Sujet Précédent Sujet Suivant

Trojan.retapu.d et deepScan:generic.Sdbot

vader06 Messages postés 9 Statut Membre -  
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité -
Bonjour,
mon bitdefender a détecté des "trojan.retapu.d" et des "DeepScan:Generic.Sdbot".
ils sont situés dans le lecteur C:

je vous donne leurs noms:

fpovvj.exe
nbuijv.exe
nnmvls.exe
npwmkp.exe
qqnafy.exe
rqpqov.exe
stubzn.exe
wpemjt.exe
yvkkle.exe

Merci de m'aider
(si possible au plus vite...)

12 réponses

Réponse 1 / 12
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
Salut

Télécharge ceci :

Lien : http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis

Démo : http://pageperso.aol.fr/balltrap34/demohijack.htm

Choisir l'option "do a scan and a logfile", et faire un copier/coller du rapport ainsi générer sur le forum.

++
0
Réponse 2 / 12
vader06 Messages postés 9 Statut Membre
 
voici le rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:10:51, on 17/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdiserv.exe
C:\WINDOWS\system32\lxdicoms.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe
O23 - Service: lxdi_device - - C:\WINDOWS\system32\lxdicoms.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
0
Réponse 3 / 12
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
ok,

Télécharger ComboFix (par sUBs) sur le Bureau : http://download.bleepingcomputer.com/sUBs/ComboFix.exe

* Démarrer en mode sans echec
* Double cliquer combofix.exe.
* Appuyer sur la touche Y (Yes) pour démarrer le scan
* Le rapport sera crée dans: C:\Combofix.txt, poste le stp

++
0
Réponse 4 / 12
vader06
 
ComboFix 08-01-18.1 - Administrateur 2008-01-17 22:37:17.1 - [color=red][b]FAT32[/b][/color]x86 MINIMAL
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.397 [GMT 1:00]
Running from: C:\Documents and Settings\Administrateur\Bureau\ComboFix.exe

[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.
[color=purple]The following files were disabled during the run:[/color]
C:\WINDOWS\system32\sockspy.dll

((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-12-18 to 2008-01-18 ))))))))))))))))))))))))))))))))))))
.

2008-01-17 22:36 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-17 22:10 . 2008-01-17 22:10 <REP> d-------- C:\Program Files\Trend Micro
2008-01-17 21:13 . 2008-01-17 21:15 3,458 --a------ C:\WINDOWS\system32\tmp.reg
2008-01-17 20:10 . 2005-06-28 10:21 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-01-17 20:10 . 2008-01-17 20:10 140 --a------ C:\WINDOWS\system32\spupdsvc.inf
2008-01-17 20:09 . 2008-01-17 20:09 <REP> d--h----- C:\WINDOWS\$hf_mig$
2008-01-17 19:59 . 2006-05-05 10:41 453,120 --------- C:\WINDOWS\system32\dllcache\mrxsmb.sys
2008-01-17 19:59 . 2006-05-05 10:47 174,592 --------- C:\WINDOWS\system32\dllcache\rdbss.sys
2008-01-17 19:58 . 2007-01-23 20:31 546,304 --------- C:\WINDOWS\system32\dllcache\hhctrl.ocx
2008-01-17 19:57 . 2006-12-07 06:29 2,374,472 --------- C:\WINDOWS\system32\dllcache\wmvcore.dll
2008-01-17 19:52 . 2007-07-30 19:19 38,232 --a------ C:\WINDOWS\system32\wucltui.dll.mui
2008-01-17 19:52 . 2007-07-30 19:20 30,040 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
2008-01-17 19:52 . 2007-07-30 19:19 30,040 --a------ C:\WINDOWS\system32\wuapi.dll.mui
2008-01-17 19:52 . 2007-07-30 19:18 21,336 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
2008-01-17 19:24 . 9,296 C:\Documents and Settings\Administrateur\npwmkp.exe
2008-01-17 19:15 . 9,296 C:\Documents and Settings\Administrateur\stubzn.exe
2008-01-17 18:47 . 42,941 C:\Documents and Settings\Administrateur\qqnafy.exe
2008-01-17 18:37 . 42,941 C:\Documents and Settings\Administrateur\wpemjt.exe
2008-01-17 18:13 . 9,296 C:\Documents and Settings\Administrateur\nnmvls.exe
2008-01-17 12:19 . 9,296 C:\Documents and Settings\Administrateur\yvkkle.exe
2008-01-16 18:44 . 9,296 C:\Documents and Settings\Administrateur\fpovvj.exe
2008-01-16 18:23 . 9,296 C:\Documents and Settings\Administrateur\rqpqov.exe
2008-01-16 18:15 . 9,296 C:\Documents and Settings\Administrateur\nbuijv.exe
2008-01-13 11:25 . 2008-01-13 11:25 <REP> d-------- C:\Program Files\dat
2008-01-09 16:02 . 2008-01-09 16:02 <REP> dr------- C:\Documents and Settings\NetworkService\Favoris
2008-01-06 20:41 . 2008-01-06 20:41 <REP> d-------- C:\Program Files\Google
2007-12-31 14:57 . 2007-12-31 14:57 <REP> d--hs---- C:\FOUND.002
2007-12-22 13:56 . 2007-12-22 13:56 5,632 --ahs---- C:\WINDOWS\Thumbs.db

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-17 21:26 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
2007-12-14 15:56 --------- d-----w C:\Program Files\AVIConverter
2007-12-02 19:38 --------- d-----w C:\Program Files\Fichiers communs\Real
2007-11-19 18:21 --------- d-----w C:\Program Files\EACOM
2007-11-19 18:06 --------- d-----w C:\Program Files\EA SPORTS
2007-11-11 18:02 724,992 ----a-w C:\WINDOWS\iun6002.exe
2007-10-30 10:18 3,079,680 ----a-w C:\WINDOWS\system32\SET2B.tmp
2007-10-30 10:18 3,079,680 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2006-10-30 09:51 14,685 ----a-w C:\Program Files\readme.htm
2006-10-19 19:51 7,110,656 ----a-w C:\Program Files\PES6.exe
2006-10-18 13:23 483,328 ----a-w C:\Program Files\settings.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45 313472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"TrueImageMonitor.exe"="C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2006-10-16 21:12 1164912]
"AcronisTimounterMonitor"="C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe" [2006-10-16 21:17 1941784]
"Acronis Scheduler2 Service"="C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" [2006-10-16 21:13 87584]
"Smapp"="C:\Program Files\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 08:57 143360]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2006-06-21 18:14 35328]
"BDMCon"="C:\Program Files\Softwin\BitDefender10\bdmcon.exe" [2007-11-07 12:48 290816]
"BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe" [2007-03-26 15:49 69632]
"lxdimon.exe"="C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe" [2007-05-07 19:07 435120]
"lxdiamon"="C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe" [2007-03-05 13:40 20480]
"FaxCenterServer"="C:\Program Files\\Lexmark Fax Solutions\fm3032.exe" [2007-05-07 19:10 312240]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-11-16 17:16 98304]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Config"="C:\WINDOWS\system32\run.cmd" [2006-02-14 11:24 248]
"nlsf"="cmd.exe" [2004-08-19 15:09 400896 C:\WINDOWS\system32\cmd.exe]
"tscuninstall"="C:\WINDOWS\system32\tscupgrd.exe" [2004-08-19 15:52 44544]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoDesktopCleanupWizard"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)
"NoStrCmpLogical"= 0 (0x0)
"NoInstrumentation"= 0 (0x0)
"NoSMHelp"= 1 (0x1)
"NoStartMenuMFUprogramsList"= 0 (0x0)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoDesktopCleanupWizard"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=sockspy.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 relog_ap

R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys [2005-09-26 11:05]
R2 lxdi_device;lxdi_device;C:\WINDOWS\system32\lxdicoms.exe [2007-04-26 16:38]
R2 lxdiCATSCustConnectService;lxdiCATSCustConnectService;C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe [2007-04-26 16:38]
R3 NBXG7031;NB 802.11g XG703 SP1 Driver;C:\WINDOWS\system32\DRIVERS\WlanUIG.sys [2004-09-17 11:56]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0e2c5f0e-cf38-11db-924a-0013d4691c57}]
\Shell\AutoRun\command - G:\start.exe
\Shell\FramaKey\command - G:\start.exe

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-18 22:41:29
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-01-18 22:44:55 - machine was rebooted
ComboFix-quarantined-files.txt 2008-01-18 21:44:40
.
2008-01-17 20:03:11 --- E O F ---
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 12
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
ok, je te donne la suite demain !

++
0
Réponse 6 / 12
vader06 Messages postés 9 Statut Membre
 
tu peux me donner la suite STP
0
Réponse 7 / 12
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
Salut

oups ! je t'ai un peu oublié ! :)

Télécharge SDFix sur ton bureau

http://downloads.andymanchesta.com/RemovalTools/SDFix.exe

Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau.
Redémarre ton ordinateur en mode sans échec
Ouvre le dossier SDFix qui vient d'être créé sur le Bureau et double clique sur RunThis.cmd pour lancer le script.
Appuie sur Y pour commencer le processus de nettoyage.
Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
Appuie sur une touche pour redémarrer le PC.
Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis !

++
0
Réponse 8 / 12
vader06 Messages postés 9 Statut Membre
 
Salut

Voici le rapport SDFix,

SDFix: Version 1.131

Run by Administrateur on 24/01/2008 at 21:47

Microsoft Windows XP [version 5.1.2600]

Running From: C:\DOCUME~1\ADMINI~1\Bureau\SDFix

Safe Mode:
Checking Services:

Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...

Normal Mode:
Checking Files:

No Trojan Files Found

Removing Temp Files...

ADS Check:

C:\WINDOWS
No streams found.

C:\WINDOWS\explorer.exe
No streams found.

C:\WINDOWS\system32
No streams found.

C:\WINDOWS\system32\svchost.exe
No streams found.

C:\WINDOWS\system32\ntoskrnl.exe
No streams found.

Final Check:

catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-24 21:52:45
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

Remaining Services:
------------------

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\Lexmark 3500-4500 Series\\LXDIMON.EXE"="C:\\Program Files\\Lexmark 3500-4500 Series\\LXDIMON.EXE:*:Enabled:Device Monitor"
"C:\\Program Files\\Lexmark 3500-4500 Series\\LXDIAMON.EXE"="C:\\Program Files\\Lexmark 3500-4500 Series\\LXDIAMON.EXE:*:Enabled:Device Monitor Application"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\Lexmark 3500-4500 Series\\App4R.exe"="C:\\Program Files\\Lexmark 3500-4500 Series\\App4R.exe:*:Enabled:Printing Application"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\\Program Files\\Lexmark 3500-4500 Series\\App4R.exe"="C:\\Program Files\\Lexmark 3500-4500 Series\\App4R.exe:*:Enabled:Lexmark Imaging Studio"

Remaining Files:
---------------

Files with Hidden Attributes:

Sun 12 Mar 2006 10,311,680 ..SH. --- "C:\Program Files\AVIConverter\mencoder.exe"
Wed 7 Nov 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Wed 23 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\f7db876e78b88fd8276fd7d29cb7e4eb\BITB.tmp"

Finished!
0
Réponse 9 / 12
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
Salut

ok,

Crée un nouveau document texte et nomme le CFScript.txt ( attention très important ! ) : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes en gras :

File::

C:\Documents and Settings\Administrateur\npwmkp.exe
C:\Documents and Settings\Administrateur\stubzn.exe
C:\Documents and Settings\Administrateur\qqnafy.exe
C:\Documents and Settings\Administrateur\wpemjt.exe
C:\Documents and Settings\Administrateur\nnmvls.exe
C:\Documents and Settings\Administrateur\yvkkle.exe
C:\Documents and Settings\Administrateur\fpovvj.exe
C:\Documents and Settings\Administrateur\rqpqov.exe
C:\Documents and Settings\Administrateur\nbuijv.exe

ensuite fais glisser le fichier texte sur combo.exe comme sur l'animation : http://img.photobucket.com/albums/v666/sUBs/CFScript.gif

Dans la fenêtre qui suit, choisie l'option 1 puis valide
Patiente un peu, si le bureau disparait parfois durant le scan : c'est normal !
A la fin du scan, un rapport va s'afficher : poste le stp ( sinon il se situe dans ici : C:\ComboFix.txt )

++
0
Réponse 10 / 12
vader06 Messages postés 9 Statut Membre
 
Salut

Voici le scan,

ComboFix 08-01-18.1 - Administrateur 2008-01-25 15:15:59.2 - [color=red][b]FAT32[/b][/color]x86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.244 [GMT 1:00]
Running from: C:\Documents and Settings\Administrateur\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\Administrateur\Bureau\CFScript.txt
* Created a new restore point

[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]

FILE
C:\Documents and Settings\Administrateur\fpovvj.exe
C:\Documents and Settings\Administrateur\nbuijv.exe
C:\Documents and Settings\Administrateur\nnmvls.exe
C:\Documents and Settings\Administrateur\npwmkp.exe
C:\Documents and Settings\Administrateur\qqnafy.exe
C:\Documents and Settings\Administrateur\rqpqov.exe
C:\Documents and Settings\Administrateur\stubzn.exe
C:\Documents and Settings\Administrateur\wpemjt.exe
C:\Documents and Settings\Administrateur\yvkkle.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Administrateur\fpovvj.exe
C:\Documents and Settings\Administrateur\nbuijv.exe
C:\Documents and Settings\Administrateur\qqnafy.exe
C:\Documents and Settings\Administrateur\rqpqov.exe
C:\Documents and Settings\Administrateur\wpemjt.exe
C:\Documents and Settings\Administrateur\yvkkle.exe

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-12-25 to 2008-01-25 ))))))))))))))))))))))))))))))))))))
.

