Sujet Précédent Sujet Suivant

Ordinateur infecté

Fermé
Amélie - 6 oct. 2008 à 13:59
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 - 13 oct. 2008 à 22:00
Bonjour,
depuis quelques temps, j'ai quelques problèmes avec mon PC : il m'indique des erreurs de chargement de modules introuvables au démarrage et des publicités n'arrêtent pas de s'ouvrir lorsque j'ouvre internet explorer ou firefox. J'en est déduit que mon pc était infecté, et j'ai installé comodo et antivir; mais cela n'a rien changé.. Surtout que, comme je n'y comprends pas grand chose, je ne sais jamais quand je dois accepter ou refuser les accès avec comodo.
Quelqu'un pourrait-il m'aider à comprendre et à résoudre ce problème?

Je ne sait pas si c'est utile, mais j'ai fait un scan dont voici le rapport :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:05:29, on 06/10/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe
C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Windows\AStiDog1210.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\COMODO\SafeSurf\cssurf.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe­
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\WIBUKEY\Server\WkSvMgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\amélie\Desktop\blabla.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.mini20.com/?tm=1&kw=Secure+Web+Search+Engine&KW1=Secure%20Web%20Search%20Engine&KW2=Best%20Malware%20Detection%20And%20Removal%20Software&searchbox=0&domainname=0&backfill=0
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [basicsmssmenu] "C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [Waiting1210] C:\Windows\AStiDog1210.exe
O4 - HKLM\..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSSMSGS] rundll32.exe wingdx32.rom,ytcRun
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\AMLIE~1\AppData\Local\Temp\ddcAsPIX.dll,c
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\AMLIE~1\AppData\Local\Temp\awtqnNEw.dll,#1
O4 - HKCU\..\Run: [BM37425968] Rundll32.exe "C:\Users\AMLIE~1\AppData\Local\Temp\cgrfhwnn.dll",s
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Serveur réseau.lnk = C:\Program Files\WIBUKEY\Server\WkSvMgr.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{5E256102-96DA-406B-8F83-423128AAD651}: NameServer = 85.255.115.22,85.255.112.190
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll C:\Windows\system32\cssdll32.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Basics Service - Seagate Technology LLC - C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Packard Bell BV - C:\Program Files\Packard bell\SAXO24\HIDSERVICE.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: SrvCDEject - Unknown owner - C:\Program Files\Packard Bell\SrvCDEject.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Windows Tribute Service - Unknown owner - C:\Windows\system32\kdhwn.exe
End of file - 10749 bytes


Merci d'avance...
A voir également:

68 réponses

Précédent
Réponse 21 / 68
Amélie
7 oct. 2008 à 22:34
Je n'arrive toujours pas à dépasser la première étape : quand je fais clic droit sur le fichier kdhwn.exe , je choisis alors unloacker, et dans la fenêtre qui s'ouvre le fichier à supprimer n'apparaît pas.
Du coup, j'ai essayé de le supprimer directement (évidement, ça n'a pas marché), et aussi avec file assassin, qui ne le reconnaît pas non plus (fichier invisible). Ce machin ne veut pas partir...
0
Réponse 22 / 68
Amélie
7 oct. 2008 à 22:45
Je peux peut-être tenter la suite, si ça ne risque rien sans la première étape ?
0
Réponse 23 / 68
Amélie
8 oct. 2008 à 14:21
Pour commencer, voila le rapport de avenger, mais j'ai peur que ca n'ai pas marché :

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows Vista

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

Driver "Windows Tribute Service" deleted successfully.
File "C:\Windows\system32\kdhwn.exe" deleted successfully.

Error: file "C:\Users\AMLIE~1\AppData\Local\Temp\ddcAsPIX.dll" not found!
Deletion of file "C:\Users\AMLIE~1\AppData\Local\Temp\ddcAsPIX.dll" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: could not open file "c:\program files\asksbar\bar\1.bin\asksbar.dll"
Deletion of file "c:\program files\asksbar\bar\1.bin\asksbar.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: file "c:\users\amlie~1\appdata\local\temp\awtqnnew.dll" not found!
Deletion of file "c:\users\amlie~1\appdata\local\temp\awtqnnew.dll" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\users\amlie~1\appdata\local\temp\cgrfhwnn.dll" not found!
Deletion of file "c:\users\amlie~1\appdata\local\temp\cgrfhwnn.dll" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: folder "c:\program files\asksbar" not found!
Deletion of folder "c:\program files\asksbar" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: registry key "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0D4B239-DA4B-4da­f-81E4-DFEE4931A4AA}" not found!
Deletion of registry key "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0D4B239-DA4B-4da­f-81E4-DFEE4931A4AA}" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: could not delete registry value "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar }|{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA}"
Deletion of registry value "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar }|{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA}" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Completed script processing.

*******************

Finished! Terminate.
0
Réponse 24 / 68
Amélie
8 oct. 2008 à 14:24
et le rapport de hijakchits :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:22:24, on 08/10/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\conime.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe
C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Windows\AStiDog1210.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\COMODO\SafeSurf\cssurf.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\WIBUKEY\Server\WkSvMgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\amélie\Desktop\blabla.exe.exe
C:\Program Files\Mozilla Firefox\firefox.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=8&key=IESTART
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.mini20.com/?tm=1&kw=Secure+Web+Search+Engine&KW1=Secure%20Web%20Search%20Engine&KW2=Best%20Malware%20Detection%20And%20Removal%20Software&searchbox=0&domainname=0&backfill=0
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [basicsmssmenu] "C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [Waiting1210] C:\Windows\AStiDog1210.exe
O4 - HKLM\..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Serveur réseau.lnk = C:\Program Files\WIBUKEY\Server\WkSvMgr.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{5E256102-96DA-406B-8F83-423128AAD651}: NameServer = 85.255.115.22,85.255.112.190
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll C:\Windows\system32\cssdll32.dll fpdrkb.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Basics Service - Seagate Technology LLC - C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Packard Bell BV - C:\Program Files\Packard bell\SAXO24\HIDSERVICE.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: SrvCDEject - Unknown owner - C:\Program Files\Packard Bell\SrvCDEject.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 68
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
8 oct. 2008 à 15:07
si cela a marché

bravo PAPYBER!!


maintenant que le service a été viré cela va être plus facile


_____________

smit fraud fix (colle le rapport)

A/ telecharger :

http://siri.urz.free.fr/Fix/SmitfraudFix.php


B/ redémarre en mode sans échec (en appuyant sur F8 ou suppr, ou F5 au démarrage en général) puis lance smitfraudfix , sélectionne l'option 5 et appuyer sur entrée pour commencer la désinfection. lorsque le programme demande si tu veut nettoyer le registre mets oui en tapant 0 et entrée
______________

toujours en mode sans echec:

appuie simultanément sur la touche vista et sur r > la boite exécuter va s´ouvrir...

tape cmd et valide par ok

dans la fenêtre noire tape ceci : ipconfig /flushdns et valide par entree

puis a l´aide de hijachthis fix si present:

O17 - HKLM\System\CCS\Services\Tcpip\..\{964D3745-F1C8-4E7F-861E-978030E6B686}: NameServer = 85.255.115.5,85.255.112.20


______________________

remets rapport hijakchits pour verifier et dis tes problèmes actuels
0
Réponse 26 / 68
Amélie
8 oct. 2008 à 16:02
Whha!! génial, la ligne 017 a disparu, et du coup, j'ai réussi à télécharger comboFix!! Ca fait plaisir, merci!!!
Juste pour information, l'option 5 de Smifraudfix ne peut pas s'effectuer en mode sans échec, j'ai été obligé de le faire en mode normal. Voila le rapport de cette action :

SmitFraudFix v2.357

Scan done at 15:45:07,82, 08/10/2008
Run from C:\Users\am‚lie\Desktop\SmitfraudFix
OS: Microsoft Windows [version 6.0.6001] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» DNS Before Fix

Description: NVIDIA nForce Networking Controller
DNS Server Search Order: 89.2.0.1
DNS Server Search Order: 89.2.0.2

HKLM\SYSTEM\CCS\Services\Tcpip\..\{5E256102-96DA-406B-8F83-423128AAD651}: DhcpNameServer=89.2.0.1 89.2.0.2
HKLM\SYSTEM\CS1\Services\Tcpip\..\{5E256102-96DA-406B-8F83-423128AAD651}: DhcpNameServer=89.2.0.1 89.2.0.2
HKLM\SYSTEM\CS2\Services\Tcpip\..\{5E256102-96DA-406B-8F83-423128AAD651}: DhcpNameServer=89.2.0.1 89.2.0.2
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=89.2.0.1 89.2.0.2
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=89.2.0.1 89.2.0.2
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=89.2.0.1 89.2.0.2

»»»»»»»»»»»»»»»»»»»»»»»» DNS After Fix

Description: NVIDIA nForce Networking Controller
DNS Server Search Order: 89.2.0.1
DNS Server Search Order: 89.2.0.2

HKLM\SYSTEM\CCS\Services\Tcpip\..\{5E256102-96DA-406B-8F83-423128AAD651}: DhcpNameServer=89.2.0.1 89.2.0.2
HKLM\SYSTEM\CS1\Services\Tcpip\..\{5E256102-96DA-406B-8F83-423128AAD651}: DhcpNameServer=89.2.0.1 89.2.0.2
HKLM\SYSTEM\CS2\Services\Tcpip\..\{5E256102-96DA-406B-8F83-423128AAD651}: DhcpNameServer=89.2.0.1 89.2.0.2
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=89.2.0.1 89.2.0.2
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=89.2.0.1 89.2.0.2
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=89.2.0.1 89.2.0.2

J'envoie tout de suite le rapport hijakchtis
0
Réponse 27 / 68
Amélie
8 oct. 2008 à 16:04
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:03:26, on 08/10/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Windows\AStiDog1210.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\COMODO\SafeSurf\cssurf.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\WIBUKEY\Server\WkSvMgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\conime.exe
C:\Users\amélie\Desktop\blabla.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.mini20.com/?tm=1&kw=Secure+Web+Search+Engine&KW1=Secure%20Web%20Search%20Engine&KW2=Best%20Malware%20Detection%20And%20Removal%20Software&searchbox=0&domainname=0&backfill=0
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [basicsmssmenu] "C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [Waiting1210] C:\Windows\AStiDog1210.exe
O4 - HKLM\..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Serveur réseau.lnk = C:\Program Files\WIBUKEY\Server\WkSvMgr.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll C:\Windows\system32\cssdll32.dll fpdrkb.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Basics Service - Seagate Technology LLC - C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Packard Bell BV - C:\Program Files\Packard bell\SAXO24\HIDSERVICE.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: SrvCDEject - Unknown owner - C:\Program Files\Packard Bell\SrvCDEject.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
0
Réponse 28 / 68
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
8 oct. 2008 à 16:09
ok colle un rapport combofix pour voir et antivir
0
Réponse 29 / 68
papyber Messages postés 6406 Date d'inscription samedi 24 mars 2007 Statut Contributeur sécurité Dernière intervention 3 octobre 2010 257
8 oct. 2008 à 16:36
yes!!! bravo!!
supprime the avenger tu n'en auras plus besoin désormais et passe ComboFix
0
Réponse 30 / 68
Amélie
8 oct. 2008 à 17:31
Alors voilà, j'ai bien ouvert combofix, tout a eu l'air de se dérouler normalement, l'ordinateur a redémarré, mais le rapport de comboFix est introuvable à l'emplacement indiqué...
Je l'ai refait une deuxième fois, même chose (je ne sais pas si c'est normal, mais je n'ai jamais eu de choix à faire dans l'activation du scan de combofix, peut etre que j'aurais du faire qlqchose de particulier lors de son exécution?)

Du coup, je suis en train de faire un scan avec antivir (qui marche mieux, puisqu'avec les problèmes de téléchargement que j'avais, ce logiciel n'avait jamais été mis à jour), dont je posterais le rapport dès qu'il sera terminé.

