Se connecter / S'enregistrer
Votre question

Encore une infection de Win32:Adware-gen [Adw]

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
4 Novembre 2007 16:25:25

Bonjour, je suis nouveau sur le forum mais depuis hier soir j'ai lu 15 sujets sur cet ***** de spyware!! :)  J'ai aussi attrapé de adware dans C:\DOCUME~1\ADMINI~1\LOCAL~1\Temp\ac8zt2\rmv.exe

J'ai un écran avast! - Avertissement qui s'ouvre chaque fois que je clique sur Mettre en Quarantaine ou sur Supprimer et depuis ce matinmon wallpaper a changé au rouge avec un signe de virus et les phrases "Your privacy is in danger. Download privacy protection software now". J'ai downloadé quelques programmes et j'ai fait scan; 1 avec HijackThis et 1 avec DiagHelp. Les voici:

HijackThis

Logfile of HijackThis v1.99.1
Scan saved at 22:13:19, on 03/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
C:\PROGRA~1\MUSICA~1\mac.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Venturi2\Client\ventc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrateur\Bureau\Microsoft Office\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: MSVPS System - {CFF8726A-9262-441C-8163-C6371E9EDE47} - C:\WINDOWS\advrepnok.dll
O3 - Toolbar: The sdrmod - {16A0662E-AC21-4AD9-89E8-7495AC5ACE93} - C:\WINDOWS\sdrmod.dll
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidSetup.exe boot
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [PVR Agent] C:\Program Files\MSI\TV@Anywhere Plus\TVR\Scheduled.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
O4 - HKLM\..\Run: [Music Alarm Clock] C:\PROGRA~1\MUSICA~1\mac.exe
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.1\apdproxy.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MediaDico] C:\Program Files\Micro Application\MediaDICO\LanceMediaDICO.exe Lancement
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BlazeServoTool] "C:\Program Files\BlazeVideo\BlazeDVD 5 Standard\MediaDetector.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Correcteur - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\Program Files\Druide\Antidote\Internet Explorer\6\Antidote K - IE 6.htm (HKCU)
O9 - Extra button: Dictionnaires - {F9B969E8-58D0-4dd9-AC8A-EE2336FF8F65} - C:\Program Files\Druide\Antidote\Internet Explorer\6\Antidote D - IE 6.htm (HKCU)
O9 - Extra button: Guides - {FA089E36-3F1B-4c51-9A1A-C4E7012483AF} - C:\Program Files\Druide\Antidote\Internet Explorer\6\Antidote G - IE 6.htm (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: hupsrv - {3369DD25-A57F-41AA-9BC1-1B50DEFFD3C2} - C:\WINDOWS\hupsrv.dll
O21 - SSODL: bindmod - {F1E2A44F-8A21-432B-AE84-6BDD7C9E06F9} - C:\WINDOWS\bindmod.dll (file missing)
O21 - SSODL: msmhost - {9851F39E-1644-4143-8197-89EE136D4DDC} - C:\WINDOWS\msmhost.dll
O21 - SSODL: msmdev - {8C3EAABE-1173-4994-B386-3326B6B427D4} - C:\WINDOWS\msmdev.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe (file missing)
O23 - Service: Venturi2 Client (Venturi2) - Fourelle Systems, Inc - C:\Program Files\Venturi2\Client\ventc.exe


DiagHelp

DiagHelp version v1.3 - http://www.malekal.com
excute le 03/11/2007 à 22:16:06,84


Liste des derniers fichies modifies/crees dans windir\system32 et prefetch
C:\WINDOWS\prefetch\NTOSBOOT-B00DFAAD.pf -->03/11/2007 21:57:27
C:\WINDOWS\prefetch\Layout.ini -->30/10/2007 15:16:55

C:\WINDOWS\System32\drivers\aswmon.sys -->06/09/2007 05:05:25
C:\WINDOWS\System32\drivers\aswmon2.sys -->06/09/2007 05:05:10
C:\WINDOWS\System32\drivers\aswRdr.sys -->06/09/2007 05:03:02
C:\WINDOWS\System32\drivers\aswTdi.sys -->06/09/2007 05:02:20
C:\WINDOWS\System32\drivers\aavmker4.sys -->06/09/2007 05:00:53
C:\WINDOWS\System32\drivers\pcouffin.sys -->29/08/2007 11:36:42
C:\WINDOWS\System32\drivers\secdrv.sys -->26/08/2007 12:56:57

C:\WINDOWS\System32\msvcp70.dll -->09/12/2007 00:32:44
C:\WINDOWS\System32\rmbe3260.dll -->09/12/2007 00:32:40
C:\WINDOWS\System32\ra32sipr.dll -->09/12/2007 00:32:40
C:\WINDOWS\System32\ra32dnet.dll -->09/12/2007 00:32:40
C:\WINDOWS\System32\ra3228_8.dll -->09/12/2007 00:32:40
C:\WINDOWS\System32\ra3214_4.dll -->09/12/2007 00:32:40
C:\WINDOWS\System32\pngu3263.dll -->09/12/2007 00:32:40
C:\WINDOWS\System32\pneng50.dll -->09/12/2007 00:32:40
C:\WINDOWS\System32\pnc3250.dll -->09/12/2007 00:32:40
C:\WINDOWS\System32\encdnet.dll -->09/12/2007 00:32:40
C:\WINDOWS\System32\decdnet.dll -->09/12/2007 00:32:40
C:\WINDOWS\System32\wpa.dbl -->03/11/2007 21:55:55
C:\WINDOWS\System32\rmoc3260.dll -->29/10/2007 19:27:49
C:\WINDOWS\System32\pndx5032.dll -->29/10/2007 19:27:45
C:\WINDOWS\System32\pndx5016.dll -->29/10/2007 19:27:45
C:\WINDOWS\System32\pncrt.dll -->29/10/2007 19:27:44
C:\WINDOWS\System32\jupdate-1.6.0_03-b05.log -->17/10/2007 13:04:31
C:\WINDOWS\System32\FNTCACHE.DAT -->15/10/2007 00:49:45
C:\WINDOWS\System32\CONFIG.NT -->15/10/2007 00:26:28
C:\WINDOWS\System32\javaws.exe -->24/09/2007 23:31:42
C:\WINDOWS\System32\javacpl.cpl -->24/09/2007 23:31:42
C:\WINDOWS\System32\javaw.exe -->24/09/2007 22:30:30
C:\WINDOWS\System32\java.exe -->24/09/2007 22:30:28
C:\WINDOWS\System32\xvid-uninstall.exe -->11/09/2007 18:05:18
C:\WINDOWS\System32\SysDVDtoavi.dat -->11/09/2007 14:44:25

C:\WINDOWS\WindowsUpdate.log -->03/11/2007 22:02:17
C:\WINDOWS\0.log -->03/11/2007 21:56:29
C:\WINDOWS\wiadebug.log -->03/11/2007 21:56:28
C:\WINDOWS\wiaservc.log -->03/11/2007 21:56:26
C:\WINDOWS\bootstat.dat -->03/11/2007 21:55:53
C:\WINDOWS\SchedLgU.Txt -->03/11/2007 21:54:52
C:\WINDOWS\win.ini -->03/11/2007 21:38:23
C:\WINDOWS\NeroDigital.ini -->03/11/2007 21:32:33
C:\WINDOWS\dat.txt -->03/11/2007 21:06:45
C:\WINDOWS\wtopmod.exe -->03/11/2007 08:55:08
C:\WINDOWS\sdrmod.dll -->03/11/2007 08:55:04
C:\WINDOWS\advrepnok.dll -->03/11/2007 08:54:58
C:\WINDOWS\hupsrv.dll -->03/11/2007 08:54:30
C:\WINDOWS\setupapi.log -->02/11/2007 19:54:21
C:\WINDOWS\QTFont.qfn -->02/11/2007 14:15:54


MD5 des fichiers sensibles
tcpip.sys 6129e70f3d2f1e60860c930ebeaf92c2
ndis.sys 558635d3af1c7546d26067d5d9b6959e
null.sys 73c1e1f395918bc2c6dd67af7591a3ad
svchost.exe 2979b03d5382a602623c0535b16ab9c0


ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com

------------------------------------------------------------------------------
explorer.exe pid: 1952
Command line: C:\WINDOWS\Explorer.EXE

Base Size Version Path
0x58b50000 0x9a000 5.82.2900.2527 C:\WINDOWS\system32\comctl32.dll
0x76f80000 0x7f000 2001.12.4414.0258 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll
0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL
0x01660000 0x2c6000 3.01.4000.2435 C:\WINDOWS\system32\msi.dll
0x10100000 0xf000 3.30.0165.0000 C:\Program Files\Logitech\SetPoint\lgscroll.dll
0x78130000 0x9b000 8.00.50727.0762 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll
0x7c420000 0x87000 8.00.50727.0762 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll
0x10000000 0x54000 C:\WINDOWS\hupsrv.dll
0x01610000 0x3a000 1.00.0000.0001 C:\WINDOWS\msmhost.dll
0x16080000 0x19000 1.00.0003.0001 C:\Program Files\Bonjour\mdnsNSP.dll
0x01390000 0xf000 1.00.0000.0001 C:\WINDOWS\system32\vlsp.dll
0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll
0x02880000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x013c0000 0x14000 2.07.0003.0002 C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll
0x7c250000 0x102000 7.10.3077.0000 C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL
0x028a0000 0x56000 7.10.3052.0004 C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll
0x7c3a0000 0x7b000 7.10.3077.0000 C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll
0x5d360000 0xf000 7.10.3077.0000 C:\WINDOWS\system32\MFC71FRA.DLL
0x16200000 0x6000 4.01.0000.0000 C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
0x02a40000 0x2c000 C:\Program Files\WinRAR\rarext.dll
0x03230000 0x1b9000 2.00.0000.0008 C:\Program Files\Fichiers communs\Ahead\Lib\NeroDigitalExt.dll
0x7c140000 0x103000 7.10.3077.0000 C:\Program Files\Fichiers communs\Ahead\Lib\MFC71.DLL
0x012d0000 0x8000 1.00.0000.0001 C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
0x6bd10000 0x10000 12.00.4518.1014 C:\Program Files\Microsoft Office\Office12\msohevi.dll
0x03070000 0x57000 1.01.0000.0500 C:\Program Files\WIBU-SYSTEMS\System\WibuShellExt.dll
0x60980000 0x7000 3.01.4000.1823 C:\WINDOWS\system32\MSISIP.DLL
0x74e10000 0x10000 5.06.0000.8820 C:\WINDOWS\system32\wshext.dll
0x73d20000 0xfe000 6.02.4131.0000 C:\WINDOWS\system32\MFC42.DLL
0x61d70000 0xe000 6.00.8665.0000 C:\WINDOWS\system32\MFC42LOC.DLL
0x59000000 0xe000 5.06.0000.6626 C:\WINDOWS\system32\wshFR.DLL

ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com

------------------------------------------------------------------------------
winlogon.exe pid: 748
Command line: winlogon.exe

Base Size Version Path
0x01000000 0x81000 \??\C:\WINDOWS\system32\winlogon.exe
0x58b50000 0x9a000 5.82.2900.2527 C:\WINDOWS\system32\COMCTL32.dll
0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll
0x20000000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x10000000 0x1d000 6.14.0010.4155 C:\WINDOWS\system32\Ati2evxx.dll
0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll
0x76f80000 0x7f000 2001.12.4414.0258 C:\WINDOWS\system32\CLBCATQ.DLL

Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est CC06-4D0C

Répertoire de C:\WINDOWS\temp

11/06/2003 07:40 126 976 DeleteUSB.exe
27/06/2003 11:50 126 976 PLUninst.exe
2 fichier(s) 253 952 octets
0 Rép(s) 229 114 900 480 octets libres

Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est CC06-4D0C

Répertoire de C:\WINDOWS\system32

19/08/2004 11:09 6 144 csrss.exe
1 fichier(s) 6 144 octets
0 Rép(s) 229 114 900 480 octets libres

Contenu de Downloaded Program Files
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est CC06-4D0C

Répertoire de C:\WINDOWS\Downloaded Program Files

02/11/2007 19:54 <REP> .
02/11/2007 19:54 <REP> ..
23/08/2007 00:56 65 desktop.ini
13/04/2007 02:14 382 344 GAME_UNO1.dll
17/01/2007 15:44 316 GAME_UNO1.INF
28/06/2007 14:18 907 GoPetsWeb.inf
29/06/2007 22:34 448 024 GoPetsWeb.ocx
02/05/2007 04:55 904 jinstall-1_5_0_12.inf
22/02/2007 23:41 304 544 MessengerStatsPAClient.dll
11/06/2007 12:21 5 021 swflash.inf
8 fichier(s) 1 142 125 octets

Total des fichiers listés :
8 fichier(s) 1 142 125 octets
2 Rép(s) 229 114 896 384 octets libres

Recherche de rootkit! (Merci S!Ri)

Recherche d'infections connues

Export des clefs sensibles..


Liste des fichiers en exception sur le pare-feu XP SP2

"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\mIRC\\mirc.exe"="C:\\Program Files\\mIRC\\mirc.exe:*:Enabled:mIRC"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Messenger"
"C:\\Program Files\\Codemasters\\Worms 4 Mayhem\\WORMS 4 MAYHEM.EXE"="C:\\Program Files\\Codemasters\\Worms 4 Mayhem\\WORMS 4 MAYHEM.EXE:*:Enabled:Worms 4 Mayhem"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype. Take a deep breath "
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

Export de la clef SharedTaskScheduler

[SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"



exports des policies
REGEDIT4

[system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001



Export des clefs sensibles..
Rechercher adresses sensibles dans le fichier HOSTS...

KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

Process list by traversal of KiWaitListHead

4 - System
172 - ashServ.exe
384 - spoolsv.exe
468 - CLI.exe
540 - AAWTray.exe
580 - mac.exe
708 - csrss.exe
748 - winlogon.exe
792 - services.exe
804 - lsass.exe
808 - realsched.exe
856 - ashDisp.exe
992 - svchost.exe
1004 - NMBgMonitor.exe
1012 - ctfmon.exe
1064 - svchost.exe
1080 - msnmsgr.exe
1148 - uTorrent.exe
1192 - NMIndexStoreSvr
1212 - svchost.exe
1288 - svchost.exe
1416 - ati2evxx.exe
1520 - hpqtra08.exe
1532 - LogitechDesktop
1544 - SetPoint.exe
1632 - aawservice.exe
1952 - explorer.exe
2184 - AppleMobileDevi
2236 - mDNSResponder.e
2276 - DevSvc.exe
2332 - NMIndexingServi
2532 - svchost.exe
2620 - cmd.exe
2880 - CLI.exe
2980 - firefox.exe
3256 - ashMaiSv.exe
3392 - ashWebSv.exe
3452 - svchost.exe
3544 - usnsvc.exe
3772 - svchost.exe
3800 - alg.exe
4004 - notepad.exe

Total number of processes = 42
NOTE: Under WinXP, this will not show all processes.

KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

Driver/Module list by traversal of PsLoadedModuleList

804D7000 - \WINDOWS\system32\ntkrnlpa.exe
806E2000 - \WINDOWS\system32\hal.dll
F79E1000 - \WINDOWS\system32\KDCOM.DLL
F78F1000 - \WINDOWS\system32\BOOTVID.dll
F73B1000 - ACPI.sys
F79E3000 - \WINDOWS\system32\DRIVERS\WMILIB.SYS
F73A0000 - pci.sys
F74E1000 - isapnp.sys
F74F1000 - ohci1394.sys
F7501000 - \WINDOWS\system32\DRIVERS\1394BUS.SYS
F7AA9000 - pciide.sys
F7761000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
F7511000 - MountMgr.sys
F7381000 - ftdisk.sys
F79E5000 - dmload.sys
F735B000 - dmio.sys
F7769000 - PartMgr.sys
F7521000 - sfsync02.sys
F7531000 - VolSnap.sys
F7343000 - atapi.sys
F7541000 - jraid.sys
F732B000 - \WINDOWS\system32\DRIVERS\SCSIPORT.SYS
F7551000 - disk.sys
F7561000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
F730C000 - fltMgr.sys
F72FA000 - sr.sys
F7571000 - PxHelp20.sys
F72E8000 - TPkd.sys
F72D1000 - KSecDD.sys
F7244000 - Ntfs.sys
F7217000 - NDIS.sys
F7771000 - sfhlp02.sys
F7206000 - sfdrv01.sys
F71EB000 - Mup.sys
F79E7000 - JGOGO.sys
F7601000 - \SystemRoot\system32\DRIVERS\intelppm.sys
F687C000 - \SystemRoot\system32\DRIVERS\ati2mtag.sys
F6868000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
F7811000 - \SystemRoot\system32\DRIVERS\usbuhci.sys
F6845000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS
F7819000 - \SystemRoot\system32\DRIVERS\usbehci.sys
F6820000 - \SystemRoot\system32\DRIVERS\HDAudBus.sys
F6C29000 - \SystemRoot\system32\DRIVERS\atl01_xp.sys
F6C19000 - \SystemRoot\system32\DRIVERS\cdrom.sys
F677C000 - \SystemRoot\system32\DRIVERS\3xHybrid.sys
F6759000 - \SystemRoot\system32\DRIVERS\ks.sys
F79C5000 - \SystemRoot\system32\DRIVERS\BdaSup.SYS
F6C09000 - \SystemRoot\system32\DRIVERS\nic1394.sys
F6748000 - \SystemRoot\System32\DRIVERS\serial.sys
F79C9000 - \SystemRoot\system32\DRIVERS\serenum.sys
F7821000 - \SystemRoot\system32\DRIVERS\fdc.sys
F7A05000 - \SystemRoot\system32\DRIVERS\ASACPI.sys
F6734000 - \SystemRoot\system32\DRIVERS\parport.sys
F6BF9000 - \SystemRoot\system32\DRIVERS\i8042prt.sys
F79CD000 - \SystemRoot\system32\DRIVERS\L8042Kbd.sys
F7829000 - \SystemRoot\system32\DRIVERS\kbdclass.sys
F6BE9000 - \SystemRoot\system32\DRIVERS\L8042mou.Sys
F6722000 - \SystemRoot\system32\DRIVERS\LMouKE.Sys
F7831000 - \SystemRoot\system32\DRIVERS\mouclass.sys
F7B8F000 - \SystemRoot\system32\DRIVERS\audstub.sys
F6BD9000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys
F79D1000 - \SystemRoot\system32\DRIVERS\ndistapi.sys
F670B000 - \SystemRoot\system32\DRIVERS\ndiswan.sys
F6BC9000 - \SystemRoot\system32\DRIVERS\raspppoe.sys
F6BB9000 - \SystemRoot\system32\DRIVERS\raspptp.sys
F7839000 - \SystemRoot\system32\DRIVERS\TDI.SYS
F66FA000 - \SystemRoot\system32\DRIVERS\psched.sys
F6BA9000 - \SystemRoot\system32\DRIVERS\msgpc.sys
F7841000 - \SystemRoot\system32\DRIVERS\ptilink.sys
F7849000 - \SystemRoot\system32\DRIVERS\raspti.sys
F6B99000 - \SystemRoot\System32\Drivers\pcouffin.sys
F66C9000 - \SystemRoot\system32\DRIVERS\rdpdr.sys
F7611000 - \SystemRoot\system32\DRIVERS\termdd.sys
F7A07000 - \SystemRoot\system32\DRIVERS\swenum.sys
F6695000 - \SystemRoot\system32\DRIVERS\update.sys
F71BB000 - \SystemRoot\system32\DRIVERS\mssmbios.sys
F7621000 - \SystemRoot\system32\DRIVERS\cledx.sys
F7631000 - \SystemRoot\System32\Drivers\NDProxy.SYS
F7661000 - \SystemRoot\system32\DRIVERS\usbhub.sys
F7A09000 - \SystemRoot\system32\DRIVERS\USBD.SYS
AAFB4000 - \SystemRoot\system32\drivers\ADIHdAud.sys
AAF90000 - \SystemRoot\system32\drivers\portcls.sys
F7671000 - \SystemRoot\system32\drivers\drmk.sys
AAF79000 - \SystemRoot\system32\drivers\AEAudio.sys
AAF19000 - \SystemRoot\system32\drivers\Senfilt.sys
F7851000 - \SystemRoot\system32\DRIVERS\flpydisk.sys
F7A0D000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS
F7BAA000 - \SystemRoot\System32\Drivers\Null.SYS
F7A0F000 - \SystemRoot\System32\Drivers\Beep.SYS
F7861000 - \SystemRoot\System32\drivers\vga.sys
F7A11000 - \SystemRoot\System32\Drivers\mnmdd.SYS
F7A13000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys
F7869000 - \SystemRoot\System32\Drivers\Msfs.SYS
F7871000 - \SystemRoot\System32\Drivers\Npfs.SYS
F7975000 - \SystemRoot\system32\DRIVERS\rasacd.sys
AAE7E000 - \SystemRoot\system32\DRIVERS\ipsec.sys
AAE26000 - \SystemRoot\system32\DRIVERS\tcpip.sys
F7691000 - \SystemRoot\System32\Drivers\aswTdi.SYS
AAE05000 - \SystemRoot\system32\DRIVERS\ipnat.sys
F76A1000 - \SystemRoot\system32\DRIVERS\wanarp.sys
AADDD000 - \SystemRoot\system32\DRIVERS\netbt.sys
F7995000 - \SystemRoot\System32\drivers\ws2ifsl.sys
F76B1000 - \SystemRoot\system32\DRIVERS\arp1394.sys
AADBB000 - \SystemRoot\System32\drivers\afd.sys
F76C1000 - \SystemRoot\system32\DRIVERS\netbios.sys
F7879000 - \SystemRoot\System32\Drivers\SCDEmu.SYS
AACF0000 - \SystemRoot\system32\DRIVERS\rdbss.sys
AAC59000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys
F76F1000 - \SystemRoot\System32\Drivers\Fips.SYS
F7889000 - \SystemRoot\System32\Drivers\Aavmker4.SYS
F7711000 - \SystemRoot\System32\Drivers\Cdfs.SYS
AAC41000 - \SystemRoot\System32\Drivers\dump_atapi.sys
F7A23000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS
BF800000 - \SystemRoot\System32\win32k.sys
F65D9000 - \SystemRoot\System32\drivers\Dxapi.sys
F7899000 - \SystemRoot\System32\watchdog.sys
BF9C1000 - \SystemRoot\System32\drivers\dxg.sys
F7B05000 - \SystemRoot\System32\drivers\dxgthk.sys
BF9D3000 - \SystemRoot\System32\ati2dvag.dll
BFA17000 - \SystemRoot\System32\ati2cqag.dll
BFA64000 - \SystemRoot\System32\atikvmag.dll
BFAB0000 - \SystemRoot\System32\ati3duag.dll
BFD3E000 - \SystemRoot\System32\ativvaxx.dll
BFFA0000 - \SystemRoot\System32\ATMFD.DLL
A8919000 - \SystemRoot\system32\DRIVERS\ndisuio.sys
A85A3000 - \SystemRoot\System32\Drivers\aswMon2.SYS
A7F9E000 - \SystemRoot\system32\drivers\wdmaud.sys
A8213000 - \SystemRoot\system32\drivers\sysaudio.sys
F7A6B000 - \SystemRoot\System32\Drivers\ParVdm.SYS
A7D59000 - \SystemRoot\System32\Drivers\SENTINEL.SYS
F78B1000 - \SystemRoot\system32\DRIVERS\secdrv.sys
A7BEE000 - \SystemRoot\system32\DRIVERS\srv.sys
A7B8D000 - \SystemRoot\SYSTEM32\DRIVERS\Wibukey.sys
A7854000 - \SystemRoot\System32\Drivers\HTTP.sys
A7838000 - \SystemRoot\System32\Drivers\aswRdr.SYS
A74E2000 - \SystemRoot\system32\drivers\kmixer.sys
F7AD4000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys

Total number of drivers = 137

Liste des programmes installes

123 Free Solitaire
1400
1400_Help
1400Trb
Ad-Aware 2007
Adobe Acrobat 5.0
Adobe After Effects CS3
Adobe After Effects CS3
Adobe After Effects CS3 Presets
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Common File Installer
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash Player 9 ActiveX
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe MotionPicture Color Files
Adobe PDF Library Files
Adobe Photoshop CS2
Adobe Photoshop CS2
Adobe Photoshop Lightroom
Adobe Premiere Pro CS3
Adobe Premiere Pro CS3
Adobe Premiere Pro CS3 Functional Content
Adobe Setup
Adobe Setup
Adobe Shockwave Player
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe Video Profiles
Adobe XMP DVA Panels CS3
Adobe XMP Panels CS3
AiO_Scan
AiOSoftware
Antidote RX v2
Apple Mobile Device Support
Apple Software Update
Archiveur WinRAR
Arles Image Web Page Creator 6.0.3
ATI - Utilitaire de désinstallation du logiciel
ATI Catalyst Control Center
ATI Display Driver
ATI HYDRAVISION
ATI Parental Control & Encoder
ATI Problem Report Wizard
Attansic Giga Ethernet Utility
Attansic L1 Gigabit Ethernet Driver
AutoUpdate
avast! Antivirus
AVIVO Codecs
BufferChm
CDDRV_Installer
Correctif pour Windows XP (KB893357)
Correctif Windows XP - KB834707
Correctif Windows XP - KB867282
Correctif Windows XP - KB873333
Correctif Windows XP - KB873339
Correctif Windows XP - KB884020
Correctif Windows XP - KB884883
Correctif Windows XP - KB885222
Correctif Windows XP - KB885250
Correctif Windows XP - KB885523
Correctif Windows XP - KB885626
Correctif Windows XP - KB885835
Correctif Windows XP - KB885836
Correctif Windows XP - KB885894
Correctif Windows XP - KB886185
Correctif Windows XP - KB886677
Correctif Windows XP - KB886716
Correctif Windows XP - KB887742
Correctif Windows XP - KB888113
Correctif Windows XP - KB888302
Correctif Windows XP - KB890047
Correctif Windows XP - KB890175
Correctif Windows XP - KB890831
Correctif Windows XP - KB890859
Correctif Windows XP - KB890923
Correctif Windows XP - KB891781
Correctif Windows XP - KB893066
Correctif Windows XP - KB893086
Correctif Windows XP - KB896626
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CustomerResearchQFolder
Destinations
DeviceManagementQFolder
DivX Codec
DivX Content Uploader
DivX Converter
DivX Player
DivX Web Player
DocProc
DVDFab HD Decrypter 3.1.5.0
DVDFab Platinum 3.1.7.6
eSupportQFolder
Fax
Fourelle Venturi Personal Client 2.1.1
Guitar Pro 5.2
High Definition Audio Driver Package - KB888111
HijackThis 1.99.1
HP Extended Capabilities 5.3
HP Image Zone Express
HP Imaging Device Functions 5.3
HP PSC & OfficeJet 5.3.B
HP Software Update
HP Solution Center & Imaging Support Tools 5.3
HPProductAssistant
InterLok Driver Kit
InterVideo DeviceService
J2SE Runtime Environment 5.0 Update 12
Java(TM) 6 Update 2
Java(TM) 6 Update 3
JMB36X Raid Configurer
KhalSetup
Le Centre de Contrôle de Licences de Syncrosoft
LightScribe 1.4.124.1
Logitech Desktop Messenger
Logitech SetPoint
MarketResearch
Micro Application - MediaDICO
Microsoft .NET Framework 2.0
Microsoft .NET Framework 2.0
Microsoft Office Access MUI (French) 2007
Microsoft Office Excel MUI (French) 2007
Microsoft Office InfoPath MUI (French) 2007
Microsoft Office Outlook MUI (French) 2007
Microsoft Office PowerPoint MUI (French) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (Arabic) 2007
Microsoft Office Proof (Dutch) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (French) 2007
Microsoft Office Publisher MUI (French) 2007
Microsoft Office Shared MUI (French) 2007
Microsoft Office Word MUI (French) 2007
Microsoft Software Update for Web Folders (French) 12
Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
Microsoft Visual C++ 2005 Redistributable
Microsoft XML Parser
mIRC
Mise à jour pour Windows XP (KB894391)
Motorola Handset USB Driver
Motorola PST
Mozilla Firefox (2.0.0.9)
MSI 8624 BDA Driver
Music Alarm Clock
Nero 7 Premium
NewCopy
PL-2303 USB-to-Serial
PowerISO
ProductContext
QuickTime
Readme
RealPlayer
Scan
ScannerCopy
Sentinel Protection Installer 7.0.0
Sentinel Protection Installer 7.2.2
SolutionCenter
Sony DVD Architect 4.0
Sony Media Manager 2.2
Sony Vegas 7.0
SoundMAX
Status
SyncroSoft Emu (Remove only)
TrayApp
TV@Anywhere Plus
TV@Anywhere Utilities
Unload
vanBasco's Karaoke Player
Venue InterLok Driver Kit
WebFldrs XP
WebReg
WebVideo Support
WIBU-KEY Setup (WIBU-KEY Remove)
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Live Messenger
Windows Media Player 10 Hotfix - KB888656
WinZip
XviD MPEG4 Video Codec (remove only)



Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est CC06-4D0C

Répertoire de C:\Program Files

03/11/2007 21:02 <REP> .
03/11/2007 21:02 <REP> ..
25/08/2007 02:06 <REP> 123 Free Solitaire
28/09/2007 12:10 <REP> Adobe
15/10/2007 00:26 <REP> Alwil Software
23/08/2007 01:49 <REP> Analog Devices
10/09/2007 19:11 <REP> Apple Software Update
23/08/2007 02:03 <REP> ATI Technologies
23/08/2007 01:52 <REP> Attansic
09/09/2007 20:15 <REP> Avid
01/09/2007 19:55 <REP> Bonjour
09/09/2007 01:58 <REP> Codemasters
23/08/2007 00:54 <REP> ComPlus Applications
13/10/2007 21:51 <REP> CyberLink
09/09/2007 00:20 <REP> Digital Dutch
11/09/2007 15:12 <REP> DivX
24/08/2007 05:42 <REP> Druide
11/09/2007 21:14 <REP> DVDFab HD Decrypter 3
12/09/2007 20:59 <REP> DVDFab Platinum 3
15/10/2007 00:49 <REP> ESET
29/10/2007 19:27 <REP> Fichiers communs
14/09/2007 19:05 <REP> Guitar Pro 5
15/10/2007 21:21 <REP> Hewlett-Packard
15/10/2007 21:23 <REP> HP
24/08/2007 23:00 <REP> InterLok
23/08/2007 02:00 <REP> Internet Explorer
17/10/2007 13:04 <REP> Java
01/09/2007 17:59 <REP> Lavasoft
23/08/2007 01:15 <REP> Logitech
09/09/2007 20:21 <REP> Micro Application
23/08/2007 01:00 <REP> microsoft frontpage
26/08/2007 12:48 <REP> Microsoft Office
05/09/2007 06:48 <REP> Microsoft SQL Server
26/08/2007 12:48 <REP> Microsoft Visual Studio
26/08/2007 12:46 <REP> Microsoft Visual Studio 8
26/08/2007 12:48 <REP> Microsoft Works
26/08/2007 12:48 <REP> Microsoft.NET
30/10/2007 13:51 <REP> mIRC
26/08/2007 18:48 <REP> Motorola
23/08/2007 00:55 <REP> Movie Maker
03/11/2007 21:57 <REP> Mozilla Firefox
26/08/2007 12:48 <REP> MSBuild
28/08/2007 19:19 <REP> MSI
23/08/2007 00:54 <REP> MSN Gaming Zone
29/08/2007 10:54 <REP> MSN Messenger
30/10/2007 00:10 <REP> Music Alarm Clock
24/08/2007 05:51 <REP> Nero
23/08/2007 00:55 <REP> NetMeeting
30/08/2007 11:19 <REP> NVIDIA Corporation
23/08/2007 00:55 <REP> Outlook Express
26/09/2007 07:05 <REP> PowerISO
29/08/2007 11:12 <REP> QuickTime
29/10/2007 19:27 <REP> Real
24/08/2007 22:57 <REP> SafeNet Sentinel
23/08/2007 00:56 <REP> Services en ligne
05/09/2007 06:54 <REP> Sony
05/09/2007 06:54 <REP> Sony Setup
07/09/2007 06:47 <REP> Syncrosoft
29/08/2007 11:24 <REP> uTorrent
27/08/2007 23:27 <REP> vanBasco's Karaoke Player
24/08/2007 05:29 <REP> Venturi2
03/11/2007 21:07 <REP> VideoAccessCodec
05/09/2007 06:47 <REP> Vstplugins
26/08/2007 18:48 <REP> WIBUKEY
26/08/2007 18:48 <REP> WIBU-SYSTEMS
23/08/2007 01:02 <REP> Windows Media Player
23/08/2007 00:53 <REP> Windows NT
24/08/2007 22:44 <REP> WinRAR
24/08/2007 22:51 <REP> WinZip
23/08/2007 01:00 <REP> xerox
0 fichier(s) 0 octets
70 Rép(s) 229 113 102 336 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est CC06-4D0C