2008-01-24 21:46 . 2008-01-24 21:46 <REP> d-------- C:\WINDOWS\ERUNT
2008-01-24 13:53 . 2008-01-24 13:53 244 --ah----- C:\sqmnoopt03.sqm
2008-01-24 13:53 . 2008-01-24 13:53 244 --ah----- C:\sqmnoopt02.sqm
2008-01-24 13:53 . 2008-01-24 13:53 244 --ah----- C:\sqmnoopt01.sqm
2008-01-24 13:53 . 2008-01-24 13:53 232 --ah----- C:\sqmdata03.sqm
2008-01-24 13:53 . 2008-01-24 13:53 232 --ah----- C:\sqmdata02.sqm
2008-01-24 13:53 . 2008-01-24 13:53 232 --ah----- C:\sqmdata01.sqm
2008-01-23 21:39 . 2008-01-23 21:39 244 --ah----- C:\sqmnoopt00.sqm
2008-01-23 21:39 . 2008-01-23 21:39 232 --ah----- C:\sqmdata00.sqm
2008-01-21 15:58 . 2008-01-21 15:58 <REP> d-------- C:\WINDOWS\system32\LogFiles
2008-01-20 11:52 . 2008-01-20 11:52 <REP> d--hs---- C:\FOUND.004
2008-01-19 16:51 . 2008-01-23 18:50 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-19 16:51 . 2008-01-19 16:51 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-19 14:11 . 2008-01-19 14:11 <REP> d--hs---- C:\FOUND.003
2008-01-17 22:36 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-17 22:10 . 2008-01-17 22:10 <REP> d-------- C:\Program Files\Trend Micro
2008-01-17 21:13 . 2008-01-17 21:15 3,458 --a------ C:\WINDOWS\system32\tmp.reg
2008-01-17 20:10 . 2005-06-28 10:21 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-01-17 20:10 . 2008-01-17 20:10 140 --a------ C:\WINDOWS\system32\spupdsvc.inf
2008-01-17 20:09 . 2008-01-17 20:09 <REP> d--h----- C:\WINDOWS\$hf_mig$
2008-01-17 20:06 . 2006-08-14 11:34 332,928 --------- C:\WINDOWS\system32\dllcache\srv.sys
2008-01-17 20:06 . 2006-10-13 13:36 65,536 --------- C:\WINDOWS\system32\dllcache\nwwks.dll
2008-01-17 20:05 . 2007-10-25 17:56 8,510,976 --------- C:\WINDOWS\system32\dllcache\shell32.dll
2008-01-17 20:05 . 2007-02-28 17:02 2,182,400 --------- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-01-17 20:05 . 2007-02-28 17:02 2,138,112 --------- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-01-17 20:05 . 2007-02-28 17:02 2,059,648 --------- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-01-17 20:05 . 2007-02-28 17:02 2,017,792 --------- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-01-17 20:04 . 2007-03-08 16:33 1,843,712 --------- C:\WINDOWS\system32\dllcache\win32k.sys
2008-01-17 20:04 . 2007-05-16 16:13 1,314,816 --------- C:\WINDOWS\system32\dllcache\msoe.dll
2008-01-17 20:04 . 2007-03-08 16:37 578,560 --------- C:\WINDOWS\system32\dllcache\user32.dll
2008-01-17 20:04 . 2007-05-16 16:13 510,976 --------- C:\WINDOWS\system32\dllcache\wab32.dll
2008-01-17 20:04 . 2007-10-30 18:20 360,064 --------- C:\WINDOWS\system32\dllcache\tcpip.sys
2008-01-17 20:04 . 2006-08-17 13:29 332,288 --------- C:\WINDOWS\system32\dllcache\netapi32.dll
2008-01-17 20:04 . 2007-06-19 14:32 282,112 --------- C:\WINDOWS\system32\dllcache\gdi32.dll
2008-01-17 20:04 . 2007-05-16 16:13 85,504 --------- C:\WINDOWS\system32\dllcache\wabimp.dll
2008-01-17 20:04 . 2006-07-21 09:27 72,704 --------- C:\WINDOWS\system32\dllcache\hlink.dll
2008-01-17 20:03 . 2007-08-21 07:17 683,520 --------- C:\WINDOWS\system32\dllcache\inetcomm.dll
2008-01-17 20:03 . 2007-03-17 14:44 293,376 --------- C:\WINDOWS\system32\dllcache\winsrv.dll
2008-01-17 20:03 . 2006-06-01 19:48 163,840 --------- C:\WINDOWS\system32\dllcache\jgdw400.dll
2008-01-17 20:03 . 2006-06-01 19:48 27,648 --------- C:\WINDOWS\system32\dllcache\jgpl400.dll
2008-01-17 20:00 . 2007-07-09 14:11 584,192 --------- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2008-01-17 19:59 . 2006-05-05 10:41 453,120 --------- C:\WINDOWS\system32\dllcache\mrxsmb.sys
2008-01-17 19:59 . 2006-05-05 10:47 174,592 --------- C:\WINDOWS\system32\dllcache\rdbss.sys
2008-01-17 19:58 . 2007-01-23 20:31 546,304 --------- C:\WINDOWS\system32\dllcache\hhctrl.ocx
2008-01-17 19:57 . 2006-12-07 06:29 2,374,472 --------- C:\WINDOWS\system32\dllcache\wmvcore.dll
2008-01-17 19:52 . 2007-07-30 19:19 38,232 --a------ C:\WINDOWS\system32\wucltui.dll.mui
2008-01-17 19:52 . 2007-07-30 19:20 30,040 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
2008-01-17 19:52 . 2007-07-30 19:19 30,040 --a------ C:\WINDOWS\system32\wuapi.dll.mui
2008-01-17 19:52 . 2007-07-30 19:18 21,336 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
2008-01-13 11:25 . 2008-01-13 11:25 <REP> d-------- C:\Program Files\dat
2008-01-09 16:02 . 2008-01-09 16:02 <REP> dr------- C:\Documents and Settings\NetworkService\Favoris
2008-01-06 20:41 . 2008-01-06 20:41 <REP> d-------- C:\Program Files\Google
2007-12-31 14:57 . 2007-12-31 14:57 <REP> d--hs---- C:\FOUND.002

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-25 14:23 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
2007-12-14 15:56 --------- d-----w C:\Program Files\AVIConverter
2007-12-02 19:38 --------- d-----w C:\Program Files\Fichiers communs\Real
2007-11-14 07:28 450,560 ----a-w C:\WINDOWS\system32\dllcache\jscript.dll
2007-11-11 18:02 724,992 ----a-w C:\WINDOWS\iun6002.exe
2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll
2007-11-07 09:28 728,576 ------w C:\WINDOWS\system32\dllcache\lsasrv.dll
2007-10-30 10:18 3,079,680 ----a-w C:\WINDOWS\system32\SET2B.tmp
2007-10-30 10:18 3,079,680 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-29 22:43 1,293,824 ------w C:\WINDOWS\system32\dllcache\quartz.dll
2006-10-30 09:51 14,685 ----a-w C:\Program Files\readme.htm
2006-10-19 19:51 7,110,656 ----a-w C:\Program Files\PES6.exe
2006-10-18 13:23 483,328 ----a-w C:\Program Files\settings.exe
.