Merci encore pour votre aide, je ne sais pas comment je m'en sortirais sinon...
0
Réponse 31 / 68
Amélie
8 oct. 2008 à 18:57
Voilà le rapport d'antivir :



AntiVir PersonalEdition Classic
Report file date: 2008-10-08 17:11

Scanning for 835736 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows Vista
Windows version: (Service Pack 1) [6.0.6001]
Username: SYSTEM
Computer name: PC-DE-AMÉLIE

Version information:
BUILD.DAT : 270 15603 Bytes 2007-09-19 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 2007-08-23 12:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 2007-08-16 11:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 2007-08-14 14:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 2007-08-21 11:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 13:27:15
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 2007-09-13 13:26:55
ANTIVIR2.VDF : 7.0.0.1 2048 Bytes 2007-09-13 13:27:04
ANTIVIR3.VDF : 7.0.0.2 2048 Bytes 2007-09-13 13:27:13
AVEWIN32.DLL : 7.6.0.15 2806272 Bytes 2007-09-17 16:43:56
AVWINLL.DLL : 1.0.0.7 14376 Bytes 2007-02-26 09:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 2007-07-18 06:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 2007-04-16 12:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 2007-08-03 07:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 2007-07-18 06:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 2007-08-28 11:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 2007-07-18 06:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 2007-03-08 10:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 2007-08-07 11:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 2007-08-21 11:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2007-07-23 08:37:21

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: I:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: 2008-10-08 17:11

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'WMIADAP.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '1' Module(s) have been scanned
Scan process 'mobsync.exe' - '1' Module(s) have been scanned
Scan process 'WmiPrvSE.exe' - '1' Module(s) have been scanned
Scan process 'wmpnscfg.exe' - '1' Module(s) have been scanned
Scan process 'NMIndexingService.exe' - '1' Module(s) have been scanned
Scan process 'WUDFHost.exe' - '1' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'StarWindServiceAE.exe' - '1' Module(s) have been scanned
Scan process 'SrvCDEject.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'IoctlSvc.exe' - '1' Module(s) have been scanned
Scan process 'NBService.exe' - '1' Module(s) have been scanned
Scan process 'GoogleUpdaterService.exe' - '1' Module(s) have been scanned
Scan process 'HidService.exe' - '1' Module(s) have been scanned
Scan process 'cmdagent.exe' - '1' Module(s) have been scanned
Scan process 'WkSvMgr.exe' - '1' Module(s) have been scanned
Scan process 'DevSvc.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'NMIndexStoreSvr.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'SyncServicesBasics.exe' - '1' Module(s) have been scanned
Scan process 'SmpSys.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'UnlockerAssistant.exe' - '1' Module(s) have been scanned
Scan process 'cfp.exe' - '1' Module(s) have been scanned
Scan process 'cssurf.exe' - '1' Module(s) have been scanned
Scan process 'GrooveMonitor.exe' - '1' Module(s) have been scanned
Scan process 'AStiDog1210.exe' - '1' Module(s) have been scanned
Scan process 'PWRISOVM.EXE' - '1' Module(s) have been scanned
Scan process 'hpcmpmgr.exe' - '1' Module(s) have been scanned
Scan process 'hpwuSchd.exe' - '1' Module(s) have been scanned
Scan process 'MaxMenuMgrBasics.exe' - '1' Module(s) have been scanned
Scan process 'RtHDVCpl.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'MSASCui.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'dwm.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'SLsvc.exe' - '1' Module(s) have been scanned
Scan process 'audiodg.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsm.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'wininit.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
68 processes with 68 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'I:\'
[NOTE] No virus was found!

Starting to scan the registry.
The registry was scanned ( '15' files ).


Starting the file scan:

Begin scan in 'C:\' <HDD>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Downloads\Nero\NERO.rar
[0] Archive type: RAR
--> NERO\Nero-Keygen.zip
[1] Archive type: ZIP
--> Nero-Keygen/Nero-keygen.exe
[DETECTION] Is the Trojan horse TR/Keygen.BF
[INFO] The file was deleted!
C:\TuePub\TuePub.exe
[WARNING] The file could not be opened!
C:\Users\amélie\Desktop\TuePub_installation.exe
[WARNING] The file could not be opened!
C:\Windows\System32\drivers\sptd.sys
[WARNING] The file could not be opened!
Begin scan in 'I:\' <FreeAgent Drive>


End of the scan: 2008-10-08 18:48
Used time: 1:36:37 min

The scan has been done completely.

20131 Scanning directories
749530 Files were scanned
1 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
1 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
5 Files cannot be scanned
749529 Files not concerned
7534 Archives were scanned
5 Warnings
0 Notes


Qu'en pensez-vous?
0
anthony5151 Messages postés 10573 Date d'inscription vendredi 27 juin 2008 Statut Contributeur sécurité Dernière intervention 2 mars 2015 790
8 oct. 2008 à 19:15
Petite remarque au passage :

"Nero-Keygen/Nero-keygen.exe
[DETECTION] Is the Trojan horse TR/Keygen.BF"

==> N'oublie pas de supprimer tes cracks et keygens (avec OTMoveIT ou manuellement)...
Remplace ce Nero cracké par des logiciels de gravure gratuits, par exemple :

http://www.commentcamarche.net/telecharger/telecharger 34055440 free easy cd dvd burner
http://www.commentcamarche.net/telecharger/telecharger 188 cd burner xp

0
Réponse 32 / 68
papyber Messages postés 6406 Date d'inscription samedi 24 mars 2007 Statut Contributeur sécurité Dernière intervention 3 octobre 2010 257
8 oct. 2008 à 21:49
fais une recherche avec l'outil windows sur ce nom "combofix" et vois si tu trouves un fichier .txt
poste son contenu
si tu ne le trouves pas, recherche un fichier "qoobox" et poste son contenu
0
Réponse 33 / 68
Amélie
8 oct. 2008 à 22:25
Je n'avais pas du bien m'y prendre car combofix ne reprenait pas au redémarrage de windows et ne créait donc pas de rapport. J'ai recommencé, et voila ce que j'obtiens :

ComboFix 08-10-08.01 - amélie 2008-10-08 22:07:11.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.2282 [GMT 2:00]
Lancé depuis: C:\Users\amélie\Desktop\ComboFix.exe
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Autorun.inf
C:\Windows\system32\vxijrwkn.ini
.
---- Previous Run -------
.
C:\autorun.inf
C:\Windows\system32\vxijrwkn.ini
I:\Autorun.inf

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-09-08 au 2008-10-08 ))))))))))))))))))))))))))))))))))))
.

