Se connecter / S'enregistrer
Votre question

Y'a un probleme ? ! Virus Ou autre !

Tags :
  • Microsoft
  • Sécurité
Dernière réponse : dans Sécurité et virus
22 Décembre 2007 23:22:07

Bonjour j'ai l'impression que j'ai choper plusieur virus ou autre depuis quelque temps
1- Au demmarage de mon Pc sa met met : Fservice.exe est introuvable
2- La session s'ouvre 2m30 apres avoir cliquer


Et voici le raport Hijack pour savoir si j'ai vraiment des problemes !

Logfile of HijackThis v1.99.1
Scan saved at 23:21:36, on 22/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Documents and Settings\Test\CyberServeur\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: PK IE Plugin - {1E1B2879-88FF-11D3-8D96-D7ACAC95951A} - C:\WINDOWS\system32\BPKwb.dll (file missing)
O2 - BHO: &Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [orahssStartup] "C:\Program Files\OrangeHSS\Launcher\Launcher.exe" -appid connectivityapp
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [csrsc] C:\WINDOWS\csrsc.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Windows LSSS Service] C:\Documents and Settings\Test\CyberServeur\svchost.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\RunServices: [Windows Media Player] Config.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Benjamin\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.ca.com/us/securityadvisor/pestscan/pestscan....
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Windows Firewall - Unknown owner - C:\WINDOWS\system32\SVCH0ST.EXE (file missing)

Autres pages sur : probleme virus

23 Décembre 2007 00:22:42

Bonjour


Télécharge Combofix.exe (par sUBs) sur ton Bureau
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Double clique combofix.exe et suis les invites.
Lorsque le scan sera complété, un rapport apparaîtra.

Copie/colle ce rapport dans ta prochaine réponse avec un nouveau HijackThis.
23 Décembre 2007 10:30:08

ComboFix 07-12-21.4 - Test 2007-12-23 10:25:26.5 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.606 [GMT 1:00]
Running from: C:\Documents and Settings\Test\Bureau\Outil puissant de Desinfection\ComboFix.exe
* Created a new restore point
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\ktd32.atm
C:\WINDOWS\system32\reginv.dll
C:\WINDOWS\system32\winkey.dll

.
((((((((((((((((((((((((((((( Fichiers créés 2007-11-23 to 2007-12-23 ))))))))))))))))))))))))))))))))))))
.

2007-12-23 10:22 . 2007-12-23 10:22 <REP> d-------- C:\WINDOWS\LastGood
2007-12-22 23:33 . 2007-12-22 23:33 <REP> d-------- C:\Documents and Settings\Test\Application Data\Avant Profiles
2007-12-22 22:58 . 2007-12-22 22:58 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Infralution
2007-12-22 22:57 . 2007-12-22 22:57 <REP> d-------- C:\Program Files\MSBuild
2007-12-22 22:53 . 2007-12-22 22:58 <REP> d-------- C:\WINDOWS\system32\XPSViewer
2007-12-22 22:53 . 2007-12-22 22:53 <REP> d-------- C:\Program Files\Reference Assemblies
2007-12-22 22:53 . 2006-06-29 13:07 14,048 --------- C:\WINDOWS\system32\spmsg2.dll
2007-12-20 20:14 . 2007-12-20 20:14 <REP> d----c--- C:\MSNFix
2007-12-20 20:13 . 2007-12-20 20:13 283,425 --a------ C:\MSNFix.zip
2007-12-20 18:32 . 2007-12-22 23:35 <REP> d-------- C:\Documents and Settings\Test\CyberServeur
2007-12-20 18:16 . 2007-12-22 23:02 <REP> d-------- C:\Program Files\NeoTracePro
2007-12-20 17:47 . 2007-12-20 17:47 <REP> d-------- C:\Documents and Settings\Test\Application Data\Ethereal
2007-12-20 15:48 . 2006-08-10 20:12 124 --a------ C:\WINDOWS\DORAAH.CFG
2007-12-20 15:48 . 2006-12-04 12:01 51 --a------ C:\WINDOWS\ATTACK.CFG
2007-12-20 15:24 . 2007-12-20 15:24 74,240 --a------ C:\WINDOWS\temp.000
2007-12-18 15:43 . 2007-12-18 15:43 <REP> d-------- C:\Documents and Settings\Test\Application Data\Apple Computer
2007-12-12 16:24 . 2007-12-12 16:24 <REP> d-------- C:\Documents and Settings\Test\Application Data\LOCAL FR a mettre dans le serveur
2007-12-12 13:24 . 2007-12-12 13:24 1,224,235 --a--c--- C:\SDFix.exe
2007-12-11 17:38 . 2007-12-11 19:51 65,621 --a------ C:\WINDOWS\system32\ckl009.dat
2007-12-08 18:17 . 2007-12-08 18:17 <REP> d-------- C:\Program Files\BootXP2
2007-12-08 18:17 . 2004-08-05 13:00 2,150,400 --a------ C:\WINDOWS\system32\LOGOOS.EXE
2007-12-08 18:17 . 2007-12-06 20:56 236 --a--c--- C:\BOOT.BXP
2007-12-08 17:45 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2007-12-08 17:45 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-12-08 17:45 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-12-08 17:45 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-12-08 17:45 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-12-08 16:11 . 2007-12-22 23:08 <REP> d-------- C:\Program Files\Lop SD
2007-12-08 15:18 . 2007-12-08 15:18 <REP> d-------- C:\Documents and Settings\Test\DoctorWeb
2007-12-08 13:12 . 2007-12-08 13:12 <REP> d-------- C:\Program Files\Avira
2007-12-08 13:12 . 2007-12-08 13:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2007-12-08 13:06 . 2007-12-08 13:06 127,417 --a--c--- C:\upload_moi_CyberServeur.tar.gz
2007-12-08 12:52 . 2007-12-08 12:52 <REP> d----c--- C:\VundoFix Backups
2007-12-08 12:23 . 2007-12-08 12:23 162 --a------ C:\WINDOWS\dualxplorer_dualxplorer_0.8.70_francais_14841.INI
2007-12-08 11:47 . 2007-12-08 11:47 <REP> d-------- C:\Program Files\REAL Software
2007-12-08 11:47 . 2007-12-08 11:47 <REP> d-------- C:\Documents and Settings\Test\Application Data\REALbasic 2006
2007-12-08 11:37 . 2007-12-08 11:37 <REP> d-------- C:\WINDOWS\Pacman Come Back
2007-12-08 11:28 . 2007-12-08 11:29 <REP> d-------- C:\WINDOWS\system32\PandoraEngine200408
2007-12-06 17:03 . 2007-12-06 17:04 92 --a------ C:\WINDOWS\kaboom!.ini
2007-12-06 16:49 . 2007-12-08 14:08 <REP> d-------- C:\WINDOWS\system32\win xp
2007-12-05 18:43 . 2007-12-05 18:43 <REP> d-------- C:\Program Files\VirtualDub
2007-12-01 19:35 . 2007-12-01 19:35 <REP> d-------- C:\WINDOWS\Type name of new folder
2007-11-30 10:28 . 2007-11-30 10:28 <REP> d--hs---- C:\found.000
2007-11-29 19:51 . 2007-11-29 19:51 <REP> d--h----- C:\Documents and Settings\All Users\Application Data\{74D61F17-FFC2-41AF-96E5-1DCB0631B6D1}
2007-11-29 19:50 . 2007-11-29 19:51 <REP> d-------- C:\Program Files\Eraser
2007-11-27 17:35 . 2007-11-27 19:41 2,199,280 ---hs---- C:\WINDOWS\system32\njpuadyh.ini
2007-11-26 21:39 . 2007-11-27 17:27 2,111,935 ---hs---- C:\WINDOWS\system32\syciwguu.ini
2007-11-26 19:02 . 2007-11-26 19:42 2,147,884 ---hs---- C:\WINDOWS\system32\jximaqpn.ini
2007-11-26 17:12 . 2007-11-26 18:54 1,828,065 ---hs---- C:\WINDOWS\system32\ycbycumg.ini
2007-11-26 12:52 . 2007-11-26 12:52 <REP> d-------- C:\Documents and Settings\Test\Bureau^sng
2007-11-26 11:45 . 2007-11-26 17:01 1,792,152 ---hs---- C:\WINDOWS\system32\eswvrsok.ini
2007-11-25 20:17 . 2007-11-26 11:34 1,785,919 ---hs---- C:\WINDOWS\system32\rjnhequm.ini
2007-11-25 19:28 . 2007-11-25 20:08 1,787,035 ---hs---- C:\WINDOWS\system32\rxxtuyau.ini
2007-11-25 09:31 . 2007-11-25 19:22 1,788,201 ---hs---- C:\WINDOWS\system32\owevdveb.ini
2007-11-24 20:52 . 2007-11-25 09:20 1,790,623 ---hs---- C:\WINDOWS\system32\itcksljg.ini
2007-11-24 17:06 . 2007-11-24 20:43 1,791,825 ---hs---- C:\WINDOWS\system32\aqrbppdt.ini
2007-11-24 12:27 . 2007-11-24 16:54 1,793,341 ---hs---- C:\WINDOWS\system32\qvoqsxdr.ini
2007-11-24 08:19 . 2007-11-24 12:17 1,879,821 ---hs---- C:\WINDOWS\system32\khuremif.ini
2007-11-23 19:33 . 2007-11-24 08:07 1,541,600 ---hs---- C:\WINDOWS\system32\dgsghykh.ini