((((((((((((((((((((((((((((( snapshot@2008-01-18_22.43.14.93 )))))))))))))))))))))))))))))))))))))))))
.
- 2007-11-10 13:43:32 68,608 ----a-w C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2008-01-18 21:54:54 68,608 ----a-w C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2007-11-10 13:43:44 72,192 ----a-w C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2008-01-18 21:55:14 72,192 ----a-w C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2007-11-10 13:43:46 4,308,992 ----a-w C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2008-01-18 21:55:20 4,308,992 ----a-w C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2007-11-10 13:43:48 482,304 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2008-01-18 21:55:28 482,304 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2007-11-10 13:43:40 2,878,976 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2008-01-18 21:55:02 2,902,016 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2007-11-10 13:43:26 258,048 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2008-01-18 21:54:42 258,048 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2007-11-10 13:43:26 114,176 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2008-01-18 21:54:42 114,176 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2007-11-10 13:43:54 260,096 ----a-w C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2008-01-18 21:55:48 260,096 ----a-w C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2007-11-10 13:43:36 5,025,792 ----a-w C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2008-01-18 21:54:58 5,156,864 ----a-w C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2007-11-10 13:43:30 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2008-01-18 21:54:52 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2007-11-10 13:43:26 503,808 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2008-01-18 21:54:42 507,904 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2007-11-10 13:43:26 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2008-01-18 21:54:44 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2007-11-10 13:43:42 8,192 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2008-01-18 21:55:10 8,192 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2007-11-10 13:43:42 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2008-01-18 21:55:10 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2007-11-10 13:43:42 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2008-01-18 21:55:12 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2007-11-10 13:43:28 413,696 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2008-01-18 21:54:48 413,696 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2007-11-10 13:43:30 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2008-01-18 21:54:48 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2007-11-10 13:43:30 647,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2008-01-18 21:54:50 647,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2007-11-10 13:43:30 73,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2008-01-18 21:54:50 73,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2007-11-10 13:43:28 745,472 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2008-01-18 21:54:46 749,568 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2007-11-10 13:43:58 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-01-18 21:56:02 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2007-11-10 13:43:56 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2008-01-18 21:56:00 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2007-11-10 13:43:22 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2008-01-18 21:54:38 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2007-11-10 13:43:56 667,648 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2008-01-18 21:55:56 667,648 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2007-11-10 13:43:58 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2008-01-18 21:56:04 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2007-11-10 13:43:24 12,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-01-18 21:54:40 12,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2007-11-10 13:43:24 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2008-01-18 21:54:40 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2007-11-10 13:43:24 7,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2008-01-18 21:54:40 7,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2007-11-10 13:43:50 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2008-01-18 21:55:38 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2007-11-10 13:43:32 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2008-01-18 21:54:54 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2007-11-10 13:43:50 389,120 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2008-01-18 21:55:40 413,696 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2007-11-10 13:43:48 716,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2008-01-18 21:55:30 716,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2007-11-10 13:43:26 884,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2008-01-18 21:54:44 888,832 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2007-11-10 13:43:42 5,050,368 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2008-01-18 21:55:04 5,001,216 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2007-11-10 13:43:34 188,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2008-01-18 21:54:56 188,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2007-11-10 13:43:32 397,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2008-01-18 21:54:54 397,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2007-11-10 13:43:34 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2008-01-18 21:54:56 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2007-11-10 13:43:52 700,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2008-01-18 21:55:44 577,536 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2007-11-10 13:43:48 368,640 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2008-01-18 21:55:32 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2007-11-10 13:43:54 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2008-01-18 21:55:46 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2007-11-10 13:43:50 299,008 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2008-01-18 21:55:34 299,008 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2007-11-10 13:43:50 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-01-18 21:55:36 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2007-11-10 13:43:32 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2008-01-18 21:54:52 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2007-11-10 13:43:34 114,688 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2008-01-18 21:54:58 114,688 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2007-11-10 13:43:54 835,584 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2008-01-18 21:55:52 835,584 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2007-11-10 13:43:36 86,016 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2008-01-18 21:55:00 86,016 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2007-11-10 13:43:36 823,296 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2008-01-18 21:55:00 823,296 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2007-11-10 13:43:38 5,316,608 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2008-01-18 21:55:00 5,152,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2007-11-10 13:43:40 2,035,712 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2008-01-18 21:55:02 2,027,520 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2007-11-10 13:43:52 3,018,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2008-01-18 21:55:42 2,940,928 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2008-01-19 14:05:20 26,624 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\16f8e5467333b654917893bbdda14ff0\Accessibility.ni.dll
+ 2008-01-19 14:05:26 888,832 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\f5a1ec9e477c27710cdae6bdcab1e7d3\AspNetMMCExt.ni.dll
+ 2008-01-19 14:05:28 237,568 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\31a212e25caf9e206bf07692827fbac9\CustomMarshalers.ni.dll
+ 2008-01-19 14:05:26 15,360 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\dfsvc\f5d80cbb13314195fda4daef781e3a6a\dfsvc.ni.exe
+ 2008-01-19 14:05:32 880,640 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\8180521300c87a6272843e750e53d95e\Microsoft.Build.Engine.ni.dll
+ 2008-01-19 14:05:34 81,920 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\540f20514bffe019e78b46623679d8da\Microsoft.Build.Framework.ni.dll
+ 2008-01-19 14:05:40 1,687,552 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\3494f44140ae3e52345d9bb0a09c3759\Microsoft.Build.Tasks.ni.dll
+ 2008-01-19 14:05:42 163,840 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\ce6025818077c4efc83b09bde67003e9\Microsoft.Build.Utilities.ni.dll
+ 2008-01-19 14:05:48 1,720,320 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\dc355522d33dd3d47e018ab9f44a3c51\Microsoft.VisualBasic.ni.dll
+ 2008-01-18 21:59:54 11,304,960 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\d6cf00e968fd1d152ec6512e22a4efbc\mscorlib.ni.dll
+ 2008-01-19 14:05:50 1,003,520 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3140fd8d0daf0c8c83892d03e7ef73f3\System.Configuration.ni.dll
+ 2008-01-19 13:13:00 6,676,480 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\b5a0a83e23ab2c57ec555338fb43735b\System.Data.ni.dll
+ 2008-01-19 14:05:54 1,724,416 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\44698bf46ecf1444d17ca327fe03ee31\System.Deployment.ni.dll
+ 2008-01-19 13:13:22 10,702,848 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Design\1c2bea369fb45611748f7ec7d08c5c1f\System.Design.ni.dll
+ 2008-01-19 14:06:00 1,216,512 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\73d80c8430f16a7c69e158d030105106\System.DirectoryServices.ni.dll
+ 2008-01-19 14:06:02 512,000 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\88fd2a6d700b37b57cc3e7437d561a1e\System.DirectoryServices.Protocols.ni.dll
+ 2008-01-19 13:13:24 229,376 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\45c26ec6652658b85317f373532aaab8\System.Drawing.Design.ni.dll
+ 2008-01-19 13:13:24 1,601,536 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c254e202d75150e8c658acf2349c89d2\System.Drawing.ni.dll
+ 2008-01-19 14:06:04 659,456 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\93a0bd12af9564e5fd01b458e0019abd\System.EnterpriseServices.ni.dll
+ 2008-01-19 14:06:04 294,912 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\93a0bd12af9564e5fd01b458e0019abd\System.EnterpriseServices.Wrapper.dll
+ 2008-01-19 14:06:08 729,088 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\39b928a8b573a1835dd0617907c2bf48\System.Security.ni.dll
+ 2008-01-19 14:06:10 684,032 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\ea17bb40423448d4a5fb5e2ff1846f4a\System.Transactions.ni.dll
+ 2008-01-19 14:07:02 2,306,048 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\44f062efec213c518e53fba18c02eb8e\System.Web.Mobile.ni.dll
+ 2008-01-19 14:07:02 237,568 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\7b7c93945135104be71e92061d67e05a\System.Web.RegularExpressions.ni.dll
+ 2008-01-19 14:07:08 1,941,504 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\510f68ca75453b07b929ab767de4c2f1\System.Web.Services.ni.dll
+ 2008-01-19 14:06:52 12,185,600 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\c09080f6f5cfd8eea036698f5567574a\System.Web.ni.dll
+ 2008-01-19 13:14:24 13,107,200 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\892f36b41bca0f201844a09ea120554e\System.Windows.Forms.ni.dll
+ 2008-01-19 13:15:50 5,623,808 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\75018aebb3406d5898871fa4599a1b4c\System.Xml.ni.dll
+ 2008-01-19 13:12:46 8,130,560 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\a5562e33b41fc318d8eadc7703172230\System.ni.dll
+ 2007-11-10 13:43:50 299,008 ------w C:\WINDOWS\assembly\temp\KTX048CFJN\System.Runtime.Remoting.dll
+ 2006-03-17 00:33:10 262,784 ------w C:\WINDOWS\Driver Cache\i386\http.sys
+ 2006-06-14 08:47:46 172,416 ------w C:\WINDOWS\Driver Cache\i386\kmixer.sys
+ 2007-02-28 16:02:22 2,138,112 ------w C:\WINDOWS\Driver Cache\i386\ntkrnlmp.exe
+ 2007-02-28 16:02:36 2,059,648 ------w C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe
+ 2007-02-28 16:02:22 2,017,792 ------w C:\WINDOWS\Driver Cache\i386\ntkrpamp.exe
+ 2007-02-28 16:02:36 2,182,400 ------w C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe
+ 2006-06-14 08:47:46 6,400 ------w C:\WINDOWS\Driver Cache\i386\splitter.sys
+ 2006-06-14 09:00:46 82,944 ------w C:\WINDOWS\Driver Cache\i386\wdmaud.sys
- 2008-01-17 21:37:04 249,856 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000001\ntuser.dat
+ 2008-01-25 14:14:54 249,856 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000001\NTUSER.DAT
- 2008-01-17 21:37:04 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000002\UsrClass.dat
+ 2008-01-25 14:14:54 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000002\UsrClass.dat
- 2008-01-17 21:37:06 5,058,560 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000003\ntuser.dat
+ 2008-01-25 14:14:54 5,046,272 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000003\NTUSER.DAT
- 2008-01-17 21:37:06 65,536 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000004\UsrClass.dat
+ 2008-01-25 14:14:54 65,536 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000004\UsrClass.dat
+ 2008-01-25 14:14:54 249,856 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000005\NTUSER.DAT
+ 2008-01-25 14:14:54 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000006\UsrClass.dat
+ 2008-01-23 14:54:56 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE
+ 2008-01-24 20:46:42 5,046,272 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\[u]0[/u]0000001\ntuser.dat
+ 2008-01-24 20:46:42 65,536 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\[u]0[/u]0000002\UsrClass.dat
+ 2008-01-23 14:54:56 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE
+ 2008-01-24 20:46:28 5,046,272 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000001\ntuser.dat
+ 2008-01-24 20:46:28 65,536 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000002\UsrClass.dat
- 2004-08-19 14:09:54 1,036,288 ----a-w C:\WINDOWS\explorer.exe
+ 2007-06-13 13:22:28 1,037,312 ----a-w C:\WINDOWS\explorer.exe
- 2005-09-23 06:28:58 55,488 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2007-04-13 02:21:18 58,712 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
- 2005-09-23 06:28:32 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
+ 2007-04-13 02:20:52 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
- 2005-09-23 06:28:32 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
+ 2007-04-13 02:20:52 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
- 2005-09-23 06:28:32 23,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2007-04-13 02:20:52 23,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
- 2005-09-23 06:28:32 70,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2007-04-13 02:20:50 75,264 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
- 2005-09-23 06:28:32 26,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
+ 2007-04-13 02:20:52 32,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
- 2005-09-23 06:28:32 29,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2007-04-13 02:20:52 33,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
- 2005-09-23 06:28:32 29,888 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2007-04-13 02:20:52 32,600 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
- 2005-09-23 06:28:32 503,808 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
+ 2007-04-13 02:20:52 507,904 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
- 2005-09-23 06:28:56 88,576 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2007-04-13 02:21:16 88,576 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
- 2005-09-23 06:28:38 4,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2007-04-13 02:20:58 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
- 2005-09-23 06:28:56 9,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2007-04-13 02:21:16 9,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
- 2005-09-23 06:28:56 224,952 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2007-04-13 02:21:16 228,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
- 2005-09-23 06:28:56 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
+ 2007-04-13 02:21:16 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
- 2005-09-23 06:28:48 413,696 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2007-04-13 02:21:10 413,696 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
- 2005-09-23 06:28:48 647,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2007-04-13 02:21:10 647,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
- 2005-09-23 06:28:48 745,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2007-04-13 02:21:08 749,568 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
- 2005-09-23 06:28:32 87,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
+ 2007-04-13 02:20:52 87,040 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
- 2005-09-23 06:28:56 800,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2007-04-13 02:21:18 802,304 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2005-09-23 06:28:56 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
+ 2007-04-13 02:21:16 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
- 2005-09-23 06:28:56 326,144 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2007-04-13 02:21:16 326,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
- 2005-09-23 06:28:56 4,308,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2007-04-13 02:21:16 4,308,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2005-09-23 06:28:56 102,400 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2007-04-13 02:21:16 102,912 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
- 2005-09-23 06:28:56 226,816 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
+ 2007-04-13 02:21:18 227,328 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
- 2005-09-23 06:28:56 66,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
+ 2007-04-13 02:21:18 68,952 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
- 2005-09-23 06:28:50 5,615,616 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2007-04-13 02:21:12 5,634,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2005-09-23 06:28:56 96,440 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2007-04-13 02:21:16 99,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ngen.exe
- 2005-09-23 06:28:56 14,848 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2007-04-13 02:21:18 15,360 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\normalization.dll
- 2005-09-23 06:28:50 136,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2007-04-13 02:21:12 136,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\peverify.dll
- 2005-09-23 06:28:56 377,344 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2007-04-13 02:21:18 382,464 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\SOS.dll
- 2005-09-23 06:28:56 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2007-04-13 02:21:18 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
- 2005-09-23 06:28:58 389,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
+ 2007-04-13 02:21:18 413,696 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
- 2005-09-23 06:28:56 2,878,976 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
+ 2007-04-13 02:21:16 2,902,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
- 2005-09-23 06:28:56 482,304 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
+ 2007-04-13 02:21:18 482,304 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
- 2005-09-23 06:28:56 716,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2007-04-13 02:21:18 716,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
- 2005-09-23 06:28:38 884,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2007-04-13 02:20:58 888,832 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
- 2005-09-23 06:28:56 5,050,368 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2007-04-13 02:21:16 5,001,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
- 2005-09-23 06:28:56 188,416 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2007-04-13 02:21:18 188,416 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
- 2005-09-23 06:28:56 3,018,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2007-04-13 02:21:16 2,940,928 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.dll
- 2005-09-23 06:28:56 700,416 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2007-04-13 02:21:16 577,536 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
- 2005-09-23 06:28:56 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2007-04-13 02:21:16 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
- 2005-09-23 06:28:56 47,616 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
+ 2007-04-13 02:21:18 47,616 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
- 2005-09-23 06:28:56 114,176 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
+ 2007-04-13 02:21:18 114,176 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
- 2005-09-23 06:28:56 368,640 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
+ 2007-04-13 02:21:16 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
- 2005-09-23 06:28:56 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
+ 2007-04-13 02:21:16 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
- 2005-09-23 06:28:56 260,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
+ 2007-04-13 02:21:18 260,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
- 2005-09-23 06:28:56 5,025,792 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2007-04-13 02:21:16 5,156,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
- 2005-09-23 06:28:56 5,316,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2007-04-13 02:21:16 5,152,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
- 2005-09-23 06:28:56 2,035,712 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2007-04-13 02:21:16 2,027,520 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