2008-10-08 16:54 . 2008-10-08 17:00 <REP> d-------- C:\ComboFix(0)
2008-10-08 16:54 . 2008-10-08 22:06 <REP> d-------- C:\32788R22FWJFW
2008-10-07 22:09 . 2008-10-07 22:09 <REP> d--h----- C:\Windows\PIF
2008-10-07 21:55 . 2008-10-07 22:08 <REP> d-------- C:\Program Files\Unlocker
2008-10-07 14:56 . 2008-10-07 14:56 <REP> d-------- C:\Users\amélie\AppData\Roaming\Malwarebytes
2008-10-07 14:56 . 2008-10-07 14:56 <REP> d-------- C:\Users\All Users\Malwarebytes
2008-10-07 14:56 . 2008-10-07 14:56 <REP> d-------- C:\ProgramData\Malwarebytes
2008-10-07 14:56 . 2008-10-07 14:56 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-07 14:56 . 2008-09-10 00:04 38,528 --a------ C:\Windows\System32\drivers\mbamswissarmy.sys
2008-10-07 14:56 . 2008-09-10 00:03 17,200 --a------ C:\Windows\System32\drivers\mbam.sys
2008-10-07 04:05 . 2008-10-07 04:05 54,156 --ah----- C:\Windows\QTFont.qfn
2008-10-07 04:05 . 2008-10-07 04:05 1,409 --a------ C:\Windows\QTFont.for
2008-10-06 17:24 . 2008-10-06 21:26 <REP> d-------- C:\fixwareout
2008-10-06 17:18 . 2003-09-24 09:44 44,544 -ra------ C:\Windows\System32\MSXML4a.dll
2008-10-06 17:17 . 2003-09-24 09:43 626,960 -ra------ C:\Windows\System32\hpvaut32.dll
2008-10-06 17:17 . 2003-09-24 09:43 487,424 -ra------ C:\Windows\System32\hpvcp70.dll
2008-10-06 16:34 . 2008-10-06 16:45 <REP> d-------- C:\ToolBar SD
2008-09-30 06:58 . 2008-10-08 22:14 293,697,431 --a------ C:\Windows\MEMORY.DMP
2008-09-30 04:04 . 2008-09-30 04:18 <REP> d-------- C:\TuePub
2008-09-29 21:58 . 2008-09-29 21:58 249,592 --a------ C:\Windows\System32\cssdll32.dll
2008-09-29 21:39 . 2008-09-29 21:39 <REP> d-------- C:\Users\All Users\Avira
2008-09-29 21:39 . 2008-09-29 21:39 <REP> d-------- C:\ProgramData\Avira
2008-09-29 21:39 . 2008-09-29 21:39 <REP> d-------- C:\Program Files\Avira
2008-09-29 21:22 . 2008-09-29 21:22 <REP> d--hs---- C:\#GDATA.Trash.Store#
2008-09-29 21:03 . 2008-09-29 21:03 29,128 --a------ C:\Windows\System32\drivers\GRD.sys
2008-09-29 20:57 . 2008-09-29 20:57 51,656 --a------ C:\Windows\System32\drivers\PktIcpt.sys
2008-09-29 20:57 . 2008-09-29 20:57 50,888 --a------ C:\Windows\System32\drivers\MiniIcpt.sys
2008-09-29 20:56 . 2008-09-29 20:56 <REP> d-------- C:\Users\amélie\AppData\Roaming\Comodo
2008-09-29 20:56 . 2008-09-29 22:35 <REP> d-------- C:\Users\All Users\comodo
2008-09-29 20:56 . 2008-09-29 22:35 <REP> d-------- C:\ProgramData\comodo
2008-09-29 20:56 . 2008-09-29 21:58 <REP> d-------- C:\Program Files\COMODO
2008-09-29 20:56 . 2008-09-29 21:55 143,104 --a------ C:\Windows\System32\guard32.dll
2008-09-29 20:56 . 2008-09-29 21:55 85,008 --a------ C:\Windows\System32\drivers\cmdguard.sys
2008-09-29 20:56 . 2008-09-29 20:56 39,880 --a------ C:\Windows\System32\drivers\gdwfpcd32.sys
2008-09-29 20:56 . 2008-09-29 21:55 25,104 --a------ C:\Windows\System32\drivers\cmdhlp.sys
2008-09-29 20:55 . 2008-09-29 21:22 <REP> d-------- C:\Users\All Users\G DATA
2008-09-29 20:55 . 2008-09-29 21:22 <REP> d-------- C:\ProgramData\G DATA
2008-09-29 20:55 . 2008-09-29 21:22 <REP> d-------- C:\Program Files\G DATA
2008-09-26 03:10 . 2008-09-26 03:10 3,120 --a------ C:\Windows\System32\ALLFSAF5a.ocx
2008-09-26 03:09 . 2008-09-26 03:09 <REP> d-------- C:\Program Files\@Last Software
2008-09-26 03:09 . 2005-01-11 12:51 1,060,864 --a------ C:\Windows\System32\MFC71.dll
2008-09-26 03:09 . 2005-01-11 12:51 1,047,552 --a------ C:\Windows\System32\MFC71u.dll
2008-09-26 03:09 . 2004-03-05 01:13 644,400 --a------ C:\Windows\System32\MSCOMCT2.OCX
2008-09-26 03:09 . 2004-03-05 01:21 339,968 --a------ C:\Windows\System32\mpiwin32.dll
2008-09-26 03:09 . 2005-02-02 15:37 89,088 --a------ C:\Windows\System32\atl71.dll
2008-09-26 03:09 . 2004-03-05 01:21 15,840 --a------ C:\Windows\System32\Machnm1.exe
2008-09-26 02:08 . 2008-09-26 02:32 <REP> d-------- C:\Program Files\Artlantis Render 2
2008-09-26 02:06 . 2008-09-26 02:06 <REP> d-------- C:\Program Files\Artlantis Studio 2
2008-09-25 05:36 . 2008-09-25 05:36 <REP> d-------- C:\Program Files\CCleaner
2008-09-25 02:45 . 2008-09-25 02:45 <REP> d-------- C:\Users\amélie\AppData\Roaming\Opera
2008-09-25 02:44 . 2008-09-25 02:45 <REP> d-------- C:\Program Files\Opera
2008-09-25 02:31 . 2008-09-25 02:31 <REP> d-------- C:\Users\amélie\AppData\Roaming\WinRAR
2008-09-25 00:48 . 2008-09-25 00:48 <REP> d-------- C:\Program Files\FileASSASSIN
2008-09-24 22:01 . 2008-07-13 15:25 676,224 -ra------ C:\Windows\System32\OGACheckControl.dll
2008-09-24 21:55 . 2008-09-24 21:55 <REP> d-------- C:\Program Files\Microsoft.NET
2008-09-24 21:53 . 2008-09-24 21:53 <REP> d-------- C:\Program Files\Microsoft Visual Studio 8
2008-09-24 21:51 . 2008-09-24 21:51 <REP> dr-h----- C:\MSOCache
2008-09-24 14:41 . 2008-09-24 14:41 <REP> d-------- C:\Users\amélie\AppData\Roaming\InstallShield
2008-09-24 14:37 . 2008-09-24 14:37 <REP> d-------- C:\Program Files\Ulead Systems
2008-09-24 13:19 . 2008-09-24 14:44 <REP> d-------- C:\Users\amélie\AppData\Roaming\Ulead Systems
2008-09-24 13:15 . 2008-09-24 13:15 <REP> d-------- C:\Users\All Users\InterVideo
2008-09-24 13:15 . 2008-09-24 13:15 <REP> d-------- C:\ProgramData\InterVideo
2008-09-24 13:15 . 2008-09-24 13:15 <REP> d-------- C:\Program Files\Windows Media Components
2008-09-24 13:15 . 2008-09-24 13:15 <REP> d-------- C:\Program Files\Common Files\InterVideo
2008-09-24 13:15 . 2007-03-06 11:58 210,456 --a------ C:\Windows\System32\IVIresizeW7.dll
2008-09-24 13:15 . 2007-03-06 11:58 206,360 --a------ C:\Windows\System32\IVIresizeA6.dll
2008-09-24 13:15 . 2007-03-06 11:58 198,168 --a------ C:\Windows\System32\IVIresizeP6.dll
2008-09-24 13:15 . 2007-03-06 11:58 198,168 --a------ C:\Windows\System32\IVIresizeM6.dll
2008-09-24 13:15 . 2007-03-06 11:58 194,072 --a------ C:\Windows\System32\IVIresizePX.dll
2008-09-24 13:15 . 2007-03-06 11:58 26,136 --a------ C:\Windows\System32\IVIresize.dll
2008-09-24 13:14 . 2008-10-08 18:04 <REP> d-------- C:\Users\All Users\Ulead Systems
2008-09-24 13:14 . 2008-10-08 18:04 <REP> d-------- C:\ProgramData\Ulead Systems
2008-09-24 13:14 . 2008-09-24 13:15 <REP> d-------- C:\Program Files\Common Files\Ulead Systems
2008-09-24 03:03 . 2008-09-24 03:03 2,560 --a------ C:\Windows\_MSRSTRT.EXE
2008-09-24 02:15 . 2008-09-24 02:15 0 --a------ C:\Users\amélie\AppData\Roaming\wklnhst.dat
2008-09-24 00:59 . 2008-09-26 02:21 <REP> d-------- C:\Users\amélie\AppData\Roaming\Abvent_Artlantis2
2008-09-24 00:59 . 2008-09-25 23:16 <REP> d-------- C:\Users\amélie\AppData\Roaming\Abvent
2008-09-24 00:59 . 2008-09-26 02:15 <REP> d-------- C:\Users\All Users\Abvent
2008-09-24 00:59 . 2008-09-26 02:15 <REP> d-------- C:\ProgramData\Abvent
2008-09-23 23:44 . 2008-09-23 23:44 <REP> d-------- C:\Users\All Users\ALM
2008-09-23 23:44 . 2008-09-23 23:44 <REP> d-------- C:\ProgramData\ALM
2008-09-23 22:38 . 2008-09-23 22:38 <REP> d-------- C:\Users\amélie\AppData\Roaming\Audacity
2008-09-23 22:38 . 2008-09-23 22:38 <REP> d-------- C:\Program Files\Audacity 1.3 Beta (Unicode)
2008-09-23 17:41 . 2008-09-23 18:41 <REP> d-------- C:\Users\amélie\AppData\Roaming\XnView
2008-09-23 17:17 . 2008-09-23 17:17 <REP> d-------- C:\Program Files\WIBU-SYSTEMS
2008-09-23 16:47 . 2008-10-08 22:15 0 --------- C:\Windows\System32\Ikeext.etl
2008-09-20 09:18 . 2008-09-20 09:18 <REP> d-------- C:\Program Files\XnView
2008-09-19 01:31 . 2008-09-19 01:31 <REP> d-------- C:\Users\amélie\AppData\Roaming\DAEMON Tools
2008-09-19 01:16 . 2008-09-23 17:17 <REP> d-------- C:\Program Files\WIBUKEY
2008-09-19 01:14 . 2008-09-19 01:14 <REP> d-------- C:\Users\All Users\Apple
2008-09-19 01:14 . 2008-09-19 01:14 <REP> d-------- C:\ProgramData\Apple
2008-09-19 01:14 . 2008-09-19 01:14 <REP> d-------- C:\Program Files\Apple Software Update
2008-09-18 07:48 . 2008-07-19 07:09 1,811,656 --a------ C:\Windows\System32\wuaueng.dll
2008-09-18 07:48 . 2008-07-19 05:44 1,524,736 --a------ C:\Windows\System32\wucltux.dll
2008-09-18 07:48 . 2008-07-19 07:09 563,912 --a------ C:\Windows\System32\wuapi.dll
2008-09-18 07:48 . 2008-07-18 22:08 163,904 --a------ C:\Windows\System32\wuwebv.dll
2008-09-18 07:48 . 2008-07-19 05:44 83,456 --a------ C:\Windows\System32\wudriver.dll
2008-09-18 07:48 . 2008-07-19 07:10 53,448 --a------ C:\Windows\System32\wuauclt.exe
2008-09-18 07:48 . 2008-07-19 07:10 45,768 --a------ C:\Windows\System32\wups2.dll
2008-09-18 07:48 . 2008-07-19 07:10 36,552 --a------ C:\Windows\System32\wups.dll
2008-09-18 07:48 . 2008-07-18 20:44 31,232 --a------ C:\Windows\System32\wuapp.exe
2008-09-16 17:26 . 2008-09-17 00:00 <REP> d-------- C:\Users\amélie\AppData\Roaming\skypePM
2008-09-16 17:26 . 2008-09-16 17:26 56 --ah----- C:\Users\All Users\ezsidmv.dat
2008-09-16 17:26 . 2008-09-16 17:26 56 --ah----- C:\ProgramData\ezsidmv.dat
2008-09-16 17:21 . 2008-09-17 00:14 <REP> d-------- C:\Users\amélie\AppData\Roaming\Skype
2008-09-16 17:21 . 2008-09-16 17:21 <REP> d-------- C:\Program Files\Common Files\Skype
2008-09-16 02:49 . 2008-09-16 02:49 <REP> d-------- C:\Users\amélie\AppData\Roaming\Autodesk
2008-09-16 02:49 . 2008-09-16 03:06 <REP> d-------- C:\Users\All Users\Autodesk
2008-09-16 02:49 . 2008-09-16 03:06 <REP> d-------- C:\ProgramData\Autodesk
2008-09-16 02:49 . 2008-09-16 02:59 <REP> d-------- C:\Program Files\AutoCAD 2008
2008-09-16 02:21 . 2008-09-24 03:04 <REP> d-------- C:\Program Files\free-downloads.net
2008-09-16 02:21 . 2008-09-16 02:21 <REP> d-------- C:\Program Files\Alcohol Soft
2008-09-16 02:18 . 2008-09-19 01:31 717,296 --a------ C:\Windows\System32\drivers\sptd.sys
2008-09-16 02:13 . 2008-09-16 02:13 <REP> d-------- C:\Program Files\PowerISO
2008-09-16 01:27 . 2008-09-16 01:27 <REP> d-------- C:\Users\amélie\AppData\Roaming\Media Player Classic
2008-09-16 01:14 . 2008-09-16 01:14 <REP> d-------- C:\Program Files\K-Lite Codec Pack
2008-09-13 04:55 . 2007-09-24 23:31 69,632 --a------ C:\Windows\System32\javacpl.cpl
2008-09-10 13:07 . 2008-07-31 03:13 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2008-09-10 13:07 . 2008-06-26 05:29 303,616 --a------ C:\Windows\System32\wmpeffects.dll
2008-09-10 13:07 . 2008-07-31 05:32 28,160 --a------ C:\Windows\System32\Apphlpdm.dll
2008-09-10 13:06 . 2008-08-02 03:01 625,152 --a------ C:\Windows\System32\drivers\dxgkrnl.sys
2008-09-10 13:06 . 2008-06-26 05:29 565,248 --a------ C:\Windows\System32\emdmgmt.dll
2008-09-10 13:06 . 2008-05-08 21:21 211,968 --a------ C:\Windows\System32\drivers\mrxsmb10.sys
2008-09-10 13:06 . 2008-05-20 04:07 148,480 --a------ C:\Windows\System32\drivers\nwifi.sys
2008-09-10 13:06 . 2008-06-26 05:29 45,056 --a------ C:\Windows\System32\dataclen.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-08 20:14 2,883,584 --sha-w C:\Users\amélie\ntuser.dat
2008-10-08 20:14 2,883,584 --sha-w C:\Users\amélie\ntuser.dat
2008-10-08 19:32 --------- d-----w C:\Program Files\Nero
2008-10-08 15:17 --------- d-----w C:\ProgramData\Google Updater
2008-10-07 13:59 --------- d-----w C:\Program Files\eMule
2008-10-07 12:56 --------- d-----w C:\Users\amélie\AppData\Roaming\Malwarebytes
2008-10-06 19:44 --------- d-----w C:\Program Files\BitComet
2008-09-29 18:56 --------- d-----w C:\Users\amélie\AppData\Roaming\Comodo
2008-09-29 18:48 --------- d-----w C:\ProgramData\Symantec
2008-09-29 18:48 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-09-26 01:09 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-26 00:21 --------- d-----w C:\Users\amélie\AppData\Roaming\Abvent_Artlantis2
2008-09-25 21:16 --------- d-----w C:\Users\amélie\AppData\Roaming\Abvent
2008-09-25 19:56 --------- d-s---w C:\Users\amélie\AppData\Roaming\Microsoft
2008-09-25 01:31 --------- d-----w C:\Program Files\Microsoft Games
2008-09-25 00:45 --------- d-----w C:\Users\amélie\AppData\Roaming\Opera
2008-09-25 00:31 --------- d-----w C:\Users\amélie\AppData\Roaming\WinRAR
2008-09-24 23:25 --------- d-----w C:\Program Files\Common Files\Adobe
2008-09-24 22:20 --------- d-----w C:\Users\amélie\AppData\Roaming\vlc
2008-09-24 20:35 --------- d-----w C:\Program Files\Windows Live
2008-09-24 19:58 --------- d-----w C:\ProgramData\Microsoft Help
2008-09-24 19:56 --------- d-----w C:\Program Files\MSBuild
2008-09-24 19:56 --------- d-----w C:\Program Files\Microsoft Works
2008-09-24 12:44 --------- d-----w C:\Users\amélie\AppData\Roaming\Ulead Systems
2008-09-24 12:41 --------- d-----w C:\Users\amélie\AppData\Roaming\InstallShield
2008-09-24 11:15 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-09-24 00:15 0 ----a-w C:\Users\amélie\AppData\Roaming\wklnhst.dat
2008-09-23 22:13 --------- d-----w C:\ProgramData\FLEXnet
2008-09-23 22:02 --------- d-----w C:\Users\amélie\AppData\Roaming\Adobe
2008-09-23 20:38 --------- d-----w C:\Users\amélie\AppData\Roaming\Audacity
2008-09-23 18:41 --------- d-----w C:\Program Files\Graphisoft
2008-09-23 16:41 --------- d-----w C:\Users\amélie\AppData\Roaming\XnView
2008-09-23 15:28 --------- d-----w C:\Users\amélie\AppData\Roaming\Graphisoft
2008-09-21 23:14 --------- d-----w C:\Users\amélie\AppData\Roaming\Packard Bell
2008-09-18 23:31 --------- d-----w C:\Users\amélie\AppData\Roaming\DAEMON Tools
2008-09-18 23:16 --------- d-----w C:\Program Files\QuickTime
2008-09-18 23:15 --------- d-----w C:\ProgramData\Apple Computer
2008-09-16 22:14 --------- d-----w C:\Users\amélie\AppData\Roaming\Skype
2008-09-16 22:00 --------- d-----w C:\Users\amélie\AppData\Roaming\skypePM
2008-09-16 00:59 --------- d-----w C:\Program Files\Common Files\Autodesk Shared
2008-09-16 00:49 --------- d-----w C:\Users\amélie\AppData\Roaming\Autodesk
2008-09-15 23:27 --------- d-----w C:\Users\amélie\AppData\Roaming\Media Player Classic
2008-09-15 23:11 --------- d-----w C:\Program Files\DirectVobSub
2008-09-13 02:55 --------- d-----w C:\Program Files\Java
2008-09-03 14:24 --------- d-----w C:\ProgramData\Adobe Systems
2008-09-03 14:16 --------- d-----w C:\Program Files\Common Files\Adobe Systems Shared
2008-09-02 16:54 --------- d-----w C:\ProgramData\eMule
2008-09-02 16:45 --------- d-----w C:\Program Files\Google
2008-09-02 14:01 --------- d-----w C:\Program Files\Bonjour
2008-09-02 13:57 --------- d-----w C:\Program Files\Common Files\Macrovision Shared
2008-09-02 07:31 --------- d-----w C:\Program Files\Windows Mail
2008-07-31 03:32 460,288 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-07-31 03:32 2,154,496 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-07-31 03:32 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-01-21 02:43 174 --sha-w C:\Program Files\desktop.ini
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-07-30 68856]
"SmpcSys"="C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe" [2008-02-04 1038136]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-12-12 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-12-12 8530464]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-12-12 81920]
"toolbar_eula_launcher"="C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe" [2007-02-20 28672]
"basicsmssmenu"="C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" [2007-10-09 169328]
"HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2003-06-25 49152]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2003-10-23 233472]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2008-07-07 167936]
"Waiting1210"="C:\Windows\AStiDog1210.exe" [2007-03-23 60416]
"UVS11 Preload"="C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe" [2007-07-23 341232]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"COMODO SafeSurf"="C:\Program Files\COMODO\SafeSurf\cssurf.exe" [2008-09-29 278264]
"COMODO Firewall Pro"="C:\Program Files\COMODO\Firewall\cfp.exe" [2008-09-29 1655552]
"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872]
"RtHDVCpl"="RtHDVCpl.exe" [2007-10-01 C:\Windows\RtHDVCpl.exe]

C:\Users\am‚lie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Serveur r‚seau.lnk - C:\Program Files\WIBUKEY\Server\WkSvMgr.exe [2008-09-23 3768320]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"= C:\Windows\system32\guard32.dll C:\Windows\system32\cssdll32.dll fpdrkb.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.YV12"= yv12vfw.dll
"msacm.dvacm"= C:\PROGRA~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"msacm.MPEGacm"= C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\MPEGacm.acm
"msacm.ulmp3acm"= C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\ulmp3acm.acm