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-22 22:02 --------- d-----w C:\Program Files\No-IP
2007-12-22 22:02 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2007-12-22 21:56 --------- d-----w C:\Documents and Settings\Test\Application Data\Hamachi
2007-12-22 13:50 --------- d-----w C:\Documents and Settings\Test\Application Data\FileZilla
2007-12-20 19:38 --------- d-----w C:\Program Files\Shareaza
2007-12-20 14:25 344,576 ----a-w C:\WINDOWS\system32\Sesam v2.5.exe
2007-12-20 14:24 253,952 ------w C:\WINDOWS\Setup1.exe
2007-12-17 18:47 25,280 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys
2007-12-10 17:54 3,146,183 ----a-w C:\WINDOWS\win_habbo_screensaver.SCR
2007-12-08 12:58 --------- d-----w C:\Program Files\Navilog1
2007-12-05 17:03 --------- d-----w C:\Program Files\CamStudio
2007-11-28 14:46 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2007-11-27 19:25 --------- d-----w C:\Documents and Settings\Test\Application Data\vmntoolbar
2007-11-19 17:36 --------- d-----w C:\Documents and Settings\Didier\Application Data\VMNTOOLBAR
2007-11-19 12:02 --------- d-----w C:\Program Files\FileZilla Client
2007-11-19 11:58 --------- d-----w C:\Program Files\TransSoft Ltd
2007-11-17 12:04 --------- d-----w C:\Program Files\Visicom Media
2007-11-17 12:04 --------- d-----w C:\Documents and Settings\Test\Application Data\Sites
2007-11-17 12:04 --------- d-----w C:\Documents and Settings\Test\Application Data\Classes de site
2007-11-17 12:03 --------- d-----w C:\Documents and Settings\Test\Application Data\Dynamique
2007-11-17 10:23 --------- d-----w C:\Program Files\Opera
2007-11-16 18:02 --------- d-----w C:\Documents and Settings\Test\Application Data\iScreensaver
2007-11-13 18:58 --------- d-----w C:\Program Files\Micro Application
2007-11-13 18:41 --------- d-----w C:\Program Files\NCH Swift Sound
2007-11-13 18:33 --------- d-----w C:\Documents and Settings\Session de Test\Application Data\Hamachi
2007-11-08 09:55 --------- d-----w C:\Program Files\FlashFXP
2007-11-08 09:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\FlashFXP
2007-11-08 08:25 --------- d-----w C:\Documents and Settings\Test\Application Data\CoreFTP
2007-11-04 12:12 --------- d-----w C:\Documents and Settings\Didier\Application Data\CoreFTP
2007-10-28 13:09 --------- d-----w C:\Program Files\NCH Software
2007-10-28 11:42 --------- d-----w C:\Documents and Settings\Test\Application Data\NCH Swift Sound
2007-10-26 20:57 73,216 ------w C:\WINDOWS\ST6UNST.EXE
2007-10-26 20:57 --------- d-----w C:\Program Files\CursorXP
2007-10-26 20:22 44,544 ----a-w C:\WINDOWS\AWuninstall.exe
2007-10-26 20:14 --------- d-----w C:\Program Files\DebugMode
2007-10-26 20:06 --------- d-----w C:\Program Files\Pure Motion
2007-10-26 20:05 --------- d-----w C:\Program Files\Sonic Foundry
2007-10-26 17:44 --------- d-----w C:\Program Files\SAMSUNG
2007-10-24 14:06 --------- d-----w C:\Documents and Settings\Test\Application Data\Image Zone Express
2007-10-24 13:33 --------- d-----w C:\Documents and Settings\Test\Application Data\HP
2007-10-17 19:33 71,326 -c--a-w C:\WINDOWS\BricoPackUninst.cmd
2007-10-17 19:33 5,319 ----a-w C:\WINDOWS\BricoPackFoldersDelete.cmd
2007-10-15 15:09 44,922 ----a-w C:\WINDOWS\system32\IKatzuUninstall.exe
2007-10-15 15:09 421,888 ----a-w C:\WINDOWS\system32\bkinohjs.dll
2007-10-15 15:09 24,576 ----a-w C:\WINDOWS\system32\msxml3a.dll
2004-04-20 21:05 98,304 --sha-r C:\WINDOWS\archive.exe
2005-04-04 08:49 1,171,456 --sha-r C:\WINDOWS\Barmaja 2.7.9.exe
2007-09-03 15:19 0 --sha-w C:\WINDOWS\Win.com
2007-09-03 15:18 169,295 --sha-w C:\WINDOWS\system32\tgr32thb.dll
.