- 2005-09-23 06:29:06 1,140,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2007-04-13 02:21:28 1,166,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe
- 2005-09-23 06:28:30 1,306,624 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
+ 2007-04-13 02:20:50 1,330,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
- 2005-09-23 06:28:32 298,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2007-04-13 02:20:52 406,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\webengine.dll
- 2004-08-19 14:09:20 41,984 ----a-w C:\WINDOWS\msagent\agentdp2.dll
+ 2006-10-12 14:04:14 42,496 ----a-w C:\WINDOWS\msagent\agentdp2.dll
- 2006-03-09 07:24:44 57,344 ----a-w C:\WINDOWS\msagent\agentdpv.dll
+ 2007-03-09 13:48:06 57,344 ----a-w C:\WINDOWS\msagent\agentdpv.dll
- 2004-08-19 14:09:52 256,512 ----a-w C:\WINDOWS\msagent\agentsvr.exe
+ 2006-10-12 11:09:54 256,512 ----a-w C:\WINDOWS\msagent\agentsvr.exe
- 2004-08-19 14:09:20 100,352 ----a-w C:\WINDOWS\system32\6to4svc.dll
+ 2006-08-16 11:59:28 100,352 ----a-w C:\WINDOWS\system32\6to4svc.dll
- 2004-08-19 14:09:22 69,120 ----a-w C:\WINDOWS\system32\ciodm.dll
+ 2006-06-22 05:13:46 69,120 ----a-w C:\WINDOWS\system32\ciodm.dll
- 2004-08-19 14:09:22 611,328 ----a-w C:\WINDOWS\system32\comctl32.dll
+ 2006-08-25 15:51:14 617,472 ----a-w C:\WINDOWS\system32\comctl32.dll
- 2004-08-19 14:09:24 111,616 ----a-w C:\WINDOWS\system32\dhcpcsvc.dll
+ 2006-05-19 13:23:36 112,128 ----a-w C:\WINDOWS\system32\dhcpcsvc.dll
- 2004-08-19 14:09:20 100,352 ----a-w C:\WINDOWS\system32\dllcache\6to4svc.dll
+ 2006-08-16 11:59:28 100,352 ----a-w C:\WINDOWS\system32\dllcache\6to4svc.dll
- 2004-08-19 14:09:20 41,984 ----a-w C:\WINDOWS\system32\dllcache\agentdp2.dll
+ 2006-10-12 14:04:14 42,496 ----a-w C:\WINDOWS\system32\dllcache\agentdp2.dll
+ 2007-03-09 13:48:06 57,344 ----a-w C:\WINDOWS\system32\dllcache\agentdpv.dll
- 2004-08-19 14:09:52 256,512 ----a-w C:\WINDOWS\system32\dllcache\agentsvr.exe
+ 2006-10-12 11:09:54 256,512 ----a-w C:\WINDOWS\system32\dllcache\agentsvr.exe
- 2004-08-19 14:09:22 69,120 ----a-w C:\WINDOWS\system32\dllcache\ciodm.dll
+ 2006-06-22 05:13:46 69,120 ----a-w C:\WINDOWS\system32\dllcache\ciodm.dll
- 2004-08-19 15:09:22 611,328 ----a-w C:\WINDOWS\system32\dllcache\comctl32.dll
+ 2006-08-25 15:51:14 617,472 ----a-w C:\WINDOWS\system32\dllcache\comctl32.dll
- 2004-08-19 15:09:24 111,616 ----a-w C:\WINDOWS\system32\dllcache\dhcpcsvc.dll
+ 2006-05-19 13:23:36 112,128 ----a-w C:\WINDOWS\system32\dllcache\dhcpcsvc.dll
- 2004-08-19 15:09:24 81,408 ----a-w C:\WINDOWS\system32\dllcache\directdb.dll
+ 2007-05-16 15:13:54 86,528 ----a-w C:\WINDOWS\system32\dllcache\directdb.dll
- 2004-08-19 14:09:24 499,741 ----a-w C:\WINDOWS\system32\dllcache\dxmasf.dll
+ 2006-08-24 12:17:20 500,278 ----a-w C:\WINDOWS\system32\dllcache\dxmasf.dll
- 2004-08-19 14:09:54 1,036,288 ----a-w C:\WINDOWS\system32\dllcache\explorer.exe
+ 2007-06-13 13:22:28 1,037,312 ----a-w C:\WINDOWS\system32\dllcache\explorer.exe
- 2004-08-19 15:09:26 16,896 ----a-w C:\WINDOWS\system32\dllcache\fltlib.dll
+ 2006-08-21 12:26:16 16,896 ----a-w C:\WINDOWS\system32\dllcache\fltlib.dll
- 2004-08-19 15:09:56 22,528 ----a-w C:\WINDOWS\system32\dllcache\fltmc.exe
+ 2006-08-21 09:14:58 23,040 ----a-w C:\WINDOWS\system32\dllcache\fltmc.exe
- 2004-08-03 22:01:20 124,800 ----a-w C:\WINDOWS\system32\dllcache\fltmgr.sys
+ 2006-08-21 09:14:58 128,896 ----a-w C:\WINDOWS\system32\dllcache\fltmgr.sys
- 2004-08-19 15:09:32 95,744 ----a-w C:\WINDOWS\system32\dllcache\iphlpapi.dll
+ 2006-05-19 13:23:36 95,744 ----a-w C:\WINDOWS\system32\dllcache\iphlpapi.dll
- 2004-08-03 18:07:50 171,776 ----a-w C:\WINDOWS\system32\dllcache\kmixer.sys
+ 2006-06-14 08:47:46 172,416 ----a-w C:\WINDOWS\system32\dllcache\kmixer.sys
- 2004-08-19 14:09:32 39,936 ----a-w C:\WINDOWS\system32\dllcache\mf3216.dll
+ 2007-03-08 15:37:50 40,960 ----a-w C:\WINDOWS\system32\dllcache\mf3216.dll
- 2001-08-24 11:00:00 924,432 ----a-w C:\WINDOWS\system32\dllcache\mfc40u.dll
+ 2006-11-01 19:18:42 927,504 ----a-w C:\WINDOWS\system32\dllcache\mfc40u.dll
- 2004-08-19 15:09:32 1,024,000 ----a-w C:\WINDOWS\system32\dllcache\mfc42u.dll
+ 2006-12-14 13:45:54 981,760 ----a-w C:\WINDOWS\system32\dllcache\mfc42u.dll
- 2004-08-03 20:58:22 72,960 ----a-w C:\WINDOWS\system32\dllcache\mqac.sys
+ 2007-07-06 10:05:48 72,960 ----a-w C:\WINDOWS\system32\dllcache\mqac.sys
- 2004-08-19 14:09:32 138,240 ----a-w C:\WINDOWS\system32\dllcache\mqad.dll
+ 2007-07-06 12:50:48 138,240 ----a-w C:\WINDOWS\system32\dllcache\mqad.dll
- 2004-08-19 14:09:32 47,104 ----a-w C:\WINDOWS\system32\dllcache\mqdscli.dll
+ 2007-07-06 12:50:48 47,104 ----a-w C:\WINDOWS\system32\dllcache\mqdscli.dll
- 2004-08-19 14:09:32 16,896 ----a-w C:\WINDOWS\system32\dllcache\mqise.dll
+ 2007-07-06 12:50:48 16,896 ----a-w C:\WINDOWS\system32\dllcache\mqise.dll
- 2004-08-19 14:09:32 660,992 ----a-w C:\WINDOWS\system32\dllcache\mqqm.dll
+ 2007-07-06 12:50:48 660,992 ----a-w C:\WINDOWS\system32\dllcache\mqqm.dll
- 2004-08-19 14:09:32 177,152 ----a-w C:\WINDOWS\system32\dllcache\mqrt.dll
+ 2007-07-06 12:50:48 177,152 ----a-w C:\WINDOWS\system32\dllcache\mqrt.dll
- 2004-08-19 15:09:32 95,744 ----a-w C:\WINDOWS\system32\dllcache\mqsec.dll
+ 2007-07-06 12:50:48 95,744 ----a-w C:\WINDOWS\system32\dllcache\mqsec.dll
- 2004-08-19 14:09:34 48,640 ----a-w C:\WINDOWS\system32\dllcache\mqupgrd.dll
+ 2007-07-06 12:50:48 48,640 ----a-w C:\WINDOWS\system32\dllcache\mqupgrd.dll
- 2004-08-19 15:09:34 527,360 ----a-w C:\WINDOWS\system32\dllcache\mqutil.dll
+ 2007-07-06 12:50:48 527,360 ----a-w C:\WINDOWS\system32\dllcache\mqutil.dll
- 2004-08-19 15:09:34 536,576 ----a-w C:\WINDOWS\system32\dllcache\msado15.dll
+ 2006-12-26 13:09:12 536,576 ----a-w C:\WINDOWS\system32\dllcache\msado15.dll
- 2004-08-19 15:09:34 180,224 ----a-w C:\WINDOWS\system32\dllcache\msadomd.dll
+ 2006-12-26 13:09:12 180,224 ----a-w C:\WINDOWS\system32\dllcache\msadomd.dll
- 2004-08-19 15:09:34 200,704 ----a-w C:\WINDOWS\system32\dllcache\msadox.dll
+ 2006-12-26 13:09:12 200,704 ----a-w C:\WINDOWS\system32\dllcache\msadox.dll
- 2004-08-19 14:09:34 537,088 ----a-w C:\WINDOWS\system32\dllcache\msftedit.dll
+ 2006-11-27 14:55:30 539,136 ----a-w C:\WINDOWS\system32\dllcache\msftedit.dll
- 2004-08-19 15:09:34 102,400 ----a-w C:\WINDOWS\system32\dllcache\msjro.dll
+ 2006-12-26 13:09:12 102,400 ----a-w C:\WINDOWS\system32\dllcache\msjro.dll
- 2004-08-19 14:09:36 1,236,480 ----a-w C:\WINDOWS\system32\dllcache\msxml3.dll
+ 2007-06-26 06:09:14 1,104,896 ----a-w C:\WINDOWS\system32\dllcache\msxml3.dll
- 2004-08-03 21:15:10 574,592 ----a-w C:\WINDOWS\system32\dllcache\ntfs.sys
+ 2007-02-09 11:10:36 574,464 ----a-w C:\WINDOWS\system32\dllcache\ntfs.sys
- 2001-08-24 11:00:00 58,880 ----a-w C:\WINDOWS\system32\dllcache\nwapi32.dll
+ 2006-10-13 12:36:56 64,000 ----a-w C:\WINDOWS\system32\dllcache\nwapi32.dll
- 2004-08-19 14:09:38 147,968 ----a-w C:\WINDOWS\system32\dllcache\nwprovau.dll
+ 2006-10-13 12:36:56 145,920 ----a-w C:\WINDOWS\system32\dllcache\nwprovau.dll
- 2004-08-03 21:02:24 163,584 ----a-w C:\WINDOWS\system32\dllcache\nwrdr.sys
+ 2006-10-13 10:23:16 163,584 ----a-w C:\WINDOWS\system32\dllcache\nwrdr.sys
- 2004-08-19 15:09:38 553,472 ----a-w C:\WINDOWS\system32\dllcache\oleaut32.dll
+ 2007-05-17 11:29:50 549,376 ----a-w C:\WINDOWS\system32\dllcache\oleaut32.dll
- 2001-08-24 11:00:00 119,808 ----a-w C:\WINDOWS\system32\dllcache\oledlg.dll
+ 2006-10-16 16:16:00 124,928 ----a-w C:\WINDOWS\system32\dllcache\oledlg.dll
- 2004-08-19 14:09:40 1,440,768 ----a-w C:\WINDOWS\system32\dllcache\query.dll
+ 2006-06-22 05:13:46 1,440,768 ----a-w C:\WINDOWS\system32\dllcache\query.dll
- 2004-08-19 14:09:40 174,080 ----a-w C:\WINDOWS\system32\dllcache\rasmans.dll
+ 2006-06-22 10:48:06 181,248 ----a-w C:\WINDOWS\system32\dllcache\rasmans.dll
- 2004-08-19 14:09:40 431,616 ----a-w C:\WINDOWS\system32\dllcache\riched20.dll
+ 2006-11-27 14:55:32 433,152 ----a-w C:\WINDOWS\system32\dllcache\riched20.dll
- 2001-08-24 11:00:00 200,064 ----a-w C:\WINDOWS\system32\dllcache\rmcast.sys
+ 2006-07-13 08:48:58 202,240 ----a-w C:\WINDOWS\system32\dllcache\rmcast.sys
- 2004-08-19 15:09:40 144,896 ----a-w C:\WINDOWS\system32\dllcache\schannel.dll
+ 2007-04-25 14:22:36 144,896 ----a-w C:\WINDOWS\system32\dllcache\schannel.dll
- 2004-08-19 15:09:42 135,168 ----a-w C:\WINDOWS\system32\dllcache\shsvcs.dll
+ 2006-12-19 21:49:48 135,168 ----a-w C:\WINDOWS\system32\dllcache\shsvcs.dll
- 2004-08-03 18:07:48 6,400 ----a-w C:\WINDOWS\system32\dllcache\splitter.sys
+ 2006-06-14 08:47:46 6,400 ----a-w C:\WINDOWS\system32\dllcache\splitter.sys
- 2004-08-19 14:09:46 246,302 ----a-w C:\WINDOWS\system32\dllcache\strmdll.dll
+ 2006-08-24 12:19:40 246,814 ----a-w C:\WINDOWS\system32\dllcache\strmdll.dll
- 2004-08-19 15:09:46 716,800 ----a-w C:\WINDOWS\system32\dllcache\sxs.dll
+ 2006-10-20 01:38:44 716,800 ----a-w C:\WINDOWS\system32\dllcache\sxs.dll
- 2004-08-03 21:07:46 223,616 ----a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
+ 2006-08-16 09:37:30 225,664 ----a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
- 2004-08-19 15:09:48 185,344 ----a-w C:\WINDOWS\system32\dllcache\upnphost.dll
+ 2007-02-05 20:19:06 185,344 ----a-w C:\WINDOWS\system32\dllcache\upnphost.dll
- 2004-08-19 15:09:48 848,384 ----a-w C:\WINDOWS\system32\dllcache\vgx.dll
+ 2007-06-26 13:56:54 851,968 ----a-w C:\WINDOWS\system32\dllcache\vgx.dll
- 2004-08-03 18:15:06 82,944 ----a-w C:\WINDOWS\system32\dllcache\wdmaud.sys
+ 2006-06-14 09:00:46 82,944 ----a-w C:\WINDOWS\system32\dllcache\wdmaud.sys
- 2004-08-19 15:09:48 333,824 ----a-w C:\WINDOWS\system32\dllcache\wiaservc.dll
+ 2006-12-19 18:17:50 334,336 ----a-w C:\WINDOWS\system32\dllcache\wiaservc.dll
- 2004-08-19 14:09:48 132,096 ----a-w C:\WINDOWS\system32\dllcache\wkssvc.dll
+ 2006-08-17 12:29:50 132,096 ----a-w C:\WINDOWS\system32\dllcache\wkssvc.dll
- 2004-08-03 22:01:20 124,800 ----a-w C:\WINDOWS\system32\drivers\fltMgr.sys
+ 2006-08-21 09:14:58 128,896 ----a-w C:\WINDOWS\system32\drivers\fltMgr.sys
- 2006-03-09 07:24:50 262,400 ----a-w C:\WINDOWS\system32\drivers\http.sys
+ 2006-03-17 00:33:10 262,784 ----a-w C:\WINDOWS\system32\drivers\http.sys
- 2004-08-03 18:07:50 171,776 ----a-w C:\WINDOWS\system32\drivers\kmixer.sys
+ 2006-06-14 08:47:46 172,416 ----a-w C:\WINDOWS\system32\drivers\kmixer.sys
- 2004-08-03 20:58:22 72,960 ----a-w C:\WINDOWS\system32\drivers\mqac.sys
+ 2007-07-06 10:05:48 72,960 ----a-w C:\WINDOWS\system32\drivers\mqac.sys
- 2004-08-03 21:15:10 574,592 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys
+ 2007-02-09 11:10:36 574,464 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys
- 2004-08-03 21:02:24 163,584 ----a-w C:\WINDOWS\system32\drivers\nwrdr.sys
+ 2006-10-13 10:23:16 163,584 ----a-w C:\WINDOWS\system32\drivers\nwrdr.sys
- 2001-08-24 11:00:00 200,064 ----a-w C:\WINDOWS\system32\drivers\RMCast.sys
+ 2006-07-13 08:48:58 202,240 ----a-w C:\WINDOWS\system32\drivers\RMCast.sys
- 2004-08-03 18:07:48 6,400 ----a-w C:\WINDOWS\system32\drivers\splitter.sys
+ 2006-06-14 08:47:46 6,400 ----a-w C:\WINDOWS\system32\drivers\splitter.sys
- 2006-03-09 07:25:14 332,544 ----a-w C:\WINDOWS\system32\drivers\srv.sys
+ 2006-08-14 10:34:42 332,928 ----a-w C:\WINDOWS\system32\drivers\srv.sys
- 2006-02-14 18:56:26 359,808 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
+ 2007-10-30 17:20:56 360,064 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
- 2004-08-03 21:07:46 223,616 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
+ 2006-08-16 09:37:30 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
- 2004-08-03 18:15:06 82,944 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys
+ 2006-06-14 09:00:46 82,944 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys
- 2004-08-19 14:09:24 499,741 ----a-w C:\WINDOWS\system32\dxmasf.dll
+ 2006-08-24 12:17:20 500,278 ----a-w C:\WINDOWS\system32\dxmasf.dll
- 2004-08-19 15:09:26 16,896 ----a-w C:\WINDOWS\system32\fltlib.dll
+ 2006-08-21 12:26:16 16,896 ----a-w C:\WINDOWS\system32\fltlib.dll
- 2004-08-19 15:09:56 22,528 ----a-w C:\WINDOWS\system32\fltMc.exe
+ 2006-08-21 09:14:58 23,040 ----a-w C:\WINDOWS\system32\fltMc.exe
- 2007-03-10 18:46:30 342,624 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-01-19 20:49:26 342,624 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2006-03-09 07:24:50 280,064 ----a-w C:\WINDOWS\system32\gdi32.dll
+ 2007-06-19 13:32:26 282,112 ----a-w C:\WINDOWS\system32\gdi32.dll
- 2006-03-09 07:24:50 68,608 ----a-w C:\WINDOWS\system32\hlink.dll
+ 2006-07-21 08:27:28 72,704 ----a-w C:\WINDOWS\system32\hlink.dll
- 2006-04-12 08:57:46 679,424 ----a-w C:\WINDOWS\system32\inetcomm.dll
+ 2007-08-21 06:17:24 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
- 2004-08-19 14:09:32 95,744 ----a-w C:\WINDOWS\system32\iphlpapi.dll
+ 2006-05-19 13:23:36 95,744 ----a-w C:\WINDOWS\system32\iphlpapi.dll
- 2001-08-24 11:00:00 144,896 ----a-w C:\WINDOWS\system32\jgdw400.dll
+ 2006-06-01 18:48:44 163,840 ----a-w C:\WINDOWS\system32\jgdw400.dll
- 2001-08-24 11:00:00 42,496 ----a-w C:\WINDOWS\system32\jgpl400.dll
+ 2006-06-01 18:48:44 27,648 ----a-w C:\WINDOWS\system32\jgpl400.dll
- 2004-08-19 14:09:32 450,560 ----a-w C:\WINDOWS\system32\jscript.dll
+ 2007-11-14 07:28:02 450,560 ----a-w C:\WINDOWS\system32\jscript.dll
- 2004-08-19 14:09:32 39,936 ----a-w C:\WINDOWS\system32\mf3216.dll
+ 2007-03-08 15:37:50 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll
- 2001-08-24 11:00:00 924,432 ----a-w C:\WINDOWS\system32\mfc40u.dll
+ 2006-11-01 19:18:42 927,504 ----a-w C:\WINDOWS\system32\mfc40u.dll
- 2004-08-19 14:09:32 1,024,000 ----a-w C:\WINDOWS\system32\mfc42u.dll
+ 2006-12-14 13:45:54 981,760 ----a-w C:\WINDOWS\system32\mfc42u.dll
- 2004-08-19 14:09:32 138,240 ----a-w C:\WINDOWS\system32\mqad.dll
+ 2007-07-06 12:50:48 138,240 ----a-w C:\WINDOWS\system32\mqad.dll
- 2004-08-19 14:09:32 47,104 ----a-w C:\WINDOWS\system32\mqdscli.dll
+ 2007-07-06 12:50:48 47,104 ----a-w C:\WINDOWS\system32\mqdscli.dll
- 2004-08-19 14:09:32 16,896 ----a-w C:\WINDOWS\system32\mqise.dll
+ 2007-07-06 12:50:48 16,896 ----a-w C:\WINDOWS\system32\mqise.dll
- 2004-08-19 14:09:32 660,992 ----a-w C:\WINDOWS\system32\mqqm.dll
+ 2007-07-06 12:50:48 660,992 ----a-w C:\WINDOWS\system32\mqqm.dll
- 2004-08-19 14:09:32 177,152 ----a-w C:\WINDOWS\system32\mqrt.dll
+ 2007-07-06 12:50:48 177,152 ----a-w C:\WINDOWS\system32\mqrt.dll
- 2004-08-19 14:09:32 95,744 ----a-w C:\WINDOWS\system32\mqsec.dll
+ 2007-07-06 12:50:48 95,744 ----a-w C:\WINDOWS\system32\mqsec.dll
- 2004-08-19 14:09:34 48,640 ----a-w C:\WINDOWS\system32\mqupgrd.dll
+ 2007-07-06 12:50:48 48,640 ----a-w C:\WINDOWS\system32\mqupgrd.dll
- 2004-08-19 14:09:34 527,360 ----a-w C:\WINDOWS\system32\mqutil.dll
+ 2007-07-06 12:50:48 527,360 ----a-w C:\WINDOWS\system32\mqutil.dll
+ 2008-01-02 09:21:38 17,642,616 ----a-w C:\WINDOWS\system32\MRT.exe
- 2005-09-23 06:28:52 270,848 ----a-w C:\WINDOWS\system32\mscoree.dll
+ 2007-04-13 02:21:14 271,360 ----a-w C:\WINDOWS\system32\mscoree.dll
- 2004-08-19 14:09:34 537,088 ----a-w C:\WINDOWS\system32\msftedit.dll
+ 2006-11-27 14:55:30 539,136 ----a-w C:\WINDOWS\system32\msftedit.dll
- 2006-04-21 15:40:10 3,077,120 ------w C:\WINDOWS\system32\mshtml.dll
+ 2007-10-30 10:18:16 3,079,680 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2006-03-09 07:24:58 2,890,240 ----a-w C:\WINDOWS\system32\msi.dll
+ 2007-04-18 16:14:18 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
- 2004-08-19 14:09:36 1,236,480 ----a-w C:\WINDOWS\system32\msxml3.dll
+ 2007-06-26 06:09:14 1,104,896 ----a-w C:\WINDOWS\system32\msxml3.dll
- 2006-03-09 07:25:00 336,896 ----a-w C:\WINDOWS\system32\netapi32.dll
+ 2006-08-17 12:29:50 332,288 ----a-w C:\WINDOWS\system32\netapi32.dll
- 2006-05-09 07:11:18 2,058,880 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
+ 2007-02-28 16:02:36 2,059,648 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
- 2006-03-09 07:25:04 2,181,376 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
+ 2007-02-28 16:02:36 2,182,400 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
- 2001-08-24 11:00:00 58,880 ----a-w C:\WINDOWS\system32\nwapi32.dll
+ 2006-10-13 12:36:56 64,000 ----a-w C:\WINDOWS\system32\nwapi32.dll
- 2004-08-19 14:09:38 147,968 ----a-w C:\WINDOWS\system32\nwprovau.dll
+ 2006-10-13 12:36:56 145,920 ----a-w C:\WINDOWS\system32\nwprovau.dll
- 2006-03-09 07:25:04 65,024 ----a-w C:\WINDOWS\system32\nwwks.dll
+ 2006-10-13 12:36:56 65,536 ----a-w C:\WINDOWS\system32\nwwks.dll
- 2004-08-19 14:09:38 553,472 ----a-w C:\WINDOWS\system32\oleaut32.dll
+ 2007-05-17 11:29:50 549,376 ----a-w C:\WINDOWS\system32\oleaut32.dll
- 2001-08-24 11:00:00 119,808 ----a-w C:\WINDOWS\system32\oledlg.dll
+ 2006-10-16 16:16:00 124,928 ----a-w C:\WINDOWS\system32\oledlg.dll
- 2008-01-17 20:41:32 58,596 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-01-25 14:10:52 58,596 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-01-17 20:41:32 71,248 ----a-w C:\WINDOWS\system32\perfc00C.dat
+ 2008-01-25 14:10:52 71,248 ----a-w C:\WINDOWS\system32\perfc00C.dat
- 2008-01-17 20:41:32 392,296 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-01-25 14:10:52 392,296 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2008-01-17 20:41:32 458,230 ----a-w C:\WINDOWS\system32\perfh00C.dat
+ 2008-01-25 14:10:52 458,230 ----a-w C:\WINDOWS\system32\perfh00C.dat
- 2004-08-19 14:09:40 1,440,768 ----a-w C:\WINDOWS\system32\query.dll
+ 2006-06-22 05:13:46 1,440,768 ----a-w C:\WINDOWS\system32\query.dll
- 2004-08-19 14:09:40 174,080 ----a-w C:\WINDOWS\system32\rasmans.dll
+ 2006-06-22 10:48:06 181,248 ----a-w C:\WINDOWS\system32\rasmans.dll
- 2004-08-19 14:09:40 431,616 ----a-w C:\WINDOWS\system32\riched20.dll
+ 2006-11-27 14:55:32 433,152 ----a-w C:\WINDOWS\system32\riched20.dll
- 2006-03-09 07:25:06 581,632 ----a-w C:\WINDOWS\system32\rpcrt4.dll
+ 2007-07-09 13:11:46 584,192 ----a-w C:\WINDOWS\system32\rpcrt4.dll
- 2004-08-19 14:09:40 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
+ 2007-04-25 14:22:36 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
- 2006-04-12 17:13:58 1,495,040 ------w C:\WINDOWS\system32\shdocvw.dll
+ 2007-10-11 06:13:40 1,495,040 ----a-w C:\WINDOWS\system32\shdocvw.dll
- 2006-04-26 09:15:56 8,508,416 ----a-w C:\WINDOWS\system32\shell32.dll
+ 2007-10-25 16:56:24 8,510,976 ----a-w C:\WINDOWS\system32\shell32.dll
- 2006-04-12 17:13:58 474,624 ------w C:\WINDOWS\system32\shlwapi.dll
+ 2007-10-11 06:13:42 474,624 ----a-w C:\WINDOWS\system32\shlwapi.dll
- 2004-08-19 14:09:42 135,168 ----a-w C:\WINDOWS\system32\shsvcs.dll
+ 2006-12-19 21:49:48 135,168 ----a-w C:\WINDOWS\system32\shsvcs.dll
+ 2006-01-26 19:19:52 73,728 ----a-w C:\WINDOWS\system32\sockspy.dll
- 2004-08-19 14:09:46 246,302 ----a-w C:\WINDOWS\system32\strmdll.dll
+ 2006-08-24 12:19:40 246,814 ----a-w C:\WINDOWS\system32\strmdll.dll
- 2004-08-19 14:09:46 716,800 ----a-w C:\WINDOWS\system32\sxs.dll
+ 2006-10-20 01:38:44 716,800 ----a-w C:\WINDOWS\system32\sxs.dll
+ 2007-11-13 11:31:12 60,416 ------w C:\WINDOWS\system32\tzchange.exe
- 2004-08-19 15:09:48 185,344 ----a-w C:\WINDOWS\system32\upnphost.dll
+ 2007-02-05 20:19:06 185,344 ----a-w C:\WINDOWS\system32\upnphost.dll
- 2006-04-12 17:13:58 616,448 ------w C:\WINDOWS\system32\urlmon.dll
+ 2007-10-11 06:13:42 617,472 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2006-03-09 07:25:18 578,048 ----a-w C:\WINDOWS\system32\user32.dll
+ 2007-03-08 15:37:50 578,560 ----a-w C:\WINDOWS\system32\user32.dll
- 2004-08-19 14:09:48 333,824 ----a-w C:\WINDOWS\system32\wiaservc.dll
+ 2006-12-19 18:17:50 334,336 ----a-w C:\WINDOWS\system32\wiaservc.dll
- 2006-03-09 07:25:18 1,839,616 ----a-w C:\WINDOWS\system32\win32k.sys
+ 2007-03-08 15:33:58 1,843,712 ----a-w C:\WINDOWS\system32\win32k.sys
- 2006-04-12 17:13:58 667,648 ------w C:\WINDOWS\system32\wininet.dll
+ 2007-10-11 06:13:42 663,552 ----a-w C:\WINDOWS\system32\wininet.dll
- 2006-03-09 07:25:20 292,352 ----a-w C:\WINDOWS\system32\winsrv.dll
+ 2007-03-17 13:44:48 293,376 ----a-w C:\WINDOWS\system32\winsrv.dll
- 2004-08-19 14:09:48 132,096 ----a-w C:\WINDOWS\system32\wkssvc.dll
+ 2006-08-17 12:29:50 132,096 ----a-w C:\WINDOWS\system32\wkssvc.dll
- 2006-04-12 17:13:58 25,088 ------w C:\WINDOWS\system32\xpsp3res.dll
+ 2007-10-29 15:35:14 121,856 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2007-01-19 12:51:04 74,802 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll
+ 2007-01-19 12:51:04 995,383 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42.dll
+ 2007-01-19 12:51:04 1,011,774 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42u.dll
+ 2007-01-19 12:51:04 401,462 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\msvcp60.dll
+ 2006-08-25 07:51:14 1,054,208 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45 313472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"TrueImageMonitor.exe"="C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2006-10-16 21:12 1164912]
"AcronisTimounterMonitor"="C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe" [2006-10-16 21:17 1941784]
"Acronis Scheduler2 Service"="C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" [2006-10-16 21:13 87584]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2006-06-21 18:14 35328]
"BDMCon"="C:\Program Files\Softwin\BitDefender10\bdmcon.exe" [2007-11-07 12:48 290816]
"BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe" [2007-03-26 15:49 69632]
"lxdimon.exe"="C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe" [2007-05-07 19:07 435120]
"lxdiamon"="C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe" [2007-03-05 13:40 20480]
"FaxCenterServer"="C:\Program Files\\Lexmark Fax Solutions\fm3032.exe" [2007-05-07 19:10 312240]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-11-16 17:16 98304]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Config"="C:\WINDOWS\system32\run.cmd" [2006-02-14 11:24 248]
"nlsf"="cmd.exe" [2004-08-19 15:09 400896 C:\WINDOWS\system32\cmd.exe]
"tscuninstall"="C:\WINDOWS\system32\tscupgrd.exe" [2004-08-19 15:52 44544]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoDesktopCleanupWizard"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)
"NoStrCmpLogical"= 0 (0x0)
"NoInstrumentation"= 0 (0x0)
"NoSMHelp"= 1 (0x1)
"NoStartMenuMFUprogramsList"= 0 (0x0)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoDesktopCleanupWizard"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
&qu
0
Réponse 11 / 12
vader06 Messages postés 9 Statut Membre
 
Salut

Voici le scan,

ComboFix 08-01-18.1 - Administrateur 2008-01-25 15:15:59.2 - [color=red][b]FAT32[/b][/color]x86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.244 [GMT 1:00]
Running from: C:\Documents and Settings\Administrateur\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\Administrateur\Bureau\CFScript.txt
* Created a new restore point

[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]

FILE
C:\Documents and Settings\Administrateur\fpovvj.exe
C:\Documents and Settings\Administrateur\nbuijv.exe
C:\Documents and Settings\Administrateur\nnmvls.exe
C:\Documents and Settings\Administrateur\npwmkp.exe
C:\Documents and Settings\Administrateur\qqnafy.exe
C:\Documents and Settings\Administrateur\rqpqov.exe
C:\Documents and Settings\Administrateur\stubzn.exe
C:\Documents and Settings\Administrateur\wpemjt.exe
C:\Documents and Settings\Administrateur\yvkkle.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Administrateur\fpovvj.exe
C:\Documents and Settings\Administrateur\nbuijv.exe
C:\Documents and Settings\Administrateur\qqnafy.exe
C:\Documents and Settings\Administrateur\rqpqov.exe
C:\Documents and Settings\Administrateur\wpemjt.exe
C:\Documents and Settings\Administrateur\yvkkle.exe

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-12-25 to 2008-01-25 ))))))))))))))))))))))))))))))))))))
.

2008-01-24 21:46 . 2008-01-24 21:46 <REP> d-------- C:\WINDOWS\ERUNT
2008-01-24 13:53 . 2008-01-24 13:53 244 --ah----- C:\sqmnoopt03.sqm
2008-01-24 13:53 . 2008-01-24 13:53 244 --ah----- C:\sqmnoopt02.sqm
2008-01-24 13:53 . 2008-01-24 13:53 244 --ah----- C:\sqmnoopt01.sqm
2008-01-24 13:53 . 2008-01-24 13:53 232 --ah----- C:\sqmdata03.sqm
2008-01-24 13:53 . 2008-01-24 13:53 232 --ah----- C:\sqmdata02.sqm
2008-01-24 13:53 . 2008-01-24 13:53 232 --ah----- C:\sqmdata01.sqm
2008-01-23 21:39 . 2008-01-23 21:39 244 --ah----- C:\sqmnoopt00.sqm
2008-01-23 21:39 . 2008-01-23 21:39 232 --ah----- C:\sqmdata00.sqm
2008-01-21 15:58 . 2008-01-21 15:58 <REP> d-------- C:\WINDOWS\system32\LogFiles
2008-01-20 11:52 . 2008-01-20 11:52 <REP> d--hs---- C:\FOUND.004
2008-01-19 16:51 . 2008-01-23 18:50 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-19 16:51 . 2008-01-19 16:51 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-19 14:11 . 2008-01-19 14:11 <REP> d--hs---- C:\FOUND.003
2008-01-17 22:36 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-17 22:10 . 2008-01-17 22:10 <REP> d-------- C:\Program Files\Trend Micro
2008-01-17 21:13 . 2008-01-17 21:15 3,458 --a------ C:\WINDOWS\system32\tmp.reg
2008-01-17 20:10 . 2005-06-28 10:21 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-01-17 20:10 . 2008-01-17 20:10 140 --a------ C:\WINDOWS\system32\spupdsvc.inf
2008-01-17 20:09 . 2008-01-17 20:09 <REP> d--h----- C:\WINDOWS\$hf_mig$
2008-01-17 20:06 . 2006-08-14 11:34 332,928 --------- C:\WINDOWS\system32\dllcache\srv.sys
2008-01-17 20:06 . 2006-10-13 13:36 65,536 --------- C:\WINDOWS\system32\dllcache\nwwks.dll
2008-01-17 20:05 . 2007-10-25 17:56 8,510,976 --------- C:\WINDOWS\system32\dllcache\shell32.dll
2008-01-17 20:05 . 2007-02-28 17:02 2,182,400 --------- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-01-17 20:05 . 2007-02-28 17:02 2,138,112 --------- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-01-17 20:05 . 2007-02-28 17:02 2,059,648 --------- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-01-17 20:05 . 2007-02-28 17:02 2,017,792 --------- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-01-17 20:04 . 2007-03-08 16:33 1,843,712 --------- C:\WINDOWS\system32\dllcache\win32k.sys
2008-01-17 20:04 . 2007-05-16 16:13 1,314,816 --------- C:\WINDOWS\system32\dllcache\msoe.dll
2008-01-17 20:04 . 2007-03-08 16:37 578,560 --------- C:\WINDOWS\system32\dllcache\user32.dll
2008-01-17 20:04 . 2007-05-16 16:13 510,976 --------- C:\WINDOWS\system32\dllcache\wab32.dll
2008-01-17 20:04 . 2007-10-30 18:20 360,064 --------- C:\WINDOWS\system32\dllcache\tcpip.sys
2008-01-17 20:04 . 2006-08-17 13:29 332,288 --------- C:\WINDOWS\system32\dllcache\netapi32.dll
2008-01-17 20:04 . 2007-06-19 14:32 282,112 --------- C:\WINDOWS\system32\dllcache\gdi32.dll
2008-01-17 20:04 . 2007-05-16 16:13 85,504 --------- C:\WINDOWS\system32\dllcache\wabimp.dll
2008-01-17 20:04 . 2006-07-21 09:27 72,704 --------- C:\WINDOWS\system32\dllcache\hlink.dll
2008-01-17 20:03 . 2007-08-21 07:17 683,520 --------- C:\WINDOWS\system32\dllcache\inetcomm.dll
2008-01-17 20:03 . 2007-03-17 14:44 293,376 --------- C:\WINDOWS\system32\dllcache\winsrv.dll
2008-01-17 20:03 . 2006-06-01 19:48 163,840 --------- C:\WINDOWS\system32\dllcache\jgdw400.dll
2008-01-17 20:03 . 2006-06-01 19:48 27,648 --------- C:\WINDOWS\system32\dllcache\jgpl400.dll
2008-01-17 20:00 . 2007-07-09 14:11 584,192 --------- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2008-01-17 19:59 . 2006-05-05 10:41 453,120 --------- C:\WINDOWS\system32\dllcache\mrxsmb.sys
2008-01-17 19:59 . 2006-05-05 10:47 174,592 --------- C:\WINDOWS\system32\dllcache\rdbss.sys
2008-01-17 19:58 . 2007-01-23 20:31 546,304 --------- C:\WINDOWS\system32\dllcache\hhctrl.ocx
2008-01-17 19:57 . 2006-12-07 06:29 2,374,472 --------- C:\WINDOWS\system32\dllcache\wmvcore.dll
2008-01-17 19:52 . 2007-07-30 19:19 38,232 --a------ C:\WINDOWS\system32\wucltui.dll.mui
2008-01-17 19:52 . 2007-07-30 19:20 30,040 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
2008-01-17 19:52 . 2007-07-30 19:19 30,040 --a------ C:\WINDOWS\system32\wuapi.dll.mui
2008-01-17 19:52 . 2007-07-30 19:18 21,336 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
2008-01-13 11:25 . 2008-01-13 11:25 <REP> d-------- C:\Program Files\dat
2008-01-09 16:02 . 2008-01-09 16:02 <REP> dr------- C:\Documents and Settings\NetworkService\Favoris
2008-01-06 20:41 . 2008-01-06 20:41 <REP> d-------- C:\Program Files\Google
2007-12-31 14:57 . 2007-12-31 14:57 <REP> d--hs---- C:\FOUND.002

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-25 14:23 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
2007-12-14 15:56 --------- d-----w C:\Program Files\AVIConverter
2007-12-02 19:38 --------- d-----w C:\Program Files\Fichiers communs\Real
2007-11-14 07:28 450,560 ----a-w C:\WINDOWS\system32\dllcache\jscript.dll
2007-11-11 18:02 724,992 ----a-w C:\WINDOWS\iun6002.exe
2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll
2007-11-07 09:28 728,576 ------w C:\WINDOWS\system32\dllcache\lsasrv.dll
2007-10-30 10:18 3,079,680 ----a-w C:\WINDOWS\system32\SET2B.tmp
2007-10-30 10:18 3,079,680 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-29 22:43 1,293,824 ------w C:\WINDOWS\system32\dllcache\quartz.dll
2006-10-30 09:51 14,685 ----a-w C:\Program Files\readme.htm
2006-10-19 19:51 7,110,656 ----a-w C:\Program Files\PES6.exe
2006-10-18 13:23 483,328 ----a-w C:\Program Files\settings.exe
.

((((((((((((((((((((((((((((( snapshot@2008-01-18_22.43.14.93 )))))))))))))))))))))))))))))))))))))))))
.
- 2007-11-10 13:43:32 68,608 ----a-w C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2008-01-18 21:54:54 68,608 ----a-w C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2007-11-10 13:43:44 72,192 ----a-w C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2008-01-18 21:55:14 72,192 ----a-w C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2007-11-10 13:43:46 4,308,992 ----a-w C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2008-01-18 21:55:20 4,308,992 ----a-w C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2007-11-10 13:43:48 482,304 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2008-01-18 21:55:28 482,304 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2007-11-10 13:43:40 2,878,976 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2008-01-18 21:55:02 2,902,016 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2007-11-10 13:43:26 258,048 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2008-01-18 21:54:42 258,048 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2007-11-10 13:43:26 114,176 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2008-01-18 21:54:42 114,176 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2007-11-10 13:43:54 260,096 ----a-w C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2008-01-18 21:55:48 260,096 ----a-w C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2007-11-10 13:43:36 5,025,792 ----a-w C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2008-01-18 21:54:58 5,156,864 ----a-w C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2007-11-10 13:43:30 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2008-01-18 21:54:52 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2007-11-10 13:43:26 503,808 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2008-01-18 21:54:42 507,904 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2007-11-10 13:43:26 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2008-01-18 21:54:44 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2007-11-10 13:43:42 8,192 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2008-01-18 21:55:10 8,192 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2007-11-10 13:43:42 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2008-01-18 21:55:10 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2007-11-10 13:43:42 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2008-01-18 21:55:12 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2007-11-10 13:43:28 413,696 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2008-01-18 21:54:48 413,696 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2007-11-10 13:43:30 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2008-01-18 21:54:48 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2007-11-10 13:43:30 647,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2008-01-18 21:54:50 647,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2007-11-10 13:43:30 73,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2008-01-18 21:54:50 73,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2007-11-10 13:43:28 745,472 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2008-01-18 21:54:46 749,568 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2007-11-10 13:43:58 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-01-18 21:56:02 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2007-11-10 13:43:56 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2008-01-18 21:56:00 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2007-11-10 13:43:22 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2008-01-18 21:54:38 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2007-11-10 13:43:56 667,648 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2008-01-18 21:55:56 667,648 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2007-11-10 13:43:58 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2008-01-18 21:56:04 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2007-11-10 13:43:24 12,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-01-18 21:54:40 12,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2007-11-10 13:43:24 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2008-01-18 21:54:40 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2007-11-10 13:43:24 7,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2008-01-18 21:54:40 7,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2007-11-10 13:43:50 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2008-01-18 21:55:38 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2007-11-10 13:43:32 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2008-01-18 21:54:54 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2007-11-10 13:43:50 389,120 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2008-01-18 21:55:40 413,696 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2007-11-10 13:43:48 716,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2008-01-18 21:55:30 716,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2007-11-10 13:43:26 884,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2008-01-18 21:54:44 888,832 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2007-11-10 13:43:42 5,050,368 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2008-01-18 21:55:04 5,001,216 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2007-11-10 13:43:34 188,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2008-01-18 21:54:56 188,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2007-11-10 13:43:32 397,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2008-01-18 21:54:54 397,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2007-11-10 13:43:34 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2008-01-18 21:54:56 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2007-11-10 13:43:52 700,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2008-01-18 21:55:44 577,536 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2007-11-10 13:43:48 368,640 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2008-01-18 21:55:32 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2007-11-10 13:43:54 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2008-01-18 21:55:46 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2007-11-10 13:43:50 299,008 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2008-01-18 21:55:34 299,008 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2007-11-10 13:43:50 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-01-18 21:55:36 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2007-11-10 13:43:32 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2008-01-18 21:54:52 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2007-11-10 13:43:34 114,688 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2008-01-18 21:54:58 114,688 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2007-11-10 13:43:54 835,584 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2008-01-18 21:55:52 835,584 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2007-11-10 13:43:36 86,016 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2008-01-18 21:55:00 86,016 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2007-11-10 13:43:36 823,296 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2008-01-18 21:55:00 823,296 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2007-11-10 13:43:38 5,316,608 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2008-01-18 21:55:00 5,152,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2007-11-10 13:43:40 2,035,712 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2008-01-18 21:55:02 2,027,520 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2007-11-10 13:43:52 3,018,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2008-01-18 21:55:42 2,940,928 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2008-01-19 14:05:20 26,624 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\16f8e5467333b654917893bbdda14ff0\Accessibility.ni.dll
+ 2008-01-19 14:05:26 888,832 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\f5a1ec9e477c27710cdae6bdcab1e7d3\AspNetMMCExt.ni.dll
+ 2008-01-19 14:05:28 237,568 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\31a212e25caf9e206bf07692827fbac9\CustomMarshalers.ni.dll
+ 2008-01-19 14:05:26 15,360 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\dfsvc\f5d80cbb13314195fda4daef781e3a6a\dfsvc.ni.exe
+ 2008-01-19 14:05:32 880,640 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\8180521300c87a6272843e750e53d95e\Microsoft.Build.Engine.ni.dll
+ 2008-01-19 14:05:34 81,920 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\540f20514bffe019e78b46623679d8da\Microsoft.Build.Framework.ni.dll
+ 2008-01-19 14:05:40 1,687,552 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\3494f44140ae3e52345d9bb0a09c3759\Microsoft.Build.Tasks.ni.dll
+ 2008-01-19 14:05:42 163,840 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\ce6025818077c4efc83b09bde67003e9\Microsoft.Build.Utilities.ni.dll
+ 2008-01-19 14:05:48 1,720,320 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\dc355522d33dd3d47e018ab9f44a3c51\Microsoft.VisualBasic.ni.dll
+ 2008-01-18 21:59:54 11,304,960 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\d6cf00e968fd1d152ec6512e22a4efbc\mscorlib.ni.dll
+ 2008-01-19 14:05:50 1,003,520 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3140fd8d0daf0c8c83892d03e7ef73f3\System.Configuration.ni.dll
+ 2008-01-19 13:13:00 6,676,480 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\b5a0a83e23ab2c57ec555338fb43735b\System.Data.ni.dll
+ 2008-01-19 14:05:54 1,724,416 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\44698bf46ecf1444d17ca327fe03ee31\System.Deployment.ni.dll
+ 2008-01-19 13:13:22 10,702,848 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Design\1c2bea369fb45611748f7ec7d08c5c1f\System.Design.ni.dll
+ 2008-01-19 14:06:00 1,216,512 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\73d80c8430f16a7c69e158d030105106\System.DirectoryServices.ni.dll
+ 2008-01-19 14:06:02 512,000 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\88fd2a6d700b37b57cc3e7437d561a1e\System.DirectoryServices.Protocols.ni.dll
+ 2008-01-19 13:13:24 229,376 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\45c26ec6652658b85317f373532aaab8\System.Drawing.Design.ni.dll
+ 2008-01-19 13:13:24 1,601,536 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c254e202d75150e8c658acf2349c89d2\System.Drawing.ni.dll
+ 2008-01-19 14:06:04 659,456 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\93a0bd12af9564e5fd01b458e0019abd\System.EnterpriseServices.ni.dll
+ 2008-01-19 14:06:04 294,912 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\93a0bd12af9564e5fd01b458e0019abd\System.EnterpriseServices.Wrapper.dll
+ 2008-01-19 14:06:08 729,088 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\39b928a8b573a1835dd0617907c2bf48\System.Security.ni.dll
+ 2008-01-19 14:06:10 684,032 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\ea17bb40423448d4a5fb5e2ff1846f4a\System.Transactions.ni.dll
+ 2008-01-19 14:07:02 2,306,048 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\44f062efec213c518e53fba18c02eb8e\System.Web.Mobile.ni.dll
+ 2008-01-19 14:07:02 237,568 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\7b7c93945135104be71e92061d67e05a\System.Web.RegularExpressions.ni.dll
+ 2008-01-19 14:07:08 1,941,504 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\510f68ca75453b07b929ab767de4c2f1\System.Web.Services.ni.dll
+ 2008-01-19 14:06:52 12,185,600 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\c09080f6f5cfd8eea036698f5567574a\System.Web.ni.dll
+ 2008-01-19 13:14:24 13,107,200 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\892f36b41bca0f201844a09ea120554e\System.Windows.Forms.ni.dll
+ 2008-01-19 13:15:50 5,623,808 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\75018aebb3406d5898871fa4599a1b4c\System.Xml.ni.dll
+ 2008-01-19 13:12:46 8,130,560 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\a5562e33b41fc318d8eadc7703172230\System.ni.dll
+ 2007-11-10 13:43:50 299,008 ------w C:\WINDOWS\assembly\temp\KTX048CFJN\System.Runtime.Remoting.dll
+ 2006-03-17 00:33:10 262,784 ------w C:\WINDOWS\Driver Cache\i386\http.sys
+ 2006-06-14 08:47:46 172,416 ------w C:\WINDOWS\Driver Cache\i386\kmixer.sys
+ 2007-02-28 16:02:22 2,138,112 ------w C:\WINDOWS\Driver Cache\i386\ntkrnlmp.exe
+ 2007-02-28 16:02:36 2,059,648 ------w C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe
+ 2007-02-28 16:02:22 2,017,792 ------w C:\WINDOWS\Driver Cache\i386\ntkrpamp.exe
+ 2007-02-28 16:02:36 2,182,400 ------w C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe
+ 2006-06-14 08:47:46 6,400 ------w C:\WINDOWS\Driver Cache\i386\splitter.sys
+ 2006-06-14 09:00:46 82,944 ------w C:\WINDOWS\Driver Cache\i386\wdmaud.sys
- 2008-01-17 21:37:04 249,856 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000001\ntuser.dat
+ 2008-01-25 14:14:54 249,856 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000001\NTUSER.DAT
- 2008-01-17 21:37:04 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000002\UsrClass.dat
+ 2008-01-25 14:14:54 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000002\UsrClass.dat
- 2008-01-17 21:37:06 5,058,560 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000003\ntuser.dat
+ 2008-01-25 14:14:54 5,046,272 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000003\NTUSER.DAT
- 2008-01-17 21:37:06 65,536 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000004\UsrClass.dat
+ 2008-01-25 14:14:54 65,536 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000004\UsrClass.dat
+ 2008-01-25 14:14:54 249,856 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000005\NTUSER.DAT
+ 2008-01-25 14:14:54 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000006\UsrClass.dat
+ 2008-01-23 14:54:56 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE
+ 2008-01-24 20:46:42 5,046,272 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\[u]0[/u]0000001\ntuser.dat
+ 2008-01-24 20:46:42 65,536 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\[u]0[/u]0000002\UsrClass.dat
+ 2008-01-23 14:54:56 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE
+ 2008-01-24 20:46:28 5,046,272 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000001\ntuser.dat
+ 2008-01-24 20:46:28 65,536 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000002\UsrClass.dat
- 2004-08-19 14:09:54 1,036,288 ----a-w C:\WINDOWS\explorer.exe
+ 2007-06-13 13:22:28 1,037,312 ----a-w C:\WINDOWS\explorer.exe
- 2005-09-23 06:28:58 55,488 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2007-04-13 02:21:18 58,712 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
- 2005-09-23 06:28:32 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
+ 2007-04-13 02:20:52 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
- 2005-09-23 06:28:32 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
+ 2007-04-13 02:20:52 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
- 2005-09-23 06:28:32 23,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2007-04-13 02:20:52 23,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
- 2005-09-23 06:28:32 70,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2007-04-13 02:20:50 75,264 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
- 2005-09-23 06:28:32 26,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
+ 2007-04-13 02:20:52 32,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
- 2005-09-23 06:28:32 29,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2007-04-13 02:20:52 33,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
- 2005-09-23 06:28:32 29,888 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2007-04-13 02:20:52 32,600 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
- 2005-09-23 06:28:32 503,808 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
+ 2007-04-13 02:20:52 507,904 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
- 2005-09-23 06:28:56 88,576 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2007-04-13 02:21:16 88,576 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
- 2005-09-23 06:28:38 4,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2007-04-13 02:20:58 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
- 2005-09-23 06:28:56 9,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2007-04-13 02:21:16 9,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
- 2005-09-23 06:28:56 224,952 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2007-04-13 02:21:16 228,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
- 2005-09-23 06:28:56 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
+ 2007-04-13 02:21:16 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
- 2005-09-23 06:28:48 413,696 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2007-04-13 02:21:10 413,696 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
- 2005-09-23 06:28:48 647,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2007-04-13 02:21:10 647,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
- 2005-09-23 06:28:48 745,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2007-04-13 02:21:08 749,568 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
- 2005-09-23 06:28:32 87,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
+ 2007-04-13 02:20:52 87,040 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
- 2005-09-23 06:28:56 800,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2007-04-13 02:21:18 802,304 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2005-09-23 06:28:56 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
+ 2007-04-13 02:21:16 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
- 2005-09-23 06:28:56 326,144 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2007-04-13 02:21:16 326,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
- 2005-09-23 06:28:56 4,308,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2007-04-13 02:21:16 4,308,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2005-09-23 06:28:56 102,400 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2007-04-13 02:21:16 102,912 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
- 2005-09-23 06:28:56 226,816 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
+ 2007-04-13 02:21:18 227,328 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
- 2005-09-23 06:28:56 66,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
+ 2007-04-13 02:21:18 68,952 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
- 2005-09-23 06:28:50 5,615,616 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2007-04-13 02:21:12 5,634,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2005-09-23 06:28:56 96,440 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2007-04-13 02:21:16 99,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ngen.exe
- 2005-09-23 06:28:56 14,848 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2007-04-13 02:21:18 15,360 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\normalization.dll
- 2005-09-23 06:28:50 136,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2007-04-13 02:21:12 136,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\peverify.dll
- 2005-09-23 06:28:56 377,344 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2007-04-13 02:21:18 382,464 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\SOS.dll
- 2005-09-23 06:28:56 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2007-04-13 02:21:18 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
- 2005-09-23 06:28:58 389,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
+ 2007-04-13 02:21:18 413,696 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
- 2005-09-23 06:28:56 2,878,976 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
+ 2007-04-13 02:21:16 2,902,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
- 2005-09-23 06:28:56 482,304 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
+ 2007-04-13 02:21:18 482,304 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
- 2005-09-23 06:28:56 716,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2007-04-13 02:21:18 716,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
- 2005-09-23 06:28:38 884,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2007-04-13 02:20:58 888,832 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
- 2005-09-23 06:28:56 5,050,368 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2007-04-13 02:21:16 5,001,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
- 2005-09-23 06:28:56 188,416 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2007-04-13 02:21:18 188,416 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
- 2005-09-23 06:28:56 3,018,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2007-04-13 02:21:16 2,940,928 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.dll
- 2005-09-23 06:28:56 700,416 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2007-04-13 02:21:16 577,536 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
- 2005-09-23 06:28:56 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2007-04-13 02:21:16 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
- 2005-09-23 06:28:56 47,616 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
+ 2007-04-13 02:21:18 47,616 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
- 2005-09-23 06:28:56 114,176 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
+ 2007-04-13 02:21:18 114,176 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
- 2005-09-23 06:28:56 368,640 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
+ 2007-04-13 02:21:16 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
- 2005-09-23 06:28:56 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
+ 2007-04-13 02:21:16 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
- 2005-09-23 06:28:56 260,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
+ 2007-04-13 02:21:18 260,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
- 2005-09-23 06:28:56 5,025,792 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2007-04-13 02:21:16 5,156,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
- 2005-09-23 06:28:56 5,316,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2007-04-13 02:21:16 5,152,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
- 2005-09-23 06:28:56 2,035,712 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2007-04-13 02:21:16 2,027,520 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
- 2005-09-23 06:29:06 1,140,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2007-04-13 02:21:28 1,166,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe
- 2005-09-23 06:28:30 1,306,624 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
+ 2007-04-13 02:20:50 1,330,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
- 2005-09-23 06:28:32 298,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2007-04-13 02:20:52 406,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\webengine.dll
- 2004-08-19 14:09:20 41,984 ----a-w C:\WINDOWS\msagent\agentdp2.dll
+ 2006-10-12 14:04:14 42,496 ----a-w C:\WINDOWS\msagent\agentdp2.dll
- 2006-03-09 07:24:44 57,344 ----a-w C:\WINDOWS\msagent\agentdpv.dll
+ 2007-03-09 13:48:06 57,344 ----a-w C:\WINDOWS\msagent\agentdpv.dll
- 2004-08-19 14:09:52 256,512 ----a-w C:\WINDOWS\msagent\agentsvr.exe
+ 2006-10-12 11:09:54 256,512 ----a-w C:\WINDOWS\msagent\agentsvr.exe
- 2004-08-19 14:09:20 100,352 ----a-w C:\WINDOWS\system32\6to4svc.dll
+ 2006-08-16 11:59:28 100,352 ----a-w C:\WINDOWS\system32\6to4svc.dll
- 2004-08-19 14:09:22 69,120 ----a-w C:\WINDOWS\system32\ciodm.dll
+ 2006-06-22 05:13:46 69,120 ----a-w C:\WINDOWS\system32\ciodm.dll
- 2004-08-19 14:09:22 611,328 ----a-w C:\WINDOWS\system32\comctl32.dll
+ 2006-08-25 15:51:14 617,472 ----a-w C:\WINDOWS\system32\comctl32.dll
- 2004-08-19 14:09:24 111,616 ----a-w C:\WINDOWS\system32\dhcpcsvc.dll
+ 2006-05-19 13:23:36 112,128 ----a-w C:\WINDOWS\system32\dhcpcsvc.dll
- 2004-08-19 14:09:20 100,352 ----a-w C:\WINDOWS\system32\dllcache\6to4svc.dll
+ 2006-08-16 11:59:28 100,352 ----a-w C:\WINDOWS\system32\dllcache\6to4svc.dll
- 2004-08-19 14:09:20 41,984 ----a-w C:\WINDOWS\system32\dllcache\agentdp2.dll
+ 2006-10-12 14:04:14 42,496 ----a-w C:\WINDOWS\system32\dllcache\agentdp2.dll
+ 2007-03-09 13:48:06 57,344 ----a-w C:\WINDOWS\system32\dllcache\agentdpv.dll
- 2004-08-19 14:09:52 256,512 ----a-w C:\WINDOWS\system32\dllcache\agentsvr.exe
+ 2006-10-12 11:09:54 256,512 ----a-w C:\WINDOWS\system32\dllcache\agentsvr.exe
- 2004-08-19 14:09:22 69,120 ----a-w C:\WINDOWS\system32\dllcache\ciodm.dll
+ 2006-06-22 05:13:46 69,120 ----a-w C:\WINDOWS\system32\dllcache\ciodm.dll
- 2004-08-19 15:09:22 611,328 ----a-w C:\WINDOWS\system32\dllcache\comctl32.dll
+ 2006-08-25 15:51:14 617,472 ----a-w C:\WINDOWS\system32\dllcache\comctl32.dll
- 2004-08-19 15:09:24 111,616 ----a-w C:\WINDOWS\system32\dllcache\dhcpcsvc.dll
+ 2006-05-19 13:23:36 112,128 ----a-w C:\WINDOWS\system32\dllcache\dhcpcsvc.dll
- 2004-08-19 15:09:24 81,408 ----a-w C:\WINDOWS\system32\dllcache\directdb.dll
+ 2007-05-16 15:13:54 86,528 ----a-w C:\WINDOWS\system32\dllcache\directdb.dll
- 2004-08-19 14:09:24 499,741 ----a-w C:\WINDOWS\system32\dllcache\dxmasf.dll
+ 2006-08-24 12:17:20 500,278 ----a-w C:\WINDOWS\system32\dllcache\dxmasf.dll
- 2004-08-19 14:09:54 1,036,288 ----a-w C:\WINDOWS\system32\dllcache\explorer.exe
+ 2007-06-13 13:22:28 1,037,312 ----a-w C:\WINDOWS\system32\dllcache\explorer.exe
- 2004-08-19 15:09:26 16,896 ----a-w C:\WINDOWS\system32\dllcache\fltlib.dll
+ 2006-08-21 12:26:16 16,896 ----a-w C:\WINDOWS\system32\dllcache\fltlib.dll
- 2004-08-19 15:09:56 22,528 ----a-w C:\WINDOWS\system32\dllcache\fltmc.exe
+ 2006-08-21 09:14:58 23,040 ----a-w C:\WINDOWS\system32\dllcache\fltmc.exe
- 2004-08-03 22:01:20 124,800 ----a-w C:\WINDOWS\system32\dllcache\fltmgr.sys
+ 2006-08-21 09:14:58 128,896 ----a-w C:\WINDOWS\system32\dllcache\fltmgr.sys
- 2004-08-19 15:09:32 95,744 ----a-w C:\WINDOWS\system32\dllcache\iphlpapi.dll
+ 2006-05-19 13:23:36 95,744 ----a-w C:\WINDOWS\system32\dllcache\iphlpapi.dll
- 2004-08-03 18:07:50 171,776 ----a-w C:\WINDOWS\system32\dllcache\kmixer.sys
+ 2006-06-14 08:47:46 172,416 ----a-w C:\WINDOWS\system32\dllcache\kmixer.sys
- 2004-08-19 14:09:32 39,936 ----a-w C:\WINDOWS\system32\dllcache\mf3216.dll
+ 2007-03-08 15:37:50 40,960 ----a-w C:\WINDOWS\system32\dllcache\mf3216.dll
- 2001-08-24 11:00:00 924,432 ----a-w C:\WINDOWS\system32\dllcache\mfc40u.dll
+ 2006-11-01 19:18:42 927,504 ----a-w C:\WINDOWS\system32\dllcache\mfc40u.dll
- 2004-08-19 15:09:32 1,024,000 ----a-w C:\WINDOWS\system32\dllcache\mfc42u.dll
+ 2006-12-14 13:45:54 981,760 ----a-w C:\WINDOWS\system32\dllcache\mfc42u.dll
- 2004-08-03 20:58:22 72,960 ----a-w C:\WINDOWS\system32\dllcache\mqac.sys
+ 2007-07-06 10:05:48 72,960 ----a-w C:\WINDOWS\system32\dllcache\mqac.sys
- 2004-08-19 14:09:32 138,240 ----a-w C:\WINDOWS\system32\dllcache\mqad.dll
+ 2007-07-06 12:50:48 138,240 ----a-w C:\WINDOWS\system32\dllcache\mqad.dll
- 2004-08-19 14:09:32 47,104 ----a-w C:\WINDOWS\system32\dllcache\mqdscli.dll
+ 2007-07-06 12:50:48 47,104 ----a-w C:\WINDOWS\system32\dllcache\mqdscli.dll
- 2004-08-19 14:09:32 16,896 ----a-w C:\WINDOWS\system32\dllcache\mqise.dll
+ 2007-07-06 12:50:48 16,896 ----a-w C:\WINDOWS\system32\dllcache\mqise.dll
- 2004-08-19 14:09:32 660,992 ----a-w C:\WINDOWS\system32\dllcache\mqqm.dll
+ 2007-07-06 12:50:48 660,992 ----a-w C:\WINDOWS\system32\dllcache\mqqm.dll
- 2004-08-19 14:09:32 177,152 ----a-w C:\WINDOWS\system32\dllcache\mqrt.dll
+ 2007-07-06 12:50:48 177,152 ----a-w C:\WINDOWS\system32\dllcache\mqrt.dll
- 2004-08-19 15:09:32 95,744 ----a-w C:\WINDOWS\system32\dllcache\mqsec.dll
+ 2007-07-06 12:50:48 95,744 ----a-w C:\WINDOWS\system32\dllcache\mqsec.dll
- 2004-08-19 14:09:34 48,640 ----a-w C:\WINDOWS\system32\dllcache\mqupgrd.dll
+ 2007-07-06 12:50:48 48,640 ----a-w C:\WINDOWS\system32\dllcache\mqupgrd.dll
- 2004-08-19 15:09:34 527,360 ----a-w C:\WINDOWS\system32\dllcache\mqutil.dll
+ 2007-07-06 12:50:48 527,360 ----a-w C:\WINDOWS\system32\dllcache\mqutil.dll
- 2004-08-19 15:09:34 536,576 ----a-w C:\WINDOWS\system32\dllcache\msado15.dll
+ 2006-12-26 13:09:12 536,576 ----a-w C:\WINDOWS\system32\dllcache\msado15.dll
- 2004-08-19 15:09:34 180,224 ----a-w C:\WINDOWS\system32\dllcache\msadomd.dll
+ 2006-12-26 13:09:12 180,224 ----a-w C:\WINDOWS\system32\dllcache\msadomd.dll
- 2004-08-19 15:09:34 200,704 ----a-w C:\WINDOWS\system32\dllcache\msadox.dll
+ 2006-12-26 13:09:12 200,704 ----a-w C:\WINDOWS\system32\dllcache\msadox.dll
- 2004-08-19 14:09:34 537,088 ----a-w C:\WINDOWS\system32\dllcache\msftedit.dll
+ 2006-11-27 14:55:30 539,136 ----a-w C:\WINDOWS\system32\dllcache\msftedit.dll
- 2004-08-19 15:09:34 102,400 ----a-w C:\WINDOWS\system32\dllcache\msjro.dll
+ 2006-12-26 13:09:12 102,400 ----a-w C:\WINDOWS\system32\dllcache\msjro.dll
- 2004-08-19 14:09:36 1,236,480 ----a-w C:\WINDOWS\system32\dllcache\msxml3.dll
+ 2007-06-26 06:09:14 1,104,896 ----a-w C:\WINDOWS\system32\dllcache\msxml3.dll
- 2004-08-03 21:15:10 574,592 ----a-w C:\WINDOWS\system32\dllcache\ntfs.sys
+ 2007-02-09 11:10:36 574,464 ----a-w C:\WINDOWS\system32\dllcache\ntfs.sys
- 2001-08-24 11:00:00 58,880 ----a-w C:\WINDOWS\system32\dllcache\nwapi32.dll
+ 2006-10-13 12:36:56 64,000 ----a-w C:\WINDOWS\system32\dllcache\nwapi32.dll
- 2004-08-19 14:09:38 147,968 ----a-w C:\WINDOWS\system32\dllcache\nwprovau.dll
+ 2006-10-13 12:36:56 145,920 ----a-w C:\WINDOWS\system32\dllcache\nwprovau.dll
- 2004-08-03 21:02:24 163,584 ----a-w C:\WINDOWS\system32\dllcache\nwrdr.sys
+ 2006-10-13 10:23:16 163,584 ----a-w C:\WINDOWS\system32\dllcache\nwrdr.sys
- 2004-08-19 15:09:38 553,472 ----a-w C:\WINDOWS\system32\dllcache\oleaut32.dll
+ 2007-05-17 11:29:50 549,376 ----a-w C:\WINDOWS\system32\dllcache\oleaut32.dll
- 2001-08-24 11:00:00 119,808 ----a-w C:\WINDOWS\system32\dllcache\oledlg.dll
+ 2006-10-16 16:16:00 124,928 ----a-w C:\WINDOWS\system32\dllcache\oledlg.dll
- 2004-08-19 14:09:40 1,440,768 ----a-w C:\WINDOWS\system32\dllcache\query.dll
+ 2006-06-22 05:13:46 1,440,768 ----a-w C:\WINDOWS\system32\dllcache\query.dll
- 2004-08-19 14:09:40 174,080 ----a-w C:\WINDOWS\system32\dllcache\rasmans.dll
+ 2006-06-22 10:48:06 181,248 ----a-w C:\WINDOWS\system32\dllcache\rasmans.dll
- 2004-08-19 14:09:40 431,616 ----a-w C:\WINDOWS\system32\dllcache\riched20.dll
+ 2006-11-27 14:55:32 433,152 ----a-w C:\WINDOWS\system32\dllcache\riched20.dll
- 2001-08-24 11:00:00 200,064 ----a-w C:\WINDOWS\system32\dllcache\rmcast.sys
+ 2006-07-13 08:48:58 202,240 ----a-w C:\WINDOWS\system32\dllcache\rmcast.sys
- 2004-08-19 15:09:40 144,896 ----a-w C:\WINDOWS\system32\dllcache\schannel.dll
+ 2007-04-25 14:22:36 144,896 ----a-w C:\WINDOWS\system32\dllcache\schannel.dll
- 2004-08-19 15:09:42 135,168 ----a-w C:\WINDOWS\system32\dllcache\shsvcs.dll
+ 2006-12-19 21:49:48 135,168 ----a-w C:\WINDOWS\system32\dllcache\shsvcs.dll
- 2004-08-03 18:07:48 6,400 ----a-w C:\WINDOWS\system32\dllcache\splitter.sys
+ 2006-06-14 08:47:46 6,400 ----a-w C:\WINDOWS\system32\dllcache\splitter.sys
- 2004-08-19 14:09:46 246,302 ----a-w C:\WINDOWS\system32\dllcache\strmdll.dll
+ 2006-08-24 12:19:40 246,814 ----a-w C:\WINDOWS\system32\dllcache\strmdll.dll
- 2004-08-19 15:09:46 716,800 ----a-w C:\WINDOWS\system32\dllcache\sxs.dll
+ 2006-10-20 01:38:44 716,800 ----a-w C:\WINDOWS\system32\dllcache\sxs.dll
- 2004-08-03 21:07:46 223,616 ----a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
+ 2006-08-16 09:37:30 225,664 ----a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
- 2004-08-19 15:09:48 185,344 ----a-w C:\WINDOWS\system32\dllcache\upnphost.dll
+ 2007-02-05 20:19:06 185,344 ----a-w C:\WINDOWS\system32\dllcache\upnphost.dll
- 2004-08-19 15:09:48 848,384 ----a-w C:\WINDOWS\system32\dllcache\vgx.dll
+ 2007-06-26 13:56:54 851,968 ----a-w C:\WINDOWS\system32\dllcache\vgx.dll
- 2004-08-03 18:15:06 82,944 ----a-w C:\WINDOWS\system32\dllcache\wdmaud.sys
+ 2006-06-14 09:00:46 82,944 ----a-w C:\WINDOWS\system32\dllcache\wdmaud.sys
- 2004-08-19 15:09:48 333,824 ----a-w C:\WINDOWS\system32\dllcache\wiaservc.dll
+ 2006-12-19 18:17:50 334,336 ----a-w C:\WINDOWS\system32\dllcache\wiaservc.dll
- 2004-08-19 14:09:48 132,096 ----a-w C:\WINDOWS\system32\dllcache\wkssvc.dll
+ 2006-08-17 12:29:50 132,096 ----a-w C:\WINDOWS\system32\dllcache\wkssvc.dll
- 2004-08-03 22:01:20 124,800 ----a-w C:\WINDOWS\system32\drivers\fltMgr.sys
+ 2006-08-21 09:14:58 128,896 ----a-w C:\WINDOWS\system32\drivers\fltMgr.sys
- 2006-03-09 07:24:50 262,400 ----a-w C:\WINDOWS\system32\drivers\http.sys
+ 2006-03-17 00:33:10 262,784 ----a-w C:\WINDOWS\system32\drivers\http.sys
- 2004-08-03 18:07:50 171,776 ----a-w C:\WINDOWS\system32\drivers\kmixer.sys
+ 2006-06-14 08:47:46 172,416 ----a-w C:\WINDOWS\system32\drivers\kmixer.sys
- 2004-08-03 20:58:22 72,960 ----a-w C:\WINDOWS\system32\drivers\mqac.sys
+ 2007-07-06 10:05:48 72,960 ----a-w C:\WINDOWS\system32\drivers\mqac.sys
- 2004-08-03 21:15:10 574,592 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys
+ 2007-02-09 11:10:36 574,464 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys
- 2004-08-03 21:02:24 163,584 ----a-w C:\WINDOWS\system32\drivers\nwrdr.sys
+ 2006-10-13 10:23:16 163,584 ----a-w C:\WINDOWS\system32\drivers\nwrdr.sys
- 2001-08-24 11:00:00 200,064 ----a-w C:\WINDOWS\system32\drivers\RMCast.sys
+ 2006-07-13 08:48:58 202,240 ----a-w C:\WINDOWS\system32\drivers\RMCast.sys
- 2004-08-03 18:07:48 6,400 ----a-w C:\WINDOWS\system32\drivers\splitter.sys
+ 2006-06-14 08:47:46 6,400 ----a-w C:\WINDOWS\system32\drivers\splitter.sys
- 2006-03-09 07:25:14 332,544 ----a-w C:\WINDOWS\system32\drivers\srv.sys
+ 2006-08-14 10:34:42 332,928 ----a-w C:\WINDOWS\system32\drivers\srv.sys
- 2006-02-14 18:56:26 359,808 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
+ 2007-10-30 17:20:56 360,064 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
- 2004-08-03 21:07:46 223,616 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
+ 2006-08-16 09:37:30 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
- 2004-08-03 18:15:06 82,944 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys
+ 2006-06-14 09:00:46 82,944 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys
- 2004-08-19 14:09:24 499,741 ----a-w C:\WINDOWS\system32\dxmasf.dll
+ 2006-08-24 12:17:20 500,278 ----a-w C:\WINDOWS\system32\dxmasf.dll
- 2004-08-19 15:09:26 16,896 ----a-w C:\WINDOWS\system32\fltlib.dll
+ 2006-08-21 12:26:16 16,896 ----a-w C:\WINDOWS\system32\fltlib.dll
- 2004-08-19 15:09:56 22,528 ----a-w C:\WINDOWS\system32\fltMc.exe
+ 2006-08-21 09:14:58 23,040 ----a-w C:\WINDOWS\system32\fltMc.exe
- 2007-03-10 18:46:30 342,624 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-01-19 20:49:26 342,624 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2006-03-09 07:24:50 280,064 ----a-w C:\WINDOWS\system32\gdi32.dll
+ 2007-06-19 13:32:26 282,112 ----a-w C:\WINDOWS\system32\gdi32.dll
- 2006-03-09 07:24:50 68,608 ----a-w C:\WINDOWS\system32\hlink.dll
+ 2006-07-21 08:27:28 72,704 ----a-w C:\WINDOWS\system32\hlink.dll
- 2006-04-12 08:57:46 679,424 ----a-w C:\WINDOWS\system32\inetcomm.dll
+ 2007-08-21 06:17:24 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
- 2004-08-19 14:09:32 95,744 ----a-w C:\WINDOWS\system32\iphlpapi.dll
+ 2006-05-19 13:23:36 95,744 ----a-w C:\WINDOWS\system32\iphlpapi.dll
- 2001-08-24 11:00:00 144,896 ----a-w C:\WINDOWS\system32\jgdw400.dll
+ 2006-06-01 18:48:44 163,840 ----a-w C:\WINDOWS\system32\jgdw400.dll
- 2001-08-24 11:00:00 42,496 ----a-w C:\WINDOWS\system32\jgpl400.dll
+ 2006-06-01 18:48:44 27,648 ----a-w C:\WINDOWS\system32\jgpl400.dll
- 2004-08-19 14:09:32 450,560 ----a-w C:\WINDOWS\system32\jscript.dll
+ 2007-11-14 07:28:02 450,560 ----a-w C:\WINDOWS\system32\jscript.dll
- 2004-08-19 14:09:32 39,936 ----a-w C:\WINDOWS\system32\mf3216.dll
+ 2007-03-08 15:37:50 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll
- 2001-08-24 11:00:00 924,432 ----a-w C:\WINDOWS\system32\mfc40u.dll
+ 2006-11-01 19:18:42 927,504 ----a-w C:\WINDOWS\system32\mfc40u.dll
- 2004-08-19 14:09:32 1,024,000 ----a-w C:\WINDOWS\system32\mfc42u.dll
+ 2006-12-14 13:45:54 981,760 ----a-w C:\WINDOWS\system32\mfc42u.dll
- 2004-08-19 14:09:32 138,240 ----a-w C:\WINDOWS\system32\mqad.dll
+ 2007-07-06 12:50:48 138,240 ----a-w C:\WINDOWS\system32\mqad.dll
- 2004-08-19 14:09:32 47,104 ----a-w C:\WINDOWS\system32\mqdscli.dll
+ 2007-07-06 12:50:48 47,104 ----a-w C:\WINDOWS\system32\mqdscli.dll
- 2004-08-19 14:09:32 16,896 ----a-w C:\WINDOWS\system32\mqise.dll
+ 2007-07-06 12:50:48 16,896 ----a-w C:\WINDOWS\system32\mqise.dll
- 2004-08-19 14:09:32 660,992 ----a-w C:\WINDOWS\system32\mqqm.dll
+ 2007-07-06 12:50:48 660,992 ----a-w C:\WINDOWS\system32\mqqm.dll
- 2004-08-19 14:09:32 177,152 ----a-w C:\WINDOWS\system32\mqrt.dll
+ 2007-07-06 12:50:48 177,152 ----a-w C:\WINDOWS\system32\mqrt.dll
- 2004-08-19 14:09:32 95,744 ----a-w C:\WINDOWS\system32\mqsec.dll
+ 2007-07-06 12:50:48 95,744 ----a-w C:\WINDOWS\system32\mqsec.dll
- 2004-08-19 14:09:34 48,640 ----a-w C:\WINDOWS\system32\mqupgrd.dll
+ 2007-07-06 12:50:48 48,640 ----a-w C:\WINDOWS\system32\mqupgrd.dll
- 2004-08-19 14:09:34 527,360 ----a-w C:\WINDOWS\system32\mqutil.dll
+ 2007-07-06 12:50:48 527,360 ----a-w C:\WINDOWS\system32\mqutil.dll
+ 2008-01-02 09:21:38 17,642,616 ----a-w C:\WINDOWS\system32\MRT.exe
- 2005-09-23 06:28:52 270,848 ----a-w C:\WINDOWS\system32\mscoree.dll
+ 2007-04-13 02:21:14 271,360 ----a-w C:\WINDOWS\system32\mscoree.dll
- 2004-08-19 14:09:34 537,088 ----a-w C:\WINDOWS\system32\msftedit.dll
+ 2006-11-27 14:55:30 539,136 ----a-w C:\WINDOWS\system32\msftedit.dll
- 2006-04-21 15:40:10 3,077,120 ------w C:\WINDOWS\system32\mshtml.dll
+ 2007-10-30 10:18:16 3,079,680 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2006-03-09 07:24:58 2,890,240 ----a-w C:\WINDOWS\system32\msi.dll
+ 2007-04-18 16:14:18 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
- 2004-08-19 14:09:36 1,236,480 ----a-w C:\WINDOWS\system32\msxml3.dll
+ 2007-06-26 06:09:14 1,104,896 ----a-w C:\WINDOWS\system32\msxml3.dll
- 2006-03-09 07:25:00 336,896 ----a-w C:\WINDOWS\system32\netapi32.dll
+ 2006-08-17 12:29:50 332,288 ----a-w C:\WINDOWS\system32\netapi32.dll
- 2006-05-09 07:11:18 2,058,880 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
+ 2007-02-28 16:02:36 2,059,648 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
- 2006-03-09 07:25:04 2,181,376 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
+ 2007-02-28 16:02:36 2,182,400 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
- 2001-08-24 11:00:00 58,880 ----a-w C:\WINDOWS\system32\nwapi32.dll
+ 2006-10-13 12:36:56 64,000 ----a-w C:\WINDOWS\system32\nwapi32.dll
- 2004-08-19 14:09:38 147,968 ----a-w C:\WINDOWS\system32\nwprovau.dll
+ 2006-10-13 12:36:56 145,920 ----a-w C:\WINDOWS\system32\nwprovau.dll
- 2006-03-09 07:25:04 65,024 ----a-w C:\WINDOWS\system32\nwwks.dll
+ 2006-10-13 12:36:56 65,536 ----a-w C:\WINDOWS\system32\nwwks.dll
- 2004-08-19 14:09:38 553,472 ----a-w C:\WINDOWS\system32\oleaut32.dll
+ 2007-05-17 11:29:50 549,376 ----a-w C:\WINDOWS\system32\oleaut32.dll
- 2001-08-24 11:00:00 119,808 ----a-w C:\WINDOWS\system32\oledlg.dll
+ 2006-10-16 16:16:00 124,928 ----a-w C:\WINDOWS\system32\oledlg.dll
- 2008-01-17 20:41:32 58,596 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-01-25 14:10:52 58,596 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-01-17 20:41:32 71,248 ----a-w C:\WINDOWS\system32\perfc00C.dat
+ 2008-01-25 14:10:52 71,248 ----a-w C:\WINDOWS\system32\perfc00C.dat
- 2008-01-17 20:41:32 392,296 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-01-25 14:10:52 392,296 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2008-01-17 20:41:32 458,230 ----a-w C:\WINDOWS\system32\perfh00C.dat
+ 2008-01-25 14:10:52 458,230 ----a-w C:\WINDOWS\system32\perfh00C.dat
- 2004-08-19 14:09:40 1,440,768 ----a-w C:\WINDOWS\system32\query.dll
+ 2006-06-22 05:13:46 1,440,768 ----a-w C:\WINDOWS\system32\query.dll
- 2004-08-19 14:09:40 174,080 ----a-w C:\WINDOWS\system32\rasmans.dll
+ 2006-06-22 10:48:06 181,248 ----a-w C:\WINDOWS\system32\rasmans.dll
- 2004-08-19 14:09:40 431,616 ----a-w C:\WINDOWS\system32\riched20.dll
+ 2006-11-27 14:55:32 433,152 ----a-w C:\WINDOWS\system32\riched20.dll
- 2006-03-09 07:25:06 581,632 ----a-w C:\WINDOWS\system32\rpcrt4.dll
+ 2007-07-09 13:11:46 584,192 ----a-w C:\WINDOWS\system32\rpcrt4.dll
- 2004-08-19 14:09:40 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
+ 2007-04-25 14:22:36 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
- 2006-04-12 17:13:58 1,495,040 ------w C:\WINDOWS\system32\shdocvw.dll
+ 2007-10-11 06:13:40 1,495,040 ----a-w C:\WINDOWS\system32\shdocvw.dll
- 2006-04-26 09:15:56 8,508,416 ----a-w C:\WINDOWS\system32\shell32.dll
+ 2007-10-25 16:56:24 8,510,976 ----a-w C:\WINDOWS\system32\shell32.dll
- 2006-04-12 17:13:58 474,624 ------w C:\WINDOWS\system32\shlwapi.dll
+ 2007-10-11 06:13:42 474,624 ----a-w C:\WINDOWS\system32\shlwapi.dll
- 2004-08-19 14:09:42 135,168 ----a-w C:\WINDOWS\system32\shsvcs.dll
+ 2006-12-19 21:49:48 135,168 ----a-w C:\WINDOWS\system32\shsvcs.dll
+ 2006-01-26 19:19:52 73,728 ----a-w C:\WINDOWS\system32\sockspy.dll
- 2004-08-19 14:09:46 246,302 ----a-w C:\WINDOWS\system32\strmdll.dll
+ 2006-08-24 12:19:40 246,814 ----a-w C:\WINDOWS\system32\strmdll.dll
- 2004-08-19 14:09:46 716,800 ----a-w C:\WINDOWS\system32\sxs.dll
+ 2006-10-20 01:38:44 716,800 ----a-w C:\WINDOWS\system32\sxs.dll
+ 2007-11-13 11:31:12 60,416 ------w C:\WINDOWS\system32\tzchange.exe
- 2004-08-19 15:09:48 185,344 ----a-w C:\WINDOWS\system32\upnphost.dll
+ 2007-02-05 20:19:06 185,344 ----a-w C:\WINDOWS\system32\upnphost.dll
- 2006-04-12 17:13:58 616,448 ------w C:\WINDOWS\system32\urlmon.dll
+ 2007-10-11 06:13:42 617,472 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2006-03-09 07:25:18 578,048 ----a-w C:\WINDOWS\system32\user32.dll
+ 2007-03-08 15:37:50 578,560 ----a-w C:\WINDOWS\system32\user32.dll
- 2004-08-19 14:09:48 333,824 ----a-w C:\WINDOWS\system32\wiaservc.dll
+ 2006-12-19 18:17:50 334,336 ----a-w C:\WINDOWS\system32\wiaservc.dll
- 2006-03-09 07:25:18 1,839,616 ----a-w C:\WINDOWS\system32\win32k.sys
+ 2007-03-08 15:33:58 1,843,712 ----a-w C:\WINDOWS\system32\win32k.sys
- 2006-04-12 17:13:58 667,648 ------w C:\WINDOWS\system32\wininet.dll
+ 2007-10-11 06:13:42 663,552 ----a-w C:\WINDOWS\system32\wininet.dll
- 2006-03-09 07:25:20 292,352 ----a-w C:\WINDOWS\system32\winsrv.dll
+ 2007-03-17 13:44:48 293,376 ----a-w C:\WINDOWS\system32\winsrv.dll
- 2004-08-19 14:09:48 132,096 ----a-w C:\WINDOWS\system32\wkssvc.dll
+ 2006-08-17 12:29:50 132,096 ----a-w C:\WINDOWS\system32\wkssvc.dll
- 2006-04-12 17:13:58 25,088 ------w C:\WINDOWS\system32\xpsp3res.dll
+ 2007-10-29 15:35:14 121,856 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2007-01-19 12:51:04 74,802 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll
+ 2007-01-19 12:51:04 995,383 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42.dll
+ 2007-01-19 12:51:04 1,011,774 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42u.dll
+ 2007-01-19 12:51:04 401,462 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\msvcp60.dll
+ 2006-08-25 07:51:14 1,054,208 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45 313472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"TrueImageMonitor.exe"="C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2006-10-16 21:12 1164912]
"AcronisTimounterMonitor"="C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe" [2006-10-16 21:17 1941784]
"Acronis Scheduler2 Service"="C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" [2006-10-16 21:13 87584]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2006-06-21 18:14 35328]
"BDMCon"="C:\Program Files\Softwin\BitDefender10\bdmcon.exe" [2007-11-07 12:48 290816]
"BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe" [2007-03-26 15:49 69632]
"lxdimon.exe"="C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe" [2007-05-07 19:07 435120]
"lxdiamon"="C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe" [2007-03-05 13:40 20480]
"FaxCenterServer"="C:\Program Files\\Lexmark Fax Solutions\fm3032.exe" [2007-05-07 19:10 312240]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-11-16 17:16 98304]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Config"="C:\WINDOWS\system32\run.cmd" [2006-02-14 11:24 248]
"nlsf"="cmd.exe" [2004-08-19 15:09 400896 C:\WINDOWS\system32\cmd.exe]
"tscuninstall"="C:\WINDOWS\system32\tscupgrd.exe" [2004-08-19 15:52 44544]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoDesktopCleanupWizard"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)
"NoStrCmpLogical"= 0 (0x0)
"NoInstrumentation"= 0 (0x0)
"NoSMHelp"= 1 (0x1)
"NoStartMenuMFUprogramsList"= 0 (0x0)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoDesktopCleanupWizard"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
&qu
0
Réponse 12 / 12
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
Salut

# Dans la fenêtre d'HijackThis, clique sur le bouton à droite Config
# Clique sur le bouton Misc Tools Button
# Clique sur le boutton ADS Spy
# Dans la nouvelle fenêtre, clique sur le bouton Scan
# enregistre et poste le rapport stp

++
0