Répertoire de C:\Program Files\fichiers communs

29/10/2007 19:27 <REP> .
29/10/2007 19:27 <REP> ..
26/09/2007 06:58 <REP> Adobe
24/08/2007 05:54 <REP> Adobe Systems Shared
24/08/2007 05:52 <REP> Ahead
03/09/2007 18:41 <REP> Apple
23/08/2007 02:01 <REP> ATI Technologies
09/09/2007 20:15 <REP> Avid
26/08/2007 12:48 <REP> DESIGNER
06/09/2007 18:21 <REP> Digidesign
15/10/2007 21:20 <REP> Hewlett-Packard
15/10/2007 21:22 <REP> HP
23/08/2007 02:02 <REP> InstallShield
09/09/2007 14:56 <REP> InterVideo
31/08/2007 12:49 <REP> Java
09/09/2007 17:23 <REP> LightScribe
23/08/2007 01:15 <REP> Logitech
01/09/2007 19:50 <REP> Macrovision Shared
09/09/2007 14:54 <REP> Microsoft Shared
23/08/2007 00:55 <REP> MSSoap
23/08/2007 02:51 <REP> ODBC
24/08/2007 23:00 <REP> PACE Anti-Piracy
29/10/2007 19:27 <REP> Real
24/08/2007 22:57 <REP> SafeNet Sentinel
23/08/2007 00:55 <REP> Services
23/08/2007 02:51 <REP> SpeechEngines
26/08/2007 12:45 <REP> System
01/09/2007 17:59 <REP> Wise Installation Wizard
29/10/2007 19:27 <REP> xing shared
0 fichier(s) 0 octets
29 Rép(s) 229 113 102 336 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est CC06-4D0C

Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders

26/08/2007 12:48 <REP> .
26/08/2007 12:48 <REP> ..
26/08/2007 12:46 <REP> 1036
26/10/2006 19:49 970 528 MSONSEXT.DLL
26/10/2006 20:12 40 256 MSOSV.DLL
03/06/1999 05:09 122 937 MSOWS409.DLL
07/03/2001 00:00 127 033 MSOWS40c.DLL
4 fichier(s) 1 260 754 octets
3 Rép(s) 229 113 102 336 octets libres




c:\Documents and Settings\Administrateur\Application Data\inst.exe
c:\Documents and Settings\Administrateur\Application Data\Microsoft\Installer\{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}\ARPPRODUCTICON.exe
c:\Documents and Settings\Administrateur\Application Data\Microsoft\Installer\{A474EA56-5DBD-4181-8230-806A4762EA7F}\IconA474EA561.exe
c:\Documents and Settings\Administrateur\Application Data\Microsoft\Installer\{C89C8D86-4423-4A58-AA40-DD259ACE07C1}\ARPPRODUCTICON.exe
c:\Documents and Settings\Administrateur\Application Data\Microsoft\Installer\{C941F1F1-25B3-4DF5-83E6-888C51A1AAB6}\ARPPRODUCTICON.exe
c:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\DVdate_64Fr.exe
c:\Documents and Settings\Administrateur\Bureau\Ultimate Renamer !.exe
c:\Documents and Settings\Administrateur\Bureau\DocumentZ\CÉGEP\NDP1.1sp1-KB867460-X86.exe
c:\Documents and Settings\Administrateur\Bureau\GameZ\Mamba.exe
c:\Documents and Settings\Administrateur\Bureau\GameZ\RuneScape.exe
c:\Documents and Settings\Administrateur\Bureau\GameZ\ÉmulateurZ\bgb.exe
c:\Documents and Settings\Administrateur\Bureau\GameZ\ÉmulateurZ\zsnesw.exe
c:\Documents and Settings\Administrateur\Bureau\Microsoft Office\HijackThis.exe
c:\Documents and Settings\Administrateur\Bureau\Microsoft Office\diagHelp\DiagHelp\catchme.exe
c:\Documents and Settings\Administrateur\Bureau\Microsoft Office\diagHelp\DiagHelp\diff.exe
c:\Documents and Settings\Administrateur\Bureau\Microsoft Office\diagHelp\DiagHelp\dumphive.exe
c:\Documents and Settings\Administrateur\Bureau\Microsoft Office\diagHelp\DiagHelp\FilesInfoCmd.exe
c:\Documents and Settings\Administrateur\Bureau\Microsoft Office\diagHelp\DiagHelp\find2.exe
c:\Documents and Settings\Administrateur\Bureau\Microsoft Office\diagHelp\DiagHelp\Fport.exe
c:\Documents and Settings\Administrateur\Bureau\Microsoft Office\diagHelp\DiagHelp\grep.exe
c:\Documents and Settings\Administrateur\Bureau\Microsoft Office\diagHelp\DiagHelp\gzip.exe
c:\Documents and Settings\Administrateur\Bureau\Microsoft Office\diagHelp\DiagHelp\KProcCheck.exe
c:\Documents and Settings\Administrateur\Bureau\Microsoft Office\diagHelp\DiagHelp\LFiles.exe
c:\Documents and Settings\Administrateur\Bureau\Microsoft Office\diagHelp\DiagHelp\LISTDLLS.exe
c:\Documents and Settings\Administrateur\Bureau\Microsoft Office\diagHelp\DiagHelp\md5sums.exe
c:\Documents and Settings\Administrateur\Bureau\Microsoft Office\diagHelp\DiagHelp\pslist.exe
c:\Documents and Settings\Administrateur\Bureau\Microsoft Office\diagHelp\DiagHelp\streams.exe
c:\Documents and Settings\Administrateur\Bureau\Microsoft Office\diagHelp\DiagHelp\swreg.exe
c:\Documents and Settings\Administrateur\Bureau\Microsoft Office\diagHelp\DiagHelp\tar.exe
c:\Documents and Settings\Administrateur\Bureau\Modification de mon cell\JADgen.exe
c:\Documents and Settings\Administrateur\Bureau\Modification de mon cell\MIDway_2_8.exe
c:\Documents and Settings\Administrateur\Bureau\Modification de mon cell\PST_6.9.2_GENERAL.exe
c:\Documents and Settings\Administrateur\Bureau\Modification de mon cell\Jeux\1000_Cell_Phone_Java_Games_Motorola\Geopod\Geopod\keygen.exe
c:\Documents and Settings\Administrateur\Bureau\Modification de mon cell\Jeux\1000_Cell_Phone_Java_Games_Motorola\MGS-Silverball_v1.60\Silverball_v1.60\keygen.exe
c:\Documents and Settings\Administrateur\Bureau\Modification de mon cell\Jeux\1000_Cell_Phone_Java_Games_Motorola\MGSkarting_cracked\karting\keygen.exe
c:\Documents and Settings\Administrateur\Bureau\Modification de mon cell\Jeux\1000_Cell_Phone_Java_Games_Motorola\MVRPool\MVRPool\keygen.exe
c:\Documents and Settings\Administrateur\Bureau\Modification de mon cell\Jeux\1000_Cell_Phone_Java_Games_Motorola\Tennis Maniac\keygen.exe
c:\Documents and Settings\Administrateur\Local Settings\Temp\57ba0072.exe
c:\Documents and Settings\Administrateur\Local Settings\Temp\jre-6u2-windows-i586-p-iftw_7070c3f7.exe
c:\Documents and Settings\Administrateur\Local Settings\Temp\jre-6u3-windows-i586-p-iftw_2cd32978.exe
c:\Documents and Settings\Administrateur\Local Settings\Temp\PxCpyA64.exe
c:\Documents and Settings\Administrateur\Local Settings\Temp\PxCpyI64.exe
c:\Documents and Settings\Administrateur\Local Settings\Temp\pxhpinst.exe
c:\Documents and Settings\Administrateur\Local Settings\Temp\PxInsA64.exe
c:\Documents and Settings\Administrateur\Local Settings\Temp\PxInsI64.exe
c:\Documents and Settings\Administrateur\Local Settings\Temp\pxsetup.exe
c:\Documents and Settings\Administrateur\Local Settings\Temp\spltmp.exe
c:\Documents and Settings\Administrateur\Local Settings\Temp\wwfdist.exe
c:\Documents and Settings\Administrateur\Local Settings\Temp\xpinstall.exe
c:\Documents and Settings\Administrateur\Local Settings\Temp\ac8zt2\edi.exe
c:\Documents and Settings\Administrateur\Local Settings\Temp\ac8zt2\main_uninstaller.exe
c:\Documents and Settings\Administrateur\Local Settings\Temp\ac8zt2\rmv.exe
c:\Documents and Settings\Administrateur\Local Settings\Temp\Div53DC.tmp\DivXInstaller.exe
c:\Documents and Settings\Administrateur\Local Settings\Temp\ins1.tmp\LDMClient.exe
c:\Documents and Settings\Administrateur\Local Settings\Temp\ir_ext_temp_0\autorun.exe
c:\Documents and Settings\Administrateur\Local Settings\Temp\ir_ext_temp_0\AutoPlay\Docs\avgas-setup-7.5.0.50.exe
c:\Documents and Settings\Administrateur\Local Settings\Temp\NeroDemo12065\NeroBar.exe
c:\Documents and Settings\Administrateur\Local Settings\Temp\NeroDemo12065\SetupX.exe
c:\Documents and Settings\Administrateur\Local Settings\Temp\NeroDemo12065\Toolbar.exe
c:\Documents and Settings\Administrateur\Local Settings\Temp\NeroDemo12065\Redist\50comupd.exe
c:\Documents and Settings\Administrateur\Local Settings\Temp\NeroDemo12065\Redist\instmsiw.exe
c:\Documents and Settings\Administrateur\Local Settings\Temp\NeroDemo12065\Redist\ShFolder.Exe
c:\Documents and Settings\Administrateur\Local Settings\Temp\NeroDemo12065\Redist\wmfdist.exe
c:\Documents and Settings\Administrateur\Local Settings\Temp\NeroDemo12065\Redist\wmfdist95.exe
c:\Documents and Settings\Administrateur\Local Settings\Temp\NeroDemo12065\Redist\DirectX\dxsetup.exe
c:\Documents and Settings\Administrateur\Local Settings\Temp\NeroDemo12065\Setup\NeroDelTmp.exe
c:\Documents and Settings\Administrateur\Local Settings\Temp\NeroDemo12065\Setup\NiReg.exe
c:\Documents and Settings\Administrateur\Local Settings\Temp\NeroDemo12065\Setup\UninstallNero.exe
c:\Documents and Settings\Administrateur\Local Settings\Temp\pftC.tmp\Setup.exe
c:\Documents and Settings\Administrateur\Local Settings\Temp\RarSFX0\01.exe
c:\Documents and Settings\Administrateur\Local Settings\Temp\RarSFX0\02.exe
c:\Documents and Settings\Administrateur\Local Settings\Temp\RarSFX0\bda.exe
c:\Documents and Settings\Administrateur\Local Settings\Temp\wz8964\Nuendo.v3.2.0.1128 latest\setup.exe
c:\Documents and Settings\Administrateur\Mes documents\Downloads\Sony.Vegas.v7.0d.Incl.Keygen-SSG\keygen.exe
c:\Documents and Settings\Administrateur\Mes documents\DVDFab\Temp\Update\Update.exe
c:\Documents and Settings\Administrateur\Mes documents\Sites Web\FxGaobot.exe
c:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\yoshpmbu.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}\components\FoxyTunes.dll
c:\Documents and Settings\All Users\Application Data\Grisoft\AVG Anti-Spyware 7.5\Downloads\help.dll
c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll
c:\Documents and Settings\All Users\Application Data\Nero\DrWeb\Drweb32.dll

****** Fin du rapport DiagHelp
Veuillez svp envoyer le fichier C:\upload_moi_ERICARSENEAULT.tar.gz a l'adresse http://upload.malekal.com


Merci beaucoup de votre précieux aide!

Autres pages sur : infection win32 adware gen adw

4 Novembre 2007 23:28:46

Durant la journée je crois avoir réussi à tout arranger mais j'aimerais m'en assurer, quel rapport/résultat/log vous voulez voir pour être sur?

Merci de la réponse
Contenus similaires
4 Novembre 2007 23:35:47

SmitfraudFix pour commencer ;) 
5 Novembre 2007 01:25:34

C'est partit!

SmitFraudFix v2.247

Rapport fait à 19:22:36,21, 04/11/2007
Executé à partir de C:\Documents and Settings\Administrateur\Bureau\Microsoft Office\Anti-virus+spyware+etc\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\PROGRA~1\MUSICA~1\mac.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Venturi2\Client\ventc.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Administrateur


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Administrateur\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ADMINI~1\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau



»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Rustock



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Attansic L1 Gigabit Ethernet 10/100/1000Base-T Controller - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.2.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{E7C23382-7FF1-40F3-B720-0D37F4783093}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{E7C23382-7FF1-40F3-B720-0D37F4783093}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{E7C23382-7FF1-40F3-B720-0D37F4783093}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin
5 Novembre 2007 15:25:23

Re


Rien avec Smitfraudfix, effectivement, du ménage a été fait.


Télécharge Combofix.exe (par sUBs) sur ton Bureau
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Double clique combofix.exe et suis les invites.
Lorsque le scan sera complété, un rapport apparaîtra.

Copie/colle ce rapport dans ta prochaine réponse avec un nouveau HijackThis.
6 Novembre 2007 00:19:33

ComboFix:



ComboFix 07-11-01.1 - Administrateur 2007-11-05 18:13:31.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1432 [GMT -5:00]
Running from: C:\Documents and Settings\Administrateur\Bureau\Microsoft Office\Anti-virus+spyware+etc\ComboFix.exe
* Created a new restore point
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Administrateur\Application Data\inst.exe

.
((((((((((((((((((((((((((((( Fichiers créés 2007-10-05 to 2007-11-05 ))))))))))))))))))))))))))))))))))))
.