((((((((((((((((((((((((((((( snapshot_2007-12-19_20.54.24,51 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-12-22 21:51:12 68,608 ----a-w C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2007-12-22 21:51:14 72,192 ----a-w C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2007-12-22 21:53:22 151,552 ----a-w C:\WINDOWS\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2007-12-22 21:51:14 4,308,992 ----a-w C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2007-12-22 21:53:42 3,915,776 ----a-w C:\WINDOWS\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2007-12-22 21:51:14 482,304 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2007-12-22 21:51:13 2,878,976 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2007-12-22 21:51:11 258,048 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2007-12-22 21:51:11 114,176 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2007-12-22 21:53:42 344,064 ----a-w C:\WINDOWS\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2007-12-22 21:51:15 260,096 ----a-w C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2007-12-22 21:51:12 5,025,792 ----a-w C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2007-12-22 21:51:12 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2007-12-22 21:58:56 315,392 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt.resources\2.0.0.0_fr_b03f5f7f11d50a3a\aspnetmmcext.resources.dll
+ 2007-12-22 21:51:10 503,808 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2007-12-22 21:51:11 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2007-12-22 21:51:14 8,192 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2007-12-22 21:51:14 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2007-12-22 21:51:14 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2007-12-22 21:58:59 53,248 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll
+ 2007-12-22 21:51:11 413,696 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2007-12-22 21:51:11 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2007-12-22 21:58:59 139,264 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Tasks.resources.dll
+ 2007-12-22 21:51:11 647,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2007-12-22 21:58:59 10,240 ----a-w C:\WINDOWS\assembly\GAC_MSIL\microsoft.build.utilities.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Utilities.Resources.dll
+ 2007-12-22 21:51:11 73,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2007-12-22 21:58:57 45,056 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Jscript.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.JScript.Resources.dll
+ 2007-12-22 21:51:11 745,472 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2007-12-22 21:58:33 5,120 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.Dtc.resources\3.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.Resources.dll
+ 2007-12-22 21:58:33 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.resources\3.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Resources.dll
+ 2007-12-22 21:53:21 352,256 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2007-12-22 21:59:01 9,216 ----a-w C:\WINDOWS\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll
+ 2007-12-22 21:51:16 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2007-12-22 21:59:01 9,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll
+ 2007-12-22 21:51:16 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2007-12-22 21:59:01 61,440 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
+ 2007-12-22 21:51:09 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2007-12-22 21:51:16 667,648 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2007-12-22 21:51:16 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2007-12-22 21:51:10 12,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2007-12-22 21:51:10 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2007-12-22 21:51:10 7,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2007-12-22 21:59:00 311,296 ----a-w C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.Resources.dll
+ 2007-12-22 21:58:28 57,344 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationBuildTasks.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationBuildTasks.resources.dll
+ 2007-12-22 21:53:41 593,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
+ 2007-12-22 21:53:41 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
+ 2007-12-22 21:58:28 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationCore.resources.dll
+ 2007-12-22 21:53:42 184,320 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2007-12-22 21:53:42 126,976 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2007-12-22 21:53:42 376,832 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2007-12-22 21:58:28 253,952 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationFramework.resources.dll
+ 2007-12-22 21:53:42 151,552 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2007-12-22 21:53:42 4,972,544 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2007-12-22 21:58:28 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationUI.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationUI.resources.dll
+ 2007-12-22 21:53:42 897,024 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2007-12-22 21:58:28 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\ReachFramework.resources\3.0.0.0_fr_31bf3856ad364e35\ReachFramework.resources.dll
+ 2007-12-22 21:53:42 528,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2007-12-22 21:58:33 5,120 ----a-w C:\WINDOWS\assembly\GAC_MSIL\SMDiagnostics.resources\3.0.0.0_fr_b77a5c561934e089\SMDiagnostics.resources.dll
+ 2007-12-22 21:53:22 94,208 ----a-w C:\WINDOWS\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2007-12-22 21:59:01 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl.resources\2.0.0.0_fr_b03f5f7f11d50a3a\sysglobl.resources.dll
+ 2007-12-22 21:51:15 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2007-12-22 21:59:00 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Configuration.Install.Resources.dll
+ 2007-12-22 21:51:12 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2007-12-22 21:59:01 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\system.configuration.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Configuration.resources.dll
+ 2007-12-22 21:51:15 389,120 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2007-12-22 21:59:00 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.OracleClient.resources\2.0.0.0_fr_b77a5c561934e089\System.Data.OracleClient.resources.dll
+ 2007-12-22 21:58:59 335,872 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_fr_b77a5c561934e089\System.Data.Resources.dll
+ 2007-12-22 21:59:00 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml.resources\2.0.0.0_fr_b77a5c561934e089\system.data.sqlxml.resources.dll
+ 2007-12-22 21:51:14 716,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2007-12-22 21:58:57 385,024 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Deployment.resources.dll
+ 2007-12-22 21:51:11 884,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2007-12-22 21:58:59 544,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Design.Resources.dll
+ 2007-12-22 21:51:13 5,050,368 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2007-12-22 21:58:58 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.DirectoryServices.Protocols.resources.dll
+ 2007-12-22 21:51:12 188,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2007-12-22 21:58:58 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.DirectoryServices.Resources.dll
+ 2007-12-22 21:51:12 397,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2007-12-22 21:59:00 6,144 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Drawing.Design.Resources.dll
+ 2007-12-22 21:51:12 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2007-12-22 21:58:59 15,360 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Drawing.Resources.dll
+ 2007-12-22 21:51:15 700,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2007-12-22 21:58:58 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.EnterpriseServices.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.EnterpriseServices.Resources.dll
+ 2007-12-22 21:58:33 65,536 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.IdentityModel.resources\3.0.0.0_fr_b77a5c561934e089\System.IdentityModel.Resources.dll
+ 2007-12-22 21:58:33 53,248 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.IdentityModel.Selectors.resources\3.0.0.0_fr_b77a5c561934e089\System.IdentityModel.Selectors.Resources.dll
+ 2007-12-22 21:53:22 126,976 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2007-12-22 21:53:22 401,408 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2007-12-22 21:58:33 12,288 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.IO.Log.resources\3.0.0.0_fr_b03f5f7f11d50a3a\System.IO.Log.Resources.dll
+ 2007-12-22 21:53:22 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2007-12-22 21:59:00 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Management.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Management.Resources.dll
+ 2007-12-22 21:51:14 368,640 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2007-12-22 21:58:59 61,440 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Messaging.Resources.dll
+ 2007-12-22 21:51:15 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2007-12-22 21:58:28 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Printing.resources\3.0.0.0_fr_31bf3856ad364e35\System.Printing.resources.dll
+ 2007-12-22 21:58:59 212,992 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.resources\2.0.0.0_fr_b77a5c561934e089\system.Resources.dll
+ 2007-12-22 21:59:00 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_fr_b77a5c561934e089\System.Runtime.Remoting.Resources.dll
+ 2007-12-22 21:51:15 299,008 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2007-12-22 21:59:00 11,776 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
+ 2007-12-22 21:51:15 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2007-12-22 21:58:33 94,208 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_fr_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
+ 2007-12-22 21:53:22 884,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2007-12-22 21:58:58 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Security.Resources.dll
+ 2007-12-22 21:51:12 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2007-12-22 21:58:33 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel.Install.resources\3.0.0.0_fr_b77a5c561934e089\System.ServiceModel.Install.Resources.dll
+ 2007-12-22 21:53:23 159,744 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll
+ 2007-12-22 21:58:33 475,136 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_fr_b77a5c561934e089\System.ServiceModel.Resources.dll
+ 2007-12-22 21:53:23 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2007-12-22 21:53:22 5,623,808 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2007-12-22 21:58:58 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.ServiceProcess.Resources.dll
+ 2007-12-22 21:51:12 114,688 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2007-12-22 21:58:28 65,536 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Speech.resources\3.0.0.0_fr_31bf3856ad364e35\System.Speech.resources.dll
+ 2007-12-22 21:53:42 688,128 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2007-12-22 21:59:01 16,896 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Transactions.resources\2.0.0.0_fr_b77a5c561934e089\System.Transactions.resources.dll
+ 2007-12-22 21:59:01 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Web.Mobile.resources.dll
+ 2007-12-22 21:51:15 835,584 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2007-12-22 21:51:13 86,016 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2007-12-22 21:58:58 610,304 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Web.Resources.dll
+ 2007-12-22 21:58:58 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Web.Services.Resources.dll
+ 2007-12-22 21:51:13 823,296 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2007-12-22 21:58:59 430,080 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_fr_b77a5c561934e089\System.Windows.Forms.Resources.dll
+ 2007-12-22 21:51:13 5,316,608 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2007-12-22 21:58:37 191,304 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Workflow.Activities.resources\3.0.0.0_fr_31bf3856ad364e35\System.Workflow.Activities.resources.dll
+ 2007-12-22 21:57:39 1,108,784 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
+ 2007-12-22 21:58:37 318,288 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Workflow.ComponentModel.resources\3.0.0.0_fr_31bf3856ad364e35\System.Workflow.ComponentModel.resources.dll
+ 2007-12-22 21:57:40 1,641,272 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
+ 2007-12-22 21:58:37 43,840 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Workflow.Runtime.resources\3.0.0.0_fr_31bf3856ad364e35\System.Workflow.Runtime.resources.dll
+ 2007-12-22 21:57:40 588,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
+ 2007-12-22 21:58:59 167,936 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.XML.resources\2.0.0.0_fr_b77a5c561934e089\System.xml.Resources.dll
+ 2007-12-22 21:51:13 2,035,712 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2007-12-22 21:51:15 3,018,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2007-12-22 21:58:28 9,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\UIAutomationClient.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationClient.resources.dll
+ 2007-12-22 21:53:42 163,840 ----a-w C:\WINDOWS\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2007-12-22 21:58:28 10,240 ----a-w C:\WINDOWS\assembly\GAC_MSIL\UIAutomationClientsideProviders.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationClientsideProviders.resources.dll
+ 2007-12-22 21:53:42 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2007-12-22 21:58:28 4,096 ----a-w C:\WINDOWS\assembly\GAC_MSIL\UIAutomationProvider.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationProvider.resources.dll
+ 2007-12-22 21:53:42 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2007-12-22 21:58:28 7,680 ----a-w C:\WINDOWS\assembly\GAC_MSIL\UIAutomationTypes.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationTypes.resources.dll
+ 2007-12-22 21:53:42 86,016 ----a-w C:\WINDOWS\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2007-12-22 21:58:28 90,112 ----a-w C:\WINDOWS\assembly\GAC_MSIL\WindowsBase.resources\3.0.0.0_fr_31bf3856ad364e35\WindowsBase.resources.dll
+ 2007-12-22 21:53:41 1,167,360 ----a-w C:\WINDOWS\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2007-12-22 21:58:28 5,120 ----a-w C:\WINDOWS\assembly\GAC_MSIL\WindowsFormsIntegration.resources\3.0.0.0_fr_31bf3856ad364e35\WindowsFormsIntegration.resources.dll
+ 2007-12-22 21:53:42 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2007-12-22 21:54:40 26,624 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\23e2588b6b107d40a8df6b55bddf7dec\Accessibility.ni.dll
+ 2007-12-22 21:57:55 81,920 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\55a0200e6c1f674f93b6f486e7fc8c67\Microsoft.Build.Framework.ni.dll
+ 2007-12-22 21:57:57 1,691,648 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\f67aed082d272e48bdb499393569ad86\Microsoft.Build.Tasks.ni.dll
+ 2007-12-22 21:57:54 163,840 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\49cf8937c28ed04da98c8f06aba10f2c\Microsoft.Build.Utilities.ni.dll
+ 2007-12-22 21:54:10 17,920 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\9cc15126fac4fc49a96a422a8710ce30\Microsoft.VisualC.ni.dll
+ 2007-12-22 21:51:42 11,411,456 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e0cd2baa04894e44b2d711e1ed3ad1ab\mscorlib.ni.dll
+ 2007-12-22 21:55:41 40,448 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\3759ffec8ce45941bc7bc35a39751c7a\PresentationCFFRasterizer.ni.dll
+ 2007-12-22 21:55:40 12,038,144 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\2a179969effdee468a75095529c291c8\PresentationCore.ni.dll
+ 2007-12-22 21:57:31 49,152 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\13c8b4d45138fb4a8127ebdb24c14fbb\PresentationFontCache.ni.exe
+ 2007-12-22 21:57:07 14,643,200 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\34b47d734b9e0a428183486c36f7f16d\PresentationFramework.ni.dll
+ 2007-12-22 21:57:28 266,240 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\41e334203433684a83728ca90b92c905\PresentationFramework.Royale.ni.dll
+ 2007-12-22 21:57:30 393,216 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\55225d2a97923e4e98faa3369eb933bd\PresentationFramework.Aero.ni.dll
+ 2007-12-22 21:57:28 548,864 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d2ab17a1d2f7bd48b28c925a36bd5c8e\PresentationFramework.Luna.ni.dll
+ 2007-12-22 21:57:27 204,800 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ef34d6083b59264389abc42f5e7bf7a5\PresentationFramework.Classic.ni.dll
+ 2007-12-22 21:57:13 1,757,184 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationUI\e1b9ede92b1c944aacbe07fb0ae75117\PresentationUI.ni.dll
+ 2007-12-22 21:57:22 2,338,816 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\ReachFramework\e7d7bac23c8060498e9fef2753b650ed\ReachFramework.ni.dll
+ 2007-12-22 21:54:47 167,936 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\75e7680a7fad784eb71dd52106893d7a\System.Configuration.Install.ni.dll
+ 2007-12-22 21:54:03 962,560 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\c5dd9c9c4046d549a068fe7cbc43533f\System.Configuration.ni.dll
+ 2007-12-22 21:54:45 1,183,744 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\0da0cb709ca9294184eb2a2a998e8108\System.Data.OracleClient.ni.dll
+ 2007-12-22 21:54:08 2,703,360 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\1dd2c6d8e0f1aa41a650fb6d9c871ec9\System.Data.SqlXml.ni.dll
+ 2007-12-22 21:52:39 6,688,768 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\9add8dc139609f4381aa73dcbeccf9c0\System.Data.ni.dll
+ 2007-12-22 21:54:43 1,712,128 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\c1a19ae9f5709d4a94b274f0a7c96acd\System.Deployment.ni.dll
+ 2007-12-22 21:52:55 10,723,328 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Design\983303d88bcc0149a067ee99717f7f19\System.Design.ni.dll
+ 2007-12-22 21:54:14 1,220,608 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\67bb167b7774fb4c8f0b18bade7efd19\System.DirectoryServices.ni.dll
+ 2007-12-22 21:54:46 512,000 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\eb9a58fba235a54293e80add0c1c6002\System.DirectoryServices.Protocols.ni.dll
+ 2007-12-22 21:51:58 229,376 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\75c7653b77a67d4f96d68ac941ee092d\System.Drawing.Design.ni.dll
+ 2007-12-22 21:52:01 1,626,112 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\5a9417384340fe41b94ccf69351fadd9\System.Drawing.ni.dll
+ 2007-12-22 21:54:12 659,456 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\23794715e1f2564daa6edb35f0ae0970\System.EnterpriseServices.ni.dll
+ 2007-12-22 21:54:12 294,912 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\23794715e1f2564daa6edb35f0ae0970\System.EnterpriseServices.Wrapper.dll
+ 2007-12-22 21:58:02 655,360 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Messaging\ebc61caa2464714a989999adc841092a\System.Messaging.ni.dll
+ 2007-12-22 21:57:25 1,052,672 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Printing\4269b446ade19d4c92ac87d4358196a7\System.Printing.ni.dll
+ 2007-12-22 21:54:16 815,104 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\73094d59cf0edb43b5236774d60d6209\System.Runtime.Remoting.ni.dll
+ 2007-12-22 21:54:41 339,968 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\3f7ae0cd60711743a3e74aad4401aceb\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2007-12-22 21:54:10 729,088 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\b5c1bd88b2940d47a07692275cb84d68\System.Security.ni.dll
+ 2007-12-22 21:54:47 233,472 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\227039afedfc4b4fa707e6cd675cd2e2\System.ServiceProcess.ni.dll
+ 2007-12-22 21:54:11 684,032 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\16ace182e3f43746a7c92b0a5ecb1fa8\System.Transactions.ni.dll
+ 2007-12-22 21:54:45 237,568 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\0424d645e5f3de46bca990fd0042d360\System.Web.RegularExpressions.ni.dll
+ 2007-12-22 21:54:40 1,945,600 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\f0351e1ea7b54b4a9131e48a017cdbe9\System.Web.Services.ni.dll
+ 2007-12-22 21:54:36 11,808,768 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\8f62e1d9a9b6784baa32f2874b73459d\System.Web.ni.dll
+ 2007-12-22 21:52:20 13,107,200 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\545776bb1ca76347a9e908559ddedeae\System.Windows.Forms.ni.dll
+ 2007-12-22 21:57:46 2,965,504 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\14f87e2c023d254dbe14438f17bf05ec\System.Workflow.Activities.ni.dll
+ 2007-12-22 21:57:54 4,599,808 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\c12d4eb6cbea7542adfc904c7f9112cd\System.Workflow.ComponentModel.ni.dll
+ 2007-12-22 21:58:01 2,064,384 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\48203a3f1573ff4e99baf74dce952a60\System.Workflow.Runtime.ni.dll
+ 2007-12-22 21:52:28 5,640,192 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\e116c70b712b664d9aa28f3d6c8c25db\System.Xml.ni.dll
+ 2007-12-22 21:51:57 8,093,696 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\b0f9da677ec4fb41a9030412a3829f10\System.ni.dll
+ 2007-12-22 21:55:41 51,200 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\dcfa047564f5ff42a661e19df272d963\UIAutomationProvider.ni.dll
+ 2007-12-22 21:55:41 196,608 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\e2eb4c52a1bbaa4d9544915964a30ba0\UIAutomationTypes.ni.dll
+ 2007-12-22 21:54:01 3,289,088 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\0bebb9fd97129f43a01a27f757e29cb5\WindowsBase.ni.dll
- 2007-09-17 15:57:37 102,400 ----a-r C:\WINDOWS\Installer\{3592F5CB-B524-43AA-92F2-2377268199CC}\iTunesIco.exe
+ 2007-12-20 15:15:56 102,400 ----a-r C:\WINDOWS\Installer\{3592F5CB-B524-43AA-92F2-2377268199CC}\iTunesIco.exe
- 2003-02-20 18:09:46 57,344 ----a-w C:\WINDOWS\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2005-09-23 06:28:52 72,704 ----a-w C:\WINDOWS\Microsoft.NET\Framework\NETFXSBS10.exe
- 2003-02-20 18:09:32 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp10.dll
+ 2005-09-23 06:28:52 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp10.dll
+ 2005-09-23 06:28:56 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2005-09-23 06:28:58 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2005-09-23 06:28:56 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\SharedReg12.dll
- 2003-02-20 17:43:50 131,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
+ 2005-09-23 06:28:52 86,528 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
+ 2005-09-23 06:28:36 18,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2005-09-23 06:28:42 136,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
+ 2005-09-23 06:28:44 4,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
+ 2005-09-23 06:29:04 183,808 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
+ 2005-09-23 06:28:28 208,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
+ 2005-12-23 07:59:08 24,064 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1036\alinkui.dll
+ 2005-12-23 07:59:10 161,280 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1036\cscompui.dll
+ 2005-12-23 07:59:10 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1036\CvtResUI.dll
+ 2005-12-23 07:59:16 216,576 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1036\vbc7ui.dll
+ 2005-12-23 07:59:06 245,760 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1036\Vsavb7rtUI.dll
+ 2005-09-23 06:28:56 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
+ 2005-09-23 06:28:58 138,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
+ 2005-09-23 06:28:36 87,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll
+ 2005-09-23 06:28:58 55,488 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2005-09-23 06:28:32 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2005-09-23 06:28:32 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
+ 2005-09-23 06:28:32 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
+ 2005-09-23 06:28:32 23,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2005-09-23 06:28:32 70,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2005-09-23 06:28:32 13,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
+ 2005-09-23 06:28:32 26,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
+ 2005-09-23 06:28:32 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2005-09-23 06:28:32 29,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2005-09-23 06:28:32 29,888 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2005-09-23 06:28:32 503,808 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
+ 2005-09-23 06:28:56 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2005-09-23 06:28:56 88,576 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2005-09-23 06:28:42 76,984 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2005-09-23 06:28:42 1,144,832 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
+ 2005-09-23 06:28:42 13,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
+ 2005-09-23 06:28:58 17,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll
+ 2005-09-23 06:28:56 68,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
+ 2005-09-23 06:28:44 31,936 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
+ 2005-09-23 06:28:38 52,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
+ 2005-09-23 06:28:38 4,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2005-09-23 06:29:12 547,840 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
+ 2005-09-23 06:28:56 788,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
+ 2005-12-23 07:59:06 8,704 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\aspnet_compiler.resources.dll
+ 2005-12-23 07:59:06 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\aspnet_rc.dll
+ 2005-12-23 07:59:06 5,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\aspnet_regbrowsers.resources.dll
+ 2005-12-23 07:59:06 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\aspnet_regsql.resources.dll
+ 2005-12-23 07:59:06 315,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\aspnetmmcext.resources.dll
+ 2005-12-23 07:59:14 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\caspol.resources.dll
+ 2005-12-23 07:59:14 4,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\InstallUtil.resources.dll
+ 2005-12-23 07:59:12 7,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\JSC.Resources.dll
+ 2005-12-23 07:59:14 53,248 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\Microsoft.Build.Engine.resources.dll
+ 2005-12-23 07:59:14 139,264 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\Microsoft.Build.Tasks.resources.dll
+ 2005-12-23 07:59:14 10,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\Microsoft.Build.Utilities.Resources.dll
+ 2005-12-23 07:59:12 45,056 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\Microsoft.JScript.Resources.dll
+ 2005-12-23 07:59:16 61,440 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\Microsoft.VisualBasic.resources.dll
+ 2005-12-23 07:59:14 13,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\MSBuild.resources.dll
+ 2005-12-23 07:59:14 311,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\mscorlib.Resources.dll
+ 2005-12-23 07:59:14 404,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\mscorrc.dll
+ 2005-12-23 07:59:14 11,264 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\Regasm.resources.dll
+ 2005-12-23 07:59:14 86,528 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\ShFusRes.dll
+ 2005-12-23 07:59:14 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\sysglobl.resources.dll
+ 2005-12-23 07:59:14 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\System.Configuration.Install.Resources.dll
+ 2005-12-23 07:59:14 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\System.Configuration.resources.dll
+ 2005-12-23 07:59:14 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\System.Data.OracleClient.resources.dll
+ 2005-12-23 07:59:14 335,872 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\System.Data.Resources.dll
+ 2005-12-23 07:59:14 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\system.data.sqlxml.resources.dll
+ 2005-12-23 07:59:08 385,024 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\System.Deployment.resources.dll
+ 2005-12-23 07:59:14 544,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\System.Design.Resources.dll
+ 2005-12-23 07:59:14 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\System.DirectoryServices.Protocols.resources.dll
+ 2005-12-23 07:59:14 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\System.DirectoryServices.Resources.dll
+ 2005-12-23 07:59:14 6,144 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\System.Drawing.Design.Resources.dll
+ 2005-12-23 07:59:14 15,360 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\System.Drawing.Resources.dll
+ 2005-12-23 07:59:14 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\System.EnterpriseServices.Resources.dll
+ 2005-12-23 07:59:14 13,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\System.Management.Resources.dll
+ 2005-12-23 07:59:14 61,440 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\System.Messaging.Resources.dll
+ 2005-12-23 07:59:14 212,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\system.Resources.dll
+ 2005-12-23 07:59:14 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\System.Runtime.Remoting.Resources.dll
+ 2005-12-23 07:59:14 11,776 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\System.Runtime.Serialization.Formatters.Soap.Resources.dll
+ 2005-12-23 07:59:14 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\System.Security.Resources.dll
+ 2005-12-23 07:59:14 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\System.ServiceProcess.Resources.dll
+ 2005-12-23 07:59:14 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\System.Transactions.resources.dll
+ 2005-12-23 07:59:14 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\System.Web.Mobile.resources.dll
+ 2005-12-23 07:59:14 610,304 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\System.Web.Resources.dll
+ 2005-12-23 07:59:14 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\System.Web.Services.Resources.dll
+ 2005-12-23 07:59:14 430,080 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\System.Windows.Forms.Resources.dll
+ 2005-12-23 07:59:14 167,936 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fr\System.xml.Resources.dll
+ 2005-09-23 06:28:50 9,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll
+ 2005-12-23 07:59:18 9,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\GAC\fr\Microsoft.VisualBasic.Compatibility.Data.resources.dll
+ 2005-12-23 07:59:18 9,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\GAC\fr\Microsoft.VisualBasic.Compatibility.resources.dll
+ 2005-09-23 06:28:56 9,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2005-09-23 06:28:56 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
+ 2005-09-23 06:28:56 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
+ 2005-09-23 06:28:56 5,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
+ 2005-09-23 06:28:56 224,952 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2005-09-23 06:28:56 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
+ 2005-09-23 06:28:56 55,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
+ 2005-09-23 06:28:56 72,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
+ 2005-09-23 06:28:48 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\jsc.exe
+ 2007-12-22 21:58:50 609,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
+ 2007-12-22 21:58:50 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.res.1036.dll
+ 2007-12-22 21:58:51 245,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\unicows.dll
+ 2007-12-22 21:50:36 609,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
+ 2007-12-22 21:50:36 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1025.dll
+ 2007-12-22 21:50:36 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1028.dll
+ 2007-12-22 21:50:36 82,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1029.dll
+ 2007-12-22 21:50:36 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1030.dll
+ 2007-12-22 21:50:36 85,504 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1031.dll
+ 2007-12-22 21:50:36 87,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1032.dll
+ 2007-12-22 21:50:36 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1033.dll
+ 2007-12-22 21:50:36 81,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1035.dll
+ 2007-12-22 21:50:36 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1036.dll
+ 2007-12-22 21:50:36 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1037.dll
+ 2007-12-22 21:50:36 83,968 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1038.dll
+ 2007-12-22 21:50:36 84,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1040.dll
+ 2007-12-22 21:50:36 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1041.dll
+ 2007-12-22 21:50:36 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1042.dll
+ 2007-12-22 21:50:36 83,456 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1043.dll
+ 2007-12-22 21:50:36 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1044.dll
+ 2007-12-22 21:50:36 83,456 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1045.dll
+ 2007-12-22 21:50:36 82,432 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1046.dll
+ 2007-12-22 21:50:36 82,432 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1049.dll
+ 2007-12-22 21:50:36 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1053.dll
+ 2007-12-22 21:50:36 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1055.dll
+ 2007-12-22 21:50:36 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.2052.dll
+ 2007-12-22 21:50:36 84,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.2070.dll
+ 2007-12-22 21:50:36 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.3076.dll
+ 2007-12-22 21:50:36 85,504 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.3082.dll
+ 2007-12-22 21:50:37 245,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\unicows.dll
+ 2005-09-23 06:28:48 413,696 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2005-09-23 06:28:48 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
+ 2005-09-23 06:28:48 647,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2005-09-23 06:28:48 73,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
+ 2005-09-23 06:28:48 745,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2005-09-23 06:29:10 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2005-09-23 06:29:10 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
+ 2005-09-23 06:29:08 667,648 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
+ 2005-09-23 06:28:30 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2005-09-23 06:29:10 5,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
+ 2005-09-23 06:28:30 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
+ 2005-09-23 06:28:30 12,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2005-09-23 06:28:30 7,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
+ 2005-09-23 06:28:32 87,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
+ 2005-09-23 06:28:48 69,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
+ 2005-09-23 06:28:56 800,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2005-09-23 06:28:56 73,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
+ 2005-09-23 06:28:56 288,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
+ 2005-09-23 06:28:56 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
+ 2005-09-23 06:28:56 326,144 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2005-09-23 06:28:56 81,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2005-09-23 06:28:56 4,308,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2005-09-23 06:28:56 102,400 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2005-09-23 06:29:00 330,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
+ 2005-09-23 06:28:56 67,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
+ 2005-09-23 06:28:50 9,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
+ 2005-09-23 06:28:56 226,816 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
+ 2005-09-23 06:28:56 66,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
+ 2005-09-23 06:28:56 10,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
+ 2005-09-23 06:28:50 5,615,616 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2005-09-23 06:29:00 22,528 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
+ 2005-12-23 07:59:14 23,040 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MUI\040C\mscorsecr.dll
+ 2005-09-23 06:28:56 96,440 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2005-09-23 06:28:56 14,848 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2005-09-23 06:28:56 78,336 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
+ 2005-09-23 06:28:50 136,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2005-09-23 06:28:56 53,248 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
+ 2005-09-23 06:28:56 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
+ 2005-09-23 06:29:02 59,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
+ 2005-09-23 06:28:58 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2005-09-23 06:28:56 107,520 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
+ 2005-09-23 06:29:00 85,504 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
+ 2005-09-23 06:28:56 377,344 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2005-09-23 06:28:56 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2005-09-23 06:28:58 389,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
+ 2005-09-23 06:28:56 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
+ 2005-09-23 06:28:56 2,878,976 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
+ 2005-09-23 06:28:56 482,304 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
+ 2005-09-23 06:28:56 716,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2005-09-23 06:28:38 884,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2005-09-23 06:28:56 5,050,368 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2005-09-23 06:28:56 397,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
+ 2005-09-23 06:28:56 188,416 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2005-09-23 06:28:56 3,018,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2005-09-23 06:28:56 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
+ 2005-09-23 06:28:56 700,416 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2005-09-23 06:28:56 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2005-09-23 06:28:56 47,616 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
+ 2005-09-23 06:28:56 114,176 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
+ 2005-09-23 06:28:56 368,640 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
+ 2005-09-23 06:28:56 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
+ 2005-09-23 06:28:56 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
+ 2005-09-23 06:28:56 131,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
+ 2005-09-23 06:28:56 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2005-09-23 06:28:56 114,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
+ 2005-09-23 06:28:56 260,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
+ 2005-09-23 06:28:56 5,025,792 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2005-09-23 06:28:56 835,584 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
+ 2005-09-23 06:28:56 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll
+ 2005-09-23 06:28:56 823,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
+ 2005-09-23 06:28:56 5,316,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2005-09-23 06:28:56 2,035,712 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2005-09-23 06:28:56 71,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
+ 2005-09-23 06:29:06 1,140,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2005-09-23 06:28:30 1,306,624 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
+ 2005-09-23 06:28:32 298,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2005-09-23 06:28:56 28,160 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
+ 2006-10-31 09:15:00 14,848 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\baseline.dat
+ 2006-10-20 16:57:16 99,600 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\DeleteTemp.exe
+ 2006-10-20 14:17:16 220,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\dlmgr.dll
+ 2006-10-20 14:19:18 1,054,720 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\gencomp.dll
+ 2006-10-20 14:16:24 163,328 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\HtmlLite.dll
+ 2006-10-20 16:57:16 194,320 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\RebootStub.exe
+ 2006-10-20 16:57:16 167,176 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\runmsi.exe
+ 2006-10-20 16:57:16 365,320 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\setup.exe
+ 2006-10-20 16:45:18 91,648 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\setupres.1036.dll
+ 2006-10-20 14:17:20 80,384 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\setupres.dll
+ 2006-10-20 14:17:26 1,621,504 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\SITSetup.dll
+ 2006-10-20 14:18:26 1,139,712 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\vs_setup.dll
+ 2006-10-20 14:19:44 590,848 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\vs70uimgr.dll
+ 2006-10-20 14:22:20 541,184 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\vsbasereqs.dll
+ 2006-10-20 14:19:48 816,128 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\vsscenario.dll
+ 2006-10-20 16:45:18 103,424 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\WapRes.1036.dll
+ 2006-10-20 14:19:50 98,816 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\WapRes.dll
+ 2006-10-20 14:21:22 1,103,872 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\WapUI.dll
+ 2006-10-30 03:06:28 189,828 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\baseline.dat
+ 2006-10-30 02:25:56 99,600 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\DeleteTemp.exe
+ 2006-10-29 22:15:06 220,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\dlmgr.dll
+ 2006-10-29 22:17:56 1,054,720 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\gencomp.dll
+ 2006-10-29 22:14:26 163,328 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\HtmlLite.dll
+ 2006-10-30 02:25:54 194,320 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\RebootStub.exe
+ 2006-10-30 02:25:56 167,176
Contenus similaires
23 Décembre 2007 10:35:27

Hijack

Logfile of HijackThis v1.99.1
Scan saved at 10:37:31, on 23/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\explorer.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: &Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [orahssStartup] "C:\Program Files\OrangeHSS\Launcher\Launcher.exe" -appid connectivityapp
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunServices: [Windows Media Player] Config.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Benjamin\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.ca.com/us/securityadvisor/pestscan/pestscan....
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Windows Firewall - Unknown owner - C:\WINDOWS\system32\SVCH0ST.EXE (file missing)

24 Décembre 2007 00:43:52

Bonjour

Le rapport de Combofix esr incomplet.

Poste la suite à partir de

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
24 Décembre 2007 09:29:48

Ba sa a l'aire bizard mais je trouve pas "((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))"
25 Décembre 2007 23:23:32

Bonjour

Refais un scan avec Combofix et poste son rapport.
4 Janvier 2008 12:22:32

Désoler d'un tel retard !

ComboFix 08-01-04.1 - Test 2008-01-04 12:08:21.7 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.630 [GMT 1:00]
Running from: C:\Documents and Settings\Test\Bureau\Outil puissant de Desinfection\ComboFix.exe
* Created a new restore point
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\ktd32.atm
C:\WINDOWS\system32\Cache
C:\WINDOWS\system32\qqfbveei.ini

.
((((((((((((((((((((((((((((( Fichiers créés 2007-12-04 to 2008-01-04 ))))))))))))))))))))))))))))))))))))
.

2008-01-04 12:07 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-04 12:03 . 2008-01-04 12:03 <REP> d-------- C:\WINDOWS\LastGood
2008-01-03 13:53 . 2008-01-03 13:54 <REP> d-------- C:\Program Files\Dofus
2007-12-31 15:46 . 2008-01-03 18:25 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2007-12-31 15:46 . 2007-12-31 15:46 1,409 --a------ C:\WINDOWS\QTFont.for
2007-12-31 15:14 . 2007-12-31 15:15 <REP> d-------- C:\Program Files\Microsoft Baseline Security Analyzer
2007-12-31 15:14 . 2007-12-31 15:14 <REP> d-------- C:\Documents and Settings\Test\SecurityScans
2007-12-31 15:13 . 2007-12-31 15:25 <REP> d-------- C:\Program Files\Microsoft Silverlight
2007-12-27 10:32 . 2007-12-27 10:34 <REP> d-------- C:\Program Files\WinAVI MP4 Converter
2007-12-27 10:28 . 2007-12-27 10:28 <REP> d-------- C:\Program Files\MyMPxPlayer.org
2007-12-26 14:13 . 2007-12-26 14:13 <REP> d-------- C:\Program Files\SuperScan
2007-12-26 12:58 . 2007-12-26 13:03 113,562 --a------ C:\WINDOWS\hpoins07.dat
2007-12-26 12:58 . 2005-05-24 07:50 21,124 --------- C:\WINDOWS\hpomdl07.dat
2007-12-26 12:55 . 2007-12-26 13:10 <REP> d-------- C:\Documents and Settings\Test\Application Data\Printer Info Cache
2007-12-26 12:51 . 2007-03-05 17:27 113,562 --------- C:\WINDOWS\hpoins07.dat.temp
2007-12-26 12:51 . 2005-05-24 07:50 21,124 --------- C:\WINDOWS\hpomdl07.dat.temp
2007-12-26 12:26 . 2007-12-26 12:26 <REP> d-------- C:\Documents and Settings\Didier\Application Data\Printer Info Cache
2007-12-26 12:25 . 2007-12-26 12:25 <REP> d-------- C:\Program Files\Fichiers communs\HP
2007-12-26 12:20 . 2007-12-26 12:20 227 --a------ C:\WINDOWS\HP_CounterReport_Update_HPSU.ini
2007-12-26 12:19 . 2007-12-26 12:19 214 --a------ C:\WINDOWS\HP_48BitScanUpdatePatch.ini
2007-12-24 16:01 . 2008-01-03 12:37 <REP> d-------- C:\Program Files\Cheat Engine
2007-12-24 16:01 . 2006-09-04 19:16 1,970,176 --a------ C:\WINDOWS\system32\d3dx9.dll
2007-12-24 16:01 . 2006-09-04 19:16 679,936 --a------ C:\WINDOWS\system32\D3DX81ab.dll
2007-12-23 20:00 . 2007-12-23 20:00 <REP> d----c--- C:\MSN Emoticons
2007-12-23 20:00 . 2007-12-23 20:00 <REP> d----c--- C:\MSN Display Pics
2007-12-23 19:58 . 2007-12-23 19:58 <REP> d-------- C:\Program Files\Evil Msn
2007-12-23 19:55 . 2007-12-23 19:55 <REP> d-------- C:\Program Files\WinPcap
2007-12-23 19:48 . 2007-12-23 19:48 25 --a------ C:\WINDOWS\system32\zla.dll
2007-12-23 18:50 . 2007-12-23 18:50 <REP> d-------- C:\Program Files\BelSoft
2007-12-23 17:09 . 2007-12-23 17:09 <REP> d-------- C:\Program Files\Hamachi
2007-12-23 15:30 . 2007-12-24 11:23 <REP> d-------- C:\Program Files\eMule
2007-12-23 12:27 . 2007-12-23 12:27 <REP> d-------- C:\WINDOWS\ERUNT
2007-12-22 23:33 . 2007-12-22 23:33 <REP> d-------- C:\Documents and Settings\Test\Application Data\Avant Profiles
2007-12-22 22:58 . 2007-12-22 22:58 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Infralution
2007-12-22 22:57 . 2007-12-22 22:57 <REP> d-------- C:\Program Files\MSBuild
2007-12-22 22:53 . 2007-12-22 22:58 <REP> d-------- C:\WINDOWS\system32\XPSViewer
2007-12-22 22:53 . 2007-12-22 22:53 <REP> d-------- C:\Program Files\Reference Assemblies
2007-12-22 22:53 . 2006-06-29 13:07 14,048 --------- C:\WINDOWS\system32\spmsg2.dll
2007-12-20 20:14 . 2007-12-20 20:14 <REP> d----c--- C:\MSNFix
2007-12-20 20:13 . 2007-12-20 20:13 283,425 --a------ C:\MSNFix.zip
2007-12-20 18:16 . 2007-12-22 23:02 <REP> d-------- C:\Program Files\NeoTracePro
2007-12-20 17:47 . 2007-12-20 17:47 <REP> d-------- C:\Documents and Settings\Test\Application Data\Ethereal
2007-12-20 15:48 . 2006-08-10 20:12 124 --a------ C:\WINDOWS\DORAAH.CFG
2007-12-20 15:48 . 2006-12-04 12:01 51 --a------ C:\WINDOWS\ATTACK.CFG
2007-12-20 15:24 . 2007-12-20 15:24 74,240 --a------ C:\WINDOWS\temp.000
2007-12-18 15:43 . 2007-12-27 10:34 <REP> d-------- C:\Documents and Settings\Test\Application Data\Apple Computer
2007-12-12 16:24 . 2007-12-12 16:24 <REP> d-------- C:\Documents and Settings\Test\Application Data\LOCAL FR a mettre dans le serveur
2007-12-12 13:24 . 2007-12-23 11:41 1,215,777 --a--c--- C:\SDFix.exe
2007-12-08 18:17 . 2007-12-08 18:17 <REP> d-------- C:\Program Files\BootXP2
2007-12-08 18:17 . 2007-12-31 15:41 2,150,912 --a------ C:\WINDOWS\system32\LOGOOS.EXE
2007-12-08 18:17 . 2007-12-23 16:42 236 -----c--- C:\BOOT.BXP
2007-12-08 17:45 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2007-12-08 17:45 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-12-08 17:45 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-12-08 17:45 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-12-08 17:45 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-12-08 16:11 . 2008-01-03 11:36 <REP> d-------- C:\Program Files\Lop SD
2007-12-08 15:18 . 2007-12-08 15:18 <REP> d-------- C:\Documents and Settings\Test\DoctorWeb
2007-12-08 13:12 . 2007-12-08 13:12 <REP> d-------- C:\Program Files\Avira
2007-12-08 13:12 . 2007-12-08 13:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2007-12-08 12:52 . 2007-12-08 12:52 <REP> d----c--- C:\VundoFix Backups
2007-12-08 12:23 . 2007-12-08 12:23 162 --a------ C:\WINDOWS\dualxplorer_dualxplorer_0.8.70_francais_14841.INI
2007-12-08 11:47 . 2007-12-08 11:47 <REP> d-------- C:\Program Files\REAL Software
2007-12-08 11:37 . 2007-12-08 11:37 <REP> d-------- C:\WINDOWS\Pacman Come Back
2007-12-08 11:28 . 2007-12-08 11:29 <REP> d-------- C:\WINDOWS\system32\PandoraEngine200408
2007-12-06 17:03 . 2007-12-06 17:04 92 --a------ C:\WINDOWS\kaboom!.ini
2007-12-06 16:49 . 2007-12-08 14:08 <REP> d-------- C:\WINDOWS\system32\win xp
2007-12-05 18:43 . 2007-12-05 18:43 <REP> d-------- C:\Program Files\VirtualDub

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-03 13:19 --------- d-----w C:\Documents and Settings\Test\Application Data\Hamachi
2008-01-02 11:18 822,784 ----a-w C:\WINDOWS\system32\lncom_.exe
2007-12-31 15:00 --------- d-----w C:\Documents and Settings\Test\Application Data\FileZilla
2007-12-26 12:04 --------- d-----w C:\Documents and Settings\Test\Application Data\Image Zone Express
2007-12-26 11:51 --------- d-----w C:\Documents and Settings\Test\Application Data\HP
2007-12-26 11:45 --------- d-----w C:\Documents and Settings\Didier\Application Data\Image Zone Express
2007-12-26 11:25 --------- d-----w C:\Program Files\HP
2007-12-23 17:26 163,712 ----a-w C:\WINDOWS\system32\drivers\vidstub.sys
2007-12-23 16:09 25,280 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys
2007-12-23 10:34 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-12-23 09:51 --------- d-----w C:\Documents and Settings\Marie-line_2\Application Data\LimeWire
2007-12-23 09:51 --------- d-----w C:\Documents and Settings\Marie-line\Application Data\LimeWire
2007-12-22 22:02 --------- d-----w C:\Program Files\No-IP
2007-12-22 22:02 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2007-12-20 19:38 --------- d-----w C:\Program Files\Shareaza
2007-12-20 14:25 344,576 ----a-w C:\WINDOWS\system32\Sesam v2.5.exe
2007-12-20 14:24 253,952 ------w C:\WINDOWS\Setup1.exe
2007-12-10 17:54 3,146,183 ----a-w C:\WINDOWS\win_habbo_screensaver.SCR
2007-12-08 12:58 --------- d-----w C:\Program Files\Navilog1
2007-12-05 17:03 --------- d-----w C:\Program Files\CamStudio
2007-11-29 18:51 --------- d--h--w C:\Documents and Settings\All Users\Application Data\{74D61F17-FFC2-41AF-96E5-1DCB0631B6D1}
2007-11-29 18:51 --------- d-----w C:\Program Files\Eraser
2007-11-28 14:46 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2007-11-27 19:25 --------- d-----w C:\Documents and Settings\Test\Application Data\vmntoolbar
2007-11-19 17:36 --------- d-----w C:\Documents and Settings\Didier\Application Data\VMNTOOLBAR
2007-11-19 12:02 --------- d-----w C:\Program Files\FileZilla Client
2007-11-19 11:58 --------- d-----w C:\Program Files\TransSoft Ltd
2007-11-17 12:04 --------- d-----w C:\Program Files\Visicom Media
2007-11-17 12:04 --------- d-----w C:\Documents and Settings\Test\Application Data\Sites
2007-11-17 12:04 --------- d-----w C:\Documents and Settings\Test\Application Data\Classes de site
2007-11-17 12:03 --------- d-----w C:\Documents and Settings\Test\Application Data\Dynamique
2007-11-17 10:23 --------- d-----w C:\Program Files\Opera
2007-11-16 18:02 --------- d-----w C:\Documents and Settings\Test\Application Data\iScreensaver
2007-11-13 18:58 --------- d-----w C:\Program Files\Micro Application
2007-11-13 18:41 --------- d-----w C:\Program Files\NCH Swift Sound
2007-11-13 18:33 --------- d-----w C:\Documents and Settings\Session de Test\Application Data\Hamachi
2007-11-08 09:55 --------- d-----w C:\Program Files\FlashFXP
2007-11-08 09:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\FlashFXP
2007-11-08 08:25 --------- d-----w C:\Documents and Settings\Test\Application Data\CoreFTP
2007-11-04 12:12 --------- d-----w C:\Documents and Settings\Didier\Application Data\CoreFTP
2007-10-26 20:57 73,216 ------w C:\WINDOWS\ST6UNST.EXE
2007-10-26 20:22 44,544 ----a-w C:\WINDOWS\AWuninstall.exe
2007-10-17 19:33 71,326 -c--a-w C:\WINDOWS\BricoPackUninst.cmd
2007-10-17 19:33 5,319 ----a-w C:\WINDOWS\BricoPackFoldersDelete.cmd
2007-10-15 15:09 44,922 ----a-w C:\WINDOWS\system32\IKatzuUninstall.exe
2007-10-15 15:09 421,888 ----a-w C:\WINDOWS\system32\bkinohjs.dll
2007-10-15 15:09 24,576 ----a-w C:\WINDOWS\system32\msxml3a.dll
2004-04-20 21:05 98,304 --sha-r C:\WINDOWS\archive.exe
2005-04-04 08:49 1,171,456 --sha-r C:\WINDOWS\Barmaja 2.7.9.exe
2007-09-03 15:19 0 -csha-w C:\WINDOWS\Win.com
2007-09-03 15:18 169,295 --sha-w C:\WINDOWS\system32\tgr32thb.dll
.