[HKLM\~\startupfolder\C:^Users^amélie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]
path=C:\Users\amélie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
backup=C:\Windows\pss\MagicDisc.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
--a------ 2007-12-22 09:20 222080 C:\Program Files\Alcohol Soft\Alcohol 120\AxCmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet]
--a------ 2008-08-22 08:07 2567992 C:\Program Files\BitComet\BitComet.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-10-19 20:16 286720 C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2007-09-25 01:11 132496 C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]
--a------ 2008-01-21 04:23 2153472 C:\Windows\System32\oobefldr.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{247657A5-6CCB-43FF-AFFD-2D8469C1AB76}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{DC2A6321-2C9A-45C9-B584-3C2A4FC4DC9D}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{456DAB85-7D94-49FE-BF7B-4DF953278DEC}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{F319CB14-08F6-4FB8-9D3E-D535696417A6}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{E3865BC7-9752-4B49-93EC-3C8510A4A08F}"= UDP:C:\Program Files\WIBUKEY\Server\WkSvW32.exe:WIBU-KEY Network Server
"{4307D8A1-933C-463E-B7B4-0BB3B6929B79}"= TCP:C:\Program Files\WIBUKEY\Server\WkSvW32.exe:WIBU-KEY Network Server
"{C328990F-A20A-4F6E-A8BB-505BA817B50D}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{DE16EAC1-19C4-4B33-BFC0-07724E13B1A3}"= UDP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{645F760F-6E68-43AF-8C5A-C9917A134364}"= TCP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{50D2F47B-F0DB-4449-811F-F3C8C7668B38}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{63D48ED9-DDD2-488D-B1BB-1C01B4844D74}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"TCP Query User{5C2CC0ED-AA4E-4B91-9523-C08DF9B16DAC}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{DC920FD2-A88D-4EB5-BE23-CE2705E0D622}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"{809E4A3A-2CA8-43EC-9CBB-43A4FAF5D387}"= UDP:16030:BitComet 16030 TCP
"{B0DCDE60-1B6C-4219-A48F-5E56216521AF}"= TCP:16030:BitComet 16030 UDP
"TCP Query User{78FD4E4F-BDB7-4044-8908-8A973E50F7DD}C:\\program files\\bitcomet\\bitcomet.exe"= UDP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"UDP Query User{79E681F6-1965-4CB2-9BB8-BA97DC6C854A}C:\\program files\\bitcomet\\bitcomet.exe"= TCP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;C:\Windows\system32\DRIVERS\cmdguard.sys [2008-09-29 85008]
R1 cmdHlp;COMODO Firewall Pro Helper Driver;C:\Windows\system32\DRIVERS\cmdhlp.sys [2008-09-29 25104]
R2 Basics Service;Basics Service;C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe [2007-10-09 124280]
R2 SrvCDEject;SrvCDEject;C:\Program Files\Packard Bell\SrvCDEject.exe [2007-09-07 600064]
S3 CAM1210;USB video camera;C:\Windows\system32\Drivers\cam1210.sys [2007-03-22 94208]
S4 ErrDev;Microsoft Hardware Error Device Driver;C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR;C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 nvrd32;NVIDIA nForce RAID Driver;C:\Windows\system32\drivers\nvrd32.sys [2007-09-11 123424]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
\shell\AutoRun\command - H:\Art-lantis_4.5_installer.exe
.
Contenu du dossier 'Tâches planifiées'

2008-10-08 C:\Windows\Tasks\Extension de garantie-amélie.job
- C:\Program Files\Packard Bell\SetupmyPC\PBCarNot.exe [2008-02-04 12:13]

2008-10-08 C:\Windows\Tasks\Recovery DVD Creator-amélie.job
- C:\Program Files\Packard Bell\SetupMyPc\MCDCheck.exe [2008-02-04 12:13]
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
MSConfigStartUp-CarboniteSetupLite - C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe


.
------- Examen supplémentaire -------
.
FireFox -: Profile - C:\Users\amélie\AppData\Roaming\Mozilla\Firefox\Profiles\3r6tj20r.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.fr/ig
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-08 22:15:05
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...


C:\Users\amélie\AppData\Local\Temp\TarDAB5.tmp 73531 bytes
C:\Users\amélie\AppData\Local\Temp\CabDAB4.tmp 27617 bytes

Scan terminé avec succès
Fichiers cachés: 2

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

PROCESSUS: C:\Windows\Explorer.exe
-> C:\Program Files\Unlocker\UnlockerHook.dll
.
------------------------ Autres processus actifs ------------------------
.
C:\Windows\System32\audiodg.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Windows\System32\conime.exe
C:\Windows\System32\WerFault.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\Program Files\Packard Bell\SAXO24\HidService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Windows\System32\IoctlSvc.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Heure de fin: 2008-10-08 22:19:03 - La machine a redémarré [amélie]
ComboFix-quarantined-files.txt 2008-10-08 20:18:50

Avant-CF: 359,107,198,976 octets libres
Après-CF: 362,521,948,160 octets libres

354 --- E O F --- 2008-09-11 01:03:39
0
Réponse 34 / 68
Amélie
8 oct. 2008 à 22:52
Pour ce qui est de Nero, ca y est, je l'ai désinstallé, et je vais le remplacer par l'un des logiciels que tu m'as conseillé... Merci du tuyau.

Autre petit truc, j'ai l'application permettant d'installer tuepub sur mon bureau et son application (que j'avais pourtant désinstaller il y a quelques jours) dans C, que je n'arrive pas à supprimer, ni avec FileAssassin, ni avec unlocker. Peut-être que c'est lié à mes problèmes?
0
Réponse 35 / 68
papyber Messages postés 6406 Date d'inscription samedi 24 mars 2007 Statut Contributeur sécurité Dernière intervention 3 octobre 2010 257
9 oct. 2008 à 09:16
rapport en examen, on te le supprimer avec ComboFix ce tuepub
je reviens en fin de matinée, je suis obligé de m'absenter...
0
Réponse 36 / 68
papyber Messages postés 6406 Date d'inscription samedi 24 mars 2007 Statut Contributeur sécurité Dernière intervention 3 octobre 2010 257
9 oct. 2008 à 12:02
une infection qui se propage par les périphériques externes, donc si tu désinfectes ton Pc mais pas tes périphériques - clé USB, DD externe, tout périphérique qui se connecte sur ton PC, etc... cela se relance..
Tu vas faire ceci dans un 1er temps
Si tu as une clé USB, disque dur externe, etc., branche-les sans les ouvrir avant de lancer ce FIX
Télécharge Rav Antivirus: http://ww25.evosla.com/compteur.php?soft=rav_antivirus
· Clique droit sur le fichier .ZIP > Extraire sur > le Bureau
· Double clique sur >> RAV.exe << afin de lancer l'outil.
· Une fois RAV ANTIVIRUS lancé, laisse-le réagir, il Scanne automatiquement tous les lecteurs (disques fixes et amovibles)
· Si infection > un rapport s'établira, sinon s'affichera (très rapide) ==>Votre Ordinateur est sain.
· Retire tes disques amovibles et redémarre ton ordinateur.
Poste le rapport, si infection!

branche à nouveau tous tes périphériques externes
ceci a été intentionnellement rédigé pour CET utilisateur.
si vous n'êtes pas CET utilisateur, NE PAS appliquer ces directives : elles pourraient endommager votre système.
Rappel : une fois que ComboFix est lancé, il ne faut pas cliquer dans la fenêtre de ComboFix car cela pourrait entraîner un plantage du programme.
Il est recommandé de laisser l'outil analyser et nettoyer le PC sans utiliser quoi que ce soit d'autre...
Sélectionne le texte suivant (Ctrl+A): 
KillAll::
Folder::
C:\Windows\PIF
C:\fixwareout
C:\TuePub
File::
C:\Users\amélie\Desktop\TuePub_installation.exe 
C:\Windows\System32\ALLFSAF5a.ocx
C:\Users\All Users\ezsidmv.dat
C:\ProgramData\ezsidmv.dat

Copie le texte sélectionné (CTRL+C).
Ouvre le Bloc-notes (Démarrer/Tous les programmes/Accessoires/Bloc-notes).
Colle le texte copié dans ce Bloc-notes (CTRL+V).
Sauvegarde ce fichier sur ton Bureau sous le nom de CFScript.txt (CFScript)
http://apu.mabul.org/up/apu/2008/08/12/img-210914jjufm.gif
Comme l'image le montre, fait glisser CFScript.txt sur ComboFix.exe(ComboFix)
Une fenêtre à fond bleu va s'ouvrir: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
Laisse ComboFix travailler
Patiente le temps de l'analyse. Le Bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le nettoyage n'est pas terminé.
Un rapport va s'afficher: poste son contenu.
Si le fichier ne s'ouvre pas, tu le trouves ici, à la racine de ton Système, en principe : C:\ComboFix.txt (C:\ComboFix)
ceci a été intentionnellement rédigé pour CET utilisateur.
si vous n'êtes pas CET utilisateur, NE PAS appliquer ces directives : elles pourraient endommager votre système.

rends-toi sur ESET Online Scanner Link
https://www.eset.com/
Coche la case YES, I accept the Terms Of Use
Clique sur le bouton Start
Clique maintenant sur Install button
Clique a nouveau sur Start

Les mises à jours du Scan en ligne vont se faire.
Ne coche pas Remove found threats
Clique sur Scan button

Le Scan va démarrer, sois patient.

Quand le Scan sera terminé, clique sur Details tab

Copie colle en réponse le contenu de C:\Program Files\EsetOnlineScanner\log.txt back
0
Réponse 37 / 68
Amélie
9 oct. 2008 à 16:44
Je n'arrive plus à poster de message depuis deux heures, j'espere que celui là va marcher (je l'ai fais plus léger, sans le rapport de combofix, pour voir).

Au démarrage de combofix, il me propose à chq fois une mise à jour qui échoue, est-ce un problème?
Sinon, j'ai essayé de démarrer le scan d'eset online sacanner, mais cela n'a pas marché (soit disant que mon ordinnateur n'a pas le système requis)
0
Réponse 38 / 68
Amélie
9 oct. 2008 à 16:45
Comme ca a marché, je vais envoyé le rapport par petits bouts :

ComboFix 08-10-08.04 - amélie 2008-10-09 14:58:17.2 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.2369 [GMT 2:00]
Lancé depuis: C:\Users\amélie\Desktop\ComboFix.exe
Commutateurs utilisés :: C:\Users\amélie\Desktop\CFScript.txt
* Un nouveau point de restauration a été créé

FILE ::
C:\ProgramData\ezsidmv.dat
C:\Users\All Users\ezsidmv.dat
C:\Users\amélie\Desktop\TuePub_installation.exe
C:\Windows\System32\ALLFSAF5a.ocx
C:\Windows\PIF -- Whitelisted --
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\fixwareout
C:\fixwareout\FindT\dumphive.exe
C:\fixwareout\FindT\FixWareOut.reg
C:\fixwareout\FindT\nircmd.exe
C:\fixwareout\FindT\patterns.txt
C:\fixwareout\FindT\rbot.bat
C:\fixwareout\FindT\RestartIt.exe
C:\fixwareout\FindT\runs.vbs
C:\fixwareout\FindT\swreg.exe
C:\fixwareout\FindT\vfind.exe
C:\fixwareout\FindT\XP-2K2.cmd
C:\fixwareout\FixIt.BAT
C:\ProgramData\ezsidmv.dat
C:\Users\All Users\ezsidmv.dat
C:\Windows\System32\ALLFSAF5a.ocx
C:\TuePub . . . . impossible à supprimer
C:\TuePub\TuePub.exe . . . . impossible à supprimer
C:\Users\amélie\Desktop\TuePub_installation.exe . . . . impossible à supprimer

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-09-09 au 2008-10-09 ))))))))))))))))))))))))))))))))))))
.

2008-10-09 03:08 . 2008-10-09 03:09 <REP> d-------- C:\Program Files\PDFCreator
2008-10-09 03:08 . 1998-07-13 02:08 141,312 --a------ C:\Windows\System32\MSCMCFR.DLL
2008-10-09 03:08 . 1998-06-24 01:00 137,000 --a------ C:\Windows\System32\MSMAPI32.OCX
2008-10-09 03:08 . 1998-07-13 02:08 119,568 --a------ C:\Windows\System32\VB6FR.DLL
2008-10-09 03:08 . 2001-10-28 17:42 116,224 --a------ C:\Windows\System32\pdfcmnnt.dll
2008-10-09 03:08 . 1998-07-13 02:08 59,904 --a------ C:\Windows\System32\MSCC2FR.DLL
2008-10-09 03:08 . 1998-07-06 01:00 23,552 --a------ C:\Windows\System32\MSMPIDE.DLL
2008-10-09 02:40 . 2008-10-09 02:40 <REP> d-------- C:\Users\amélie\AppData\Roaming\Zeon
2008-10-09 02:35 . 2008-10-09 02:35 <REP> d-------- C:\Users\All Users\Nuance
2008-10-09 02:35 . 2008-10-09 02:35 <REP> d-------- C:\ProgramData\Nuance
2008-10-09 02:34 . 2008-10-09 02:34 <REP> d-------- C:\Users\All Users\zeon
2008-10-09 02:34 . 2008-10-09 02:34 <REP> d-------- C:\ProgramData\zeon
2008-10-09 02:34 . 2008-10-09 02:34 <REP> d-------- C:\Program Files\Nuance
2008-10-09 02:34 . 2008-10-09 02:34 <REP> d-------- C:\Program Files\Common Files\ScanSoft Shared
2008-10-09 02:30 . 2008-10-09 02:30 <REP> d-------- C:\PDFPro5Trial
2008-10-09 01:19 . 2008-10-09 01:19 54,156 --ah----- C:\Windows\QTFont.qfn
2008-10-09 01:19 . 2008-10-09 01:19 1,409 --a------ C:\Windows\QTFont.for
2008-10-08 23:32 . 2008-10-08 23:32 <REP> d-------- C:\Users\amélie\AppData\Roaming\Canneverbe_Limited
2008-10-08 23:32 . 2008-10-08 23:32 <REP> d-------- C:\Program Files\CDBurnerXP
2008-10-08 23:01 . 2008-06-20 03:14 781,344 --a------ C:\Windows\System32\PresentationNative_v0300.dll
2008-10-08 23:01 . 2008-06-20 03:14 622,080 --a------ C:\Windows\System32\icardagt.exe
2008-10-08 23:01 . 2008-06-20 03:14 326,160 --a------ C:\Windows\System32\PresentationHost.exe
2008-10-08 23:01 . 2008-06-20 03:14 105,016 --a------ C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2008-10-08 23:01 . 2008-06-20 03:14 97,800 --a------ C:\Windows\System32\infocardapi.dll
2008-10-08 23:01 . 2008-06-20 03:14 43,544 --a------ C:\Windows\System32\PresentationHostProxy.dll
2008-10-08 23:01 . 2008-06-20 03:14 37,384 --a------ C:\Windows\System32\infocardcpl.cpl
2008-10-08 23:01 . 2008-06-20 03:14 11,264 --a------ C:\Windows\System32\icardres.dll
2008-10-08 22:56 . 2008-07-27 20:03 282,112 --a------ C:\Windows\System32\mscoree.dll
2008-10-08 22:56 . 2008-07-27 20:03 158,720 --a------ C:\Windows\System32\mscorier.dll
2008-10-08 22:56 . 2008-07-27 20:03 96,760 --a------ C:\Windows\System32\dfshim.dll
2008-10-08 22:56 . 2008-07-27 20:03 83,968 --a------ C:\Windows\System32\mscories.dll
2008-10-08 22:56 . 2008-07-27 20:03 41,984 --a------ C:\Windows\System32\netfxperf.dll
2008-10-08 16:54 . 2008-10-08 17:00 <REP> d-------- C:\ComboFix(0)
2008-10-07 22:09 . 2008-10-07 22:09 <REP> d--h----- C:\Windows\PIF
2008-10-07 21:55 . 2008-10-07 22:08 <REP> d-------- C:\Program Files\Unlocker
2008-10-07 14:56 . 2008-10-07 14:56 <REP> d-------- C:\Users\amélie\AppData\Roaming\Malwarebytes
2008-10-07 14:56 . 2008-10-07 14:56 <REP> d-------- C:\Users\All Users\Malwarebytes
2008-10-07 14:56 . 2008-10-07 14:56 <REP> d-------- C:\ProgramData\Malwarebytes
2008-10-07 14:56 . 2008-10-07 14:56 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-07 14:56 . 2008-09-10 00:04 38,528 --a------ C:\Windows\System32\drivers\mbamswissarmy.sys
2008-10-07 14:56 . 2008-09-10 00:03 17,200 --a------ C:\Windows\System32\drivers\mbam.sys
2008-10-06 17:18 . 2003-09-24 09:44 44,544 -ra------ C:\Windows\System32\MSXML4a.dll
2008-10-06 17:17 . 2003-09-24 09:43 626,960 -ra------ C:\Windows\System32\hpvaut32.dll
2008-10-06 17:17 . 2003-09-24 09:43 487,424 -ra------ C:\Windows\System32\hpvcp70.dll
2008-10-06 16:34 . 2008-10-06 16:45 <REP> d-------- C:\ToolBar SD
2008-09-30 06:58 . 2008-10-08 22:14 293,697,431 --a------ C:\Windows\MEMORY.DMP
2008-09-30 04:04 . 2008-09-30 04:18 <REP> d-------- C:\TuePub
2008-09-29 21:58 . 2008-09-29 21:58 249,592 --a------ C:\Windows\System32\cssdll32.dll
2008-09-29 21:39 . 2008-09-29 21:39 <REP> d-------- C:\Users\All Users\Avira
2008-09-29 21:39 . 2008-09-29 21:39 <REP> d-------- C:\ProgramData\Avira
2008-09-29 21:39 . 2008-09-29 21:39 <REP> d-------- C:\Program Files\Avira
2008-09-29 21:22 . 2008-09-29 21:22 <REP> d--hs---- C:\#GDATA.Trash.Store#
2008-09-29 21:03 . 2008-09-29 21:03 29,128 --a------ C:\Windows\System32\drivers\GRD.sys
2008-09-29 20:57 . 2008-09-29 20:57 51,656 --a------ C:\Windows\System32\drivers\PktIcpt.sys
2008-09-29 20:57 . 2008-09-29 20:57 50,888 --a------ C:\Windows\System32\drivers\MiniIcpt.sys
2008-09-29 20:56 . 2008-09-29 20:56 <REP> d-------- C:\Users\amélie\AppData\Roaming\Comodo
2008-09-29 20:56 . 2008-09-29 22:35 <REP> d-------- C:\Users\All Users\comodo
2008-09-29 20:56 . 2008-09-29 22:35 <REP> d-------- C:\ProgramData\comodo
2008-09-29 20:56 . 2008-09-29 21:58 <REP> d-------- C:\Program Files\COMODO
2008-09-29 20:56 . 2008-09-29 21:55 143,104 --a------ C:\Windows\System32\guard32.dll
2008-09-29 20:56 . 2008-09-29 21:55 85,008 --a------ C:\Windows\System32\drivers\cmdguard.sys
2008-09-29 20:56 . 2008-09-29 20:56 39,880 --a------ C:\Windows\System32\drivers\gdwfpcd32.sys
2008-09-29 20:56 . 2008-09-29 21:55 25,104 --a------ C:\Windows\System32\drivers\cmdhlp.sys
2008-09-29 20:55 . 2008-09-29 21:22 <REP> d-------- C:\Users\All Users\G DATA
2008-09-29 20:55 . 2008-09-29 21:22 <REP> d-------- C:\ProgramData\G DATA
2008-09-29 20:55 . 2008-09-29 21:22 <REP> d-------- C:\Program Files\G DATA
2008-09-26 03:09 . 2008-09-26 03:09 <REP> d-------- C:\Program Files\@Last Software
2008-09-26 03:09 . 2005-01-11 12:51 1,060,864 --a------ C:\Windows\System32\MFC71.dll
2008-09-26 03:09 . 2005-01-11 12:51 1,047,552 --a------ C:\Windows\System32\MFC71u.dll
2008-09-26 03:09 . 2004-03-09 01:00 662,288 --a------ C:\Windows\System32\MSCOMCT2.OCX
2008-09-26 03:09 . 2004-03-05 01:21 339,968 --a------ C:\Windows\System32\mpiwin32.dll
2008-09-26 03:09 . 2005-02-02 15:37 89,088 --a------ C:\Windows\System32\atl71.dll
2008-09-26 03:09 . 2004-03-05 01:21 15,840 --a------ C:\Windows\System32\Machnm1.exe
2008-09-26 02:08 . 2008-09-26 02:32 <REP> d-------- C:\Program Files\Artlantis Render 2
2008-09-26 02:06 . 2008-09-26 02:06 <REP> d-------- C:\Program Files\Artlantis Studio 2
2008-09-25 05:36 . 2008-09-25 05:36 <REP> d-------- C:\Program Files\CCleaner
2008-09-25 02:45 . 2008-09-25 02:45 <REP> d-------- C:\Users\amélie\AppData\Roaming\Opera
2008-09-25 02:44 . 2008-09-25 02:45 <REP> d-------- C:\Program Files\Opera
2008-09-25 02:31 . 2008-09-25 02:31 <REP> d-------- C:\Users\amélie\AppData\Roaming\WinRAR
2008-09-25 00:48 . 2008-09-25 00:48 <REP> d-------- C:\Program Files\FileASSASSIN
2008-09-24 22:01 . 2008-07-13 15:25 676,224 -ra------ C:\Windows\System32\OGACheckControl.dll
2008-09-24 21:55 . 2008-09-24 21:55 <REP> d-------- C:\Program Files\Microsoft.NET
2008-09-24 21:53 . 2008-09-24 21:53 <REP> d-------- C:\Program Files\Microsoft Visual Studio 8
2008-09-24 21:51 . 2008-09-24 21:51 <REP> dr-h----- C:\MSOCache
2008-09-24 14:41 . 2008-09-24 14:41 <REP> d-------- C:\Users\amélie\AppData\Roaming\InstallShield
2008-09-24 14:37 . 2008-09-24 14:37 <REP> d-------- C:\Program Files\Ulead Systems
2008-09-24 13:19 . 2008-09-24 14:44 <REP> d-------- C:\Users\amélie\AppData\Roaming\Ulead Systems
2008-09-24 13:15 . 2008-09-24 13:15 <REP> d-------- C:\Users\All Users\InterVideo
2008-09-24 13:15 . 2008-09-24 13:15 <REP> d-------- C:\ProgramData\InterVideo
2008-09-24 13:15 . 2008-09-24 13:15 <REP> d-------- C:\Program Files\Windows Media Components
2008-09-24 13:15 . 2008-09-24 13:15 <REP> d-------- C:\Program Files\Common Files\InterVideo
2008-09-24 13:15 . 2007-03-06 11:58 210,456 --a------ C:\Windows\System32\IVIresizeW7.dll
2008-09-24 13:15 . 2007-03-06 11:58 206,360 --a------ C:\Windows\System32\IVIresizeA6.dll
2008-09-24 13:15 . 2007-03-06 11:58 198,168 --a------ C:\Windows\System32\IVIresizeP6.dll
2008-09-24 13:15 . 2007-03-06 11:58 198,168 --a------ C:\Windows\System32\IVIresizeM6.dll
2008-09-24 13:15 . 2007-03-06 11:58 194,072 --a------ C:\Windows\System32\IVIresizePX.dll
2008-09-24 13:15 . 2007-03-06 11:58 26,136 --a------ C:\Windows\System32\IVIresize.dll
2008-09-24 13:14 . 2008-10-08 18:04 <REP> d-------- C:\Users\All Users\Ulead Systems
2008-09-24 13:14 . 2008-10-08 18:04 <REP> d-------- C:\ProgramData\Ulead Systems
2008-09-24 13:14 . 2008-09-24 13:15 <REP> d-------- C:\Program Files\Common Files\Ulead Systems
2008-09-24 03:03 . 2008-09-24 03:03 2,560 --a------ C:\Windows\_MSRSTRT.EXE
2008-09-24 02:15 . 2008-09-24 02:15 0 --a------ C:\Users\amélie\AppData\Roaming\wklnhst.dat
2008-09-24 00:59 . 2008-09-26 02:21 <REP> d-------- C:\Users\amélie\AppData\Roaming\Abvent_Artlantis2
2008-09-24 00:59 . 2008-09-25 23:16 <REP> d-------- C:\Users\amélie\AppData\Roaming\Abvent
2008-09-24 00:59 . 2008-09-26 02:15 <REP> d-------- C:\Users\All Users\Abvent
2008-09-24 00:59 . 2008-09-26 02:15 <REP> d-------- C:\ProgramData\Abvent
2008-09-23 23:44 . 2008-09-23 23:44 <REP> d-------- C:\Users\All Users\ALM
2008-09-23 23:44 . 2008-09-23 23:44 <REP> d-------- C:\ProgramData\ALM
2008-09-23 22:38 . 2008-09-23 22:38 <REP> d-------- C:\Users\amélie\AppData\Roaming\Audacity
2008-09-23 22:38 . 2008-09-23 22:38 <REP> d-------- C:\Program Files\Audacity 1.3 Beta (Unicode)
2008-09-23 17:41 . 2008-09-23 18:41 <REP> d-------- C:\Users\amélie\AppData\Roaming\XnView
2008-09-23 17:17 . 2008-09-23 17:17 <REP> d-------- C:\Program Files\WIBU-SYSTEMS
2008-09-23 16:47 . 2008-10-09 15:05 0 --------- C:\Windows\System32\Ikeext.etl
2008-09-20 09:18 . 2008-09-20 09:18 <REP> d-------- C:\Program Files\XnView
2008-09-19 01:31 . 2008-09-19 01:31 <REP> d-------- C:\Users\amélie\AppData\Roaming\DAEMON Tools
2008-09-19 01:16 . 2008-09-23 17:17 <REP> d-------- C:\Program Files\WIBUKEY
2008-09-19 01:14 . 2008-09-19 01:14 <REP> d-------- C:\Users\All Users\Apple
2008-09-19 01:14 . 2008-09-19 01:14 <REP> d-------- C:\ProgramData\Apple
2008-09-19 01:14 . 2008-09-19 01:14 <REP> d-------- C:\Program Files\Apple Software Update
2008-09-18 07:48 . 2008-07-19 07:09 1,811,656 --a------ C:\Windows\System32\wuaueng.dll
2008-09-18 07:48 . 2008-07-19 05:44 1,524,736 --a------ C:\Windows\System32\wucltux.dll
2008-09-18 07:48 . 2008-07-19 07:09 563,912 --a------ C:\Windows\System32\wuapi.dll
2008-09-18 07:48 . 2008-07-18 22:08 163,904 --a------ C:\Windows\System32\wuwebv.dll
2008-09-18 07:48 . 2008-07-19 05:44 83,456 --a------ C:\Windows\System32\wudriver.dll
2008-09-18 07:48 . 2008-07-19 07:10 53,448 --a------ C:\Windows\System32\wuauclt.exe
0
Réponse 39 / 68
Amélie
9 oct. 2008 à 16:51
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-09 13:05 3,145,728 --sha-w C:\Users\amélie\ntuser.dat
2008-10-09 13:05 3,145,728 --sha-w C:\Users\amélie\ntuser.dat
2008-10-09 01:11 --------- d-----w C:\ProgramData\Microsoft Help
2008-10-09 00:40 --------- d-----w C:\Users\amélie\AppData\Roaming\Zeon
2008-10-08 21:32 --------- d-----w C:\Users\amélie\AppData\Roaming\Canneverbe_Limited
2008-10-08 15:17 --------- d-----w C:\ProgramData\Google Updater
2008-10-07 13:59 --------- d-----w C:\Program Files\eMule
2008-10-07 12:56 --------- d-----w C:\Users\amélie\AppData\Roaming\Malwarebytes
2008-10-06 19:44 --------- d-----w C:\Program Files\BitComet
2008-09-29 18:56 --------- d-----w C:\Users\amélie\AppData\Roaming\Comodo
2008-09-29 18:48 --------- d-----w C:\ProgramData\Symantec
2008-09-29 18:48 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-09-26 01:09 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-26 00:21 --------- d-----w C:\Users\amélie\AppData\Roaming\Abvent_Artlantis2
2008-09-25 21:16 --------- d-----w C:\Users\amélie\AppData\Roaming\Abvent
2008-09-25 19:56 --------- d-s---w C:\Users\amélie\AppData\Roaming\Microsoft
2008-09-25 01:31 --------- d-----w C:\Program Files\Microsoft Games
2008-09-25 00:45 --------- d-----w C:\Users\amélie\AppData\Roaming\Opera
2008-09-25 00:31 --------- d-----w C:\Users\amélie\AppData\Roaming\WinRAR
2008-09-24 23:25 --------- d-----w C:\Program Files\Common Files\Adobe
2008-09-24 22:20 --------- d-----w C:\Users\amélie\AppData\Roaming\vlc
2008-09-24 20:35 --------- d-----w C:\Program Files\Windows Live
2008-09-24 19:56 --------- d-----w C:\Program Files\MSBuild
2008-09-24 19:56 --------- d-----w C:\Program Files\Microsoft Works
2008-09-24 12:44 --------- d-----w C:\Users\amélie\AppData\Roaming\Ulead Systems
2008-09-24 12:41 --------- d-----w C:\Users\amélie\AppData\Roaming\InstallShield
2008-09-24 11:15 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-09-24 00:15 0 ----a-w C:\Users\amélie\AppData\Roaming\wklnhst.dat
2008-09-23 22:13 --------- d-----w C:\ProgramData\FLEXnet
2008-09-23 22:02 --------- d-----w C:\Users\amélie\AppData\Roaming\Adobe
2008-09-23 20:38 --------- d-----w C:\Users\amélie\AppData\Roaming\Audacity
2008-09-23 18:41 --------- d-----w C:\Program Files\Graphisoft
2008-09-23 16:41 --------- d-----w C:\Users\amélie\AppData\Roaming\XnView
2008-09-23 15:28 --------- d-----w C:\Users\amélie\AppData\Roaming\Graphisoft
2008-09-21 23:14 --------- d-----w C:\Users\amélie\AppData\Roaming\Packard Bell
2008-09-18 23:31 --------- d-----w C:\Users\amélie\AppData\Roaming\DAEMON Tools
2008-09-18 23:16 --------- d-----w C:\Program Files\QuickTime
2008-09-18 23:15 --------- d-----w C:\ProgramData\Apple Computer
2008-09-16 22:14 --------- d-----w C:\Users\amélie\AppData\Roaming\Skype
2008-09-16 22:00 --------- d-----w C:\Users\amélie\AppData\Roaming\skypePM
2008-09-16 00:59 --------- d-----w C:\Program Files\Common Files\Autodesk Shared
2008-09-16 00:49 --------- d-----w C:\Users\amélie\AppData\Roaming\Autodesk
2008-09-15 23:27 --------- d-----w C:\Users\amélie\AppData\Roaming\Media Player Classic
2008-09-15 23:11 --------- d-----w C:\Program Files\DirectVobSub
2008-09-13 02:55 --------- d-----w C:\Program Files\Java
2008-09-03 14:24 --------- d-----w C:\ProgramData\Adobe Systems
2008-09-03 14:16 --------- d-----w C:\Program Files\Common Files\Adobe Systems Shared
2008-09-02 16:54 --------- d-----w C:\ProgramData\eMule
2008-09-02 16:45 --------- d-----w C:\Program Files\Google
2008-09-02 14:01 --------- d-----w C:\Program Files\Bonjour
2008-09-02 13:57 --------- d-----w C:\Program Files\Common Files\Macrovision Shared
2008-09-02 07:31 --------- d-----w C:\Program Files\Windows Mail
2008-07-31 03:32 460,288 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-07-31 03:32 2,154,496 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-07-31 03:32 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-01-21 02:43 174 --sha-w C:\Program Files\desktop.ini
.

((((((((((((((((((((((((((((( snapshot@2008-10-08_22.17.27.00 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-09-24 19:55:49 248,632 ----a-w C:\Windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
+ 2008-10-08 20:21:38 250,928 ----a-w C:\Windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
- 2008-09-24 19:55:50 781,104 ----a-w C:\Windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
+ 2008-10-09 01:05:16 783,744 ----a-w C:\Windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
- 2008-01-21 02:24:30 69,120 ----a-w C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2008-07-27 18:03:11 69,120 ----a-w C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2008-01-21 02:23:49 72,192 ----a-w C:\Windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2008-07-27 18:03:12 72,192 ----a-w C:\Windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2008-09-24 19:56:24 118,112 ----a-w C:\Windows\assembly\GAC_32\Microsoft.Office.InfoPath.Client.Internal.Host.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.Interop.dll
+ 2008-10-09 01:05:38 120,408 ----a-w C:\Windows\assembly\GAC_32\Microsoft.Office.InfoPath.Client.Internal.Host.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.Interop.dll
- 2008-01-21 02:25:23 151,552 ----a-w C:\Windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-06-20 01:14:31 163,840 ----a-w C:\Windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
- 2008-01-21 02:24:45 4,444,160 ----a-w C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2008-07-27 18:03:13 4,546,560 ----a-w C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2008-01-21 02:25:23 4,174,336 ----a-w C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2008-06-20 01:14:43 4,210,688 ----a-w C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2008-06-20 01:14:45 1,738,760 ----a-w C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\wpfgfx_v0300.dll
- 2008-01-21 02:24:53 483,840 ----a-w C:\Windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2008-07-27 18:03:15 486,400 ----a-w C:\Windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2008-01-21 02:24:42 3,036,160 ----a-w C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2008-07-27 18:03:15 2,933,248 ----a-w C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2008-01-21 02:24:41 258,048 ----a-w C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2008-07-27 18:03:15 258,048 ----a-w C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2008-01-21 02:24:41 113,664 ----a-w C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2008-07-27 18:22:54 113,664 ----a-w C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2008-01-21 02:25:22 346,624 ----a-w C:\Windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2008-06-20 01:14:43 368,640 ----a-w C:\Windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2008-01-21 02:24:20 261,120 ----a-w C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2008-07-27 18:03:15 261,632 ----a-w C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2008-01-21 02:23:49 5,431,296 ----a-w C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2008-07-27 18:03:15 5,238,784 ----a-w C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2008-01-21 02:24:30 10,752 ----a-w C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2008-07-27 18:03:10 10,752 ----a-w C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2008-04-08 01:22:21 315,392 ----a-w C:\Windows\assembly\GAC_MSIL\AspNetMMCExt.resources\2.0.0.0_fr_b03f5f7f11d50a3a\aspnetmmcext.resources.dll
+ 2008-07-27 18:03:10 315,392 ----a-w C:\Windows\assembly\GAC_MSIL\AspNetMMCExt.resources\2.0.0.0_fr_b03f5f7f11d50a3a\aspnetmmcext.resources.dll
- 2008-01-21 02:24:30 507,904 ----a-w C:\Windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2008-07-27 18:03:11 507,904 ----a-w C:\Windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2008-01-21 02:25:23 159,744 ----a-w C:\Windows\assembly\GAC_MSIL\ComSvcConfig\3.0.0.0__b03f5f7f11d50a3a\ComSvcConfig.exe
+ 2008-06-20 01:14:31 168,968 ----a-w C:\Windows\assembly\GAC_MSIL\ComSvcConfig\3.0.0.0__b03f5f7f11d50a3a\ComSvcConfig.exe
- 2008-01-21 02:24:39 13,312 ----a-w C:\Windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2008-07-27 18:03:11 13,312 ----a-w C:\Windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2008-01-21 02:24:27 5,120 ----a-w C:\Windows\assembly\GAC_MSIL\dfsvc\2.0.0.0__b03f5f7f11d50a3a\dfsvc.exe
+ 2008-07-27 18:03:11 5,120 ----a-w C:\Windows\assembly\GAC_MSIL\dfsvc\2.0.0.0__b03f5f7f11d50a3a\dfsvc.exe
- 2008-01-21 02:24:46 8,192 ----a-w C:\Windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2008-07-27 18:03:12 8,192 ----a-w C:\Windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2008-01-21 02:23:44 77,824 ----a-w C:\Windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2008-07-27 18:03:12 77,824 ----a-w C:\Windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2008-01-21 02:24:28 6,656 ----a-w C:\Windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2008-07-27 18:03:12 6,656 ----a-w C:\Windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2008-10-08 21:12:12 12,288 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5.resources\3.5.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.resources.dll
+ 2008-10-08 21:04:24 106,496 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.dll
- 2008-04-08 01:22:14 53,248 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll
+ 2008-07-27 18:03:10 53,248 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll
+ 2008-10-08 21:12:12 69,632 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\3.5.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll
- 2008-01-21 02:23:45 348,160 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2008-07-27 18:03:12 348,160 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2008-10-08 21:04:24 733,184 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2008-01-21 02:24:27 36,864 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2008-07-27 18:03:12 36,864 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2008-10-08 21:04:25 36,864 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2008-04-08 01:22:21 139,264 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Tasks.resources.dll
+ 2008-07-27 18:03:10 139,264 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Tasks.resources.dll
+ 2008-10-08 21:12:12 163,840 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5.resources\3.5.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.resources.dll
+ 2008-10-08 21:04:25 802,816 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.dll
- 2008-01-21 02:24:29 655,360 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2008-07-27 18:03:12 655,360 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2008-04-08 01:22:21 10,752 ----a-w C:\Windows\assembly\GAC_MSIL\microsoft.build.utilities.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Utilities.Resources.dll
+ 2008-07-27 18:03:10 10,752 ----a-w C:\Windows\assembly\GAC_MSIL\microsoft.build.utilities.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Utilities.Resources.dll
+ 2008-10-08 21:12:12 11,776 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5.resources\3.5.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.resources.dll
+ 2008-10-08 21:04:25 94,208 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll
- 2008-01-21 02:24:37 77,824 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2008-07-27 18:03:12 77,824 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2008-04-08 01:22:16 45,056 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Jscript.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.JScript.Resources.dll
+ 2008-07-27 18:03:10 45,056 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Jscript.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.JScript.Resources.dll
- 2008-01-21 02:24:26 749,568 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2008-07-27 18:03:12 749,568 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2008-09-24 19:56:24 609,104 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Client.Internal.Host\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.dll
+ 2008-10-09 01:05:37 611,392 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Client.Internal.Host\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.dll
- 2008-04-08 01:22:05 5,120 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.Dtc.resources\3.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.Resources.dll
+ 2008-07-11 19:39:09 5,120 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.Dtc.resources\3.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.Resources.dll
- 2008-04-08 01:22:14 19,456 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.resources\3.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Resources.dll
+ 2008-07-11 19:39:09 19,456 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.resources\3.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Resources.dll
- 2008-01-21 02:25:24 397,312 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2008-06-20 01:14:31 397,312 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2008-04-08 01:22:20 9,216 ----a-w C:\Windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll
+ 2008-07-27 18:03:10 9,216 ----a-w C:\Windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll
- 2008-01-21 02:23:51 110,592 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-07-27 18:03:12 110,592 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2008-04-08 01:22:14 9,728 ----a-w C:\Windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll
+ 2008-07-27 18:03:10 9,728 ----a-w C:\Windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll
- 2008-01-21 02:24:30 372,736 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2008-07-27 18:03:12 372,736 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2008-04-08 01:22:21 61,440 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
+ 2008-07-27 18:03:10 61,440 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
- 2008-01-21 02:24:10 28,672 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-27 18:03:12 28,672 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2008-01-21 02:23:42 671,744 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2008-07-27 18:03:12 659,456 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2008-10-08 21:04:24 41,984 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll
- 2006-10-20 01:14:05 5,632 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2008-07-27 18:03:12 5,632 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2008-01-21 02:24:58 12,800 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-07-27 18:03:12 12,800 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2008-01-21 02:24:05 32,768 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2008-07-27 18:03:12 32,768 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2006-10-20 01:14:05 7,168 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2008-07-27 18:03:12 7,168 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2008-04-08 01:22:21 311,296 ----a-w C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.Resources.dll
+ 2008-07-27 18:03:10 311,296 ----a-w C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.Resources.dll
- 2008-04-08 01:22:05 57,344 ----a-w C:\Windows\assembly\GAC_MSIL\PresentationBuildTasks.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationBuildTasks.resources.dll
+ 2008-07-11 19:39:10 53,248 ----a-w C:\Windows\assembly\GAC_MSIL\PresentationBuildTasks.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationBuildTasks.resources.dll
- 2008-01-21 02:25:21 602,112 ----a-w C:\Windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
+ 2008-06-20 01:14:42 598,016 ----a-w C:\Windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
- 2008-01-21 02:25:20 32,768 ----a-w C:\Windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
+ 2008-06-20 01:14:44 32,768 ----a-w C:\Windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
- 2008-04-08 01:22:05 110,592 ----a-w C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationCore.resources.dll
+ 2008-07-11 19:39:10 110,592 ----a-w C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationCore.resources.dll
- 2008-01-21 02:25:23 36,864 ----a-w C:\Windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
+ 2008-06-20 01:14:44 46,104 ----a-w C:\Windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
- 2008-01-21 02:25:22 184,320 ----a-w C:\Windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2008-06-20 01:14:43 196,608 ----a-w C:\Windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
- 2008-01-21 02:25:24 131,072 ----a-w C:\Windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2008-06-20 01:14:43 139,264 ----a-w C:\Windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
- 2008-01-21 02:25:22 376,832 ----a-w C:\Windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2008-06-20 01:14:43 397,312 ----a-w C:\Windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
- 2008-04-08 01:22:05 253,952 ----a-w C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationFramework.resources.dll
+ 2008-07-11 19:39:10 245,760 ----a-w C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationFramework.resources.dll
- 2008-01-21 02:25:23 151,552 ----a-w C:\Windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2008-06-20 01:14:43 163,840 ----a-w C:\Windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
- 2008-01-21 02:25:24 5,210,112 ----a-w C:\Windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2008-06-20 01:14:43 5,283,840 ----a-w C:\Windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
- 2008-04-08 01:22:05 372,736 ----a-w C:\Windows\assembly\GAC_MSIL\PresentationUI.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationUI.resources.dll
+ 2008-07-11 19:39:10 372,736 ----a-w C:\Windows\assembly\GAC_MSIL\PresentationUI.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationUI.resources.dll
- 2008-01-21 02:25:21 897,024 ----a-w C:\Windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2008-06-20 01:14:44 864,256 ----a-w C:\Windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
- 2008-04-08 01:22:05 40,960 ----a-w C:\Windows\assembly\GAC_MSIL\ReachFramework.resources\3.0.0.0_fr_31bf3856ad364e35\ReachFramework.resources.dll
+ 2008-07-11 19:39:10 40,960 ----a-w C:\Windows\assembly\GAC_MSIL\ReachFramework.resources\3.0.0.0_fr_31bf3856ad364e35\ReachFramework.resources.dll
- 2008-01-21 02:25:20 528,384 ----a-w C:\Windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2008-06-20 01:14:43 528,384 ----a-w C:\Windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2008-10-08 21:04:27 5,632 ----a-w C:\Windows\assembly\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll
- 2008-01-21 02:25:24 61,440 ----a-w C:\Windows\assembly\GAC_MSIL\ServiceModelReg\3.0.0.0__b03f5f7f11d50a3a\ServiceModelReg.exe
+ 2008-06-20 01:14:31 156,688 ----a-w C:\Windows\assembly\GAC_MSIL\ServiceModelReg\3.0.0.0__b03f5f7f11d50a3a\ServiceModelReg.exe
- 2008-04-08 01:22:05 5,120 ----a-w C:\Windows\assembly\GAC_MSIL\SMDiagnostics.resources\3.0.0.0_fr_b77a5c561934e089\SMDiagnostics.resources.dll
+ 2008-07-11 19:39:09 5,120 ----a-w C:\Windows\assembly\GAC_MSIL\SMDiagnostics.resources\3.0.0.0_fr_b77a5c561934e089\SMDiagnostics.resources.dll
- 2008-01-21 02:25:23 102,400 ----a-w C:\Windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2008-06-20 01:14:31 110,592 ----a-w C:\Windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
- 2008-01-21 02:25:21 122,880 ----a-w C:\Windows\assembly\GAC_MSIL\SMSvcHost\3.0.0.0__b03f5f7f11d50a3a\SMSvcHost.exe
+ 2008-06-20 01:14:31 132,096 ----a-w C:\Windows\assembly\GAC_MSIL\SMSvcHost\3.0.0.0__b03f5f7f11d50a3a\SMSvcHost.exe
- 2008-04-08 01:22:20 10,752 ----a-w C:\Windows\assembly\GAC_MSIL\sysglobl.resources\2.0.0.0_fr_b03f5f7f11d50a3a\sysglobl.resources.dll
+ 2008-07-27 18:03:10 10,752 ----a-w C:\Windows\assembly\GAC_MSIL\sysglobl.resources\2.0.0.0_fr_b03f5f7f11d50a3a\sysglobl.resources.dll
- 2008-01-21 02:24:28 110,592 ----a-w C:\Windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2008-07-27 18:03:14 110,592 ----a-w C:\Windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2008-09-24 19:56:26 47,832 ----a-w C:\Windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2008-10-08 21:04:27 45,056 ----a-w C:\Windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2008-10-08 21:04:27 163,840 ----a-w C:\Windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
+ 2008-10-08 21:12:12 8,192 ----a-w C:\Windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations.resources\3.5.0.0_fr_31bf3856ad364e35\System.ComponentModel.DataAnnotations.Resources.dll
+ 2008-10-08 21:04:31 57,344 ----a-w C:\Windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
- 2008-04-08 01:22:15 28,672 ----a-w C:\Windows\assembly\GAC_MSIL\System.Configuration.Install.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Configuration.Install.Resources.dll
+ 2008-07-27 18:03:10 28,672 ----a-w C:\Windows\assembly\GAC_MSIL\System.Configuration.Install.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Configuration.Install.Resources.dll
- 2008-01-21 02:24:24 81,920 ----a-w C:\Windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2008-07-27 18:03:14 81,920 ----a-w C:\Windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2008-04-08 01:22:15 49,152 ----a-w C:\Windows\assembly\GAC_MSIL\system.configuration.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Configuration.resources.dll
+ 2008-07-27 18:03:10 49,152 ----a-w C:\Windows\assembly\GAC_MSIL\system.configuration.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Configuration.resources.dll
- 2008-01-21 02:24:05 425,984 ----a-w C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2008-07-27 18:03:14 425,984 ----a-w C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2008-10-08 21:12:12 61,440 ----a-w C:\Windows\assembly\GAC_MSIL\System.Core.resources\3.5.0.0_fr_b77a5c561934e089\System.Core.Resources.dll
+ 2008-10-08 21:04:28 667,648 ----a-w C:\Windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
+ 2008-10-08 21:12:12 5,120 ----a-w C:\Windows\assembly\GAC_MSIL\System.Data.DataSetExtensions.resources\3.5.0.0_fr_b77a5c561934e089\System.Data.DataSetExtensions.Resources.dll
+ 2008-10-08 21:04:28 53,248 ----a-w C:\Windows\assembly\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2008-10-08 21:12:12 15,872 ----a-w C:\Windows\assembly\GAC_MSIL\System.Data.Entity.Design.resources\3.5.0.0_fr_b77a5c561934e089\System.Data.Entity.Design.Resources.dll
+ 2008-10-08 21:04:28 229,376 ----a-w C:\Windows\assembly\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll
+ 2008-10-08 21:12:12 409,600 ----a-w C:\Windows\assembly\GAC_MSIL\System.Data.Entity.resources\3.5.0.0_fr_b77a5c561934e089\System.Data.Entity.Resources.dll
+ 2008-10-08 21:04:28 2,879,488 ----a-w C:\Windows\assembly\GAC_MSIL\System.Data.Entity\3.5.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2008-10-08 21:12:11 57,344 ----a-w C:\Windows\assembly\GAC_MSIL\System.Data.Linq.resources\3.5.0.0_fr_b77a5c561934e089\System.Data.Linq.Resources.dll
+ 2008-10-08 21:04:23 684,032 ----a-w C:\Windows\assembly\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll
- 2008-04-08 01:22:22 110,592 ----a-w C:\Windows\assembly\GAC_MSIL\System.Data.OracleClient.resources\2.0.0.0_fr_b77a5c561934e089\System.Data.OracleClient.resources.dll
+ 2008-07-27 18:03:10 110,592 ----a-w C:\Windows\assembly\GAC_MSIL\System.Data.OracleClient.resources\2.0.0.0_fr_b77a5c561934e089\System.Data.OracleClient.resources.dll
- 2008-04-08 01:22:15 344,064 ----a-w C:\Windows\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_fr_b77a5c561934e089\System.Data.Resources.dll
+ 2008-07-27 18:03:10 352,256 ----a-w C:\Windows\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_fr_b77a5c561934e089\System.Data.Resources.dll
+ 2008-10-08 21:12:11 36,864 ----a-w C:\Windows\assembly\GAC_MSIL\System.Data.Services.Client.resources\3.5.0.0_fr_b77a5c561934e089\System.Data.Services.Client.resources.dll
+ 2008-10-08 21:04:23 294,912 ----a-w C:\Windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll
0
Réponse 40 / 68
Amélie
9 oct. 2008 à 16:56
+ 2006-10-26 22:47:42 31,016 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\GROOVEMONITOR.EXE
+ 2006-10-26 22:47:40 22,808 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\GROOVENEW.DLL
+ 2006-10-26 22:48:02 224,048 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\GROOVEPROJECTTOOLSET.DLL
+ 2006-10-27 13:38:04 7,053,096 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\GROOVERESOURCE.DLL
+ 2006-10-26 22:48:42 2,210,608 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\GROOVESHELLEXTENSIONS.DLL
+ 2006-10-26 22:48:18 363,304 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\GROOVESKETCHTOOL.DLL
+ 2006-10-26 22:47:40 16,688 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\GROOVESTDURLLAUNCHER.EXE
+ 2006-10-27 13:37:56 2,738,472 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\GROOVESTORAGEMGR.DLL
+ 2006-10-27 13:37:38 35,112 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\GROOVESYSTEMMODE.DLL
+ 2006-10-26 22:48:02 222,512 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\GROOVESYSTEMSERVICES.DLL
+ 2006-10-27 13:37:50 1,163,048 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\GROOVETEXTTOOLS.DLL
+ 2006-10-27 13:38:00 4,746,536 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\GROOVETRANSCEIVER.DLL
+ 2006-10-27 13:37:54 1,396,008 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\GROOVEUIFRAMEWORK.DLL
+ 2006-10-26 22:48:34 955,680 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\GROOVEUTIL.DLL
+ 2006-10-27 13:37:40 268,080 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\GROOVEWEBBROWSERTOOL2.DLL
+ 2006-10-26 22:48:26 572,216 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\GROOVEWEBPLATFORMSERVICES.DLL
+ 2006-10-27 13:37:48 631,080 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\GROOVEWEBSERVICES.DLL
+ 2006-10-26 18:12:52 173,328 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\IEAWSDC.DLL
+ 2006-10-26 18:55:38 138,024 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\IMPMAIL.DLL
+ 2006-10-27 13:10:08 1,439,032 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\INFOPATH.EXE
+ 2006-10-27 13:10:10 5,456,704 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\IPDESIGN.DLL
+ 2006-10-27 13:10:10 5,281,592 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\IPEDITOR.DLL
+ 2006-10-26 19:42:00 176,976 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\IPOLK.DLL
+ 2008-09-24 19:56:24 609,104 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\IPOMHOST.DLL
+ 2008-09-24 19:56:24 118,112 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\IPOMINT.DLL
+ 2006-10-26 17:55:10 828,704 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\MEDCAT.DLL
+ 2006-10-26 18:55:48 340,248 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\MIMEDIR.DLL
+ 2006-10-27 13:04:08 497,504 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\MORPH9.DLL
+ 2006-10-27 13:01:34 10,371,880 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\MSACCESS.EXE
+ 2006-10-26 19:18:06 66,880 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\MSAEXP30.DLL
+ 2006-10-27 12:59:06 161,080 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\MSOCF.DLL
+ 2006-10-26 17:48:12 14,664 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\MSOCFU.DLL
+ 2006-10-26 18:12:58 428,816 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\MSODCW.DLL
+ 2006-10-26 19:13:36 26,936 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\MSOEURO.DLL
+ 2006-10-26 18:00:08 6,635,320 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\MSORES.DLL
+ 2006-10-26 11:56:36 436,520 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\MSORUN.DLL
+ 2006-10-27 13:04:10 9,581,360 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\MSPUB.EXE
+ 2006-10-26 17:50:04 672,024 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\MSQRY32.EXE
+ 2006-10-26 11:56:40 505,136 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\MSSOAP30.DLL
+ 2006-10-26 17:55:12 832,800 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\MSTORDB.EXE
+ 2006-10-26 17:55:06 538,904 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\MSTORES.DLL
+ 2006-10-26 18:12:30 65,824 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\NAME.DLL
+ 2006-10-26 18:06:54 232,816 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\ODEPLOY.EXE
+ 2006-10-26 18:14:06 7,033,152 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\OFFOWC.DLL
+ 2006-10-26 18:00:08 274,744 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\OIS.EXE
+ 2006-10-26 18:00:12 998,208 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\OISAPP.DLL
+ 2006-10-26 18:00:10 285,008 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\OISGRAPH.DLL
+ 2006-10-27 13:16:46 2,939,704 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\OLMAPI32.DLL
+ 2006-10-26 18:34:12 660,792 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\OMSMAIN.DLL
+ 2006-10-26 18:34:10 192,848 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\OMSXP32.DLL
+ 2006-10-26 18:32:42 604,000 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\ONBTTNIE.DLL
+ 2006-10-27 13:39:36 687,432 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\ONBTTNOL.DLL
+ 2006-10-27 13:03:04 1,018,664 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\ONENOTE.EXE
+ 2006-10-26 18:24:54 98,632 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\ONENOTEM.EXE
+ 2006-10-26 18:24:50 72,504 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\ONFILTER.DLL
+ 2006-10-26 18:24:58 1,165,112 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\ONLIBS.DLL
+ 2006-10-27 13:03:06 6,579,512 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\ONMAIN.DLL
+ 2006-10-26 18:23:00 782,720 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\ONSYNCPC.DLL
+ 2006-10-26 18:07:04 6,536,992 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\OSETUP.DLL
+ 2006-09-15 14:25:18 3,611,416 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\OUTLFLTR.DAT
+ 2006-07-26 16:53:56 459,080 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\OUTLFLTR.DLL
+ 2006-10-27 13:16:44 594,256 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\OUTLMIME.DLL
+ 2006-10-27 13:16:48 12,813,096 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\OUTLOOK.EXE
+ 2006-10-27 13:16:40 176,976 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\OUTLPH.DLL
+ 2006-10-27 13:16:36 46,864 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\OUTLRPC.DLL
+ 2006-10-26 19:30:44 482,088 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\PORTCONN.DLL
+ 2006-10-27 13:04:06 465,200 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\POWERPNT.EXE
+ 2006-10-27 13:04:06 7,980,848 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\PPCORE.DLL
+ 2008-09-24 19:55:49 248,632 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\PPTPIA.DLL
+ 2006-10-26 17:52:10 2,012,480 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\PPTVIEW.EXE
+ 2006-10-26 18:09:36 136,008 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\PRTF9.DLL
+ 2006-10-26 12:05:00 77,144 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\PSOM.DLL
+ 2006-10-26 18:55:54 413,472 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\PSTPRX32.DLL
+ 2006-10-27 13:04:06 624,456 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\PTXT9.DLL
+ 2006-10-26 18:09:44 590,144 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\PUBCONV.DLL
+ 2006-10-26 19:13:38 38,168 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\REFEDIT.DLL
+ 2006-10-26 19:42:12 744,808 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\REGFORM.EXE
+ 2006-10-26 12:04:44 19,784 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\REVERSE.DLL
+ 2006-10-26 18:55:44 263,520 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\SCNPST32.DLL
+ 2006-10-26 18:55:44 272,744 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\SCNPST64.DLL
+ 2006-10-26 18:13:00 503,624 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\SELFCERT.EXE
+ 2006-10-26 18:06:58 439,600 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\SETUP.EXE
+ 2006-10-26 19:18:16 502,608 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\SOA.DLL
+ 2006-07-28 13:21:58 277,320 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\SSGEN.DLL
+ 2006-10-27 12:57:08 2,330,968 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\STSLIST.DLL
+ 2006-10-26 12:04:48 29,976 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\THOCRAPI.DLL
+ 2006-10-26 12:05:04 126,784 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\TWCUTCHR.DLL
+ 2006-10-26 12:05:02 86,840 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\TWCUTLIN.DLL
+ 2006-10-26 12:04:56 58,168 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\TWLAY32.DLL
+ 2006-10-26 12:04:48 27,456 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\TWORIENT.DLL
+ 2006-10-26 12:04:54 51,008 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\TWRECE.DLL
+ 2006-10-26 12:04:44 19,784 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\TWRECS.DLL
+ 2006-10-26 12:04:58 76,624 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\TWSTRUCT.DLL
+ 2006-10-26 21:00:12 1,841,984 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\VVIEWDWG.DLL
+ 2006-10-26 20:58:38 3,732,792 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\VVIEWER.DLL
+ 2006-10-27 13:23:04 347,432 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\WINWORD.EXE
+ 2008-09-24 19:55:50 781,104 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\WORDPIA.DLL
+ 2006-10-27 13:23:08 17,483,560 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\WWLIB.DLL
+ 2006-10-26 12:05:08 1,181,520 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\XIMAGE3B.DLL
+ 2006-10-26 19:17:08 11,072 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\XLCALL32.DLL
+ 2006-10-26 12:05:08 530,760 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.4518\XPAGE3C.DLL
+ 2007-08-24 01:18:18 437,160 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.6215\DWTRIG20.EXE
+ 2007-08-22 23:03:38 1,195,888 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.6215\FM20.DLL
+ 2007-08-28 21:38:10 500,648 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.6215\MORPH9.DLL
+ 2007-08-28 22:52:02 120,704 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.6215\MSCONV97.DLL
+ 2007-08-28 21:38:46 9,584,512 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.6215\MSPUB.EXE
+ 2007-10-05 18:44:24 14,168,600 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.6215\OART.DLL
+ 2007-10-02 17:51:22 8,436,776 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.6215\OARTCONV.DLL
+ 2007-08-24 01:43:28 138,648 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.6215\PRTF9.DLL
+ 2007-08-28 21:39:14 625,560 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.6215\PTXT9.DLL
+ 2007-08-24 01:43:36 593,296 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.6215\PUBCONV.DLL
+ 2007-06-27 18:58:12 2,585,936 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0/u0002119E20000000000000000F01FEC\12.0.6215\VBE6.DLL
- 2008-09-24 19:51:55 217,864 ----a-r C:\Windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
+ 2008-10-09 01:10:15 217,864 ----a-r C:\Windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
- 2008-09-24 19:58:24 1,165,584 ----a-r C:\Windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\accicons.exe
+ 2008-10-09 01:11:27 1,165,584 ----a-r C:\Windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\accicons.exe
- 2008-09-24 19:58:24 20,240 ----a-r C:\Windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-10-09 01:11:27 20,240 ----a-r C:\Windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\cagicon.exe
- 2008-09-24 19:58:24 159,504 ----a-r C:\Windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\inficon.exe
+ 2008-10-09 01:11:27 159,504 ----a-r C:\Windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\inficon.exe
- 2008-09-24 19:58:24 184,080 ----a-r C:\Windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\joticon.exe
+ 2008-10-09 01:11:27 184,080 ----a-r C:\Windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\joticon.exe
- 2008-09-24 19:58:24 217,864 ----a-r C:\Windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\misc.exe
+ 2008-10-09 01:11:27 217,864 ----a-r C:\Windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\misc.exe
- 2008-09-24 19:58:24 18,704 ----a-r C:\Windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-10-09 01:11:27 18,704 ----a-r C:\Windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\mspicons.exe
- 2008-09-24 19:58:25 35,088 ----a-r C:\Windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\oisicon.exe
+ 2008-10-09 01:11:27 35,088 ----a-r C:\Windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-09-24 19:58:24 845,584 ----a-r C:\Windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\outicon.exe
+ 2008-10-09 01:11:27 845,584 ----a-r C:\Windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\outicon.exe
- 2008-09-24 19:58:24 922,384 ----a-r C:\Windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\pptico.exe
+ 2008-10-09 01:11:27 922,384 ----a-r C:\Windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\pptico.exe
- 2008-09-24 19:58:24 272,648 ----a-r C:\Windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\pubs.exe
+ 2008-10-09 01:11:27 272,648 ----a-r C:\Windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\pubs.exe
- 2008-09-24 19:58:25 888,080 ----a-r C:\Windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\wordicon.exe
+ 2008-10-09 01:11:27 888,080 ----a-r C:\Windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\wordicon.exe
- 2008-09-24 19:58:24 1,172,240 ----a-r C:\Windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\xlicons.exe
+ 2008-10-09 01:11:27 1,172,240 ----a-r C:\Windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\xlicons.exe
- 2008-01-21 02:24:41 82,944 ----a-w C:\Windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2008-07-27 18:03:10 82,944 ----a-w C:\Windows\Microsoft.NET\Framework\NETFXSBS10.exe
- 2008-01-21 02:24:53 14,352 ----a-w C:\Windows\Microsoft.NET\Framework\sbs_diasymreader.dll
+ 2008-07-27 18:03:10 14,352 ----a-w C:\Windows\Microsoft.NET\Framework\sbs_diasymreader.dll
- 2008-01-21 02:24:07 14,336 ----a-w C:\Windows\Microsoft.NET\Framework\sbs_iehost.dll
+ 2008-07-27 18:03:10 14,336 ----a-w C:\Windows\Microsoft.NET\Framework\sbs_iehost.dll
- 2008-01-21 02:24:29 14,360 ----a-w C:\Windows\Microsoft.NET\Framework\sbs_microsoft.jscript.dll
+ 2008-07-27 18:03:10 14,360 ----a-w C:\Windows\Microsoft.NET\Framework\sbs_microsoft.jscript.dll
- 2008-01-21 02:24:30 14,904 ----a-w C:\Windows\Microsoft.NET\Framework\sbs_microsoft.vsa.vb.codedomprocessor.dll
+ 2008-07-27 18:03:10 14,904 ----a-w C:\Windows\Microsoft.NET\Framework\sbs_microsoft.vsa.vb.codedomprocessor.dll
- 2008-01-21 02:24:05 14,344 ----a-w C:\Windows\Microsoft.NET\Framework\sbs_mscordbi.dll
+ 2008-07-27 18:03:10 14,344 ----a-w C:\Windows\Microsoft.NET\Framework\sbs_mscordbi.dll
- 2008-01-21 02:24:21 14,344 ----a-w C:\Windows\Microsoft.NET\Framework\sbs_mscorrc.dll
+ 2008-07-27 18:03:10 14,344 ----a-w C:\Windows\Microsoft.NET\Framework\sbs_mscorrc.dll
- 2008-01-21 02:24:53 14,344 ----a-w C:\Windows\Microsoft.NET\Framework\sbs_mscorsec.dll
+ 2008-07-27 18:03:10 14,344 ----a-w C:\Windows\Microsoft.NET\Framework\sbs_mscorsec.dll
- 2008-01-21 02:24:04 14,384 ----a-w C:\Windows\Microsoft.NET\Framework\sbs_system.configuration.install.dll
+ 2008-07-27 18:03:10 14,384 ----a-w C:\Windows\Microsoft.NET\Framework\sbs_system.configuration.install.dll
- 2008-01-21 02:24:56 14,352 ----a-w C:\Windows\Microsoft.NET\Framework\sbs_system.data.dll
+ 2008-07-27 18:03:10 14,352 ----a-w C:\Windows\Microsoft.NET\Framework\sbs_system.data.dll
- 2008-01-21 02:23:54 14,376 ----a-w C:\Windows\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll
+ 2008-07-27 18:03:10 14,376 ----a-w C:\Windows\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll
- 2008-01-21 02:24:21 14,344 ----a-w C:\Windows\Microsoft.NET\Framework\sbs_VsaVb7rt.dll
+ 2008-07-27 18:03:10 14,344 ----a-w C:\Windows\Microsoft.NET\Framework\sbs_VsaVb7rt.dll
- 2008-01-21 02:24:27 14,352 ----a-w C:\Windows\Microsoft.NET\Framework\sbs_wminet_utils.dll
+ 2008-07-27 18:03:10 14,352 ----a-w C:\Windows\Microsoft.NET\Framework\sbs_wminet_utils.dll
- 2008-01-21 02:23:43 16,896 ----a-w C:\Windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2008-07-27 18:03:10 16,896 ----a-w C:\Windows\Microsoft.NET\Framework\sbscmp10.dll
- 2008-01-21 02:24:08 16,896 ----a-w C:\Windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2008-07-27 18:03:10 16,896 ----a-w C:\Windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
- 2008-01-21 02:24:55 16,896 ----a-w C:\Windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2008-07-27 18:03:10 16,896 ----a-w C:\Windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
- 2008-01-21 02:24:20 16,896 ----a-w C:\Windows\Microsoft.NET\Framework\SharedReg12.dll
+ 2008-07-27 18:03:10 16,896 ----a-w C:\Windows\Microsoft.NET\Framework\SharedReg12.dll
- 2008-01-21 02:24:47 97,280 ----a-w C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
+ 2008-07-27 18:03:16 96,768 ----a-w C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
- 2006-10-20 01:13:36 19,456 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2008-07-27 18:03:10 28,672 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
- 2006-10-20 01:13:36 136,192 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
+ 2008-07-27 18:03:10 145,408 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
- 2006-10-20 01:13:37 4,608 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
+ 2008-07-27 18:03:10 13,824 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
- 2006-10-20 01:13:37 183,808 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
+ 2008-07-27 18:03:10 193,016 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
- 2006-10-20 01:13:37 208,896 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
+ 2008-07-27 18:03:10 218,112 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
- 2008-04-08 01:22:20 24,064 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\1036\alinkui.dll
+ 2008-07-27 18:03:10 33,280 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\1036\alinkui.dll
- 2008-04-08 01:22:17 161,280 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\1036\cscompui.dll
+ 2008-07-27 18:03:10 170,496 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\1036\cscompui.dll
- 2008-04-08 01:22:19 5,120 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\1036\CvtResUI.dll
+ 2008-07-27 18:03:10 14,336 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\1036\CvtResUI.dll
- 2008-04-08 01:22:18 216,576 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\1036\vbc7ui.dll
+ 2008-07-27 18:03:10 225,784 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\1036\vbc7ui.dll
- 2008-04-08 01:22:17 245,760 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\1036\Vsavb7rtUI.dll
+ 2008-07-27 18:03:10 254,976 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\1036\Vsavb7rtUI.dll
- 2008-01-21 02:24:30 10,752 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
+ 2008-07-27 18:03:10 10,752 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
- 2008-01-21 02:24:55 147,968 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
+ 2008-07-27 18:03:10 147,968 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
- 2008-01-21 02:24:56 99,320 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
+ 2008-07-27 18:03:10 98,808 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
- 2008-01-21 02:24:20 59,392 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2008-07-27 18:03:11 58,880 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
0

Discussions similaires

j'ai renversé de l'eau sur mon pc portable
sardine -
moudubulbe -

14 réponses
Comment taper l'arobase sur un pc hp ?
kadem -
Tatopoulosse -

5 réponses