2007-11-05 18:13 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-11-04 15:08 2,712 --a------ C:\WINDOWS\system32\tmp.reg
2007-11-04 14:30 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-04 14:26 512,096 --a------ C:\WINDOWS\system32\drivers\amon.sys
2007-11-04 14:26 298,104 --a------ C:\WINDOWS\system32\imon.dll
2007-11-04 14:26 15,424 --a------ C:\WINDOWS\system32\drivers\nod32drv.sys
2007-11-03 21:03 282,624 --a------ C:\WINDOWS\advrepnok.dll
2007-11-03 21:03 115,200 --a------ C:\WINDOWS\wtopmod.exe
2007-10-29 23:15 <REP> d-------- C:\Documents and Settings\All Users\Application Data\vsosdk
2007-10-29 19:27 <REP> d-------- C:\Program Files\Real
2007-10-29 19:27 <REP> d-------- C:\Program Files\Fichiers communs\xing shared
2007-10-29 19:27 <REP> d-------- C:\Program Files\Fichiers communs\Real
2007-10-18 19:06 <REP> d--h----- C:\WINDOWS\PIF
2007-10-15 21:27 <REP> d---s---- C:\Documents and Settings\Administrateur\UserData
2007-10-15 21:25 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\HP
2007-10-15 21:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\HP
2007-10-15 21:22 <REP> d-------- C:\Program Files\Fichiers communs\HP
2007-10-15 21:21 <REP> d-------- C:\Program Files\Hewlett-Packard
2007-10-15 21:20 <REP> d-------- C:\Program Files\Fichiers communs\Hewlett-Packard
2007-10-15 21:20 278,584 --a------ C:\WINDOWS\system32\HPZidr12.dll
2007-10-15 21:20 204,800 --a------ C:\WINDOWS\system32\HPZipr12.dll
2007-10-15 21:20 94,208 --a------ C:\WINDOWS\system32\HPZipt12.dll
2007-10-15 21:20 69,632 --a------ C:\WINDOWS\system32\HPZipm12.exe
2007-10-15 21:20 61,440 --a------ C:\WINDOWS\system32\HPZinw12.exe
2007-10-15 21:20 57,344 --a------ C:\WINDOWS\system32\HPZisn12.dll
2007-10-15 21:18 <REP> d-------- C:\Program Files\HP
2007-10-15 21:17 113,616 --a------ C:\WINDOWS\hpoins07.dat
2007-10-15 21:17 51,120 -ra------ C:\WINDOWS\system32\drivers\HPZid412.sys
2007-10-15 21:17 21,124 --------- C:\WINDOWS\hpomdl07.dat
2007-10-15 21:17 16,496 -ra------ C:\WINDOWS\system32\drivers\HPZipr12.sys
2007-10-15 21:16 606,208 -ra------ C:\WINDOWS\system32\hpotscl.dll
2007-10-15 21:16 278,528 -ra------ C:\WINDOWS\system32\hpgwiamd.dll
2007-10-15 21:16 274,432 -ra------ C:\WINDOWS\system32\HPZc3212.dll
2007-10-15 21:16 258,122 -ra------ C:\WINDOWS\system32\hpovst08.dll
2007-10-15 21:16 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2007-10-15 21:16 25,856 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys
2007-10-15 21:16 21,744 -ra------ C:\WINDOWS\system32\drivers\HPZius12.sys
2007-10-15 00:26 <REP> d-------- C:\Program Files\Alwil Software

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-05 23:15 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\uTorrent
2007-11-05 03:22 --------- d-----w C:\Program Files\Music Alarm Clock
2007-11-02 00:22 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-10-30 18:51 --------- d-----w C:\Program Files\mIRC
2007-10-30 03:55 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Vso
2007-10-17 18:04 --------- d-----w C:\Program Files\Java
2007-10-16 18:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2007-10-14 02:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems
2007-10-14 02:51 --------- d-----w C:\Program Files\CyberLink
2007-09-26 12:05 --------- d-----w C:\Program Files\PowerISO
2007-09-26 11:58 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2007-09-26 02:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\FLEXnet
2007-09-15 00:05 --------- d-----w C:\Program Files\Guitar Pro 5
2007-09-13 01:59 --------- d-----w C:\Program Files\DVDFab Platinum 3
2007-09-12 02:14 --------- d-----w C:\Program Files\DVDFab HD Decrypter 3
2007-09-11 23:05 43,551 ----a-w C:\WINDOWS\system32\xvid-uninstall.exe
2007-09-11 20:12 --------- d-----w C:\Program Files\DivX
2007-09-11 00:11 --------- d-----w C:\Program Files\Apple Software Update
2007-09-10 01:21 --------- d-----w C:\Program Files\Micro Application
2007-09-10 01:15 --------- d-----w C:\Program Files\Fichiers communs\Avid
2007-09-10 01:15 --------- d-----w C:\Program Files\Avid
2007-09-09 22:23 --------- d-----w C:\Program Files\Fichiers communs\LightScribe
2007-09-09 20:02 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\DivX
2007-09-09 19:56 --------- d-----w C:\Program Files\Fichiers communs\InterVideo
2007-09-09 06:58 --------- d-----w C:\Program Files\Codemasters
2007-09-09 05:20 --------- d-----w C:\Program Files\Digital Dutch
2007-09-07 11:56 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Steinberg
2007-09-07 11:47 --------- d-----w C:\Program Files\Syncrosoft
2007-09-06 23:21 --------- d-----w C:\Program Files\Fichiers communs\Digidesign
2007-09-05 21:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\Skype
2007-09-05 11:54 --------- d-----w C:\Program Files\Sony Setup
2007-09-05 11:54 --------- d-----w C:\Program Files\Sony
2007-09-05 11:53 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Publish Providers
2007-09-05 11:48 --------- d-----w C:\Program Files\Microsoft SQL Server
2007-09-05 11:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony
2007-09-05 11:48 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Sony
2007-09-05 11:47 --------- d-----w C:\Program Files\Vstplugins
2007-08-31 02:34 505,392 ----a-w C:\WINDOWS\system32\msvcp71.dll
2007-08-29 16:36 47,360 ----a-w C:\Documents and Settings\Administrateur\Application Data\pcouffin.sys
2007-08-24 10:58 82,432 ----a-w C:\WINDOWS\system32\msxml4r.dll
2007-08-24 10:58 1,233,920 ----a-w C:\WINDOWS\system32\msxml4.dll
2007-08-23 06:15 127,034 ------r C:\WINDOWS\bwUnin-8.1.1.50-8876480SL.exe
2007-08-23 05:57 960 --sha-w C:\njejovma.sys
2007-08-21 00:26 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2007-08-21 00:26 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2007-08-15 22:33 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2007-08-15 22:33 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2007-08-15 22:33 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-08-15 22:33 144,704 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-08-15 22:33 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2007-08-15 22:33 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-08-15 22:31 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2007-08-15 22:31 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2007-08-15 22:31 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2007-08-15 22:31 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2007-08-15 22:31 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2007-08-15 22:31 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2007-08-15 22:30 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2007-08-15 22:30 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2007-08-15 22:30 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2007-08-15 22:30 740,442 ----a-w C:\WINDOWS\system32\DivX.dll
2007-08-15 22:30 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CFF8726A-9262-441C-8163-C6371E9EDE47}]
2007-11-03 08:54 282624 --a------ C:\WINDOWS\advrepnok.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{16A0662E-AC21-4AD9-89E8-7495AC5ACE93}"= C:\WINDOWS\sdrmod.dll [ ]

[HKEY_CLASSES_ROOT\CLSID\{16A0662E-AC21-4AD9-89E8-7495AC5ACE93}]
[HKEY_CLASSES_ROOT\sdrmod.ToolBar.1]
[HKEY_CLASSES_ROOT\TypeLib\{861A084D-C8F1-47F8-90F1-6494C0645FF2}]
[HKEY_CLASSES_ROOT\sdrmod.ToolBar]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-01-23 08:44 C:\WINDOWS\KHALMNPR.Exe]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 08:34]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2006-07-13 00:12]
"JMB36X IDE Setup"="C:\WINDOWS\JM\JMInsIDE.exe" [2006-10-30 07:44]
"JMB36X Configure"="C:\WINDOWS\system32\JMRaidSetup.exe" [2006-10-30 07:44]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-09-25 02:12]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 08:40]
"PVR Agent"="C:\Program Files\MSI\TV@Anywhere Plus\TVR\Scheduled.exe" [2005-04-29 17:00]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 06:24]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"AAWTray"="C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe" [2007-08-08 15:53]
"Music Alarm Clock"="C:\PROGRA~1\MUSICA~1\mac.exe" [2007-07-31 21:38]
"H2O"="C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe" [2007-12-11 04:59]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.1\apdproxy.exe" [2007-06-19 09:21]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 23:12]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-10-29 19:27]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-11-04 14:26]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 11:09]
"MediaDico"="C:\Program Files\Micro Application\MediaDICO\LanceMediaDICO.exe" [2002-01-09 09:53]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-01-15 09:14]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55]
"BlazeServoTool"="C:\Program Files\BlazeVideo\BlazeDVD 5 Standard\MediaDetector.exe" []
"uTorrent"="C:\Program Files\uTorrent\uTorrent.exe" [2007-09-16 17:06]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 23:23:26]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-08-23 01:15:53]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-08-23 01:15:07]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ClearDocsOnExit"=64 (0x40)
"NoRecentDocsMenu"=1 (0x1)
"NoSMHelp"=1 (0x1)
"MemCheckBoxInRunDlg"=1 (0x1)
"NoSMBalloonTip"=1 (0x1)
"NoDesktopCleanupWizard"=1 (0x1)
"NoWelcomeScreen"=1 (0x1)
"NoAutoUpdate"=1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ClearDocsOnExit"=64 (0x40)
"NoRecentDocsMenu"=1 (0x1)
"NoSMHelp"=1 (0x1)
"MemCheckBoxInRunDlg"=1 (0x1)
"NoSMBalloonTip"=1 (0x1)
"NoDesktopCleanupWizard"=1 (0x1)
"NoWelcomeScreen"=1 (0x1)
"NoAutoUpdate"=1 (0x1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"bindmod"= {F1E2A44F-8A21-432B-AE84-6BDD7C9E06F9} - C:\WINDOWS\bindmod.dll [ ]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup"

R3 3xHybrid;3xHybrid service;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;C:\WINDOWS\system32\DRIVERS\atl01_xp.sys
R3 CLEDX;Team H2O CLEDX service;C:\WINDOWS\system32\DRIVERS\cledx.sys
S2 DigiNet;Digidesign Ethernet Support;C:\WINDOWS\system32\DRIVERS\diginet.sys
S3 Cap713x;Philips Cap713x Video Capture;C:\WINDOWS\system32\DRIVERS\Cap713x.sys

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1ebf1881-513c-11dc-bf00-806d6172696f}]
\Shell\AutoRun\command - D:\Bin\Assetup.exe

*Newly Created Service* - CATCHME
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-10-08 16:45:14 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-05 18:15:52
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-11-05 18:16:07
.
--- E O F ---




HijackThis:



Logfile of HijackThis v1.99.1
Scan saved at 18:17, on 05/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\PROGRA~1\MUSICA~1\mac.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Venturi2\Client\ventc.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Administrateur\Bureau\Microsoft Office\Anti-virus+spyware+etc\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: MSVPS System - {CFF8726A-9262-441C-8163-C6371E9EDE47} - C:\WINDOWS\advrepnok.dll
O3 - Toolbar: The sdrmod - {16A0662E-AC21-4AD9-89E8-7495AC5ACE93} - C:\WINDOWS\sdrmod.dll (file missing)
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidSetup.exe boot
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [PVR Agent] C:\Program Files\MSI\TV@Anywhere Plus\TVR\Scheduled.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
O4 - HKLM\..\Run: [Music Alarm Clock] C:\PROGRA~1\MUSICA~1\mac.exe
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.1\apdproxy.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MediaDico] C:\Program Files\Micro Application\MediaDICO\LanceMediaDICO.exe Lancement
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BlazeServoTool] "C:\Program Files\BlazeVideo\BlazeDVD 5 Standard\MediaDetector.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Correcteur - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\Program Files\Druide\Antidote\Internet Explorer\6\Antidote K - IE 6.htm (HKCU)
O9 - Extra button: Dictionnaires - {F9B969E8-58D0-4dd9-AC8A-EE2336FF8F65} - C:\Program Files\Druide\Antidote\Internet Explorer\6\Antidote D - IE 6.htm (HKCU)
O9 - Extra button: Guides - {FA089E36-3F1B-4c51-9A1A-C4E7012483AF} - C:\Program Files\Druide\Antidote\Internet Explorer\6\Antidote G - IE 6.htm (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: hupsrv - {3369DD25-A57F-41AA-9BC1-1B50DEFFD3C2} - (no file)
O21 - SSODL: bindmod - {F1E2A44F-8A21-432B-AE84-6BDD7C9E06F9} - C:\WINDOWS\bindmod.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe (file missing)
O23 - Service: Venturi2 Client (Venturi2) - Fourelle Systems, Inc - C:\Program Files\Venturi2\Client\ventc.exe



Merci encore :) 
6 Novembre 2007 23:51:56

Bonjour

Un peu de ménage à faire.

Copie (Ctrl+C) le texte ci-dessous :

File::
C:\WINDOWS\bindmod.dll
C:\WINDOWS\sdrmod.dll
C:\WINDOWS\advrepnok.dll
C:\WINDOWS\wtopmod.exe
C:\njejovma.sys

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CFF8726A-9262-441C-8163-C6371E9EDE47}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{16A0662E-AC21-4AD9-89E8-7495AC5ACE93}"=-
[-HKEY_CLASSES_ROOT\CLSID\{16A0662E-AC21-4AD9-89E8-7495AC5ACE93}]
[-HKEY_CLASSES_ROOT\sdrmod.ToolBar.1]
[-HKEY_CLASSES_ROOT\TypeLib\{861A084D-C8F1-47F8-90F1-6494C0645FF2}]
[-HKEY_CLASSES_ROOT\sdrmod.ToolBar]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"bindmod"=-


Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
Sauvegarde ce fichier sous le nom de CFScript.txt


Comme l'image le montre, fait glisser CFScript.txt sur Combofix.exe
Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt
9 Novembre 2007 21:12:11

Désolé du temps de réponse mais j'avais oublié de poster le contenu du rapport :


ComboFix 07-11-01.1 - Administrateur 2007-11-09 15:06:00.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1409 [GMT -5:00]
Running from: C:\Documents and Settings\Administrateur\Bureau\Microsoft Office\Anti-virus+spyware+etc\ComboFix.exe
Command switches used :: C:\Documents and Settings\Administrateur\Bureau\Microsoft Office\Anti-virus+spyware+etc\CFScript.txt
* Created a new restore point

FILE::
C:\njejovma.sys
C:\WINDOWS\advrepnok.dll
C:\WINDOWS\bindmod.dll
C:\WINDOWS\sdrmod.dll
C:\WINDOWS\wtopmod.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\njejovma.sys
C:\WINDOWS\wtopmod.exe

.
((((((((((((((((((((((((((((( Fichiers créés 2007-10-09 to 2007-11-09 ))))))))))))))))))))))))))))))))))))
.