((((((((((((((((((((((((((((( snapshot@2007-12-24_12.01.52.93 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-12-26 11:26:00 25,214 ----a-r C:\WINDOWS\Installer\{EB21A812-671B-4D08-B974-2A347F0D8F70}\ARPPRODUCTICON.exe
+ 2007-12-26 11:26:01 65,536 ----a-r C:\WINDOWS\Installer\{EB21A812-671B-4D08-B974-2A347F0D8F70}\NewShortcut1_33E9E60A87F847448812192D138D3F40.exe
+ 2007-12-26 11:26:01 65,536 ----a-r C:\WINDOWS\Installer\{EB21A812-671B-4D08-B974-2A347F0D8F70}\NewShortcut11_EB21A812671B4D08B9742A347F0D8F70.exe
+ 2007-12-26 11:26:01 65,536 ----a-r C:\WINDOWS\Installer\{EB21A812-671B-4D08-B974-2A347F0D8F70}\NewShortcut2_33E9E60A87F847448812192D138D3F40.exe
+ 2007-12-26 11:26:01 65,536 ----a-r C:\WINDOWS\Installer\{EB21A812-671B-4D08-B974-2A347F0D8F70}\UninstallHPGGShortcu_EB21A812671B4D08B9742A347F0D8F70.exe
- 2007-09-13 19:52:41 10,127 ----a-w C:\WINDOWS\mozver.dat
+ 2007-12-24 13:19:37 10,758 ----a-w C:\WINDOWS\mozver.dat
- 2007-12-23 14:57:35 16,384 -c--a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2007-12-26 20:45:55 16,384 -c--a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
- 2007-12-23 14:57:35 32,768 -c--a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
+ 2007-12-26 20:45:55 32,768 -c--a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
- 2007-12-23 14:57:35 32,768 -c--a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2007-12-26 20:45:58 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2004-08-03 21:58:46 15,104 -c--a-w C:\WINDOWS\system32\dllcache\usbscan.sys
- 2004-06-11 12:27:32 118,784 ----a-r C:\WINDOWS\system32\HPODXPAT.DLL
+ 2004-05-27 14:00:52 118,784 ----a-r C:\WINDOWS\system32\HPODXPAT.DLL
- 2004-09-29 11:14:36 69,632 ----a-w C:\WINDOWS\system32\HPZipm12.exe
+ 2007-08-09 07:27:52 73,728 ------w C:\WINDOWS\system32\HPZipm12.exe
+ 2007-08-09 07:27:52 73,728 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\HPZIPM12.EXE
- 2007-12-13 20:26:50 156,160 ----a-w C:\WINDOWS\system32\swreg.exe
+ 2000-08-31 07:00:00 156,160 ----a-w C:\WINDOWS\system32\swreg.exe
- 2007-03-05 16:22:12 1,230,336 -c--a-w C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.1.0.0_x-ww_b319d8da\msxml4.dll
+ 2007-12-26 12:02:22 1,230,336 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.1.0.0_x-ww_b319d8da\msxml4.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-26 17:22 68856]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 11:55 5674352]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SystrayORAHSS"="C:\Program Files\OrangeHSS\Systray\SystrayApp.exe" [2007-01-04 10:45 90112]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 23:12 49152]
"orahssStartup"="C:\Program Files\OrangeHSS\Launcher\Launcher.exe" [2007-01-04 10:40 462848]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-06-28 23:43 8466432]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-12-08 13:13 249896]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 08:41 282624]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-04-27 10:25 257088]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="C:\WINDOWS\system32\tscupgrd.exe" [2004-08-05 13:00 44544]

C:\Documents and Settings\Marie-line_2\Menu D‚marrer\Programmes\D‚marrage\
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-18 23:05:02]

C:\Documents and Settings\Didier\Menu D‚marrer\Programmes\D‚marrage\
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-18 23:05:02]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Run Google Web Accelerator.lnk - C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe [2007-07-09 21:24:38]
Utilitaire r‚seau pour SAGEM Wi-Fi 11g USB adapter.lnk - C:\Program Files\SAGEM WiFi manager\WLANUTL.exe [2007-03-04 13:40:00]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="LogonUI.EXE"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^WinMessenger StartUp.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\WinMessenger StartUp.lnk
backup=C:\WINDOWS\pss\WinMessenger StartUp.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Benjamin^Menu Démarrer^Programmes^Démarrage^sms-pc.lnk]
path=C:\Documents and Settings\Benjamin\Menu Démarrer\Programmes\Démarrage\sms-pc.lnk
backup=C:\WINDOWS\pss\sms-pc.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Marie-line^Menu Démarrer^Programmes^Démarrage^desktop.ini]
path=C:\Documents and Settings\Marie-line\Menu Démarrer\Programmes\Démarrage\desktop.ini
backup=C:\WINDOWS\pss\desktop.iniStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Marie-line^Menu Démarrer^Programmes^Démarrage^Stardock ObjectDock.lnk]
path=C:\Documents and Settings\Marie-line\Menu Démarrer\Programmes\Démarrage\Stardock ObjectDock.lnk
backup=C:\WINDOWS\pss\Stardock ObjectDock.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Marie-line_2^Menu Démarrer^Programmes^Démarrage^Anti-Pub.lnk]
path=C:\Documents and Settings\Marie-line_2\Menu Démarrer\Programmes\Démarrage\Anti-Pub.lnk
backup=C:\WINDOWS\pss\Anti-Pub.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Marie-line_2^Menu Démarrer^Programmes^Démarrage^desktop.ini]
path=C:\Documents and Settings\Marie-line_2\Menu Démarrer\Programmes\Démarrage\desktop.ini
backup=C:\WINDOWS\pss\desktop.iniStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Test^Menu Démarrer^Programmes^Démarrage^hamachi.lnk]
path=C:\Documents and Settings\Test\Menu Démarrer\Programmes\Démarrage\hamachi.lnk
backup=C:\WINDOWS\pss\hamachi.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Test^Menu Démarrer^Programmes^Démarrage^MemTurbo.lnk]
path=C:\Documents and Settings\Test\Menu Démarrer\Programmes\Démarrage\MemTurbo.lnk
backup=C:\WINDOWS\pss\MemTurbo.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\a42cd123]
rundll32.exe C:\WINDOWS\system32\lupbqlul.dll,b

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2007-10-10 19:51 39792 --a------ C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
C:\Program Files\Ares\Ares.exe -h

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BestsellerAntivirus]
C:\Program Files\BestsellerAntivirus\pgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
C:\Program Files\BitTorrent\bittorrent.exe --force_start_minimized

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BPK]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2004-08-05 13:00 15360 --a------ C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eraser]
C:\Program Files\Eraser\eraser.exe -hide

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\G00123]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GLSetIT32]
c:\windows\system32\msiexec16.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]
HDAShCut.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IpWins]
C:\Program Files\Ipwindows\ipwins.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2007-04-27 10:25 257088 --a------ C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LClock]
C:\Program Files\LClock\LClock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnreord]
C:\DOCUME~1\Test\LOCALS~1\Temp\Rar$EX05.094\MSN password logger\msnmonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 11:50 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\runner1]
C:\WINDOWS\tsitra1000106.exe 61A847B5BBF72813329B385772FF01F0B3E35B6638993F4661AA4EBD86D67C56389B284534F310

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchIndexer]
rundll32.exe C:\WINDOWS\system32\bnxklxft.dll,sitypnow

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Soylenti.Net WebRadyo]
C:\Program Files\Soylenti.Net Web Radyo\Soylenti Web Radyo.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2007-03-04 12:56 36972 --a------ C:\Program Files\Java\jre1.5.0\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ugcw]
C:\PROGRA~1\FICHIE~1\BESTSE~1\ugcw.exe -start

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows LSSS Service]
C:\Documents and Settings\Test\CyberServeur\svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFlyer32.dll]
rundll32.exe C:\WINDOWS\system32\WinFlyer32.dll,Run

R3 SG760_XP;SAGEM 802.11g XG760 1211 Driver;C:\WINDOWS\system32\DRIVERS\WlanUZXP.sys [2006-01-09 11:26]
S2 Windows Firewall;Windows Firewall;C:\WINDOWS\system32\SVCH0ST.EXE []
S3 SIWIO;SIW low-level I/O driver;C:\WINDOWS\TEMP\SiwIo.sys []
S3 ss_bus;Samsung Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2004-09-18 07:04]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2004-09-18 07:05]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2004-09-18 07:05]
S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS []


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{AEB9D4A0-199B-4dfa-A18D-E2DD5D989EDF}]
%ProgramFiles%\WinMessenger\Setup\Setup.exe /PERUSERINIT
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-12-31 18:32:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-04 12:12:55
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-01-04 12:13:21
ComboFix-quarantined-files.txt 2008-01-04 11:13:19
.
2008-01-03 20:35:09 --- E O F ---
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS