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS
usb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS
usb3xhc.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-04-24 209768]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Contenu du dossier 'Tâches planifiées'
.
2011-07-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-23 19:31]
.
2011-07-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-23 19:31]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49	70656	----a-w-	c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49	70656	----a-w-	c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32
vinitx.dll
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.com/
uLocal Page = c:\windows\SysWOW64\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-RGSC - d:\program files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
Wow6432Node-HKLM-Run-NPSStartup - (no file)
Toolbar-Locked - (no file)
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-ASUS_N71_welcome kit - c:\windows\system32\ASUS_N71_welcome kit.scr
AddRemove-ASUS_N_Series_Screensaver - c:\windows\system32\ASUS_N_Series_Screensaver.scr
AddRemove-HijackThis - c:\program files (x86)\Trend Micro\HijackThis\HijackThis.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Autres processus actifs ------------------------
.
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeck.exe
c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
c:\windows\AsScrPro.exe
c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
c:\program files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
.
**************************************************************************
.
Heure de fin: 2011-07-06  11:43:38 - La machine a redémarré
ComboFix-quarantined-files.txt  2011-07-06 09:43
.
Avant-CF: 47 267 414 016 octets libres
Après-CF: 48 433 655 808 octets libres
.
- - End Of File - - 68EC1DA208024EB47D594146548AC075

g3n-h@ckm@n · Answer

Fais analyser le(s) fichier(s) suivants sur Virustotal :

Virus Total

    clique sur "Parcourir" et trouve puis selectionne ce(s) fichier(s) :

c:\windows\System32
vinitx.dll      

    * Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
    * Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
    * Lorsque l'analyse est terminée colle le lien de(s)( la) page(s)  dans ta prochaine réponse.

von_hebrenack · Answer

le fichier n'existe pas ! , d'aillieur en redemarant le PC apres le scan une fenetre c'est ouverte en disant que le fichier en question etait introuvable !

et depuis lePC ne bug plus !

g3n-h@ckm@n · Answer

__________________________________________________ =>/!\Le script qui suit a été écrit spécialement cet ordinateur/!\ <= =>il est fort déconseillé de le transposer sur un autre ordinateur !<= ---------------------------------------------------------------------------- Toujours avec toutes les protections désactivées, fais ceci : ▶ Ouvre le bloc-notes (Menu démarrer --> programmes --> accessoires --> bloc-notes) ▶ Copie/colle dans le bloc-notes ce qui entre les lignes ci dessous (sans les lignes) : ---------------------------------------------------------- KillAll:: File:: c:\program files\Common Files\LinkInstaller.exe Registry:: [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" RegLock:: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] ------------------------------------------------------------------ ▶ Enregistre ce fichier sur ton Bureau (et pas ailleurs !) sous le nom CFScript.txt ▶ Quitte le Bloc Notes ▶ Fais un glisser/déposer de ce fichier CFScript sur le fichier combofix ▶ Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal ! Ne touche à rien tant que le scan n'est pas terminé. ▶ Une fois le scan achevé, un rapport va s'afficher: poste son contenu. ▶ Si le fichier ne s'ouvre pas, il se trouve ici => C:\ComboFix.txt ¤¤¤¤¤¤¤¤¤¤_g3n-h@ckm@n_developpement_¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤_Pre_scan_¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

von_hebrenack · Answer

voila le rapport chef ;-)

ComboFix 11-07-06.02 - Ratou 06/07/2011  12:54:57.2.4 - x64
Microsoft Windows 7 Édition Familiale Premium   6.1.7600.0.1252.33.1036.18.3884.2306 [GMT 2:00]
Lancé depuis: c:\users\Ratou\Desktopatou.exe
Commutateurs utilisés :: c:\users\Ratou\Desktop\CFScript.txt
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Un nouveau point de restauration a été créé
.
FILE ::
"c:\program files\Common Files\LinkInstaller.exe"
.
.
((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Common Files\LinkInstaller.exe
.
.
(((((((((((((((((((((((((((((   Fichiers créés du 2011-06-06 au 2011-07-06  ))))))))))))))))))))))))))))))))))))
.
.
2011-07-06 11:03 . 2011-07-06 11:03	--------	d-----w-	c:\users\UpdatusUser\AppData\Local	emp
2011-07-06 11:03 . 2011-07-06 11:03	--------	d-----w-	c:\users\UpdatusUser.Ratou-PC\AppData\Local	emp
2011-07-06 11:03 . 2011-07-06 11:03	--------	d-----w-	c:\users\Default\AppData\Local	emp
2011-07-06 09:53 . 2011-07-06 09:53	--------	d-----w-	c:\programdata\Avira
2011-07-06 09:53 . 2011-07-06 09:53	--------	d-----w-	c:\program files (x86)\Avira
2011-07-06 09:53 . 2011-02-04 10:09	83120	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2011-07-06 09:53 . 2011-02-04 10:09	116568	----a-w-	c:\windows\system32\drivers\avipbb.sys
2011-07-06 09:02 . 2011-07-06 09:03	--------	d-----w-	C:atou
2011-07-06 08:38 . 2011-07-06 08:38	--------	d-----w-	c:\program files\CCleaner
2011-07-06 00:16 . 2011-07-06 00:16	--------	d-----w-	C:\found.000
2011-07-05 20:53 . 2011-07-05 20:56	--------	d-----w-	C:\Kill'em
2011-07-05 18:48 . 2011-07-05 18:48	--------	d-----w-	c:\users\Ratou\AppData\Roaming\QuickScan
2011-07-05 18:47 . 2011-07-05 18:52	--------	d-----w-	c:\program files\Common Files\BitDefender
2011-07-05 18:24 . 2011-07-06 09:02	107749	----a-w-	c:\programdata\bdinstall.bin
2011-07-05 17:43 . 2011-07-05 17:43	--------	d-----w-	C:\_OTL
2011-07-05 14:19 . 2011-07-05 14:19	--------	d-----w-	c:\programdata\Samsung
2011-07-04 19:12 . 2011-07-04 19:13	--------	d-----w-	c:\users\Ratou\AppData\Roaming\IObit
2011-07-04 19:12 . 2011-07-04 19:13	--------	d-----w-	c:\program files (x86)\IObit
2011-07-04 19:03 . 2011-07-04 19:03	--------	d-----w-	c:\program files (x86)\Trend Micro
2011-06-28 12:09 . 2011-06-28 12:09	--------	d-----w-	c:\users\Ratou\AppData\Roaming\Malwarebytes
2011-06-28 12:08 . 2011-06-28 12:08	--------	d-----w-	c:\programdata\Malwarebytes
2011-06-28 12:08 . 2011-05-29 07:11	25912	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-06-27 21:22 . 2011-06-27 21:22	49752	----a-w-	c:\windows\system32\drivers\SBREDrv.sys
2011-06-27 21:16 . 2011-07-05 09:11	--------	d-----w-	c:\programdata\Lavasoft
2011-06-16 09:51 . 2011-01-17 06:17	197120	----a-w-	c:\windows\system32\d3d10_1.dll
2011-06-16 09:51 . 2011-01-17 05:38	161792	----a-w-	c:\windows\SysWow64\d3d10_1.dll
2011-06-16 09:51 . 2011-04-29 03:13	461312	----a-w-	c:\windows\system32\drivers\srv.sys
2011-06-16 09:51 . 2011-04-29 03:12	399872	----a-w-	c:\windows\system32\drivers\srv2.sys
2011-06-16 09:51 . 2011-04-29 03:12	161792	----a-w-	c:\windows\system32\drivers\srvnet.sys
2011-06-16 09:51 . 2010-12-18 06:13	861184	----a-w-	c:\windows\system32\oleaut32.dll
2011-06-16 09:51 . 2010-12-18 05:31	571904	----a-w-	c:\windows\SysWow64\oleaut32.dll
2011-06-16 09:51 . 2011-05-03 05:21	976896	----a-w-	c:\windows\system32\inetcomm.dll
2011-06-16 09:51 . 2011-05-03 04:50	740864	----a-w-	c:\windows\SysWow64\inetcomm.dll
2011-06-12 22:52 . 2011-06-12 22:52	--------	d-----w-	c:\windows\SysWow64\Adobe
.
.
.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-05 17:58 . 2011-06-05 20:57	303616	----a-w-	c:\windows\system32\drivers\atksgt.sys
2011-07-05 17:58 . 2011-06-05 20:57	35328	----a-w-	c:\windows\system32\drivers\lirsgt.sys
2011-05-03 08:40 . 2011-05-03 08:40	472808	----a-w-	c:\windows\SysWow64\deployJava1.dll
2011-04-22 20:18 . 2011-05-25 12:43	27008	----a-w-	c:\windows\system32\drivers\Diskdump.sys
2011-04-09 06:58 . 2011-05-24 16:43	142336	----a-w-	c:\windows\system32\poqexec.exe
2011-04-09 06:45 . 2011-05-11 19:31	5509504	----a-w-	c:\windows\system32
toskrnl.exe
2011-04-09 06:13 . 2011-05-11 19:31	3957632	----a-w-	c:\windows\SysWow64
tkrnlpa.exe
2011-04-09 06:13 . 2011-05-11 19:31	3901824	----a-w-	c:\windows\SysWow64
toskrnl.exe
2011-04-09 05:56 . 2011-05-24 16:43	123904	----a-w-	c:\windows\SysWow64\poqexec.exe
.
.
(((((((((((((((((((((((((((((   SnapShot@2011-07-06_09.40.17   )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-07-06 11:03 . 2011-07-06 11:03	13585              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
- 2011-07-06 09:38 . 2011-07-06 09:38	13585              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
- 2009-07-14 04:54 . 2011-07-06 09:39	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-07-06 11:04	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-07-06 09:39	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-07-06 11:04	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-07-06 09:39	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-07-06 11:04	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 05:10 . 2011-07-06 09:41	33914              c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 04:46 . 2011-07-06 09:43	78512              c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2010-12-11 12:29 . 2011-07-06 08:54	32768              c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-12-11 12:29 . 2011-07-06 09:41	32768              c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-12-11 12:29 . 2011-07-06 08:54	16384              c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-11 12:29 . 2011-07-06 09:41	16384              c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-11 12:12 . 2011-07-06 10:14	16384              c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-12-11 12:12 . 2011-07-06 09:00	16384              c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-11 12:12 . 2011-07-06 10:14	16384              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-11 12:12 . 2011-07-06 09:00	16384              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-07-06 10:13 . 2011-07-06 10:13	42496              c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Pres#\e7db9562ecd26271bb6ceac7026ea333\System.Windows.Presentation.ni.dll
+ 2011-07-06 10:13 . 2011-07-06 10:13	86016              c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Applicat#\e0fc9c42b2d28edebc1dd2c67c5c94a7\System.Web.ApplicationServices.ni.dll
+ 2011-07-06 10:11 . 2011-07-06 10:11	97792              c:\windows\assembly\NativeImages_v4.0.30319_64\System.AddIn.Contra#\32d3441efb46d802cdc65de502f28e3b\System.AddIn.Contract.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	96768              c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\4cd8ba75f60cf8dc66767b833520241e\UIAutomationProvider.ni.dll
+ 2011-07-06 10:18 . 2011-07-06 10:18	35328              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\3261cf5aa8c44f49ea44e995bb1c798c\System.Windows.Presentation.ni.dll
+ 2011-07-06 10:18 . 2011-07-06 10:18	71680              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\8f37e1ebcb6a993092f8701f4f0bff4e\System.Web.ApplicationServices.ni.dll
+ 2011-07-06 10:18 . 2011-07-06 10:18	82432              c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\f43eab6f117c2733cc296f11e8ebe9ed\System.ServiceModel.Channels.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	78848              c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\a1cbada42bb39fc34ee40e9e4afba87e\System.AddIn.Contract.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	11776              c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\2bdbd057211d05a088b7a9004203e58b\Microsoft.VisualC.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	44544              c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\0c39314a7513b436d3aaaeae3b4bd3e7\Accessibility.ni.dll
+ 2011-07-06 09:42 . 2011-07-06 09:42	61952              c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCFFRast#\871c244a2ed9b51c7d85cf80ca9f8a54\PresentationCFFRasterizer.ni.dll
+ 2011-07-06 09:40 . 2011-07-06 09:40	32256              c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualC\462b524ff0c8c0a764db439f7e65cb69\Microsoft.VisualC.ni.dll
+ 2011-07-06 09:41 . 2011-07-06 09:41	78848              c:\windows\assembly\NativeImages_v2.0.50727_64\Accessibility\c2168c88a30bf127c60151d55a5c22be\Accessibility.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	47616              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\8e08f0859c02e20a21644fe39ae1a362\WindowsLiveWriter.ni.exe
+ 2011-07-06 10:14 . 2011-07-06 10:14	99840              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\c3da39d1e39c95ab74f91093b4a8e77a\WindowsLive.Writer.Api.ni.dll
+ 2011-07-06 09:47 . 2011-07-06 09:47	60928              c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\c23f8386031ea70eb7bdb59367fe2f0f\UIAutomationProvider.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	37888              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\8493fe7a36a59066ccd7d372c323e2f3\System.Windows.Presentation.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	36864              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\0df3e084246e59e6d76b4c6fe20490e5\System.Web.DynamicData.Design.ni.dll
+ 2011-07-06 10:15 . 2011-07-06 10:15	94208              c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\06c1d6555bb91041268c72e494ef8a3b\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-07-06 10:15 . 2011-07-06 10:15	82944              c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\ad0f1ab7ed22fca35ebdc7086df735d8\System.AddIn.Contract.ni.dll
+ 2011-07-06 10:15 . 2011-07-06 10:15	47104              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\f335fea7b2493cb9c8b33316b63384f7\PresentationFontCache.ni.exe
+ 2011-07-06 09:47 . 2011-07-06 09:47	39424              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\8bb5c19c22974f2710cd517f292573b0\PresentationCFFRasterizer.ni.dll
+ 2011-07-06 10:15 . 2011-07-06 10:15	79872              c:\windows\assembly\NativeImages_v2.0.50727_32
apcrypt\1d312fff41010364fac3b45fcc267c4b
apcrypt.ni.dll
+ 2011-07-06 10:15 . 2011-07-06 10:15	17920              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\65b9f969c06c88e1ddcba7af0c240d7d\Microsoft.WSMan.Runtime.ni.dll
+ 2011-07-06 10:15 . 2011-07-06 10:15	32256              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\ecf78a76d679f911e23ebf3ef33f2b5e\Microsoft.Windows.Diagnosis.SDHost.ni.dll
+ 2011-07-06 10:15 . 2011-07-06 10:15	25088              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\e364216f848a0ffe80af6fd29d53307e\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll
+ 2011-07-06 10:15 . 2011-07-06 10:15	23040              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\d19a5388794d9c574fba9ed5d0e74202\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll
+ 2011-07-06 10:15 . 2011-07-06 10:15	27136              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\c09b3c71ab425c97e66b866ecd648687\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll
+ 2011-07-06 10:15 . 2011-07-06 10:15	86016              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\bb93ef5a747a4d1d8539e9f6b0428f6e\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll
+ 2011-07-06 10:15 . 2011-07-06 10:15	21504              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\8a1d7a90314ab9634f2db1fe388ef86d\Microsoft.Windows.Diagnosis.SDEngine.ni.dll
+ 2011-07-06 10:15 . 2011-07-06 10:15	19968              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\618f725ca04e1bbf419c3a16789f8b70\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll
+ 2011-07-06 10:15 . 2011-07-06 10:15	55296              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\c8f3fc98bd32cade613f279bf4af3c77\Microsoft.Vsa.ni.dll
+ 2011-07-06 09:47 . 2011-07-06 09:47	15872              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\ea183e8b958908d26680bb6e88d4fbb0\Microsoft.VisualC.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	74752              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\b20f6742224b9c733f41e2ea1b834fc2\Microsoft.Build.Framework.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	65024              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\9d58ae6973a51b87eaf4141686f20fec\Microsoft.Build.Framework.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	60416              c:\windows\assembly\NativeImages_v2.0.50727_32\ehiUserXp\8065ab477932e0308175a4ac031456c5\ehiUserXp.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	14336              c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\1040a6847fcc7f5c3245fe8a68623597\dfsvc.ni.exe
+ 2011-07-06 09:47 . 2011-07-06 09:47	25600              c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\5c6e1a094b1e65c69b528151cc19b1ee\Accessibility.ni.dll
+ 2010-12-11 13:14 . 2011-07-06 09:41	3230              c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3115933136-3782503845-2433890004-1002_UserData.bin
- 2011-07-06 09:39 . 2011-07-06 09:39	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-07-06 11:04 . 2011-07-06 11:04	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-07-06 11:04 . 2011-07-06 11:04	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-07-06 09:39 . 2011-07-06 09:39	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-07-06 10:16 . 2011-07-06 10:16	9728              c:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\cec5dc6db7419a80bba3f9d73833fb65\dfsvc.ni.exe
+ 2009-07-14 05:01 . 2011-07-06 11:03	309744              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2011-07-06 09:38	309744              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-07-06 10:13 . 2011-07-06 10:13	322048              c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsFormsIntegra#\67701a0afb40872303a50c673387ba22\WindowsFormsIntegration.ni.dll
+ 2011-07-06 10:11 . 2011-07-06 10:11	231424              c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationTypes\21b0a1645439e2c615a317dc4cca191d\UIAutomationTypes.ni.dll
+ 2011-07-06 10:11 . 2011-07-06 10:11	122368              c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationProvider\792559a31b651ec7c2d5da9847961736\UIAutomationProvider.ni.dll
+ 2011-07-06 10:13 . 2011-07-06 10:13	645120              c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClient\550c47e15879f39fed79e4eb1c2195db\UIAutomationClient.ni.dll
+ 2011-07-06 10:10 . 2011-07-06 10:10	525824              c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Linq\0a0a776f67e84c2da967ac111c5df164\System.Xml.Linq.ni.dll
+ 2011-07-06 10:11 . 2011-07-06 10:11	254976              c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Inpu#\cf8c22d4266e070a299c02d2850ef818\System.Windows.Input.Manipulations.ni.dll
+ 2011-07-06 10:10 . 2011-07-06 10:10	903168              c:\windows\assembly\NativeImages_v4.0.30319_64\System.Transactions\4b6a7186f6c401b66d1be535e7d6104a\System.Transactions.ni.dll
+ 2011-07-06 10:13 . 2011-07-06 10:13	280576              c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\a829cc80ca5acc2da26bd8ea918e1a4e\System.ServiceProcess.ni.dll
+ 2011-07-06 10:13 . 2011-07-06 10:13	107520              c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\5381d639b68e4fcd1233df4aaa8fc9be\System.ServiceModel.Channels.ni.dll
+ 2011-07-06 10:13 . 2011-07-06 10:13	507904              c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\23cddffe6a749acdc1cf2bbf7ea2470c\System.ServiceModel.Routing.ni.dll
+ 2011-07-06 10:11 . 2011-07-06 10:11	376320              c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\93ee99e5061f73f7e0d64e28e72acdd8\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-07-06 10:11 . 2011-07-06 10:11	987648              c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Remo#\7706bf7b15e5f41daf680bf00fb3040b\System.Runtime.Remoting.ni.dll
+ 2011-07-06 10:12 . 2011-07-06 10:12	930304              c:\windows\assembly\NativeImages_v4.0.30319_64\System.Net\92ffc2dd1a4c2ea95b472a26e774a835\System.Net.ni.dll
+ 2011-07-06 10:12 . 2011-07-06 10:12	781824              c:\windows\assembly\NativeImages_v4.0.30319_64\System.Messaging\b8de5567948f35962ddf7122752ff04d\System.Messaging.ni.dll
+ 2011-07-06 10:12 . 2011-07-06 10:12	521728              c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management.I#\b131749bfb98ce8ec9b87ce2841afe60\System.Management.Instrumentation.ni.dll
+ 2011-07-06 10:12 . 2011-07-06 10:12	531456              c:\windows\assembly\NativeImages_v4.0.30319_64\System.IO.Log\0fe92ebf0087c98840e99d37480711c0\System.IO.Log.ni.dll
+ 2011-07-06 10:12 . 2011-07-06 10:12	290816              c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityMode#\4b0079c9d88b51955f53d52f6b7f3e5a\System.IdentityModel.Selectors.ni.dll
+ 2011-07-06 10:10 . 2011-07-06 10:10	348672              c:\windows\assembly\NativeImages_v4.0.30319_64\System.EnterpriseSe#\c22b41c9c0a31a087d16689ac0889607\System.EnterpriseServices.Wrapper.dll
+ 2011-07-06 10:12 . 2011-07-06 10:12	628736              c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\82362eb90e580c5b2afc3150c69d784f\System.DirectoryServices.Protocols.ni.dll
+ 2011-07-06 10:12 . 2011-07-06 10:12	141824              c:\windows\assembly\NativeImages_v4.0.30319_64\System.Device\342afec9aa4ee8a572a0cd8da6833a5c\System.Device.ni.dll
+ 2011-07-06 10:11 . 2011-07-06 10:11	176128              c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.DataSet#\bf4f62e5c39821ee6225ed92dae486ed\System.Data.DataSetExtensions.ni.dll
+ 2011-07-06 10:11 . 2011-07-06 10:11	181248              c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuratio#\ad9d61d394a46e9f9590b0a9f0fa0ad5\System.Configuration.Install.ni.dll
+ 2011-07-06 10:11 . 2011-07-06 10:11	255488              c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\693ee2ff660f89258326be91758da220\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-07-06 10:11 . 2011-07-06 10:11	865792              c:\windows\assembly\NativeImages_v4.0.30319_64\System.AddIn\5f08af7480608daceecfec057280efac\System.AddIn.ni.dll
+ 2011-07-06 10:11 . 2011-07-06 10:11	553472              c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.D#\4afbca9170450994db0228341d24c42d\System.Activities.DurableInstancing.ni.dll
+ 2011-07-06 10:10 . 2011-07-06 10:10	184832              c:\windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\991bb9aedef58467529703e0c83af2de\SMDiagnostics.ni.dll
+ 2011-07-06 10:10 . 2011-07-06 10:10	745984              c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\fdac975a3fac325ee1cb3961bbc11acf\PresentationFramework.Luna.ni.dll
+ 2011-07-06 10:10 . 2011-07-06 10:10	387584              c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\1354d301871cb639ab1b885c626f1ffe\PresentationFramework.Royale.ni.dll
+ 2011-07-06 10:18 . 2011-07-06 10:18	252416              c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\97a1f8a5a83114e0cea11549602e8e72\WindowsFormsIntegration.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	196096              c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\7297158168dfc68b1b96bf6b0f56b093\UIAutomationTypes.ni.dll
+ 2011-07-06 10:18 . 2011-07-06 10:18	482816              c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\acc81364b5b1d54918a55f0ae0fbc043\UIAutomationClient.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	391680              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\ff20e15edfa14ce628b0502173347062\System.Xml.Linq.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	188928              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\40e165d670da20b9911cf7f15db916d2\System.Windows.Input.Manipulations.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	646656              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\0df91adfb9c0e51b7b967d61e8151b78\System.Transactions.ni.dll
+ 2011-07-06 10:18 . 2011-07-06 10:18	221696              c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\840f9b4d51622f9f29888aae168a196c\System.ServiceProcess.ni.dll
+ 2011-07-06 10:18 . 2011-07-06 10:18	365056              c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\8e99e3e3b47a1b63e678271947a72e22\System.ServiceModel.Routing.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	311296              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\a31a4045963913a3228777af311f4428\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	762368              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\8985ef7c12df01b25c53bd80f7103819\System.Runtime.Remoting.ni.dll
+ 2011-07-06 10:17 . 2011-07-06 10:17	653312              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\ce945fe046c7c152d4785fe24c22eee9\System.Net.ni.dll
+ 2011-07-06 10:17 . 2011-07-06 10:17	626176              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\f07d8a06ff89e9c2db9f2ad73e88d421\System.Messaging.ni.dll
+ 2011-07-06 10:17 . 2011-07-06 10:17	395264              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\ec65b7f29e6d9c27cad0bb4f6199701f\System.Management.Instrumentation.ni.dll
+ 2011-07-06 10:17 . 2011-07-06 10:17	413696              c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\5e1621afee65228e6dc7fbc9fb35f091\System.IO.Log.ni.dll
+ 2011-07-06 10:17 . 2011-07-06 10:17	229376              c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\1f10456671d393187b6e2511155b8cd6\System.IdentityModel.Selectors.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	236032              c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\401ca9defa4213be5372532a2754d50d\System.EnterpriseServices.Wrapper.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	786944              c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\401ca9defa4213be5372532a2754d50d\System.EnterpriseServices.ni.dll
+ 2011-07-06 10:17 . 2011-07-06 10:17	468992              c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\f75ffd1a51b56e5171335277ca7d2ead\System.DirectoryServices.Protocols.ni.dll
+ 2011-07-06 10:17 . 2011-07-06 10:17	913920              c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\448b1912c09fe3be836533e1c04332ce\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-07-06 10:17 . 2011-07-06 10:17	112640              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\a8f34f6b7fc87869ea63c0a5a45e4106\System.Device.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	134656              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\8e8d0552f18365e5f57fe20cf3aebcbb\System.Data.DataSetExtensions.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	148480              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\1f12624743789147c54a5c70b34e47b7\System.Configuration.Install.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	194048              c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\4ce4ff836715d7e822200dd340ce8c32\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	617984              c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\285ebbd21d182235113a348c951afd12\System.AddIn.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	404992              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\4a37977779bc648b11b8c333bfc1c2b8\System.Activities.DurableInstancing.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	317952              c:\windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\7190f7e40c8095e13f45e40b1709671f\SMSvcHost.ni.exe
+ 2011-07-06 10:16 . 2011-07-06 10:16	142848              c:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\b028b6680f5a3b315320a5bf7b659518\SMDiagnostics.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	219136              c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\a26d5665e589bdc7f46544a94cf49338\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	418816              c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\23c48b3a578d71fd90e8d8db8e7d6b37\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	194048              c:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\dcc2883f0bbf0909874059fe9768016b\CustomMarshalers.ni.dll
+ 2011-07-06 09:41 . 2011-07-06 09:41	253952              c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationTypes\3037924076c4aaaa6fab19a9308e5d54\UIAutomationTypes.ni.dll
+ 2011-07-06 09:41 . 2011-07-06 09:41	120832              c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationProvider\fc2c67900e0ace0d072de3eb7a31cce3\UIAutomationProvider.ni.dll
+ 2011-07-06 09:45 . 2011-07-06 09:45	261120              c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.RegularE#\c8747fbd5dd2323b75bcb2c12c13347d\System.Web.RegularExpressions.ni.dll
+ 2011-07-06 09:43 . 2011-07-06 09:43	921600              c:\windows\assembly\NativeImages_v2.0.50727_64\System.Transactions\ddda329caaf3cdad2bbac4de74938f72\System.Transactions.ni.dll
+ 2011-07-06 09:45 . 2011-07-06 09:45	295424              c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\dbdfbf571cc7241cc774c10a03d94796\System.ServiceProcess.ni.dll
+ 2011-07-06 09:41 . 2011-07-06 09:41	928768              c:\windows\assembly\NativeImages_v2.0.50727_64\System.Security\e5a5e6c0712fd8aa47bbb5c82b484540\System.Security.ni.dll
+ 2011-07-06 09:42 . 2011-07-06 09:42	396288              c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\3af29ab4ef4b085402fbb441327bc1cb\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-07-06 09:43 . 2011-07-06 09:43	446464              c:\windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\ee435574b1737903fbabea17b56fe63c\System.EnterpriseServices.Wrapper.dll
+ 2011-07-06 09:45 . 2011-07-06 09:45	288768              c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing.Desi#\eb93c5c584d44066b2a55bc94a6efd7c\System.Drawing.Design.ni.dll
+ 2011-07-06 09:45 . 2011-07-06 09:45	649728              c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\bfc8d654000eabfa10c5bca536e9e34d\System.DirectoryServices.Protocols.ni.dll
+ 2011-07-06 09:46 . 2011-07-06 09:46	192000              c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuratio#\f8e8ca6e1b6511524443663e0cfa2d99\System.Configuration.Install.ni.dll
+ 2011-07-06 09:46 . 2011-07-06 09:46	317440              c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\e207555f45a7e649f1e8b9f770467326\PresentationFramework.Royale.ni.dll
+ 2011-07-06 09:46 . 2011-07-06 09:46	279040              c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\cb65355a9bbd399c423bd99919801679\PresentationFramework.Classic.ni.dll
+ 2011-07-06 09:46 . 2011-07-06 09:46	463360              c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\37eb9c855b89a40d56921b3396929bce\PresentationFramework.Aero.ni.dll
+ 2011-07-06 09:46 . 2011-07-06 09:46	620544              c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\1b4f4608a2cdc8b32bf592914e902fe5\PresentationFramework.Luna.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	321024              c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\373a480080a7101d1ade3b5947f82a0b\WsatConfig.ni.exe
+ 2011-07-06 10:14 . 2011-07-06 10:14	626688              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\424824f1ad23087f65dd552b3e1dd1e4\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	851968              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\f19ef65bacfab63a86e9e88995bb4d63\WindowsLive.Writer.BlogClient.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	313856              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d5657d015b0fa0cfc6ab2f4ee9bf125c\WindowsLive.Writer.Interop.SHDocVw.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	428032              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\cfa8556d49d99dded9e5763616c6425e\WindowsLive.Writer.Localization.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	321536              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\b7ef73505e049dbf820055443f9e685c\WindowsLive.Writer.SpellChecker.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	118784              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\b4c7cbf5ccff847b3feb277dd366281f\WindowsLive.Writer.Extensibility.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	843776              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\9cf7a3c552ff273c8c607da5c32721aa\WindowsLive.Writer.Controls.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	152064              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\882c707903a6158958468f9cdceded87\WindowsLive.Writer.HtmlParser.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	119296              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7e5eb6fcce6fcf30d3faa18148c27812\WindowsLive.Writer.FileDestinations.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	258560              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7293dc62ffa6e5cd499196a4c856818a\WindowsLive.Writer.Mshtml.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	334848              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\42b40c29dfd360c9efd5a401a73a9d2c\WindowsLive.Writer.Interop.Mshtml.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	108544              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\315756acc35da8a3e4cb5d6dce27344e\WindowsLive.Writer.Passport.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	174080              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\2d6a993217186b40ef620514572fb745\WindowsLive.Writer.BrowserControl.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	319488              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\27015d15ae0afc80711a2c33ae25b294\WindowsLive.Writer.Interop.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	594944              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\1a13715585b64771033b0d7b2aae3594\WindowsLive.Writer.HtmlEditor.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	117760              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\1248120591259ef75cc6f21fc05d83a2\WindowsLive.Writer.Instrumentation.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	145920              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\291aee2b415d035f468ce40ab0b0f6fc\WindowsLive.Client.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	240128              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\e353149c06e4844344cf04b12efa75ea\WindowsFormsIntegration.ni.dll
+ 2011-07-06 09:47 . 2011-07-06 09:47	185344              c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\efadc7a54e78f3755da53c95bdc293fd\UIAutomationTypes.ni.dll
+ 2011-07-06 10:15 . 2011-07-06 10:15	452096              c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\a75001c926c261bf57def3e36d65589c\UIAutomationClient.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	245248              c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\ffdf9317e0b93b23afb730cd479a2a5d\TaskScheduler.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	401408              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\43c7a50b800812e3867c5d535d5ec7a1\System.Xml.Linq.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	129536              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\dc5bdd8f4a485330a82e8efe0528d972\System.Web.Routing.ni.dll
+ 2011-07-06 09:48 . 2011-07-06 09:48	202240              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\a195a9d4e3887d3c961e7b45d9871346\System.Web.RegularExpressions.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	860160              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\9851e6d5da6226248832e051e7456e7a\System.Web.Extensions.Design.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	328192              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\3b6e9a3a3488ee7cf91444b59ca513ce\System.Web.Entity.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	301568              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\1cf6432592706f0ccf71d8268d1aefb6\System.Web.Entity.Design.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	547328              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\683fd94cf3441a95c54f9e752d5f82ee\System.Web.DynamicData.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	141312              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\8d9835767afa6516d9b02476ad8cdff3\System.Web.Abstractions.ni.dll
+ 2011-07-06 09:48 . 2011-07-06 09:48	627200              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\717413fe4e471af11f0e7582de10e54c\System.Transactions.ni.dll
+ 2011-07-06 09:48 . 2011-07-06 09:48	212992              c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\d9b3bb263a38ca5767baf78cacf380d8\System.ServiceProcess.ni.dll
+ 2011-07-06 09:47 . 2011-07-06 09:47	680960              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\cd75660f4231fbe96d58a15f5cbf032a\System.Security.ni.dll
+ 2011-07-06 09:47 . 2011-07-06 09:47	310784              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\83e806ce9d3ebebf8d172970127757ab\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-07-06 09:48 . 2011-07-06 09:48	771584              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\443b11b528455611c7549b56349a56eb\System.Runtime.Remoting.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	624128              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\e75ac4f1b9e55b9336bde135abc026c8\System.Net.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	593408              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\490dbe889baa699a3228661d2438dd37\System.Messaging.ni.dll
+ 2011-07-06 10:15 . 2011-07-06 10:15	997888              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\565a1d9d3fed4d64ddb884a49a1a0e25\System.Management.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	330240              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\a62507f369fa2d0509f29235dd15eed6\System.Management.Instrumentation.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	381440              c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\f30d56b751b798574e6ce7506347b8d0\System.IO.Log.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	212992              c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\af3132a868705a9837d4816641f40ed0\System.IdentityModel.Selectors.ni.dll
+ 2011-07-06 09:48 . 2011-07-06 09:48	280064              c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\491bef3594be0a6030dfefd320e14b86\System.EnterpriseServices.Wrapper.dll
+ 2011-07-06 09:48 . 2011-07-06 09:48	628224              c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\491bef3594be0a6030dfefd320e14b86\System.EnterpriseServices.ni.dll
+ 2011-07-06 09:48 . 2011-07-06 09:48	208384              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\ff6fe7446d57402e4050a14ea1251207\System.Drawing.Design.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	887808              c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\e1134326b8b23452e5ac3f9abf949f18\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-07-06 09:48 . 2011-07-06 09:48	455680              c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\4f6cff3f0e5a4a8600ede24ee2ece438\System.DirectoryServices.Protocols.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	946176              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\48a7107c1d40b7e7c6aa6dffdc405869\System.Data.Services.Client.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	356864              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\2778851146a53b6e88ced224e6853bba\System.Data.Services.Design.ni.dll
+ 2011-07-06 10:15 . 2011-07-06 10:15	762880              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\4f282df684db617cf70b4ca6041d604f\System.Data.Entity.Design.ni.dll
+ 2011-07-06 10:15 . 2011-07-06 10:15	135680              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\edf9204db6473ca27b469ad13fb35ba1\System.Data.DataSetExtensions.ni.dll
+ 2011-07-06 09:47 . 2011-07-06 09:47	971264              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e8add38eb4f9c07790b5be549c5f0dae\System.Configuration.ni.dll
+ 2011-07-06 09:48 . 2011-07-06 09:48	141312              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\c6b6161062774afe093c7d2afe7b0b8d\System.Configuration.Install.ni.dll
+ 2011-07-06 10:15 . 2011-07-06 10:15	633344              c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\5d67728817b729f128c5c918e699453a\System.AddIn.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	232448              c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\788cc2579c0a59283c3a1f24ac41323f\sysglobl.ni.dll
+ 2011-07-06 10:15 . 2011-07-06 10:15	366080              c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\d020e27483816c49f80473371fb3c514\SMSvcHost.ni.exe
+ 2011-07-06 10:14 . 2011-07-06 10:14	256000              c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\c3a9fb49784a53ce475a592c15728888\SMDiagnostics.ni.dll
+ 2011-07-06 09:48 . 2011-07-06 09:48	368128              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d739c4b3c1f9e479a626f67071017128\PresentationFramework.Aero.ni.dll
+ 2011-07-06 09:48 . 2011-07-06 09:48	224768              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bb47336255fc109e70899259f2094977\PresentationFramework.Classic.ni.dll
+ 2011-07-06 09:48 . 2011-07-06 09:48	539648              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\9115e64a33c13b7a2b94abde9c098d32\PresentationFramework.Luna.ni.dll
+ 2011-07-06 09:48 . 2011-07-06 09:48	258048              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\68f632bff279326062eff2d841f38687\PresentationFramework.Royale.ni.dll
+ 2011-07-06 10:15 . 2011-07-06 10:15	723456              c:\windows\assembly\NativeImages_v2.0.50727_32
apsnap\5238cf9b328e8b3226a048ebb33be846
apsnap.ni.dll
+ 2011-07-06 10:15 . 2011-07-06 10:15	117760              c:\windows\assembly\NativeImages_v2.0.50727_32
apinit\985d63377e634f94b5a57c3617d556af
apinit.ni.dll
+ 2011-07-06 10:15 . 2011-07-06 10:15	114176              c:\windows\assembly\NativeImages_v2.0.50727_32
aphlpr\71c2fc1d1280cd485b65e5375945d19c
aphlpr.ni.dll
+ 2011-07-06 10:15 . 2011-07-06 10:15	133632              c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\877c4bda63902c26f94940609de6d0ca\MSBuild.ni.exe
+ 2011-07-06 10:14 . 2011-07-06 10:14	287232              c:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\5a66a820bd20848def555cf0a53e4ee8\MMCFxCommon.ni.dll
+ 2011-07-06 10:15 . 2011-07-06 10:15	531456              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\e971674683c536bcae479bf6b43978a3\Microsoft.WSMan.Management.ni.dll
+ 2011-07-06 10:15 . 2011-07-06 10:15	386560              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\3cddcd8c15cf7f01124b4d18e3d5da65\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-07-06 10:15 . 2011-07-06 10:15	515584              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\d696ecd83047d560fd61516d405b5a12\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2011-07-06 10:15 . 2011-07-06 10:15	729088              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\b40dd81e7805dfcaf68bc4005b630a7d\Microsoft.PowerShell.GraphicalHost.ni.dll
+ 2011-07-06 10:15 . 2011-07-06 10:15	167424              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\ae4d802ca546567b0a6053714a3097f0\Microsoft.PowerShell.Security.ni.dll
+ 2011-07-06 10:15 . 2011-07-06 10:15	785920              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\847228cbf936f94fd4beb03d5e475a02\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2011-07-06 10:15 . 2011-07-06 10:15	291328              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\7ed8e0f0c5db5f5f796288d3e102087b\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	561664              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\a504c0bec4447c7ec8147ff536f8b5db\Microsoft.ManagementConsole.ni.dll
+ 2011-07-06 10:15 . 2011-07-06 10:15	144384              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\e60b20693c1542d3d467b477f222ca6c\Microsoft.Build.Utilities.ni.dll
+ 2011-07-06 10:15 . 2011-07-06 10:15	175104              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\cabe88480362e7d218cd167e5ff93ab0\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	839680              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\76b709b79b54c3bc2677ec4cc5ada8f5\Microsoft.Build.Engine.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	222720              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\c92ca1d14705fa4ee219f998a7188160\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	364032              c:\windows\assembly\NativeImages_v2.0.50727_32\mcstoredb\6448618db5745bbf8d56052df82414a1\mcstoredb.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	553472              c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\ebaae5d75aa27874c8271a8799c32868\EventViewer.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	693248              c:\windows\assembly\NativeImages_v2.0.50727_32\ehRecObj\0c894577a263ea4df5e3dde399f2661c\ehRecObj.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	875520              c:\windows\assembly\NativeImages_v2.0.50727_32\ehiVidCtl\b296e4a7cf7a2ec895036f09f654594e\ehiVidCtl.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	442880              c:\windows\assembly\NativeImages_v2.0.50727_32\ehiProxy\7f130b6c3d44f0c572719397cbe3459b\ehiProxy.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	161280              c:\windows\assembly\NativeImages_v2.0.50727_32\ehiExtens\e79e25723507c1a8ce45167bcebfb167\ehiExtens.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	254464              c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost32\07ade9cd02c449501826d9adcdb89198\ehExtHost32.ni.exe
+ 2011-07-06 10:14 . 2011-07-06 10:14	220672              c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\2e8bbdf2a971ffe1ba403c620989954c\CustomMarshalers.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	410112              c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\756b3904b970132fb10c1a278cc80483\ComSvcConfig.ni.exe
+ 2011-07-06 10:14 . 2011-07-06 10:14	621568              c:\windows\assembly\NativeImages_v2.0.50727_32\BDATunePIA\70186b262e81391a24d9fbda946a3fe2\BDATunePIA.ni.dll
- 2009-07-14 04:45 . 2011-07-05 20:40	3798234              c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform	okens.dat
+ 2009-07-14 04:45 . 2011-07-06 09:42	3798234              c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform	okens.dat
+ 2011-07-06 10:13 . 2011-07-06 10:13	1430016              c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClients#\fc0f6caeac4b62e4453a981e8dd9e992\UIAutomationClientsideProviders.ni.dll
+ 2011-07-06 10:10 . 2011-07-06 10:10	2447360              c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xaml\3cb1b81e1d90af2a7cc6bd2d4e41fd9e\System.Xaml.ni.dll
+ 2011-07-06 10:13 . 2011-07-06 10:13	5627392              c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\9d393c8287d436c1ea11ef2ca2a755ac\System.Windows.Forms.DataVisualization.ni.dll
+ 2011-07-06 10:13 . 2011-07-06 10:13	2222592              c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Services\ed8b807859c169bbb7543c43baa3c46f\System.Web.Services.ni.dll
+ 2011-07-06 10:13 . 2011-07-06 10:13	2733568              c:\windows\assembly\NativeImages_v4.0.30319_64\System.Speech\a129d574137f4829ef3a6eacee64094d\System.Speech.ni.dll
+ 2011-07-06 10:13 . 2011-07-06 10:13	1904640              c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\8db9c29aee38fc9934549ad6bf59f0d3\System.ServiceModel.Activities.ni.dll
+ 2011-07-06 10:13 . 2011-07-06 10:13	1561600              c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\0e6ba2c11ddf0405b6c7066a345f7f15\System.ServiceModel.Discovery.ni.dll
+ 2011-07-06 10:10 . 2011-07-06 10:10	3404288              c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\11a7b044d8ed163b690a74486484e08f\System.Runtime.Serialization.ni.dll
+ 2011-07-06 10:10 . 2011-07-06 10:10	1346560              c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Dura#\abf0cf0b488e39c97d961cd40978e514\System.Runtime.DurableInstancing.ni.dll
+ 2011-07-06 10:11 . 2011-07-06 10:11	1422336              c:\windows\assembly\NativeImages_v4.0.30319_64\System.Printing\cbff165d2eee7f23b284f6830fd267c2\System.Printing.ni.dll
+ 2011-07-06 10:12 . 2011-07-06 10:12	1470464              c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management\2b81b61ad1b36207e49962f22658d6ef\System.Management.ni.dll
+ 2011-07-06 10:12 . 2011-07-06 10:12	1416192              c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityModel\f192d95372b472643187607ef7a55117\System.IdentityModel.ni.dll
+ 2011-07-06 10:10 . 2011-07-06 10:10	1096704              c:\windows\assembly\NativeImages_v4.0.30319_64\System.EnterpriseSe#\c22b41c9c0a31a087d16689ac0889607\System.EnterpriseServices.ni.dll
+ 2011-07-06 10:10 . 2011-07-06 10:10	2290688              c:\windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\0d248e7219f87d2a3853f8a1d425965a\System.Drawing.ni.dll
+ 2011-07-06 10:11 . 2011-07-06 10:11	1622016              c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\49467224883b56bb7f006c307dbfeb65\System.DirectoryServices.ni.dll
+ 2011-07-06 10:12 . 2011-07-06 10:12	1217024              c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\2637c192d310b158dd6d00dbfe8a49f0\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-07-06 10:11 . 2011-07-06 10:11	2400256              c:\windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\991208daf29872f43e6684f5c6f100e3\System.Deployment.ni.dll
+ 2011-07-06 10:11 . 2011-07-06 10:11	8580608              c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data\e4bc4fb58d9830daa0b8e7e031d3e2ae\System.Data.ni.dll
+ 2011-07-06 10:12 . 2011-07-06 10:12	1791488              c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Service#\8539eeead63ef32bd938a66589c0816b\System.Data.Services.Client.ni.dll
+ 2011-07-06 10:12 . 2011-07-06 10:12	3380736              c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Linq\36b03e7d976b707f3c8eef3fbe0e469a\System.Data.Linq.ni.dll
+ 2011-07-06 10:11 . 2011-07-06 10:11	1002496              c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\a2ed1733acb5793b7f6e00d706e7ae1f\System.ComponentModel.Composition.ni.dll
+ 2011-07-06 10:11 . 2011-07-06 10:11	5680640              c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities\803b90bb06cdd2834f5be8aa194c8bb5\System.Activities.ni.dll
+ 2011-07-06 10:11 . 2011-07-06 10:11	4887040              c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.P#\e2d47e53e4ca392fa98d5e23e69827a8\System.Activities.Presentation.ni.dll
+ 2011-07-06 10:11 . 2011-07-06 10:11	2005504              c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.C#\2273e9b1f9f04cf906d31ab17f24c279\System.Activities.Core.Presentation.ni.dll
+ 2011-07-06 10:11 . 2011-07-06 10:11	4127232              c:\windows\assembly\NativeImages_v4.0.30319_64\ReachFramework\65847157601a8f77b6e9415eb38d2192\ReachFramework.ni.dll
+ 2011-07-06 10:10 . 2011-07-06 10:10	2032128              c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationUI\3275a80a6a180597640f877b30a44395\PresentationUI.ni.dll
+ 2011-07-06 10:12 . 2011-07-06 10:12	3312128              c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.JScript\4351bfa190b7948085e361e0447a9eb8\Microsoft.JScript.ni.dll
+ 2011-07-06 10:18 . 2011-07-06 10:18	1057792              c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClients#\2b22ef03091f893f5b381514149a472b\UIAutomationClientsideProviders.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	1781760              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\19f85a4f6faaeb87a9055ccf23a9f8b7\System.Xaml.ni.dll
+ 2011-07-06 10:18 . 2011-07-06 10:18	4545024              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\de9ec945d6cdd90010c824320e8bc332\System.Windows.Forms.DataVisualization.ni.dll
+ 2011-07-06 10:18 . 2011-07-06 10:18	1859584              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\3e5c07211446b947b1ecb6963946320a\System.Web.Services.ni.dll
+ 2011-07-06 10:18 . 2011-07-06 10:18	2011136              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Speech\11a89b103320d603c0bfa48179c3fe1d\System.Speech.ni.dll
+ 2011-07-06 10:18 . 2011-07-06 10:18	1387520              c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\e492bb75168cc53d57c2dd5e32e9911c\System.ServiceModel.Activities.ni.dll
+ 2011-07-06 10:18 . 2011-07-06 10:18	1128960              c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\b66a8b2c0b8c12540831b41c92bede12\System.ServiceModel.Discovery.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	2637312              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\d0ce480f313eb8be9a3a4dd6d7902325\System.Runtime.Serialization.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	1020928              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\b9f7f5b0b28dd57cb5400c437c388545\System.Runtime.DurableInstancing.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	1050112              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\39c3d706f0fbc21443c7747f203b0b34\System.Printing.ni.dll
+ 2011-07-06 10:17 . 2011-07-06 10:17	1218560              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\76d7e84f5dca7908b45edba58bd12f48\System.Management.ni.dll
+ 2011-07-06 10:17 . 2011-07-06 10:17	1072128              c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\02c1363d5beb2ae5c5722bc8f6c5b77a\System.IdentityModel.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	1172992              c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\66c88143bc4b9f4a744b6d65e2c3629a\System.DirectoryServices.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	1878016              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\03ca38b342903b50623336b29aa507c9\System.Deployment.ni.dll
+ 2011-07-06 10:17 . 2011-07-06 10:17	1338880              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\0e629bbc4ccd76e072189ccbc9d7903f\System.Data.Services.Client.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	4121088              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities\4d3a20f0598b5da0ebf9e505b51886b9\System.Activities.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	3713024              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\e4566f552e3bda84571e04a7e5d1c41f\System.Activities.Presentation.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	1518080              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.C#\236373716dcb48f5687dd6997559a425\System.Activities.Core.Presentation.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	2859008              c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\48530a5ad6ec27254cde667e02d3f198\ReachFramework.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	1630208              c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\5dcab8576a5e02d7264bfeed28ce69b9\PresentationUI.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	1136128              c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\e8c36043a5faedc93716717fc5bcdb05\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	1836544              c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\b4879bc20d7a718dcb51f0419721e5e5\Microsoft.VisualBasic.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	1172480              c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\aff7d215dd130cd94c54784c2df60e95\Microsoft.VisualBasic.Activities.Compiler.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	1082368              c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\156733cb276aff562e0c39d8b4fde1c6\Microsoft.Transactions.Bridge.ni.dll
+ 2011-07-06 10:17 . 2011-07-06 10:17	2452480              c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.JScript\2f83c7b63b1443a26f40b9f66bec3e2a\Microsoft.JScript.ni.dll
+ 2011-07-06 09:41 . 2011-07-06 09:41	4927488              c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\9a7fe519c6f4e8b1835103f58c764230\WindowsBase.ni.dll
+ 2011-07-06 09:41 . 2011-07-06 09:41	6948864              c:\windows\assembly\NativeImages_v2.0.50727_64\System.Xml\a413318043a6d2cf335510930906ba86\System.Xml.ni.dll
+ 2011-07-06 09:47 . 2011-07-06 09:47	2707456              c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Run#\75922002ccac7c34c37f85b680651e32\System.Workflow.Runtime.ni.dll
+ 2011-07-06 09:46 . 2011-07-06 09:46	5955072              c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Com#\6476971667e15c7f255c2f575e49aef6\System.Workflow.ComponentModel.ni.dll
+ 2011-07-06 09:46 . 2011-07-06 09:46	3895296              c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Act#\6594308e088edbdb00fd20fbb75a55ee\System.Workflow.Activities.ni.dll
+ 2011-07-06 09:43 . 2011-07-06 09:43	2291712              c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Services\c16ba3491b593dd05ebc4058d50a62a0\System.Web.Services.ni.dll
+ 2011-07-06 09:43 . 2011-07-06 09:43	1022976              c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\52fd09f748e4e1aacab0343622b1c439\System.Runtime.Remoting.ni.dll
+ 2011-07-06 09:43 . 2011-07-06 09:43	1453568              c:\windows\assembly\NativeImages_v2.0.50727_64\System.Printing\684d4f74483d91b310a8c393c5efb633\System.Printing.ni.dll
+ 2011-07-06 09:43 . 2011-07-06 09:43	1081344              c:\windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\ee435574b1737903fbabea17b56fe63c\System.EnterpriseServices.ni.dll
+ 2011-07-06 09:42 . 2011-07-06 09:42	2311168              c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\a2a7565bc69f3bc0adf70215025aad4a\System.Drawing.ni.dll
+ 2011-07-06 09:43 . 2011-07-06 09:43	1640448              c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\ab5272d0c55e371434b3ab38b5a8e31d\System.DirectoryServices.ni.dll
+ 2011-07-06 09:42 . 2011-07-06 09:42	2444288              c:\windows\assembly\NativeImages_v2.0.50727_64\System.Deployment\47430798b1f34aa911fc690d8ced8a9a\System.Deployment.ni.dll
+ 2011-07-06 09:43 . 2011-07-06 09:43	8692736              c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data\d25a23cfd20c27e9db447dc002c68386\System.Data.ni.dll
+ 2011-07-06 09:41 . 2011-07-06 09:41	3461632              c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.SqlXml\d51cbbd789ee45aa772405cf365c18b4\System.Data.SqlXml.ni.dll
+ 2011-07-06 09:45 . 2011-07-06 09:45	1506816              c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.OracleC#\fcd975ee9078f268b8260c2a1abe71fc\System.Data.OracleClient.ni.dll
+ 2011-07-06 09:41 . 2011-07-06 09:41	1308160              c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\7343284f67e3c15289594d979bd6be05\System.Configuration.ni.dll
+ 2011-07-06 09:43 . 2011-07-06 09:43	3101696              c:\windows\assembly\NativeImages_v2.0.50727_64\ReachFramework\403012bab4059a6c61ef7817f97b4b1a\ReachFramework.ni.dll
+ 2011-07-06 09:42 . 2011-07-06 09:42	2109952              c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationUI\52106405117416fc963ec1fd59497c88\PresentationUI.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	2018304              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\2ed75a2b71118d3dc8fceafbd8461d34\WindowsLive.Writer.CoreServices.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	6392832              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\2dd6a4198f0e94c821ca438614f2db4f\WindowsLive.Writer.PostEditor.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	1105408              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\24182015dfe8365d220c3bcb7e8945b5\WindowsLive.Writer.ApplicationFramework.ni.dll
+ 2011-07-06 09:47 . 2011-07-06 09:47	3325952              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\93e867e55d7df3a8b4bd1aba3af6f18d\WindowsBase.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	1047552              c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\c38fdbce21ee0675e9ab5ae0faed57b5\UIAutomationClientsideProviders.ni.dll
+ 2011-07-06 09:47 . 2011-07-06 09:47	7949824              c:\windows\assembly\NativeImages_v2.0.50727_32\System\f7048e198c963fa189cff3aea17dfee3\System.ni.dll
+ 2011-07-06 09:47 . 2011-07-06 09:47	5452800              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\682572c507ea7552c3db1842c21bf9c8\System.Xml.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	1358336              c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\552f8aaaf0883da379ea52a663b059c1\System.WorkflowServices.ni.dll
+ 2011-07-06 09:48 . 2011-07-06 09:48	1914880              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\48cba18aeddce254264944eb645daa02\System.Workflow.Runtime.ni.dll
+ 2011-07-06 09:48 . 2011-07-06 09:48	4514304              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\2bdd77e038f2ae4b4f55ba5b159c83bb\System.Workflow.ComponentModel.ni.dll
+ 2011-07-06 09:48 . 2011-07-06 09:48	2995200              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\abd78d3c9f978f654ad75907db97a939\System.Workflow.Activities.ni.dll
+ 2011-07-06 09:48 . 2011-07-06 09:48	1840640              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\77631b8c99bc572962e558cdac417477\System.Web.Services.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	2209792              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\1209d7e54ef107a1fff6a2b394079f85\System.Web.Mobile.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	2402816              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\ed9f2c61572eece33a5e7a2a90aefb24\System.Web.Extensions.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	1917440              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\c1c431a434b0c86097b2cecd0c79698b\System.Speech.ni.dll
+ 2011-07-06 10:16 . 2011-07-06 10:16	1705984              c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\c7f98d3d0c1e5f3e7bd477034c3a0779\System.ServiceModel.Web.ni.dll
+ 2011-07-06 10:14 . 2011-07-06 10:14	2347008              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a93babbfac74bef9adb0aa3fbc36c5ef\System.Runtime.Serialization.ni.dll
+ 2011-07-06 09:47 . 2011-07-06 09:47	1035776

g3n-h@ckm@n · Answer

essaie un scan complet avec Malwarebytes maintenant apres sa mise à jour

von_hebrenack · Answer

et bien que ce soit en mode normal ou sans echeque malwearbytes plante à 19 secondes :-( et les bugs reviennent peu à peu ! ya eu du mieu  tout à l'heure mais là ca re rame

g3n-h@ckm@n · Answer

▶ Télécharge Dr Web CureIt sur ton Bureau : ▶ redemarre en mode sans échec ▶- Double clique (clic droit "en tant qu'admin" sous Vista) et ensuite clique sur ; ▶- Clique à l'invite de l'analyse rapide. S'il trouve des processus infectés alors clique le bouton . Note : une fenêtre s'ouvrira avec options pour "Commander" ou "50% de réduction" : Quitte en cliquant le "X". ▶- Lorsque le scan rapide est terminé, clique sur le menu puis ; Choisis l'onglet , et décoche . Clique ensuite sur . ▶- De retour à la fenêtre principale : clique pour activer selectionne tous les disques ▶- Clique le bouton avec flèche verte sur la droite, et le scan débutera. ▶- Clique pour tout à l'invite "Désinfecter ?" lorsqu'un fichier est détecté, et ensuite clique "Désinfecter". ▶- Lorsque le scan sera complété, regarde si tu peux cliquer sur l' icône, adjacente aux fichiers détectés (plusieurs feuilles l'une sur l'autre). Si oui, alors clique dessus et ensuite clique sur l'icône , au dessous, et choisis . ▶- Du menu principal de l'outil, au haut à gauche, clique sur le menu et choisis . Sauvegarde le rapport sur ton Bureau. Ce dernier se nommera DrWeb.csv ▶-pour le rapport tu l enregistres sur ton bureau , tu clic droit dessus /envoyer vers / dossiers compresses ensuite : tu m'envoies l'archive comme ceci : clique sur ce lien : http://www.cijoint.fr/ ▶ Clique sur Parcourir et cherche le fichier ci-dessus. ▶ Clique sur Ouvrir. ▶ Clique sur "Cliquez ici pour déposer le fichier". Un lien de cette forme : http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt est ajouté dans la page. ▶ Copie ce lien dans ta réponse. ▶- Ferme Dr.Web Cureit ▶- Redémarre ton ordi (important car certains fichiers peuvent être déplacés/réparés au redémarrage).

von_hebrenack · Answer

salut !

ca fait depuis tout à l'heure que j'essye de passer ton log mais rien n'y fait !
ca plante au 3/4 de l'analyse rapide !!

von_hebrenack · Answer

apres moultes bugs, j'ai quand même reussi à en tirer quelque chose !!!

une analyse rapide complete ! et 3/4 d'une analyse aprofondie donc l'obtention d'un rapport !

que voici 

http://www.cijoint.fr/cjlink.php?file=cj201107/cij0bbspMR.zip 


à priori il y a un ou des virus detecté ! on tient le bon bout !

g3n-h@ckm@n · Answer

ca fait comment exactement quand malwarebytes plante ?

von_hebrenack · Answer

salut !

Bon je pense etre obliger de faire marcher la garantie !

là je suis sous mon vieux Pc linux ^^  
L'autre je ne peux même plus booter depuis ce matin ! rien de rien !  vive windobe !

autrement quand malwarebytes plantais, le scan s'arretais le PC ne travaillais plus et dès que tu touchais à quelque chose par la suite tout se figeait et obliger de rebooter !

g3n-h@ckm@n · Answer

ok ben tiens moi au courant...essaie de leur demander ce qui n'allait pas aussi ca pourrait aider

von_hebrenack · Answer

a priori ils ont eu pas mal de retour de ce model là avec la technologie "optimus" qui consiste a ne faire tourner le PC qu'en puissance reduite pour preserver de la batterie et le switch ne se fait plus au bout d'un moment d'où paralysie du systeme
enfin on vera ca plus profondement !

g3n-h@ckm@n · Answer

ok :)

Ordi très lent, bugs à gogo, scan bloqué 48%

42 réponses

Votre réponse

Discussions similaires