2007-11-06 16:58 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Image Zone Express
2007-11-06 03:00 <REP> d-------- C:\Program Files\MSXML 4.0
2007-11-06 03:00 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2007-11-05 18:13 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-11-04 15:08 2,712 --a------ C:\WINDOWS\system32\tmp.reg
2007-11-04 14:30 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-04 14:26 512,096 --a------ C:\WINDOWS\system32\drivers\amon.sys
2007-11-04 14:26 298,104 --a------ C:\WINDOWS\system32\imon.dll
2007-11-04 14:26 15,424 --a------ C:\WINDOWS\system32\drivers\nod32drv.sys
2007-10-29 23:15 <REP> d-------- C:\Documents and Settings\All Users\Application Data\vsosdk
2007-10-29 19:27 <REP> d-------- C:\Program Files\Real
2007-10-29 19:27 <REP> d-------- C:\Program Files\Fichiers communs\xing shared
2007-10-29 19:27 <REP> d-------- C:\Program Files\Fichiers communs\Real
2007-10-18 19:06 <REP> d--h----- C:\WINDOWS\PIF
2007-10-15 21:27 <REP> d---s---- C:\Documents and Settings\Administrateur\UserData
2007-10-15 21:25 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\HP
2007-10-15 21:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\HP
2007-10-15 21:22 <REP> d-------- C:\Program Files\Fichiers communs\HP
2007-10-15 21:21 <REP> d-------- C:\Program Files\Hewlett-Packard
2007-10-15 21:20 <REP> d-------- C:\Program Files\Fichiers communs\Hewlett-Packard
2007-10-15 21:20 278,584 --a------ C:\WINDOWS\system32\HPZidr12.dll
2007-10-15 21:20 204,800 --a------ C:\WINDOWS\system32\HPZipr12.dll
2007-10-15 21:20 94,208 --a------ C:\WINDOWS\system32\HPZipt12.dll
2007-10-15 21:20 69,632 --a------ C:\WINDOWS\system32\HPZipm12.exe
2007-10-15 21:20 61,440 --a------ C:\WINDOWS\system32\HPZinw12.exe
2007-10-15 21:20 57,344 --a------ C:\WINDOWS\system32\HPZisn12.dll
2007-10-15 21:18 <REP> d-------- C:\Program Files\HP
2007-10-15 21:17 113,616 --a------ C:\WINDOWS\hpoins07.dat
2007-10-15 21:17 51,120 -ra------ C:\WINDOWS\system32\drivers\HPZid412.sys
2007-10-15 21:17 21,124 --------- C:\WINDOWS\hpomdl07.dat
2007-10-15 21:17 16,496 -ra------ C:\WINDOWS\system32\drivers\HPZipr12.sys
2007-10-15 21:16 606,208 -ra------ C:\WINDOWS\system32\hpotscl.dll
2007-10-15 21:16 278,528 -ra------ C:\WINDOWS\system32\hpgwiamd.dll
2007-10-15 21:16 274,432 -ra------ C:\WINDOWS\system32\HPZc3212.dll
2007-10-15 21:16 258,122 -ra------ C:\WINDOWS\system32\hpovst08.dll
2007-10-15 21:16 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2007-10-15 21:16 25,856 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys
2007-10-15 21:16 21,744 -ra------ C:\WINDOWS\system32\drivers\HPZius12.sys
2007-10-15 00:26 <REP> d-------- C:\Program Files\Alwil Software

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-09 20:04 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\uTorrent
2007-11-09 04:27 --------- d-----w C:\Program Files\Music Alarm Clock
2007-11-08 03:25 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Vso
2007-11-07 02:10 --------- d-----w C:\Program Files\mIRC
2007-11-02 00:22 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-10-17 18:04 --------- d-----w C:\Program Files\Java
2007-10-16 18:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2007-10-14 02:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems
2007-10-14 02:51 --------- d-----w C:\Program Files\CyberLink
2007-09-26 12:05 --------- d-----w C:\Program Files\PowerISO
2007-09-26 11:58 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2007-09-26 02:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\FLEXnet
2007-09-15 00:05 --------- d-----w C:\Program Files\Guitar Pro 5
2007-09-13 01:59 --------- d-----w C:\Program Files\DVDFab Platinum 3
2007-09-12 02:14 --------- d-----w C:\Program Files\DVDFab HD Decrypter 3
2007-09-11 23:05 43,551 ----a-w C:\WINDOWS\system32\xvid-uninstall.exe
2007-09-11 20:12 --------- d-----w C:\Program Files\DivX
2007-09-11 00:11 --------- d-----w C:\Program Files\Apple Software Update
2007-09-10 01:21 --------- d-----w C:\Program Files\Micro Application
2007-09-10 01:15 --------- d-----w C:\Program Files\Fichiers communs\Avid
2007-09-10 01:15 --------- d-----w C:\Program Files\Avid
2007-09-09 22:23 --------- d-----w C:\Program Files\Fichiers communs\LightScribe
2007-09-09 20:02 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\DivX
2007-09-09 19:56 --------- d-----w C:\Program Files\Fichiers communs\InterVideo
2007-09-09 06:58 --------- d-----w C:\Program Files\Codemasters
2007-09-09 05:20 --------- d-----w C:\Program Files\Digital Dutch
2007-08-31 02:34 505,392 ----a-w C:\WINDOWS\system32\msvcp71.dll
2007-08-29 16:36 47,360 ----a-w C:\Documents and Settings\Administrateur\Application Data\pcouffin.sys
2007-08-24 10:58 82,432 ----a-w C:\WINDOWS\system32\msxml4r.dll
2007-08-23 06:15 127,034 ------r C:\WINDOWS\bwUnin-8.1.1.50-8876480SL.exe
2007-08-21 06:17 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-08-21 00:26 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2007-08-21 00:26 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2007-08-15 22:33 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2007-08-15 22:33 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2007-08-15 22:33 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-08-15 22:33 144,704 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-08-15 22:33 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2007-08-15 22:33 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-08-15 22:31 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2007-08-15 22:31 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2007-08-15 22:31 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2007-08-15 22:31 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2007-08-15 22:31 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2007-08-15 22:31 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2007-08-15 22:30 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2007-08-15 22:30 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2007-08-15 22:30 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2007-08-15 22:30 740,442 ----a-w C:\WINDOWS\system32\DivX.dll
2007-08-15 22:30 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
.

((((((((((((((((((((((((((((( snapshot@2007-11-05_18.15.52,96 )))))))))))))))))))))))))))))))))))))))))
.
- 2007-08-23 07:00:18 68,608 ----a-w C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2007-11-06 08:03:41 68,608 ----a-w C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2007-08-23 07:00:20 72,192 ----a-w C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2007-11-06 08:03:47 72,192 ----a-w C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2007-08-23 07:00:20 4,308,992 ----a-w C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2007-11-06 08:03:47 4,308,992 ----a-w C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2007-08-23 07:00:20 482,304 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2007-11-06 08:03:48 482,304 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2007-08-23 07:00:19 2,878,976 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2007-11-06 08:03:45 2,902,016 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2007-08-23 07:00:16 258,048 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2007-11-06 08:03:38 258,048 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2007-08-23 07:00:16 114,176 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2007-11-06 08:03:38 114,176 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2007-08-23 07:00:21 260,096 ----a-w C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2007-11-06 08:03:52 260,096 ----a-w C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2007-08-23 07:00:19 5,025,792 ----a-w C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2007-11-06 08:03:43 5,156,864 ----a-w C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2007-08-23 07:00:18 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2007-11-06 08:03:41 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2007-08-23 07:00:16 503,808 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2007-11-06 08:03:37 507,904 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2007-08-23 07:00:17 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2007-11-06 08:03:39 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2007-08-23 07:00:19 8,192 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2007-11-06 08:03:46 8,192 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2007-08-23 07:00:20 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2007-11-06 08:03:46 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2007-08-23 07:00:20 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2007-11-06 08:03:47 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2007-08-23 07:00:17 413,696 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2007-11-06 08:03:40 413,696 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2007-08-23 07:00:17 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2007-11-06 08:03:40 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2007-08-23 07:00:17 647,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2007-11-06 08:03:40 647,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2007-08-23 07:00:18 73,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2007-11-06 08:03:41 73,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2007-08-23 07:00:17 745,472 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2007-11-06 08:03:39 749,568 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2007-08-23 07:00:22 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2007-11-06 08:03:53 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2007-08-23 07:00:22 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2007-11-06 08:03:53 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2007-08-23 07:00:16 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2007-11-06 08:03:36 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2007-08-23 07:00:21 667,648 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2007-11-06 08:03:52 667,648 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2007-08-23 07:00:22 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2007-11-06 08:03:53 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2007-08-23 07:00:16 12,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2007-11-06 08:03:37 12,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2007-08-23 07:00:16 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2007-11-06 08:03:37 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2007-08-23 07:00:16 7,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2007-11-06 08:03:37 7,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2007-08-23 07:00:20 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2007-11-06 08:03:50 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2007-08-23 07:00:18 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2007-11-06 08:03:42 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2007-08-23 07:00:20 389,120 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2007-11-06 08:03:50 413,696 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2007-08-23 07:00:20 716,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2007-11-06 08:03:49 716,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2007-08-23 07:00:17 884,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2007-11-06 08:03:38 888,832 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2007-08-23 07:00:19 5,050,368 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2007-11-06 08:03:46 5,001,216 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2007-08-23 07:00:18 188,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2007-11-06 08:03:42 188,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2007-08-23 07:00:18 397,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2007-11-06 08:03:42 397,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2007-08-23 07:00:18 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2007-11-06 08:03:43 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2007-08-23 07:00:21 700,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2007-11-06 08:03:51 577,536 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2007-08-23 07:00:20 368,640 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2007-11-06 08:03:49 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2007-08-23 07:00:21 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2007-11-06 08:03:52 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2007-08-23 07:00:20 299,008 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2007-11-06 08:03:49 299,008 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2007-08-23 07:00:20 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2007-11-06 08:03:49 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2007-08-23 07:00:18 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2007-11-06 08:03:41 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2007-08-23 07:00:18 114,688 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2007-11-06 08:03:43 114,688 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2007-08-23 07:00:21 835,584 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2007-11-06 08:03:52 835,584 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2007-08-23 07:00:19 86,016 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2007-11-06 08:03:44 86,016 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2007-08-23 07:00:19 823,296 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2007-11-06 08:03:44 823,296 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2007-08-23 07:00:19 5,316,608 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2007-11-06 08:03:44 5,152,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2007-08-23 07:00:19 2,035,712 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2007-11-06 08:03:45 2,027,520 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2007-08-23 07:00:21 3,018,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2007-11-06 08:03:51 2,940,928 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2007-11-06 08:06:45 26,624 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\850607c7f2c659e0d6a78b7d35ce2ea4\Accessibility.ni.dll
+ 2007-11-06 08:06:47 51,712 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\AjaVideoProperties\d6914fab9ccfc9511bb2923cd828d95e\AjaVideoProperties.ni.dll
+ 2007-11-06 08:06:45 888,832 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\16882499a6925ee341ba995379d50b63\AspNetMMCExt.ni.dll
+ 2007-11-06 08:06:52 237,568 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\a67728729ba3f4b7d2cc58491c39b7b8\CustomMarshalers.ni.dll
+ 2007-11-06 08:06:47 77,824 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\DecklinkVideoProper#\668b150a491e0a0e616df6ce3172d0d1\DecklinkVideoProperties.ni.dll
+ 2007-11-06 08:06:52 15,360 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\dfsvc\749fdc62d22896d3791c51d8a9af18ef\dfsvc.ni.exe
+ 2007-11-06 08:06:54 880,640 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\d6a5da99bd3d6e1649f345aefe24abec\Microsoft.Build.Engine.ni.dll
+ 2007-11-06 08:06:55 81,920 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\a03dd3d771aff3e69bf11833ba1eb4e7\Microsoft.Build.Framework.ni.dll
+ 2007-11-06 08:06:57 1,687,552 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\f88d98e30618adfbce9e8dedfe5681c0\Microsoft.Build.Tasks.ni.dll
+ 2007-11-06 08:06:58 163,840 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\a23651e419aeec05a50a0e8b559264db\Microsoft.Build.Utilities.ni.dll
+ 2007-11-06 08:07:00 1,720,320 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\2ec491c15ec8e087a865f23efb3630d5\Microsoft.VisualBasic.ni.dll
+ 2007-11-06 08:04:28 11,304,960 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\a33c516875b0bdc350d7755a46173fda\mscorlib.ni.dll
+ 2007-11-06 08:06:49 696,320 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Sony.Capture\6d309bf967bb0c0be40ca770aaa195c5\Sony.Capture.ni.dll
+ 2007-11-06 08:06:49 274,432 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Sony.MediaSoftware.#\b116a4041bf3615d1b83d5eb50e440e6\Sony.MediaSoftware.ExternalVideoDevice.ni.dll
+ 2007-11-06 08:06:51 262,144 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Sony.Vegas.NetRender\b339af9ebe184c34943b2010365ec17c\Sony.Vegas.NetRender.ni.dll
+ 2007-11-06 08:06:51 630,784 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Sony.Vegas\8cca817102a18c6991cdd6c6520fc06e\Sony.Vegas.ni.dll
+ 2007-11-06 08:07:02 1,003,520 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\2bdd2d5bfc441a3aaa1b4bf0e22ffff5\System.Configuration.ni.dll
+ 2007-11-06 08:04:48 6,676,480 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\4e01398b16a52ac361baa7227c523910\System.Data.ni.dll
+ 2007-11-06 08:07:04 1,724,416 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\d93802ee68bd299add6c03b4b9afea83\System.Deployment.ni.dll
+ 2007-11-06 08:04:59 10,702,848 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Design\863215601353dffd85b734978b0cd742\System.Design.ni.dll
+ 2007-11-06 08:07:05 1,216,512 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\60dceed696838c28dfe283c29d80c874\System.DirectoryServices.ni.dll
+ 2007-11-06 08:07:06 512,000 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\e9c69ae0a204c82004fff6796c743117\System.DirectoryServices.Protocols.ni.dll
+ 2007-11-06 08:05:02 229,376 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\a9fee6c1a47ed3f42f9a207329dd542f\System.Drawing.Design.ni.dll
+ 2007-11-06 08:05:01 1,601,536 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\80384413bbdfed269beb661a69fdec01\System.Drawing.ni.dll
+ 2007-11-06 08:07:08 659,456 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\0d919ccd2db228d5f585e1f94ffd2df1\System.EnterpriseServices.ni.dll
+ 2007-11-06 08:07:08 294,912 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\0d919ccd2db228d5f585e1f94ffd2df1\System.EnterpriseServices.Wrapper.dll
+ 2007-11-06 08:07:09 729,088 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\85253f1b816fcb93e1c96828aa440ecf\System.Security.ni.dll
+ 2007-11-06 08:07:10 684,032 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\006b4af7ec385d30309f82dd38ca9261\System.Transactions.ni.dll
+ 2007-11-06 08:07:29 2,306,048 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\ef6eaf0ec8143992278fd4c423bef778\System.Web.Mobile.ni.dll
+ 2007-11-06 08:07:29 237,568 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\c691b68e10887da3f6fdda92d47fd1ae\System.Web.RegularExpressions.ni.dll
+ 2007-11-06 08:07:32 1,941,504 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\db0938bcfa13a0f216e61c04ae591473\System.Web.Services.ni.dll
+ 2007-11-06 08:07:25 12,185,600 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\9479f29aa557d4ef716e9afdafc427f9\System.Web.ni.dll
+ 2007-11-06 08:05:17 13,107,200 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\49b480a16a1f872b5206410c1cf2d715\System.Windows.Forms.ni.dll
+ 2007-11-06 08:05:24 5,623,808 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\0f79313aeb00b909a9550442e7dfa58f\System.Xml.ni.dll
+ 2007-11-06 08:04:39 8,130,560 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\dd8f90a1f6939e60eb3bdf50250a2d48\System.ni.dll
+ 2007-08-23 07:00:20 299,008 ------w C:\WINDOWS\assembly\temp\84L8WCZN4K\System.Runtime.Remoting.dll
+ 2007-08-23 07:00:20 368,640 ------w C:\WINDOWS\assembly\temp\G3CS2IS9J0\System.Management.dll
+ 2006-02-15 00:22:26 142,464 ------w C:\WINDOWS\Driver Cache\i386\aec.sys
- 2004-10-08 23:48:21 262,400 ------w C:\WINDOWS\Driver Cache\i386\http.sys
+ 2006-03-17 00:33:10 262,784 ------w C:\WINDOWS\Driver Cache\i386\http.sys
+ 2006-06-14 08:47:45 172,416 ------w C:\WINDOWS\Driver Cache\i386\kmixer.sys
- 2005-01-19 04:26:52 451,584 ------w C:\WINDOWS\Driver Cache\i386\mrxsmb.sys
+ 2006-05-05 09:41:45 453,120 ------w C:\WINDOWS\Driver Cache\i386\mrxsmb.sys
- 2005-03-02 18:07:56 2,137,600 ------w C:\WINDOWS\Driver Cache\i386\ntkrnlmp.exe
+ 2007-02-28 16:02:21 2,138,112 ------w C:\WINDOWS\Driver Cache\i386\ntkrnlmp.exe
- 2005-03-02 18:07:56 2,058,880 ------w C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe
+ 2007-02-28 16:02:36 2,059,648 ------w C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe
- 2005-03-02 18:08:01 2,017,280 ------w C:\WINDOWS\Driver Cache\i386\ntkrpamp.exe
+ 2007-02-28 16:02:21 2,017,792 ------w C:\WINDOWS\Driver Cache\i386\ntkrpamp.exe
- 2005-03-02 18:08:06 2,181,376 ------w C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe
+ 2007-02-28 16:02:36 2,182,400 ------w C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe
+ 2006-06-14 08:47:46 6,400 ------w C:\WINDOWS\Driver Cache\i386\splitter.sys
+ 2006-06-14 09:00:45 82,944 ------w C:\WINDOWS\Driver Cache\i386\wdmaud.sys
- 2004-10-13 22:38:50 1,036,288 ----a-w C:\WINDOWS\explorer.exe
+ 2007-06-13 13:10:53 1,037,312 ----a-w C:\WINDOWS\explorer.exe
- 2004-08-19 16:09:56 10,752 ----a-w C:\WINDOWS\hh.exe
+ 2005-05-26 23:22:01 10,752 ----a-w C:\WINDOWS\hh.exe
+ 2007-11-06 08:01:00 32,768 ----a-r C:\WINDOWS\Installer\{C04E32E0-0416-434D-AFB9-6969D703A9EF}\icon.exe
- 2005-09-23 05:28:58 55,488 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2007-04-13 08:21:18 58,712 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
- 2005-09-23 05:28:32 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
+ 2007-04-13 08:20:52 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
- 2005-09-23 05:28:32 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
+ 2007-04-13 08:20:52 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
- 2005-09-23 05:28:32 23,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2007-04-13 08:20:52 23,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
- 2005-09-23 05:28:32 70,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2007-04-13 08:20:50 75,264 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
- 2005-09-23 05:28:32 26,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
+ 2007-04-13 08:20:52 32,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
- 2005-09-23 05:28:32 29,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2007-04-13 08:20:52 33,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
- 2005-09-23 05:28:32 29,888 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2007-04-13 08:20:52 32,600 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
- 2005-09-23 05:28:32 503,808 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
+ 2007-04-13 08:20:52 507,904 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
- 2005-09-23 05:28:56 88,576 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2007-04-13 08:21:16 88,576 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
- 2005-09-23 05:28:38 4,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2007-04-13 08:20:58 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
- 2005-09-23 05:28:56 9,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2007-04-13 08:21:16 9,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
- 2005-09-23 05:28:56 224,952 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2007-04-13 08:21:16 228,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
- 2005-09-23 05:28:56 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
+ 2007-04-13 08:21:16 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
- 2005-09-23 05:28:48 413,696 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2007-04-13 08:21:10 413,696 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
- 2005-09-23 05:28:48 647,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2007-04-13 08:21:10 647,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
- 2005-09-23 05:28:48 745,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2007-04-13 08:21:08 749,568 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
- 2005-09-23 05:28:32 87,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
+ 2007-04-13 08:20:52 87,040 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
- 2005-09-23 05:28:56 800,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2007-04-13 08:21:18 802,304 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2005-09-23 05:28:56 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
+ 2007-04-13 08:21:16 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
- 2005-09-23 05:28:56 326,144 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2007-04-13 08:21:16 326,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
- 2005-09-23 05:28:56 4,308,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2007-04-13 08:21:16 4,308,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2005-09-23 05:28:56 102,400 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2007-04-13 08:21:16 102,912 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
- 2005-09-23 05:28:56 226,816 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
+ 2007-04-13 08:21:18 227,328 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
- 2005-09-23 05:28:56 66,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
+ 2007-04-13 08:21:18 68,952 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
- 2005-09-23 05:28:50 5,615,616 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2007-04-13 08:21:12 5,634,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2005-09-23 05:28:56 96,440 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2007-04-13 08:21:16 99,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ngen.exe
- 2005-09-23 05:28:56 14,848 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2007-04-13 08:21:18 15,360 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\normalization.dll
- 2005-09-23 05:28:50 136,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2007-04-13 08:21:12 136,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\peverify.dll
- 2005-09-23 05:28:56 377,344 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2007-04-13 08:21:18 382,464 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\SOS.dll
- 2005-09-23 05:28:56 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2007-04-13 08:21:18 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
- 2005-09-23 05:28:58 389,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
+ 2007-04-13 08:21:18 413,696 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
- 2005-09-23 05:28:56 2,878,976 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
+ 2007-04-13 08:21:16 2,902,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
- 2005-09-23 05:28:56 482,304 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
+ 2007-04-13 08:21:18 482,304 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
- 2005-09-23 05:28:56 716,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2007-04-13 08:21:18 716,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
- 2005-09-23 05:28:38 884,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2007-04-13 08:20:58 888,832 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
- 2005-09-23 05:28:56 5,050,368 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2007-04-13 08:21:16 5,001,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
- 2005-09-23 05:28:56 188,416 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2007-04-13 08:21:18 188,416 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
- 2005-09-23 05:28:56 3,018,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2007-04-13 08:21:16 2,940,928 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.dll
- 2005-09-23 05:28:56 700,416 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2007-04-13 08:21:16 577,536 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
- 2005-09-23 05:28:56 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2007-04-13 08:21:16 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
- 2005-09-23 05:28:56 47,616 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
+ 2007-04-13 08:21:18 47,616 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
- 2005-09-23 05:28:56 114,176 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
+ 2007-04-13 08:21:18 114,176 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
- 2005-09-23 05:28:56 368,640 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
+ 2007-04-13 08:21:16 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
- 2005-09-23 05:28:56 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
+ 2007-04-13 08:21:16 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
- 2005-09-23 05:28:56 260,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
+ 2007-04-13 08:21:18 260,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
- 2005-09-23 05:28:56 5,025,792 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2007-04-13 08:21:16 5,156,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
- 2005-09-23 05:28:56 5,316,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2007-04-13 08:21:16 5,152,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
- 2005-09-23 05:28:56 2,035,712 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2007-04-13 08:21:16 2,027,520 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
- 2005-09-23 05:29:06 1,140,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2007-04-13 08:21:28 1,166,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe
- 2005-09-23 05:28:30 1,306,624 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
+ 2007-04-13 08:20:50 1,330,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
- 2005-09-23 05:28:32 298,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2007-04-13 08:20:52 406,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\webengine.dll
- 2004-08-19 16:09:20 41,984 ----a-w C:\WINDOWS\msagent\agentdp2.dll
+ 2006-10-12 13:55:58 42,496 ----a-w C:\WINDOWS\msagent\agentdp2.dll
- 2004-08-19 16:09:20 58,880 ----a-w C:\WINDOWS\msagent\agentdpv.dll
+ 2007-03-09 14:00:38 57,344 ----a-w C:\WINDOWS\msagent\agentdpv.dll
- 2004-08-19 16:09:52 256,512 ----a-w C:\WINDOWS\msagent\agentsvr.exe
+ 2006-10-12 11:54:07 256,512 ----a-w C:\WINDOWS\msagent\agentsvr.exe
- 2004-08-19 16:09:20 100,352 ----a-w C:\WINDOWS\system32\6to4svc.dll
+ 2006-08-16 11:59:27 100,352 ----a-w C:\WINDOWS\system32\6to4svc.dll
- 2005-03-10 10:04:12 1,017,344 ----a-w C:\WINDOWS\system32\browseui.dll
+ 2007-08-22 12:57:25 1,023,488 ----a-w C:\WINDOWS\system32\browseui.dll
- 2004-08-19 16:09:22 229,888 ----a-w C:\WINDOWS\system32\catsrv.dll
+ 2005-07-26 04:39:54 225,792 ----a-w C:\WINDOWS\system32\catsrv.dll
- 2004-08-19 16:09:22 628,224 ----a-w C:\WINDOWS\system32\catsrvut.dll
+ 2005-07-26 04:39:54 625,152 ----a-w C:\WINDOWS\system32\catsrvut.dll
- 2005-03-10 10:04:12 152,064 ----a-w C:\WINDOWS\system32\cdfview.dll
+ 2007-08-22 12:57:25 152,064 ----a-w C:\WINDOWS\system32\cdfview.dll
- 2004-08-19 16:09:22 66,560 ----a-w C:\WINDOWS\system32\cdm.dll
+ 2007-07-31 00:19:20 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
- 2004-08-19 16:09:22 2,067,968 ----a-w C:\WINDOWS\system32\cdosys.dll
+ 2005-09-10 01:55:14 2,067,968 ----a-w C:\WINDOWS\system32\cdosys.dll
- 2004-08-19 16:09:22 69,120 ----a-w C:\WINDOWS\system32\ciodm.dll
+ 2006-06-22 05:13:45 69,120 ----a-w C:\WINDOWS\system32\ciodm.dll
- 2004-08-19 16:09:22 110,080 ----a-w C:\WINDOWS\system32\clbcatex.dll
+ 2005-07-26 04:39:55 110,080 ----a-w C:\WINDOWS\system32\clbcatex.dll
- 2004-08-19 16:09:22 501,248 ----a-w C:\WINDOWS\system32\clbcatq.dll
+ 2005-07-26 04:39:55 498,688 ----a-w C:\WINDOWS\system32\clbcatq.dll
- 2004-08-19 16:09:22 62,464 ----a-w C:\WINDOWS\system32\colbact.dll
+ 2005-07-26 04:39:55 60,416 ----a-w C:\WINDOWS\system32\colbact.dll
- 2004-08-19 16:09:22 195,584 ----a-w C:\WINDOWS\system32\Com\comadmin.dll
+ 2005-07-26 04:39:56 195,072 ----a-w C:\WINDOWS\system32\Com\comadmin.dll
- 2004-10-13 22:40:28 617,472 ----a-w C:\WINDOWS\system32\comctl32.dll
+ 2006-08-25 15:51:14 617,472 ----a-w C:\WINDOWS\system32\comctl32.dll
- 2001-08-24 14:00:00 82,432 ----a-w C:\WINDOWS\system32\comrepl.dll
+ 2005-07-26 04:39:56 97,792 ----a-w C:\WINDOWS\system32\comrepl.dll
- 2004-08-19 16:09:22 1,251,840 ----a-w C:\WINDOWS\system32\comsvcs.dll
+ 2005-07-26 04:39:57 1,267,200 ----a-w C:\WINDOWS\system32\comsvcs.dll
- 2004-08-19 16:09:22 540,160 ----a-w C:\WINDOWS\system32\comuid.dll
+ 2005-07-26 04:39:57 540,160 ----a-w C:\WINDOWS\system32\comuid.dll
- 2004-08-19 16:09:24 1,056,256 ----a-w C:\WINDOWS\system32\danim.dll
+ 2007-08-22 12:57:26 1,056,768 ----a-w C:\WINDOWS\system32\danim.dll
- 2004-08-19 16:09:24 111,616 ----a-w C:\WINDOWS\system32\dhcpcsvc.dll
+ 2006-05-19 13:23:35 112,128 ----a-w C:\WINDOWS\system32\dhcpcsvc.dll
- 2004-08-19 16:09:20 100,352 -c--a-w C:\WINDOWS\system32\dllcache\6to4svc.dll
+ 2006-08-16 11:59:27 100,352 -c--a-w C:\WINDOWS\system32\dllcache\6to4svc.dll
- 2004-08-03 20:39:38 142,464 -c--a-w C:\WINDOWS\system32\dllcache\aec.sys
+ 2006-02-15 00:22:26 142,464 -c--a-w C:\WINDOWS\system32\dllcache\aec.sys
- 2004-08-19 16:09:20 41,984 -c--a-w C:\WINDOWS\system32\dllcache\agentdp2.dll
+ 2006-10-12 13:55:58 42,496 -c--a-w C:\WINDOWS\system32\dllcache\agentdp2.dll
- 2004-08-19 16:09:20 58,880 -c--a-w C:\WINDOWS\system32\dllcache\agentdpv.dll
+ 2007-03-09 14:00:38 57,344 -c--a-w C:\WINDOWS\system32\dllcache\agentdpv.dll
- 2004-08-19 16:09:52 256,512 -c--a-w C:\WINDOWS\system32\dllcache\agentsvr.exe
+ 2006-10-12 11:54:07 256,512 -c--a-w C:\WINDOWS\system32\dllcache\agentsvr.exe
- 2005-03-10 10:04:12 1,017,344 -c--a-w C:\WINDOWS\system32\dllcache\browseui.dll
+ 2007-08-22 12:57:25 1,023,488 -c--a-w C:\WINDOWS\system32\dllcache\browseui.dll
- 2004-08-19 16:09:22 229,888 -c--a-w C:\WINDOWS\system32\dllcache\catsrv.dll
+ 2005-07-26 04:39:54 225,792 -c--a-w C:\WINDOWS\system32\dllcache\catsrv.dll
- 2004-08-19 16:09:22 628,224 -c--a-w C:\WINDOWS\system32\dllcache\catsrvut.dll
+ 2005-07-26 04:39:54 625,152 -c--a-w C:\WINDOWS\system32\dllcache\catsrvut.dll
- 2005-03-10 10:04:12 152,064 -c--a-w C:\WINDOWS\system32\dllcache\cdfview.dll
+ 2007-08-22 12:57:25 152,064 -c--a-w C:\WINDOWS\system32\dllcache\cdfview.dll
- 2004-08-19 16:09:22 66,560 -c--a-w C:\WINDOWS\system32\dllcache\cdm.dll
+ 2007-07-31 00:19:20 92,504 -c--a-w C:\WINDOWS\system32\dllcache\cdm.dll
- 2004-08-19 16:09:22 2,067,968 -c--a-w C:\WINDOWS\system32\dllcache\cdosys.dll
+ 2005-09-10 01:55:14 2,067,968 -c--a-w C:\WINDOWS\system32\dllcache\cdosys.dll
- 2004-08-19 16:09:22 69,120 -c--a-w C:\WINDOWS\system32\dllcache\ciodm.dll
+ 2006-06-22 05:13:45 69,120 -c--a-w C:\WINDOWS\system32\dllcache\ciodm.dll
- 2004-08-19 16:09:22 110,080 -c--a-w C:\WINDOWS\system32\dllcache\clbcatex.dll
+ 2005-07-26 04:39:55 110,080 -c--a-w C:\WINDOWS\system32\dllcache\clbcatex.dll
- 2004-08-19 16:09:22 501,248 -c--a-w C:\WINDOWS\system32\dllcache\clbcatq.dll
+ 2005-07-26 04:39:55 498,688 -c--a-w C:\WINDOWS\system32\dllcache\clbcatq.dll
- 2004-08-19 16:09:22 62,464 -c--a-w C:\WINDOWS\system32\dllcache\colbact.dll
+ 2005-07-26 04:39:55 60,416 -c--a-w C:\WINDOWS\system32\dllcache\colbact.dll
- 2004-08-19 16:09:22 195,584 -c--a-w C:\WINDOWS\system32\dllcache\comadmin.dll
+ 2005-07-26 04:39:56 195,072 -c--a-w C:\WINDOWS\system32\dllcache\comadmin.dll
- 2004-10-13 22:40:28 617,472 -c--a-w C:\WINDOWS\system32\dllcache\comctl32.dll
+ 2006-08-25 15:51:14 617,472 -c--a-w C:\WINDOWS\system32\dllcache\comctl32.dll
- 2001-08-24 14:00:00 82,432 -c--a-w C:\WINDOWS\system32\dllcache\comrepl.dll
+ 2005-07-26 04:39:56 97,792 -c--a-w C:\WINDOWS\system32\dllcache\comrepl.dll
- 2004-08-19 16:09:22 1,251,840 -c--a-w C:\WINDOWS\system32\dllcache\comsvcs.dll
+ 2005-07-26 04:39:57 1,267,200 -c--a-w C:\WINDOWS\system32\dllcache\comsvcs.dll
- 2004-08-19 16:09:22 540,160 -c--a-w C:\WINDOWS\system32\dllcache\comuid.dll
+ 2005-07-26 04:39:57 540,160 -c--a-w C:\WINDOWS\system32\dllcache\comuid.dll
- 2004-08-19 16:09:24 1,056,256 -c--a-w C:\WINDOWS\system32\dllcache\danim.dll
+ 2007-08-22 12:57:26 1,056,768 -c--a-w C:\WINDOWS\system32\dllcache\danim.dll
- 2004-08-19 16:09:24 111,616 -c--a-w C:\WINDOWS\system32\dllcache\dhcpcsvc.dll
+ 2006-05-19 13:23:35 112,128 -c--a-w C:\WINDOWS\system32\dllcache\dhcpcsvc.dll
- 2004-08-19 16:09:24 81,408 -c--a-w C:\WINDOWS\system32\dllcache\directdb.dll
+ 2007-05-16 15:13:53 86,528 -c--a-w C:\WINDOWS\system32\dllcache\directdb.dll
- 2004-08-19 16:09:24 148,480 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
+ 2006-06-26 17:41:32 148,480 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
- 2004-08-19 16:09:24 499,741 -c--a-w C:\WINDOWS\system32\dllcache\dxmasf.dll
+ 2006-08-24 18:17:20 500,278 -c--a-w C:\WINDOWS\system32\dllcache\dxmasf.dll
- 2004-08-19 16:09:24 357,888 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2007-08-22 12:57:26 357,888 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2004-08-19 16:09:24 201,728 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2007-08-22 12:57:26 205,824 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2004-08-19 16:09:26 243,200 -c--a-w C:\WINDOWS\system32\dllcache\es.dll
+ 2005-07-26 04:39:57 243,200 -c--a-w C:\WINDOWS\system32\dllcache\es.dll
- 2004-08-19 16:09:26 1,097,728 -c--a-w C:\WINDOWS\system32\dllcache\esent.dll
+ 2005-10-20 22:25:53 1,097,728 -c--a-w C:\WINDOWS\system32\dllcache\esent.dll
- 2004-10-13 22:38:50 1,036,288 -c--a-w C:\WINDOWS\system32\dllcache\explorer.exe
+ 2007-06-13 13:10:53 1,037,312 -c--a-w C:\WINDOWS\system32\dllcache\explorer.exe
- 2004-08-19 16:09:26 55,808 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2007-08-22 12:57:26 55,808 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2004-08-19 16:09:26 16,896 -c--a-w C:\WINDOWS\system32\dllcache\fltlib.dll
+ 2006-08-21 12:26:15 16,896 -c--a-w C:\WINDOWS\system32\dllcache\fltlib.dll
- 2004-08-19 16:09:56 22,528 -c--a-w C:\WINDOWS\system32\dllcache\fltmc.exe
+ 2006-08-21 09:14:58 23,040 -c--a-w C:\WINDOWS\system32\dllcache\fltmc.exe
- 2004-08-03 23:01:20 124,800 -c--a-w C:\WINDOWS\system32\dllcache\fltmgr.sys
+ 2006-08-21 09:14:58 128,896 -c--a-w C:\WINDOWS\system32\dllcache\fltmgr.sys
- 2001-08-24 14:00:00 79,360 -c--a-w C:\WINDOWS\system32\dllcache\fontsub.dll
+ 2005-10-17 21:21:08 80,896 -c--a-w C:\WINDOWS\system32\dllcache\fontsub.dll
- 2004-08-19 16:09:28 278,016 -c--a-w C:\WINDOWS\system32\dllcache\gdi32.dll
+ 2007-06-19 13:32:25 282,112 -c--a-w C:\WINDOWS\system32\dllcache\gdi32.dll
- 2004-08-19 16:09:56 10,752 -c--a-w C:\WINDOWS\system32\dllcache\hh.exe
+ 2005-05-26 23:22:01 10,752 -c--a-w C:\WINDOWS\system32\dllcache\hh.exe
- 2004-08-19 16:09:28 38,912 -c--a-w C:\WINDOWS\system32\dllcache\hhsetup.dll
+ 2005-05-27 02:08:06 41,472 -c--a-w C:\WINDOWS\system32\dllcache\hhsetup.dll
- 2004-11-16 23:17:58 68,608 -c--a-w C:\WINDOWS\system32\dllcache\hlink.dll
+ 2006-07-21 08:27:28 72,704 -c--a-w C:\WINDOWS\system32\dllcache\hlink.dll
- 2004-08-19 16:09:28 253,952 -c--a-w C:\WINDOWS\system32\dllcache\icm32.dll
+ 2005-06-29 01:49:41 254,976 -c--a-w C:\WINDOWS\system32\dllcache\icm32.dll
- 2004-08-19 16:09:56 18,432 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe
+ 2007-08-21 10:19:39 18,432 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe
- 2005-03-10 10:04:12 250,880 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll
+ 2007-08-22 12:57:26 251,904 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll
- 2004-08-19 16:09:30 678,400 -c--a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
+ 2007-08-21 06:17:23 683,520 -c--a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
- 2005-03-10 10:04:12 96,768 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll
+ 2007-08-22 12:57:26 96,768 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll
- 2004-08-19 16:09:32 95,744 -c--a-w C:\WINDOWS\system32\dllcache\iphlpapi.dll
+ 2006-05-19 13:23:35 95,744 -c--a-w C:\WINDOWS\system32\dllcache\iphlpapi.dll
- 2004-08-19 16:09:32 143,872 -c--a-w C:\WINDOWS\system32\dllcache\itircl.dll
+ 2005-05-27 02:08:06 155,136 -c--a-w C:\WINDOWS\system32\dllcache\itircl.dll
- 2004-08-19 16:09:32 134,144 -c--a-w C:\WINDOWS\system32\dllcache\itss.dll
+ 2005-05-27 02:08:06 137,216 -c--a-w C:\WINDOWS\system32\dllcache\itss.dll
+ 2006-06-01 18:48:44 163,840 -c----w C:\WINDOWS\system32\dllcache\jgdw400.dll
+ 2006-06-01 18:48:44 27,648 -c----w C:\WINDOWS\system32\dllcache\jgpl400.dll
- 2004-08-19 16:09:32 450,560 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll
+ 2006-05-18 05:31:21 450,560 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll
- 2004-08-19 16:09:32 15,872 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2007-08-22 12:57:26 16,384 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2004-08-19 16:09:32 294,400 -c--a-w C:\WINDOWS\system32\dllcache\kerberos.dll
+ 2005-06-15 17:50:31 295,936 -c--a-w C:\WINDOWS\system32\dllcache\kerberos.dll
- 2004-08-19 16:09:32 1,048,576 -c--a-w C:\WINDOWS\system32\dllcache\kernel32.dll
+ 2007-04-16 15:53:11 1,049,600 -c--a-w C:\WINDOWS\system32\dllcache\kernel32.dll
- 2004-08-03 21:07:50 171,776 -c--a-w C:\WINDOWS\system32\dllcache\kmixer.sys
+ 2006-06-14 08:47:45 172,416 -c--a-w C:\WINDOWS\system32\dllcache\kmixer.sys
- 2004-08-19 16:09:32 18,944 -c--a-w C:\WINDOWS\system32\dllcache\linkinfo.dll
+ 2005-09-01 01:43:37 19,968 -c--a-w C:\WINDOWS\system32\dllcache\linkinfo.dll
- 2004-10-28 03:24:00 728,576 -c--a-w C:\WINDOWS\system32\dllcache\lsasrv.dll
+ 2006-08-17 12:29:49 728,576 -c--a-w C:\WINDOWS\system32\dllcache\lsasrv.dll
- 2004-08-19 16:09:32 39,936 -c--a-w C:\WINDOWS\system32\dllcache\mf3216.dll
+ 2007-03-08 15:37:50 40,960 -c--a-w C:\WINDOWS\system32\dllcache\mf3216.dll
- 2001-08-24 14:00:00 924,432 -c--a-w C:\WINDOWS\system32\dllcache\mfc40u.dll
+ 2006-11-01 19:18:42 927,504 -c--a-w C:\WINDOWS\system32\dllcache\mfc40u.dll
- 2004-08-19 16:09:32 1,024,000 -c--a-w C:\WINDOWS\system32\dllcache\mfc42u.dll
+ 2006-10-14 08:13:25 981,760 -c--a-w C:\WINDOWS\system32\dllcache\mfc42u.dll
- 2004-08-19 16:09:56 7,680 -c--a-w C:\WINDOWS\system32\dllcache\migregdb.exe
+ 2005-07-25 23:46:57 7,680 -c--a-w C:\WINDOWS\system32\dllcache\migregdb.exe
+ 2006-05-05 09:41:45 453,120 -c----w C:\WINDOWS\system32\dllcache\mrxsmb.sys
- 2004-08-19 16:09:34 143,360 -c--a-w C:\WINDOWS\system32\dllcache\msadco.dll
+ 2006-03-23 05:46:11 143,360 -c--a-w C:\WINDOWS\system32\dllcache\msadco.dll
- 2004-08-19 16:09:34 536,576 -c--a-w C:\WINDOWS\system32\dllcache\msado15.dll
+ 2006-12-26 13:09:12 536,576 -c--a-w C:\WINDOWS\system32\dllcache\msado15.dll
- 2004-08-19 16:09:34 180,224 -c--a-w C:\WINDOWS\system32\dllcache\msadomd.dll
+ 2006-12-26 13:09:12 180,224 -c--a-w C:\WINDOWS\system32\dllcache\msadomd.dll
- 2004-08-19 16:09:34 200,704 -c--a-w C:\WINDOWS\system32\dllcache\msadox.dll
+ 2006-12-26 13:09:12 200,704 -c--a-w C:\WINDOWS\system32\dllcache\msadox.dll
- 2004-08-19 16:09:34 73,728 -c--a-w C:\WINDOWS\system32\dllcache\mscms.dll
+ 2005-06-29 01:49:41 74,240 -c--a-w C:\WINDOWS\system32\dllcache\mscms.dll
- 2004-08-19 16:09:34 425,472 -c--a-w C:\WINDOWS\system32\dllcache\msdtcprx.dll
+ 2006-03-01 19:43:50 426,496 -c--a-w C:\WINDOWS\system32\dllcache\msdtcprx.dll
- 2004-08-19 16:09:34 949,248 -c--a-w C:\WINDOWS\system32\dllcache\msdtctm.dll
+ 2006-03-01 19:43:50 956,416 -c--a-w C:\WINDOWS\system32\dllcache\msdtctm.dll
- 2004-08-19 16:09:34 161,280 -c--a-w C:\WINDOWS\system32\dllcache\msdtcuiu.dll
+ 2006-03-01 19:43:51 161,280 -c--a-w C:\WINDOWS\system32\dllcache\msdtcuiu.dll
- 2004-08-19 16:09:34 537,088 -c--a-w C:\WINDOWS\system32\dllcache\msftedit.dll
+ 2006-11-27 14:55:30 539,136 -c--a-w C:\WINDOWS\system32\dllcache\msftedit.dll
- 2005-03-10 10:04:12 3,010,560 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2007-08-22 12:57:28 3,085,824 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2004-08-19 16:09:34 448,512 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2007-08-22 12:57:28 449,024 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2005-05-03 12:58:36 2,890,240 -c--a-w C:\WINDOWS\system32\dllcache\msi.dll
+ 2007-04-18 16:14:18 2,854,400 -c--a-w C:\WINDOWS\system32\dllcache\msi.dll
- 2004-08-19 16:09:34 102,400 -c--a-w C:\WINDOWS\system32\dllcache\msjro.dll
+ 2006-12-26 13:09:12 102,400 -c--a-w C:\WINDOWS\system32\dllcache\msjro.dll
- 2004-08-19 16:09:34 1,311,232 -c--a-w C:\WINDOWS\system32\dllcache\msoe.dll
+ 2007-05-16 15:13:54 1,314,816 -c--a-w C:\WINDOWS\system32\dllcache\msoe.dll
- 2005-03-10 10:04:12 146,432 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2007-08-22 12:57:28 146,432 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
- 2004-08-19 16:09:36 530,432 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2007-08-22 12:57:28 532,480 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
- 2004-08-19 16:09:36 1,236,480 -c--a-w C:\WINDOWS\system32\dllcache\msxml3.dll
+ 2007-06-26 06:09:14 1,104,896 -c--a-w C:\WINDOWS\system32\dllcache\msxml3.dll
- 2004-08-19 16:09:36 66,560 -c--a-w C:\WINDOWS\system32\dllcache\mtxclu.dll
+ 2006-03-01 19:43:51 66,560 -c--a-w C:\WINDOWS\system32\dllcache\mtxclu.dll
- 2004-08-19 16:09:36 90,112 -c--a-w C:\WINDOWS\system32\dllcache\mtxoci.dll
+ 2006-03-01 19:43:51 91,136 -c--a-w C:\WINDOWS\system32\dllcache\mtxoci.dll
- 2004-08-19 16:09:36 332,288 -c--a-w C:\WINDOWS\system32\dllcache\netapi32.dll
+ 2006-08-17 12:29:49 332,288 -c--a-w C:\WINDOWS\system32\dllcache\netapi32.dll
- 2004-08-19 16:09:38 198,144 -c--a-w C:\WINDOWS\system32\dllcache\netman.dll
+ 2005-08-22 18:35:10 197,632 -c--a-w C:\WINDOWS\system32\dllcache\netman.dll
- 2004-08-19 16:09:38 364,544 -c--a-w C:\WINDOWS\system32\dllcache\npdsplay.dll
+ 2005-11-29 21:27:06 364,544 -c--a-w C:\WINDOWS\system32\dllcache\npdsplay.dll
- 2004-08-03 23:15:10 574,592 -c--a-w C:\WINDOWS\system32\dllcache\ntfs.sys
+ 2007-02-09 11:10:35 574,464 -c--a-w C:\WINDOWS\system32\dllcache\ntfs.sys
+ 2007-02-28 16:02:21 2,138,112 -c----w C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
+ 2007-02-28 16:02:36 2,059,648 -c----w C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
+ 2007-02-28 16:02:21 2,017,792 -c----w C:\WINDOWS\system32\dllcache\ntkrpamp.exe
+ 2007-02-28 16:02:36 2,182,400 -c----w C:\WINDOWS\system32\dllcache\ntoskrnl.exe
- 2001-08-24 14:00:00 58,880 -c--a-w C:\WINDOWS\system32\dllcache\nwapi32.dll
+ 2006-10-13 12:36:55 64,000 -c--a-w C:\WINDOWS\system32\dllcache\nwapi32.dll
- 2004-08-19 16:09:38 147,968 -c--a-w C:\WINDOWS\system32\dllcache\nwprovau.dll
+ 2006-10-13 12:36:55 145,920 -c--a-w C:\WINDOWS\system32\dllcache\nwprovau.dll
- 2004-08-03 23:02:24 163,584 -c--a-w C:\WINDOWS\system32\dllcache\nwrdr.sys
+ 2006-10-13 10:23:15 163,584 -c--a-w C:\WINDOWS\system32\dllcache\nwrdr.sys
- 2004-08-19 16:09:38 64,000 -c--a-w C:\WINDOWS\system32\dllcache\nwwks.dll
+ 2006-10-13 12:36:55 65,536 -c--a-w C:\WINDOWS\system32\dllcache\nwwks.dll
- 2005-04-28 21:32:30 1,284,608 -c--a-w C:\WINDOWS\system32\dllcache\ole32.dll
+ 2005-07-26 04:40:00 1,284,608 -c--a-w C:\WINDOWS\system32\dllcache\ole32.dll
- 2004-08-19 16:09:38 553,472 -c--a-w C:\WINDOWS\system32\dllcache\oleaut32.dll
+ 2007-05-17 11:29:50 549,376 -c--a-w C:\WINDOWS\system32\dllcache\oleaut32.dll
- 2005-04-28 21:32:30 75,264 -c--a-w C:\WINDOWS\system32\dllcache\olecli32.dll
+ 2005-07-26 04:40:00 75,264 -c--a-w C:\WINDOWS\system32\dllcache\olecli32.dll
- 2005-04-28 21:32:30 37,888 -c--a-w C:\WINDOWS\system32\dllcache\olecnv32.dll
+ 2005-07-26 04:40:00 37,888 -c--a-w C:\WINDOWS\system32\dllcache\olecnv32.dll
- 2001-08-24 14:00:00 119,808 -c--a-w C:\WINDOWS\system32\dllcache\oledlg.dll
+ 2006-10-16 16:16:00 124,928 -c--a-w C:\WINDOWS\system32\dllcache\oledlg.dll
- 2004-08-19 16:09:38 39,424 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2007-08-22 12:57:28 39,424 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2004-08-19 16:09:40 1,293,824 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
+ 2005-08-30 03:55:43 1,293,312 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
- 2004-08-19 16:09:40 1,440,768 -c--a-w C:\WINDOWS\system32\dllcache\query.dll
+ 2006-06-22 05:13:46 1,440,768 -c--a-w C:\WINDOWS\system32\dllcache\query.dll
- 2004-08-19 16:09:40 8,192 -c--a-w C:\WINDOWS\system32\dllcache\rasadhlp.dll
+ 2006-06-26 17:41:32 8,192 -c--a-w C:\WINDOWS\system32\dllcache\rasadhlp.dll
- 2004-08-19 16:09:40 174,080 -c--a-w C:\WINDOWS\system32\dllcache\rasmans.dll
+ 2006-06-22 10:48:06 181,248 -c--a-w C:\WINDOWS\system32\dllcache\rasmans.dll
- 2004-10-28 03:13:58 174,592 -c--a-w C:\WINDOWS\system32\dllcache\rdbss.sys
+ 2006-05-05 09:47:57 174,592 -c--a-w C:\WINDOWS\system32\dllcache\rdbss.sys
- 2004-08-19 16:10:20 139,400 -c--a-w C:\WINDOWS\system32\dllcache\rdpwd.sys
+ 2005-06-10 04:11:22 139,528 -c--a-w C:\WINDOWS\system32\dllcache\rdpwd.sys
- 2004-08-19 16:09:40 431,616 -c--a-w C:\WINDOWS\system32\dllcache\riched20.dll
+ 2006-11-27 14:55:31 433,152 -c--a-w C:\WINDOWS\system32\dllcache\riched20.dll
- 2001-08-24 14:00:00 200,064 -c--a-w C:\WINDOWS\system32\dllcache\rmcast.sys
+ 2006-07-13 08:48:58 202,240 -c--a-w C:\WINDOWS\system32\dllcache\rmcast.sys
- 2004-08-19 16:09:40 581,120 -c--a-w C:\WINDOWS\system32\dllcache\rpcrt4.dll
+ 2007-07-09 13:11:46 584,192 -c--a-w C:\WINDOWS\system32\dllcache\rpcrt4.dll
- 2005-04-28 21:32:30 395,776 -c--a-w C:\WINDOWS\system32\dllcache\rpcss.dll
+ 2005-07-26 04:40:00 397,824 -c--a-w C:\WINDOWS\system32\dllcache\rpcss.dll
- 2004-08-19 16:09:40 144,896 -c--a-w C:\WINDOWS\system32\dllcache\schannel.dll
+ 2007-04-25 14:22:35 144,896 -c--a-w C:\WINDOWS\system32\dllcache\schannel.dll
- 2005-03-10 10:04:12 1,483,776 -c--a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
+ 2007-08-22 12:57:29 1,498,624 -c--a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
- 2005-03-01 01:12:24 8,506,368 -c--a-w C:\WINDOWS\system32\dllcache\shell32.dll
+ 2006-12-19 21:49:47 8,509,952 -c--a-w C:\WINDOWS\system32\dllcache\shell32.dll
- 2005-03-10 10:04:12 474,112 -c--a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
+ 2007-08-22 12:57:30 474,624 -c--a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
- 2004-08-19 16:09:42 135,168 -c--a-w C:\WINDOWS\system32\dllcache\shsvcs.dll
+ 2006-12-19 21:49:47 135,168 -c--a-w C:\WINDOWS\system32\dllcache\shsvcs.dll
- 2004-08-03 21:07:48 6,400 -c--a-w C:\WINDOWS\system32\dllcache\splitter.sys
+ 2006-06-14 08:47:46 6,400 -c--a-w C:\WINDOWS\system32\dllcache\splitter.sys
- 2004-08-19 16:10:04 57,856 -c--a-w C:\WINDOWS\system32\dllcache\spoolsv.exe
+ 2005-06-10 23:53:32 57,856 -c--a-w C:\WINDOWS\system32\dllcache\spoolsv.exe
- 2004-08-03 23:14:46 336,256 -c--a-w C:\WINDOWS\system32\dllcache\srv.sys
+ 2006-08-14 10:34:41 332,928 -c--a-w C:\WINDOWS\system32\dllcache\srv.sys
- 2004-08-19 16:09:46 246,302 -c--a-w C:\WINDOWS\system32\dllcache\strmdll.dll
+ 2006-08-24 18:19:40 246,814 -c--a-w C:\WINDOWS\system32\dllcache\strmdll.dll
- 2004-08-19 16:09:46 716,800 -c--a-w C:\WINDOWS\system32\dllcache\sxs.dll
+ 2006-10-20 01:38:44 716,800 -c--a-w C:\WINDOWS\system32\dllcache\sxs.dll
- 2004-08-19 16:09:46 210,432 -c--a-w C:\WINDOWS\system32\dllcache\t2embed.dll
+ 2005-10-17 21:21:08 118,272 -c--a-w C:\WINDOWS\system32\dllcache\t2embed.dll
- 2004-08-19 16:09:48 246,272 -c--a-w C:\WINDOWS\system32\dllcache\tapisrv.dll
+ 2005-07-08 16:28:58 249,344 -c--a-w C:\WINDOWS\system32\dllcache\tapisrv.dll
- 2005-03-14 03:17:18 359,936 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys
+ 2006-04-20 12:18:35 360,576 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys
- 2004-08-03 23:07:46 223,616 -c--a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
+ 2006-08-16 09:37:30 225,664 -c--a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
- 2004-08-19 16:10:04 77,824 -c--a-w C:\WINDOWS\system32\dllcache\telnet.exe
+ 2005-05-11 02:30:03 78,336 -c--a-w C:\WINDOWS\system32\dllcache\telnet.exe
- 2004-08-19 16:09:48 101,376 -c--a-w C:\WINDOWS\system32\dllcache\txflog.dll
+ 2005-07-26 04:40:00 101,376 -c--a-w C:\WINDOWS\system32\dllcache\txflog.dll
- 2004-08-19 16:09:48 119,808 -c--a-w C:\WINDOWS\system32\dllcache\umpnpmgr.dll
+ 2005-08-23 03:39:36 124,928 -c--a-w C:\WINDOWS\system32\dllcache\umpnpmgr.dll
- 2004-09-02 00:27:22 209,280 -c--a-w C:\WINDOWS\system32\dllcache\update.sys
+ 2007-04-23 10:14:23 364,160 -c--a-w C:\WINDOWS\system32\dllcache\update.sys
- 2004-08-19 16:09:48 185,344 -c--a-w C:\WINDOWS\system32\dllcache\upnphost.dll
+ 2007-02-05 20:19:06 185,344 -c--a-w C:\WINDOWS\system32\dllcache\upnphost.dll
- 2005-03-10 10:04:14 605,696 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2007-08-22 12:57:30 620,032 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2005-03-02 20:10:36 578,048 -c--a-w C:\WINDOWS\system32\dllcache\user32.dll
+ 2007-03-08 15:37:50 578,560 -c--a-w C:\WINDOWS\system32\dllcache\user32.dll
- 2004-08-19 16:09:48 848,384 -c--a-w C:\WINDOWS\system32\dllcache\vgx.dll
+ 2007-06-26 13:56:54 851,968 -c--a-w C:\WINDOWS\system32\dllcache\vgx.dll
- 2004-08-19 16:09:48 504,832 -c--a-w C:\WINDOWS\system32\dllcache\wab32.dll
+ 2007-05-16 15:13:55 510,976 -c--a-w C:\WINDOWS\system32\dllcache\wab32.dll
- 2004-08-19 16:09:48 84,992 -c--a-w C:\WINDOWS\system32\dllcache\wabimp.dll
+ 2007-05-16 15:13:55 85,504 -c--a-w C:\WINDOWS\system32\dllcache\wabimp.dll
- 2004-08-03 21:15:06 82,944 -c--a-w C:\WINDOWS\system32\dllcache\wdmaud.sys
+ 2006-06-14 09:00:45 82,944 -c--a-w C:\WINDOWS\system32\dllcache\wdmaud.sys
- 2004-08-19 16:09:48 67,584 -c--a-w C:\WINDOWS\system32\dllcache\webclnt.dll
+ 2006-01-04 03:35:11 68,096 -c--a-w C:\WINDOWS\system32\dllcache\webclnt.dll
- 2004-08-19 16:09:48 333,824 -c--a-w C:\WINDOWS\system32\dllcache\wiaservc.dll
+ 2006-12-19 18:17:50 334,336 -c--a-w C:\WINDOWS\system32\dllcache\wiaservc.dll
- 2005-03-02 20:07:54 1,836,416 -c--a-w C:\WINDOWS\system32\dllcache\win32k.sys
+ 2007-03-08 15:33:58 1,843,712 -c--a-w C:\WINDOWS\system32\dllcache\win32k.sys
- 2005-03-10 10:04:14 660,992 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2007-08-22 12:57:30 669,696 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
- 2005-03-02 20:10:36 291,840 -c--a-w C:\WINDOWS\system32\dllcache\winsrv.dll
+ 2007-03-17 13:44:47 293,376 -c--a-w C:\WINDOWS\system32\dllcache\winsrv.dll
- 2004-08-19 16:09:48 132,096 -c--a-w C:\WINDOWS\system32\dllcache\wkssvc.dll
+ 2006-08-17 12:29:49 132,096 -c--a-w C:\WINDOWS\system32\dllcache\wkssvc.dll
- 2005-04-30 17:00:02 5,533,696 -c--a-w C:\WINDOWS\system32\dllcache\wmp.dll
+ 2007-04-30 13:20:24 5,537,792 -c--a-w C:\WINDOWS\system32\dllcache\wmp.dll
- 2005-04-30 17:23:50 2,374,392 -c--a-w C:\WINDOWS\system32\dllcache\wmvcore.dll
+ 2006-12-07 05:29:34 2,374,472 -c--a-w C:\WINDOWS\system32\dllcache\wmvcore.dll
- 2004-08-19 16:09:50 432,640 -c--a-w C:\WINDOWS\system32\dllcache\wuapi.dll
+ 2007-07-31 00:19:36 549,720 -c--a-w C:\WINDOWS\system32\dllcache\wuapi.dll
- 2004-08-19 16:10:06 112,640 -c--a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
+ 2007-07-31 00:19:16 53,080 -c--a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
- 2004-08-19 16:09:50 1,134,592 -c--a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
+ 2007-07-31 00:19:42 1,712,984 -c--a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
- 2004-08-19 16:09:50 114,176 -c--a-w C:\WINDOWS\system32\dllcache\wucltui.dll
+ 2007-07-31 00:19:32 325,976 -c--a-w C:\WINDOWS\system32\dllcache\wucltui.dll
- 2004-08-19 16:09:50 36,864 -c--a-w C:\WINDOWS\system32\dllcache\wups.dll
+ 2007-07-31 00:18:40 33,624 -c--a-w C:\WINDOWS\system32\dllcache\wups.dll
- 2004-08-19 16:09:50 120,320 -c--a-w C:\WINDOWS\system32\dllcache\wuweb.dll
+ 2007-07-31 00:19:28 203,096 -c--a-w C:\WINDOWS\system32\dllcache\wuweb.dll
- 2004-08-19 16:09:50 11,776 -c--a-w C:\WINDOWS\system32\dllcache
10 Novembre 2007 01:05:42

-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Friday, November 09, 2007 7:02:50 PM
Système d'exploitation : Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 10/11/2007
Enregistrements dans la base antivirus Kaspersky : 427439
-------------------------------------------------------------------------------

Paramètres d'analyse:
Analyser avec la base antivirus suivante: standard
Analyser les archives: vrai
Analyser les bases de messagerie: vrai

Cible de l'analyse - Poste de travail:
A:\
C:\
D:\
F:\

Statistiques de l'analyse:
Total d'objets analysés: 113648
Nombre de virus trouvés: 0
Nombre d'objets infectés: 0 / 0
Nombre d'objets suspects: 0
Durée de l'analyse: 00:50:02

Nom de l'objet infecté / Nom du virus / Dernière action
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\yoshpmbu.default\cert8.db L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\yoshpmbu.default\formhistory.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\yoshpmbu.default\history.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\yoshpmbu.default\key3.db L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\yoshpmbu.default\parent.lock L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\yoshpmbu.default\search.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\yoshpmbu.default\urlclassifier2.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Ahead\Nero Home\bl.db L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Ahead\Nero Home\is2.db L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Identities\{04E4D7FC-F9F9-4E4B-9CF1-116E6A7323B1}\Microsoft\Outlook Express\Folders.dbx L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Identities\{04E4D7FC-F9F9-4E4B-9CF1-116E6A7323B1}\Microsoft\Outlook Express\Offline.dbx L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Messenger\wewic@msn.com\SharingMetadata\Logs\Dfsr00005.log L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Messenger\wewic@msn.com\SharingMetadata\pending.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Messenger\wewic@msn.com\SharingMetadata\Working\database_24CC_680_CC06_4D0C\dfsr.db L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Messenger\wewic@msn.com\SharingMetadata\Working\database_24CC_680_CC06_4D0C\fsr.log L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Messenger\wewic@msn.com\SharingMetadata\Working\database_24CC_680_CC06_4D0C\fsrtmp.log L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Messenger\wewic@msn.com\SharingMetadata\Working\database_24CC_680_CC06_4D0C\tmp.edb L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows Live Contacts\wewic@msn.com\real\members.stg L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows Live Contacts\wewic@msn.com\shadow\members.stg L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\yoshpmbu.default\Cache\_CACHE_001_ L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\yoshpmbu.default\Cache\_CACHE_002_ L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\yoshpmbu.default\Cache\_CACHE_003_ L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\yoshpmbu.default\Cache\_CACHE_MAP_ L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\MSHist012007110620071107\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Temp\BCG29FE.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Temp\BCG29FF.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Temp\hpodvd09.log L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Temp\~DFA658.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Temp\~DFA668.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Temp\~DFC454.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Temp\~DFC461.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Program Files\ESET\cache\CACHE.NDB L'objet est verrouillé ignoré
C:\Program Files\ESET\logs\virlog.dat L'objet est verrouillé ignoré
C:\Program Files\ESET\logs\warnlog.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\chandir.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\chandir.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\chn.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\chn.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\D0000000.FCS L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\inuse.txt L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\L0000013.FCS L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\main.log L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\prs.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\prs.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\prs_die.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\prs_die.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\prs_dnd.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\prs_dnd.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\prs_ext.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\prs_ext.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\prs_rcv.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\prs_rcv.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\storydb.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\storydb.idx L'objet est verrouillé ignoré
C:\Program Files\Venturi2\Client\vent2.log L'objet est verrouillé ignoré
C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
C:\System Volume Information\_restore{000FA444-83AC-41B6-81BB-CA126330189D}\RP11\change.log L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\ACEEvent.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\ODiag.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\OSession.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
C:\WINDOWS\system32\LogFiles\HTTPERR\httperr1.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
F:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
F:\System Volume Information\_restore{000FA444-83AC-41B6-81BB-CA126330189D}\RP11\change.log L'objet est verrouillé ignoré

Analyse terminée.
10 Novembre 2007 17:09:51

Bonjour

Pas de signe d'infection dans ce rapport.

As tu encore des dysfonctionnements ?
10 Novembre 2007 23:37:06

Tout est beau... pour l'instant en tout cas! Si jamais j'ai un problème j'donne un signe de vie! Merci beaucoup pour l'aide que vous m'avez apporté!
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS