connection impossible Résolu

Question

Bonjour,

voici mon problème j'ai avast sur mon PC mais pour une raison que je ne connais pas je n'arrive plus a l'ouvrir donc impossible de scanner mon PC, je suis donc aller sur secuser pour faire un scan et la impossible de me connecter apparemment il met trop de temps a répondre donc il ne se passe rien que dois je faire merci de votre réponse

benurrr · Accepted Answer

je t'ai envoyer un lien pour configurer ccleaner 

que je te renvoie il est tres bien fait

https://www.malekal.com/tutoriel-ccleaner/


Par Manque De Curiosité On Risque De Mourir Ignorant;Tu es libre de penser que tu es C..,
Mais C.. de penser que ­tu es libre...Merci a australe13

benurrr · Answer

Bonjourrr;

poste un rapport hijackthis (outil de diagnostic)
Télécharge http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download

--) Enregistre HJTInstall.exe sur ton bureau
--) Double-clique sur HJTInstall.exe pour lancer le programme
--) Par défaut, il s'installera içi C:\Programme Files\Trend Micro\HijackThis
--) Accepte la license en cliquant sur le bouton "I Accept"
--) Choisis l'option "Do a system scan and save a log file"
--) Clique sur "Save log" pour enregistrer le rapport qui s'ouvrira avec le bloc-note
--) Clique sur "Édition -> Sélectionner tout", puis sur "Édition -> Copier" pour copier tout le contenu du rapport
--) Colle le rapport que tu viens de copier sur ce forum
--) Ne fixe encore AUCUNE ligne,

lambulanciere · Answer

bonjour

merci de ta reponse aussi rapide, je n'arrive pas a me connecter des que je clic sur le lien toute les fenetres se ferme

benurrr · Answer

un premier nettoyage en mode sans echec si sa passe

comment Redémarrer l'ordinateur en mode sans échec pour cela (tu tapotes la touche F8 dès le début de l’allumage du PC sans t’arrêter)

Ne jamais démarrer en mode sans échec via msconfig

et tu fait un scan avec ton antivirus et tu supprime tout se qu'il trouve 

et poste le rapport generer

lambulanciere · Answer

snif mon probleme reste inchanger impossible d'ouvrir avast en mode sans echec

benurrr · Answer

essaye un scan en ligne içi avec explorer pas firefox

http://www.bitdefender.fr/scan_fr/scan8/ie.html


Par Manque De Curiosité On Risque De Mourir Ignorant;Tu es libre de penser que tu es C..,
Mais C.. de penser que ­tu es libre...Merci a australe13

lambulanciere · Answer

grand grand merci l'analyse est en cours maintenant j'attend le resultat et te tient au courant merci encore

lambulanciere · Answer

bizzare il me trouve des trojan qu'il a detruit mais un resiste et bloque toute l'analyse

benurrr · Answer

toujours bloquer l'analyse ?

lambulanciere · Answer

oui le trojan se trouve dans C systeme volume information restore fichier que je ne trouve pas

benurrr · Answer

non c'est bon c'est la restauration system on la purgera après la désinfection

essaye de nous faire un rapport hijackthis comme expliquer plus haut

lambulanciere · Answer

toujours impossible de me connecter a ce lien

benurrr · Answer

et la

http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe

lambulanciere · Answer

il est installer mais ne s'execute pas

benurrr · Answer

comment sa il ne s'exécute pas ?

lambulanciere · Answer

il m'a proposer de l'enregistrer sur le bureau j'ai accepter ensuite fait executer et le fenetre s'ouvre et se referme aussitot

benurrr · Answer

ferme toute tes application et double clic sur l'exe de hijackthis

lambulanciere · Answer

aucun changement toujours meme probleme

benurrr · Answer

télécharge malwarbyte http://www.commentcamarche.net/telecharger/telechargement 34055379 malwarebytes anti malware

a l'installation vérifie que mise a jour et lancer programme et scan complet sont bien cocher 

Une fois a jour, le programme va se lancer; clic sur l´onglet paramètre, et coche la case : "Arrêter internet explorer pendant la suppression". 

A la fin du scan clique sur Afficher les résultats 

Vérifier si tout est coché et clic Supprimer la sélection 

S'il t'es demandé de redémarrer >>> clique sur "Yes" 

Et tu poste le rapport générer

lambulanciere · Answer

il m'a pas demander de l'installer seulement enregistrer et executer

benurrr · Answer

oui tu l'enregistre sur ton bureau 

et apres tu l'installe en double cliquant sur le l'icone malwarbyte

lambulanciere · Answer

le lien ne fonctionne pas

benurrr · Answer

il fallait passer par serveur 1

http://www.malwarebytes.org/mbam/program/mbam-setup.exe

lambulanciere · Answer

ca marche toujours pas

benurrr · Answer

alors les grand moyen

suit bien les instructions

Telecharge combofix : http://download.bleepingcomputer.com/sUBs/ComboFix.exe

-> Double clique combofix.exe.
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

Avant d'utiliser ComboFix :

-> Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.

-> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil.

Une fois fait, sur ton bureau double-clic sur Combofix.exe.

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

-Attention Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes. risque de figer l'ordi

- En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.

- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)

-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.

!\ Ne touche à rien tant que le scan n'est pas terminé. /!\ : risque de figer l'ordi (plantage complet)

::Si combofix detecte quelque chose et de demande a redemarer tu accepte

lambulanciere · Answer

combifox a detecter que le scanner en temps reel suivant est actif
avast antivirus
je fait koi

benurrr · Answer

il faut le désactiver et ne plus toucher au PC pendant le scan sinon tu le plante

c'est bien spécifier sur mon message précédent

lambulanciere · Answer

oui mais je ne peut pas desactiver avast puisque je ne peut pas l'ouvrir alors comment faire

benurrr · Answer

s'il y'a l'icone a droite a coter de l'horloge tu fait un clic droit fermer

si non

si tu la pas demarrer---) panneau de configuration---) outil administration ---)service la tu cherche avast tu fait un clic droit ---)proprieter et dans la fenetre qui s'ouvre tu fait arrêter

lambulanciere · Answer

voici le rapport d'erreur

ComboFix 09-05-16.05 - Cécile 17/05/2009 15:32.1 - NTFSx86
Microsoft Windows XP Édition familiale  5.1.2600.3.1252.33.1036.18.1471.906 [GMT 2:00]
Lancé depuis: d:\documents and settings\Cécile\Bureau\ComboFix.exe
AV: avast! antivirus 4.7.1098 [VPS 080831-0] *On-access scanning disabled* (Outdated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Norton Internet Security *On-access scanning disabled* (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.

((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Mozilla Firefox\components\fae5582a-e78f-0b3a-4288-0b7876d64d17.dll
c:\windows\GnuHashes.ini
c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\dumphive.exe
c:\windows\system32\GroupPolicy000.dat
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\stera.log
c:\windows\system32\tmp.reg
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe
d:\documents and settings\Administrateur\Application Data\[u]0/u200000002b3d44e530C.manifest
d:\documents and settings\Administrateur\Application Data\[u]0/u200000002b3d44e530O.manifest
d:\documents and settings\Administrateur\Application Data\[u]0/u200000002b3d44e530P.manifest
d:\documents and settings\Administrateur\Application Data\[u]0/u200000002b3d44e530S.manifest
c:\windows\system32\apcup.dll . . . . impossible à supprimer

.
(((((((((((((((((((((((((((((((((((((((   Pilotes/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_BOONTY_GAMES
-------\Service_Boonty Games


(((((((((((((((((((((((((((((   Fichiers créés du 2009-04-17 au 2009-05-17  ))))))))))))))))))))))))))))))))))))
.

2009-05-17 10:37 . 2009-05-17 12:01	--------	d-----w	c:\windows\BDOSCAN8
2009-05-17 09:02 . 2009-05-17 09:02	--------	d-----w	d:\documents and settings\Moi\Local Settings\Application Data\Mozilla
2009-05-17 09:00 . 2009-05-17 09:00	--------	d-----w	d:\documents and settings\Moi\Local Settings\Application Data\Deployment
2009-05-08 00:20 . 2009-05-16 12:07	205840	----a-w	c:\windows\system32\kusers.dll
2009-04-20 17:56 . 2009-05-17 10:51	--------	d--h--r	c:\program files\rnamfler
2009-04-19 15:54 . 2009-04-19 15:54	--------	d-----w	c:\program files\VstPlugins
2009-04-19 15:54 . 2006-06-20 08:56	225280	----a-w	c:\windows\system32\rewire.dll
2009-04-19 15:53 . 2009-04-19 15:53	--------	d-----w	c:\program files\Outsim
2009-04-19 15:51 . 2009-04-22 06:33	--------	d-----w	c:\program files\Image-Line

.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-17 13:34 . 2009-02-09 09:09	96256	----a-w	c:\windows\system32\apcup.dll
2009-05-17 09:00 . 2006-01-13 16:35	234464	-c--a-w	d:\documents and settings\Moi\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-10 11:22 . 2007-04-01 03:02	280079	----a-w	c:\windows\system32\bbbeadce.dll
2009-05-01 15:35 . 2009-04-13 17:57	--------	d-----w	c:\program files\Free Music Zilla
2009-04-23 16:59 . 2009-03-02 20:14	15688	----a-w	c:\windows\system32\lsdelete.exe
2009-04-23 16:58 . 2009-03-02 20:05	64160	----a-w	c:\windows\system32\drivers\Lbd.sys
2009-04-23 15:23 . 2008-03-26 10:00	--------	d-----w	c:\program files\EoRezo
2009-04-16 05:51 . 2004-08-16 16:41	77490	----a-w	c:\windows\system32\perfc00C.dat
2009-04-16 05:51 . 2004-08-16 16:41	471526	----a-w	c:\windows\system32\perfh00C.dat
2009-04-10 06:30 . 2007-04-19 03:23	312847	------w	c:\windows\system32\bdbcaacebddb.dll
2009-04-09 10:26 . 2009-02-27 19:55	85665	----a-w	c:\windows\system32\f07e8262-d31b-cd8e-2d10-881fafc69c8c.exe
2009-03-30 17:06 . 2009-03-30 17:06	--------	d-----w	c:\program files\EasyFlirt Messenger
2009-03-29 20:02 . 2005-12-23 20:49	--------	d-----w	c:\program files\Fichiers communs\Adobe
2009-03-06 14:20 . 2006-03-02 12:00	286720	----a-w	c:\windows\system32\pdh.dll
2009-03-04 14:21 . 2009-03-04 14:21	246288	----a-w	c:\windows\system32\88ee5dc43b600b4bfe4a4eb4b223400c.exe
2009-03-03 00:13 . 2006-03-02 12:00	826368	----a-w	c:\windows\system32\wininet.dll
2009-02-22 19:29 . 2008-07-26 08:19	5632	----a-w	c:\windows\system32\drivers\StarOpen.sys
2009-02-20 17:10 . 2006-03-02 12:00	78336	----a-w	c:\windows\system32\ieencode.dll
2008-03-25 19:21 . 2008-03-25 19:21	97409	----a-w	c:\program files\install_DivX Player_.exe
2008-03-10 20:57 . 2008-03-10 20:57	6105952	----a-w	c:\program files\Firefox Setup 2.0.0.12.exe
2008-03-02 16:38 . 2008-03-02 16:38	1104734	----a-w	c:\program files\dvdshrink_3.2.0.16_fr.zip
2004-10-01 13:00 . 2007-04-05 11:58	40960	----a-w	c:\program files\Uninstall_CDS.exe
2009-05-16 12:07 . 2009-04-04 07:54	67088	----a-w	c:\program files\mozilla firefox\components\bdbcaacebddb.dll
.

(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés 
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E0C3CCFE-6063-467D-86BE-A04FBA8A13C9}]
2009-05-17 13:34	96256	----a-w	c:\windows\system32\apcup.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-21 68856]
"NBJ"="c:\program files\Ahead\Nero BackItUp\NBJ.exe" [2006-02-10 2048000]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2005-12-14 180269]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2007-01-29 30248]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2007-01-29 46632]
"PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-02-01 255528]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2007-03-12 663552]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-01-06 290088]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-04-23 516440]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"EoEngine"="c:\program files\EoRezo\EoEngine.exe" [2009-02-23 472872]
"SoftwareHelper"="d:\documents and settings\Cécile\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe" [2008-12-09 368224]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

d:\documents and settings\C‚cile\Menu D‚marrer\Programmes\D‚marrage\
Notification de cadeaux MSN.lnk - d:\documents and settings\C‚cile\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [2009-3-20 135680]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\bbbeadce]
2009-05-10 11:22	280079	----a-w	c:\windows\system32\bbbeadce.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\bdbcaacebddb]
2009-04-10 06:30	312847	------w	c:\windows\system32\bdbcaacebddb.dll

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32
"wave1"= serwvdrv.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Désinstallation.lnk]
path=d:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Désinstallation.lnk
backup=c:\windows\pss\Désinstallation.lnkCommon Startup

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^PC TimeWatch Tray Icon.lnk]
path=d:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\PC TimeWatch Tray Icon.lnk
backup=c:\windows\pss\PC TimeWatch Tray Icon.lnkCommon Startup

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^PhotoImpression 4.lnk]
path=d:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\PhotoImpression 4.lnk
backup=c:\windows\pss\PhotoImpression 4.lnkCommon Startup

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Web Services.lnk]
path=d:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Web Services.lnk
backup=c:\windows\pss\Web Services.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"XCOMM"=2 (0x2)
"VSSERV"=2 (0x2)
"SPBBCSvc"=2 (0x2)
"SNDSrvc"=2 (0x2)
"SAVScan"=3 (0x3)
"navapsvc"=3 (0x3)
"lxcg_device"=3 (0x3)
"LIVESRV"=2 (0x2)
"ISSVC"=2 (0x2)
"iPodService"=3 (0x3)
"ccSetMgr"=2 (0x2)
"ccPwdSvc"=3 (0x3)
"ccProxy"=2 (0x2)
"ccEvtMgr"=2 (0x2)
"bdss"=2 (0x2)
"PTWsvc"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%ProgramFiles%\AOL 9.0\aol.exe"=
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe"=
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe"=
"%windir%\system32\sessmgr.exe"=
"c:\APPS\Inventime\my.exe"=
"c:\Program Files\Messenger\msmsgs.exe"=
"c:\Program Files\LimeWire\LimeWire.exe"=
"%windir%\Network Diagnostic\xpnetdiag.exe"=
"c:\APPS\skype\phone\Skype.exe"=
"c:\Program Files\iTunes\iTunes.exe"=
"c:\Program Files\Windows Live\Messenger\wlcsdk.exe"=
"c:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"=
"c:\Program Files\Windows Live\Messenger\msnmsgr.exe"=

R0 klbhmfvi;klbhmfvi;c:\windows\system32\drivers\klbhmfvi.sys [02/03/2006 14:00 23424]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [02/03/2009 22:05 64160]
R2 atjsgt;atjsgt;c:\windows\system32\drivers\atjsgt.sys [13/08/2007 11:44 165504]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [11/03/2009 18:53 55152]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [18/01/2009 23:34 953168]
R2 linsgt;linsgt;c:\windows\system32\drivers\linsgt.sys [13/08/2007 11:44 16000]
R2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [14/01/2009 18:53 226656]
S0 cfbfe;cfbfe;c:\windows\system32\drivers\gdbto.sys --> c:\windows\system32\drivers\gdbto.sys [?]
S3 ATE_PROCMON;ATE_PROCMON;\??\c:\program files\Anti Trojan Elite\ATEPMon.sys --> c:\program files\Anti Trojan Elite\ATEPMon.sys [?]
S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 19:08 533360]
S3 PTWDrv;PTW - Process monitoring driver;c:\program files\MainSoft\PC TimeWatch\PTWatch.sys [20/10/2003 17:07 4096]
S4 PTWsvc;PCTimeWatch;c:\program files\MainSoft\PC TimeWatch\PTWsvc.exe [06/02/2007 11:58 835584]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
Contenu du dossier 'Tâches planifiées'

2009-05-11 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 16:58]

2009-05-13 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 11:34]

2009-05-17 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-08-21 20:28]

2009-05-17 c:\windows\Tasks\Maintenance en 1 clic.job
- d:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 08:23]
.
- - - - ORPHELINS SUPPRIMES - - - -

Notify-WgaLogon - (no file)


.
------- Examen supplémentaire -------
.
uStart Page = hxxp://y.lo.st
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
FF - ProfilePath - d:\documents and settings\Cécile\Application Data\Mozilla\Firefox\Profiles\9wup1kzf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www15.yoog.com/search.php?q=
FF - prefs.js: browser.search.selectedEngine - Yoog Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - prefs.js: keyword.URL - hxxp://www15.yoog.com/search.php?q=
FF - component: c:\program files\Mozilla Firefox\components\bdbcaacebddb.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava11.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava12.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava13.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava14.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava32.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJPI150_02.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPOJI610.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin8.dll
FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin8.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

---- PARAMETRES FIREFOX ----
FF - user.js: google.toolbar.linkdoctor.enabled - false
FF - user.js: browser.search.defaultenginename - Yoog Search
FF - user.js: browser.search.defaulturl - hxxp://www15.yoog.com/search.php?q=
FF - user.js: browser.search.selectedEngine - Yoog Search
FF - user.js: keyword.URL - hxxp://www15.yoog.com/search.php?q=
FF - user.js: keyword.enabled - true
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-17 15:40
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ... 

Recherche d'éléments en démarrage automatique cachés ... 

Recherche de fichiers cachés ... 


c:\windows\system32\4f166e45e07a7e201bf9c46bfef818c9.sys 39936 bytes executable
c:\windows\system32\_4f166e45e07a7e201bf9c46bfef818c9.sys_.vir 39936 bytes executable

Scan terminé avec succès
Fichiers cachés: 2

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\4f166e45e07a7e201bf9c46bfef818c9]
"ImagePath"="system32\4f166e45e07a7e201bf9c46bfef818c9.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\MysqlInventime]
"ImagePath"="c:\apps\INVENT~1\mysql\bin\mysqld-nt --defaults-file=c:\apps\Inventime\mysql\my.ini MysqlInventime"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(500)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\bbbeadce.dll
c:\windows\system32\bdbcaacebddb.dll

- - - - - - - > 'explorer.exe'(3372)
c:\windows\system32\eappprxy.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\progra~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\apps\Powercinema\Kernel\TV\CLCapSvc.exe
c:\program files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
c:\program files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\apps\HIDSERVICE\HidService.exe
c:\program files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
c:\apps\Powercinema\Kernel\TV\CLSched.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\ati2evxx.exe
d:\documents and settings\Cécile\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Brother\Brmfcmon\BrMfcMon.exe
c:\windows\system32\wbem\wmiadap.exe
.
**************************************************************************
.
Heure de fin: 2009-05-17 15:43 - La machine a redémarré
ComboFix-quarantined-files.txt  2009-05-17 13:43

Avant-CF: 6 462 615 552 octets libres
Après-CF: 6 357 966 848 octets libres

270	--- E O F ---	2009-05-14 01:02

benurrr · Answer

encore pas mal d'infection je te prépare script le temps que je regarde le rapport

benurrr · Answer

en attendant fait ceçi

Télécharges http://sd-1.archive-host.com/membres/up/16506160323759868/AD-R.exe ( de Cyrildu17 / C_XX ) sur ton bureau : 

&#9679; Télécharge AD-R.zip sur ton bureau. AD-Remover.zip] sur ton bureau. 
&#9679; Dézippe-le ( clique droit -> ' extraire tout ' ) 
&#9679; Ouvre le dossier Ad-remover , et double clique sur Ad-remover.exe. 
&#9679; A l'écran Warning tape 'Y' et valide par [ENTREE] 
&#9679; Au menu principal choisi l'option "A" 
&#9679; Poste le rapport qui apparait à la fin. 

( le rapport est sauvegardé aussi sous C:\Ad-report.txt ) 

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller ) 

Note : 

Process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. 
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. 
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

lambulanciere · Answer

ou puis je le trouver

benurrr · Answer

si c'est le rapport ici

poste de travaille----)C:\Ad-report.txt

lambulanciere · Answer

non adr zip  je le trouve pas

benurrr · Answer

si tu la télécharger il doit-être sur le bureau ou mes document----)mes fichier reçus

lambulanciere · Answer

non je l'est pas telecharger

benurrr · Answer

y'a le lien au message 31

lambulanciere · Answer

Unloading 'hku
etworkservice.autorite' unsuccessful


Unloading 'hku
etworkservice.autorite' unsuccessful


Unloading 'hku
etworkservice.autorite' unsuccessful


Unloading 'hku
etworkservice.autorite' unsuccessful


Unloading 'hku
etworkservice.autorite' unsuccessful


Unloading 'hku
etworkservice.autorite' unsuccessful


Unloading 'hku
etworkservice.autorite' unsuccessful


  Terminé! le rapport est sauvegardé ici: C:\Ad-Report-Scan-17.05.2009.log

Appuyez sur une touche pour continuer...

lambulanciere · Answer

------- LOGFILE OF AD-REMOVER 1.1.3.9 | ONLY XP/VISTA -------

Updated by C_XX on 16/05/2009 at 21:15
Contact: AdRemover.contact@gmail.com
Website: http://pagesperso-orange.fr/NosTools/ad_remover.html

Start at: 16:43:44, 17/05/2009 | Boot mode: Normal Boot
Option: Scan | Executed from: C:\Program Files\Ad-remover\
Operating System: Microsoft® Windows XP™  Service Pack 3 v5.1.2600
Computer Name: Cecile
Current User: C‚cile - Administrator
Drive(s): 
- C:\  (File System: NTFS)
- D:\  (File System: NTFS)

(!) -- D:\Documents and Settings\Administrateur\Ntuser.dat Loaded as: 'HKU\Administrateur'
(!) -- D:\Documents and Settings\Invit‚\Ntuser.dat Loaded as: 'HKU\Invit‚'
(!) -- D:\Documents and Settings\LocalService.AUTORITE NT.000\Ntuser.dat Loaded as: 'HKU\LocalService.AUTORITE NT.000'
(!) -- D:\Documents and Settings\LocalService.AUTORITE NT.001\Ntuser.dat Loaded as: 'HKU\LocalService.AUTORITE NT.001'
(!) -- D:\Documents and Settings\LocalService.AUTORITE NT.002\Ntuser.dat Loaded as: 'HKU\LocalService.AUTORITE NT.002'
(!) -- D:\Documents and Settings\LocalService.AUTORITE NT.003\Ntuser.dat Loaded as: 'HKU\LocalService.AUTORITE NT.003'
(!) -- D:\Documents and Settings\LocalService.AUTORITE NT.004\Ntuser.dat Loaded as: 'HKU\LocalService.AUTORITE NT.004'
(!) -- D:\Documents and Settings\LocalService.AUTORITE NT.006\Ntuser.dat Loaded as: 'HKU\LocalService.AUTORITE NT.006'
(!) -- D:\Documents and Settings\LocalService.AUTORITE NT.007\Ntuser.dat Loaded as: 'HKU\LocalService.AUTORITE NT.007'
(!) -- D:\Documents and Settings\Moi\Ntuser.dat Loaded as: 'HKU\Moi'
(!) -- D:\Documents and Settings\NetworkService.AUTORITE NT.000\Ntuser.dat Loaded as: 'HKU\NetworkService.AUTORITE NT.000'
(!) -- D:\Documents and Settings\NetworkService.AUTORITE NT.001\Ntuser.dat Loaded as: 'HKU\NetworkService.AUTORITE NT.001'
(!) -- D:\Documents and Settings\NetworkService.AUTORITE NT.002\Ntuser.dat Loaded as: 'HKU\NetworkService.AUTORITE NT.002'
(!) -- D:\Documents and Settings\NetworkService.AUTORITE NT.003\Ntuser.dat Loaded as: 'HKU\NetworkService.AUTORITE NT.003'
(!) -- D:\Documents and Settings\NetworkService.AUTORITE NT.004\Ntuser.dat Loaded as: 'HKU\NetworkService.AUTORITE NT.004'
(!) -- D:\Documents and Settings\NetworkService.AUTORITE NT.010\Ntuser.dat Loaded as: 'HKU\NetworkService.AUTORITE NT.010'
(!) -- D:\Documents and Settings\NetworkService.AUTORITE NT.011\Ntuser.dat Loaded as: 'HKU\NetworkService.AUTORITE NT.011'
(!) -- D:\Documents and Settingsichard\Ntuser.dat Loaded as: 'HKUichard'

============ Known Adwares Found ============

.
HKLM\Software\Trymedia Systems
HKCU\Software\AppDataLow\software\{A90F6FDE-90A5-7C09-0E11-65FD0E109511}
HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C09EB1ED-00FD-4177-B134-94AEBE2ECED9}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\f07e8262-d31b-cd8e-2d10-881fafc69c8c
.
D:\Documents and Settings\C‚cile\Application Data\Mozilla\Firefox\Profiles\9wup1kzf.default\searchplugins\Yoog Search.xml
D:\Documents and Settings\C‚cile\Application Data\Mozilla\Firefox\Profiles\9wup1kzf.default\searchplugins\ask.xml
C:\WINDOWS\System32\f07e8262-d31b-cd8e-2d10-881fafc69c8c.exe
D:\Documents and Settings\C‚cile\Application Data\Mozilla\FireFox\Profiles\9wup1kzf.default\searchplugins\Yoog Search.xml
D:\Documents and Settings\C‚cile\Cookies\c‚cile@atdmt[1].txt
D:\Documents and Settings\C‚cile\Cookies\c‚cile@bs.serving-sys[2].txt

+-----------------| Eorezo Elements Found:

HKCR\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
HKCR\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
HKCU\Software\EoRezo
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\Software\EoRezo
HKLM\Software\Classes\TypeLib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
HKLM\Software\Classes\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1
HKU\S-1-5-21-2874080176-798181569-1004335510-1011\Software\Eorezo
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Eoengine
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Softwarehelper
.
C:\Program Files\EoRezo
D:\Documents and Settings\C‚cile\Application Data\EoRezo
D:\Documents and Settings\C‚cile\Application Data\Eorezo
D:\Documents and Settings\C‚cile\Cookies\c‚cile@ads.eorezo[2].txt
D:\Documents and Settings\C‚cile\Cookies\c‚cile@dl.eorezo[1].txt
D:\Documents and Settings\C‚cile\Cookies\c‚cile@eorezo[1].txt
D:\Documents and Settings\C‚cile\Cookies\c‚cile@mir0.eorezo[1].txt
C:\WINDOWS\Prefetch\SOFTWAREUPDATEHP.EXE-0530D7EB.pf
D:\Documents and Settings\C‚cile\Cookies\c‚cile@ads.eorezo[2].txt
D:\Documents and Settings\C‚cile\Cookies\c‚cile@dl.eorezo[1].txt
D:\Documents and Settings\C‚cile\Cookies\c‚cile@eorezo[1].txt
D:\Documents and Settings\C‚cile\Cookies\c‚cile@mir0.eorezo[1].txt

+-----------------| It's TV Elements Found:

HKCU\Software\ItsLabel
HKU\S-1-5-21-2874080176-798181569-1004335510-1011\Software\ItsLabel
.
D:\Documents and Settings\C‚cile\Application Data\ItsLabel
D:\Documents and Settings\C‚cile\Application Data\ItsLabel
C:\WINDOWS\Prefetch\ITSTV.EXE-1D7C04F8.pf
C:\WINDOWS\Prefetch\ITSTV.EXE-2B03540A.pf

+-----------------| Sweetim Elements Found:

.

+-----------------| Added Scan:

---- Mozilla FireFox Version 3.0.10 ----

ProfilePath: 9wup1kzf.default (C‚cile)
.
(Prefs.js) user_pref("browser.search.defaultenginename", "Yoog Search");
(Prefs.js) user_pref("browser.search.selectedEngine", "Yoog Search");
(Prefs.js) user_pref("browser.search.defaulturl", "hxxp://www15.yoog.com/search.php?q=");
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://www.google.fr/");
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.0.10");
(Invalidprefs.js) user_pref("browser.search.defaultenginename", "Yoog Search");
(Invalidprefs.js) user_pref("browser.search.selectedEngine", "Yoog Search");
(Invalidprefs.js) user_pref("browser.search.defaulturl", "hxxp://www15.yoog.com/search.php?q=");
(Invalidprefs.js) user_pref("browser.startup.homepage", "hxxp://y.lo.st");
(Invalidprefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.0.8");
(User.js) user_pref("browser.search.defaultenginename", "Yoog Search");
(User.js) user_pref("browser.search.selectedEngine", "Yoog Search");
(User.js) user_pref("browser.search.defaulturl", "hxxp://www15.yoog.com/search.php?q=");
.
(Prefs.js) Found: user_pref("browser.search.defaultenginename", "Yoog Search");
(Prefs.js) Found: user_pref("browser.search.defaulturl", "hxxp://www15.yoog.com/search.php?q=");
(Prefs.js) Found: user_pref("browser.search.selectedEngine", "Yoog Search");
(Prefs.js) Found: user_pref("keyword.URL", "hxxp://www15.yoog.com/search.php?q=");
(Invalidprefs.js) Found: user_pref("browser.search.defaultenginename", "Yoog Search");
(Invalidprefs.js) Found: user_pref("browser.search.defaulturl", "hxxp://www15.yoog.com/search.php?q=");
(Invalidprefs.js) Found: user_pref("browser.search.selectedEngine", "Yoog Search");
(Invalidprefs.js) Found: user_pref("browser.startup.homepage", "hxxp://y.lo.st");
(Invalidprefs.js) Found: user_pref("keyword.URL", "hxxp://www15.yoog.com/search.php?q=");
(User.js) Found: user_pref("browser.search.defaultenginename", "Yoog Search");
(User.js) Found: user_pref("browser.search.defaulturl", "hxxp://www15.yoog.com/search.php?q=");
(User.js) Found: user_pref("browser.search.selectedEngine", "Yoog Search");
(User.js) Found: user_pref("keyword.URL", "hxxp://www15.yoog.com/search.php?q=");

---- Internet Explorer Version 7.0.5730.13 ----

[HKEY_CURRENT_USER\..\Internet Explorer\Main]

Default_Search_URL: hxxp://www.google.com/ie
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://y.lo.st
Start Page: hxxp://www.google.fr/
Start Page Restore: hxxp://www.google.fr/
First Home Page: hxxp://lo.st#first

[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\Internet Explorer\Main]

Default_Search_URL: hxxp://www.google.com/ie
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://y.lo.st
Start Page: hxxp://www.google.fr/
Start Page Restore: hxxp://www.google.fr/
First Home Page: hxxp://lo.st#first

[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
SearchAssistant: hxxp://www.crawler.com/search/ie.aspx?tb_id=61005
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

Tabs: hxxp://y.lo.st

=========== Suspicious ==========

D:\Documents and Settings\Cécile\Mes documents\Programmes\Tune-up\Tune-up 2008\keygen.exe
[252416 Byte(s)|--a------|20/06/2008 17:57|HashMD5: dd6b659dab20e1d326dd080116de6c89 |CRC32: b78e62ea]

D:\Documents and Settingsichard\Bureau\special RICHARD\instal\Sauvegarde context d'exécution\patch.exe
[7921 Byte(s)|--a--c---|14/11/1999 12:32|HashMD5: f0a004d680a754b8e08716578ed37eda |CRC32: ff923fa9]


+---------------------------------------------------------------------------+

9351 Byte(s) - C:\Ad-Report-Scan-17.05.2009.log

1 File(s) - C:\Program Files\Ad-remover\BACKUP
0 File(s) - C:\Program Files\Ad-remover\QUARANTINE

End at: 17:05:45 | 17/05/2009
.
+-----------------| E.O.F
.

benurrr · Answer

/!\ Déconnecte-toi et ferme toutes applications en cours /!\

tu peux faire l option 2 :

Double-clique sur AD-Remover pour le lancer : au menu principal, choisis l'option B.

Choisis A

Puis choisis S, le programme va travailler.

Poste le rapport qui apparaît à la fin.

(Le rapport est sauvegardé aussi sous C:\Ad-report.log)

/!\ Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide) /!\

Note :

"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...)

lambulanciere · Answer

------- LOGFILE OF AD-REMOVER 1.1.3.9 | ONLY XP/VISTA -------

Updated by C_XX on 16/05/2009 at 21:15
Contact: AdRemover.contact@gmail.com
Website: http://pagesperso-orange.fr/NosTools/ad_remover.html

**** LIMITED TO ****

Known Adwares
Eorezo
It's TV
Sweetim

********************

Start at: 17:18:59, 17/05/2009 | Boot mode: Normal Boot
Option: Clean | Executed from: C:\Program Files\Ad-remover\
Operating System: Microsoft® Windows XP™  Service Pack 3 v5.1.2600
Computer Name: Cecile
Current User: C‚cile - Administrator
Drive(s): 
- C:\  (File System: NTFS)
- D:\  (File System: NTFS)

(!) -- D:\Documents and Settings\Administrateur\Ntuser.dat Loaded as: 'HKU\Administrateur'
(!) -- D:\Documents and Settings\Invit‚\Ntuser.dat Loaded as: 'HKU\Invit‚'
(!) -- D:\Documents and Settings\LocalService.AUTORITE NT.000\Ntuser.dat Loaded as: 'HKU\LocalService.AUTORITE NT.000'
(!) -- D:\Documents and Settings\LocalService.AUTORITE NT.001\Ntuser.dat Loaded as: 'HKU\LocalService.AUTORITE NT.001'
(!) -- D:\Documents and Settings\LocalService.AUTORITE NT.002\Ntuser.dat Loaded as: 'HKU\LocalService.AUTORITE NT.002'
(!) -- D:\Documents and Settings\LocalService.AUTORITE NT.003\Ntuser.dat Loaded as: 'HKU\LocalService.AUTORITE NT.003'
(!) -- D:\Documents and Settings\LocalService.AUTORITE NT.004\Ntuser.dat Loaded as: 'HKU\LocalService.AUTORITE NT.004'
(!) -- D:\Documents and Settings\LocalService.AUTORITE NT.006\Ntuser.dat Loaded as: 'HKU\LocalService.AUTORITE NT.006'
(!) -- D:\Documents and Settings\LocalService.AUTORITE NT.007\Ntuser.dat Loaded as: 'HKU\LocalService.AUTORITE NT.007'
(!) -- D:\Documents and Settings\Moi\Ntuser.dat Loaded as: 'HKU\Moi'
(!) -- D:\Documents and Settings\NetworkService.AUTORITE NT.000\Ntuser.dat Loaded as: 'HKU\NetworkService.AUTORITE NT.000'
(!) -- D:\Documents and Settings\NetworkService.AUTORITE NT.001\Ntuser.dat Loaded as: 'HKU\NetworkService.AUTORITE NT.001'
(!) -- D:\Documents and Settings\NetworkService.AUTORITE NT.002\Ntuser.dat Loaded as: 'HKU\NetworkService.AUTORITE NT.002'
(!) -- D:\Documents and Settings\NetworkService.AUTORITE NT.003\Ntuser.dat Loaded as: 'HKU\NetworkService.AUTORITE NT.003'
(!) -- D:\Documents and Settings\NetworkService.AUTORITE NT.004\Ntuser.dat Loaded as: 'HKU\NetworkService.AUTORITE NT.004'
(!) -- D:\Documents and Settings\NetworkService.AUTORITE NT.010\Ntuser.dat Loaded as: 'HKU\NetworkService.AUTORITE NT.010'
(!) -- D:\Documents and Settings\NetworkService.AUTORITE NT.011\Ntuser.dat Loaded as: 'HKU\NetworkService.AUTORITE NT.011'
(!) -- D:\Documents and Settingsichard\Ntuser.dat Loaded as: 'HKUichard'

(!) -- IE start pages/Tabs reset

============ Known Adwares Deleted ============

.
HKLM\Software\Trymedia Systems
HKCU\Software\AppDataLow\software\{A90F6FDE-90A5-7C09-0E11-65FD0E109511}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\f07e8262-d31b-cd8e-2d10-881fafc69c8c
.
D:\Documents and Settings\C‚cile\Application Data\Mozilla\Firefox\Profiles\9wup1kzf.default\searchplugins\Yoog Search.xml
D:\Documents and Settings\C‚cile\Application Data\Mozilla\Firefox\Profiles\9wup1kzf.default\searchplugins\ask.xml
C:\WINDOWS\System32\f07e8262-d31b-cd8e-2d10-881fafc69c8c.exe
D:\Documents and Settings\C‚cile\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Live Messenger .lnk
D:\Documents and Settings\C‚cile\Cookies\c‚cile@atdmt[1].txt
D:\Documents and Settings\C‚cile\Cookies\c‚cile@bs.serving-sys[2].txt

+-----------------| Eorezo Elements Deleted :

HKCR\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
HKCR\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
HKCU\Software\EoRezo
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\Software\EoRezo
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Eoengine
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Softwarehelper
.
C:\Program Files\EoRezo
D:\Documents and Settings\C‚cile\Application Data\EoRezo
D:\Documents and Settings\C‚cile\Cookies\c‚cile@ads.eorezo[2].txt
D:\Documents and Settings\C‚cile\Cookies\c‚cile@dl.eorezo[1].txt
D:\Documents and Settings\C‚cile\Cookies\c‚cile@eorezo[1].txt
D:\Documents and Settings\C‚cile\Cookies\c‚cile@mir0.eorezo[1].txt
C:\WINDOWS\Prefetch\SOFTWAREUPDATEHP.EXE-0530D7EB.pf

+-----------------| It's TV Elements Deleted :

HKCU\Software\ItsLabel
.
D:\Documents and Settings\C‚cile\Application Data\ItsLabel
C:\WINDOWS\Prefetch\ITSTV.EXE-1D7C04F8.pf
C:\WINDOWS\Prefetch\ITSTV.EXE-2B03540A.pf

+-----------------| Sweetim Elements Deleted :

.

(!) -- Temp files deleted.
(!) -- Recycle bin emptied in all drives.



+-----------------| Added Scan:

---- Mozilla FireFox Version 3.0.10 ----

ProfilePath: 9wup1kzf.default (C‚cile)
.
(Prefs.js) user_pref("browser.search.defaultenginename", "Yoog Search");
(Prefs.js) user_pref("browser.search.selectedEngine", "Yoog Search");
(Prefs.js) user_pref("browser.search.defaulturl", "hxxp://www15.yoog.com/search.php?q=");
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://www.google.fr/");
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.0.10");
(Invalidprefs.js) user_pref("browser.search.defaultenginename", "Yoog Search");
(Invalidprefs.js) user_pref("browser.search.selectedEngine", "Yoog Search");
(Invalidprefs.js) user_pref("browser.search.defaulturl", "hxxp://www15.yoog.com/search.php?q=");
(Invalidprefs.js) user_pref("browser.startup.homepage", "hxxp://y.lo.st");
(Invalidprefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.0.8");
(User.js) user_pref("browser.search.defaultenginename", "Yoog Search");
(User.js) user_pref("browser.search.selectedEngine", "Yoog Search");
(User.js) user_pref("browser.search.defaulturl", "hxxp://www15.yoog.com/search.php?q=");
.
(Prefs.js) Removed: user_pref("browser.search.defaultenginename", "Yoog Search"); 
(Prefs.js) Removed: user_pref("browser.search.defaulturl", "hxxp://www15.yoog.com/search.php?q="); 
(Prefs.js) Removed: user_pref("browser.search.selectedEngine", "Yoog Search"); 
(Prefs.js) Removed: user_pref("keyword.URL", "hxxp://www15.yoog.com/search.php?q="); 
(Invalidprefs.js) Removed: user_pref("browser.search.defaultenginename", "Yoog Search"); 
(Invalidprefs.js) Removed: user_pref("browser.search.defaulturl", "hxxp://www15.yoog.com/search.php?q="); 
(Invalidprefs.js) Removed: user_pref("browser.search.selectedEngine", "Yoog Search"); 
(Invalidprefs.js) Removed: user_pref("keyword.URL", "hxxp://www15.yoog.com/search.php?q="); 
(Invalidprefs.js) Removed: user_pref("browser.startup.homepage", "hxxp://y.lo.st"); 
(User.js) Removed: user_pref("browser.search.defaultenginename", "Yoog Search"); 
(User.js) Removed: user_pref("browser.search.defaulturl", "hxxp://www15.yoog.com/search.php?q="); 
(User.js) Removed: user_pref("browser.search.selectedEngine", "Yoog Search"); 
(User.js) Removed: user_pref("keyword.URL", "hxxp://www15.yoog.com/search.php?q="); 

---- Internet Explorer Version 7.0.5730.13 ----

[HKEY_CURRENT_USER\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchAssistant: hxxp://www.crawler.com/search/ie.aspx?tb_id=61005
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/

[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

Tabs: hxxp://ieframe.dll/tabswelcome.htm

=========== Suspicious ==========

D:\Documents and Settings\Cécile\Mes documents\Programmes\Tune-up\Tune-up 2008\keygen.exe
[252416 Byte(s)|--a------|20/06/2008 17:57|HashMD5: dd6b659dab20e1d326dd080116de6c89 |CRC32: b78e62ea]

D:\Documents and Settingsichard\Bureau\special RICHARD\instal\Sauvegarde context d'exécution\patch.exe
[7921 Byte(s)|--a--c---|14/11/1999 12:32|HashMD5: f0a004d680a754b8e08716578ed37eda |CRC32: ff923fa9]


+---------------------------------------------------------------------------+

9116 Byte(s) - C:\Ad-Report-Clean-17.05.2009.log
9568 Byte(s) - C:\Ad-Report-Scan-17.05.2009.log

20 File(s) - C:\Program Files\Ad-remover\BACKUP
13 File(s) - C:\Program Files\Ad-remover\QUARANTINE

End at: 17:39:13 | 17/05/2009
.
+-----------------| E.O.F
.

benurrr · Answer

ok

maintenant essaye de faire un rapport avec hijackthis pour qu'on puisse faire le point

lambulanciere · Answer

j'arrive toujours pas a l'ouvrir

benurrr · Answer

ok ; bizarre

-----\ Option 1

Télécharge Yoog_Fix de Batch_Man sur ton Bureau.

http://batchdhelus.open-web.fr/programme/Yoog_Fix.exe

Double-clique dessus et choisis l'option 1 ( Recherche )

Attend que le scan se fasse, un rapport va s'ouvrir.

Poste le dans ta prochaine réponse.

PS: S'il ne s'ouvre pas le rapport est à la racine de ton disque sous le nom de Yoog_Fix.txt



Par Manque De Curiosité On Risque De Mourir Ignorant;Tu es libre de penser que tu es C..,
Mais C.. de penser que ­tu es libre...Merci a australe13

lambulanciere · Answer

Yoog_Fix 2.02 de Batch_Man 
Debut a 18:17 le 17/05/2009 
Microsoft Windows XP Home Edition (5.1.2600) Service Pack 3
Internet Explorer 7.0.5730.13 
Mozilla Firefox 3.0.10 (fr) 
Symantec Corporation 2005  (Not activated) 
ALWIL Software 4.7.1098  (Activated) 
Symantec Corporation 2005  (Activated) 

A:\ [Removable] (Total:0 Mo/Free:0 Mo)
C:\ [Fixed] - NTFS - (Total:30710 Mo/Free:1925 Mo)
D:\ [Fixed] - NTFS - (Total:152068 Mo/Free:1114 Mo)
E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
F:\ [Removable] (Total:0 Mo/Free:0 Mo)
G:\ [Removable] (Total:0 Mo/Free:0 Mo)
H:\ [Removable] (Total:0 Mo/Free:0 Mo)
I:\ [Removable] (Total:0 Mo/Free:0 Mo)
J:\ [Removable] (Total:0 Mo/Free:0 Mo)

Option [1] 2 Recherche 

+---------------\ Processus cachés/bloqués


+---------------\ Recherche

----------\ Recherche de fichiers


----------\ Recherche dans prefs.js



----------\ Recherche dans le registre

[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{C09EB1ED-00FD-4177-B134-94AEBE2ECED9}] @DisplayName=Yoog Search 
[HKCU\..\SearchScopes\{C09EB1ED-00FD-4177-B134-94AEBE2ECED9}] @DisplayName=Yoog Search 
 
----------\ Infections associées possibles 
 
 
----------\ Suspects ( PAS FORCEMENT INFECTIEUX )
 
 
+---> Registre 
 
 
+---> Fichiers 
 
[--------- + 10/04/2009 08:30 + 312847] C:\WINDOWS\system32\bdbcaacebddb.dll  
[--------- + 10/04/2009 08:30 + 312847] C:\WINDOWS\system32\bdbcaacebddb.dll 


+---------------\Analyse complémentaire
 
+---------\ Tâches planifiées 
 
C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
C:\WINDOWS\Tasks\Google Software Updater.job
C:\WINDOWS\Tasks\Maintenance en 1 clic.job
 
----------\ Analyse de Firefox 
 
 
----------\ Extensions Firefox 
 
 
----------\ Plugins de recherche 
 
[07/03/2009 13:05|1516] - C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml: Amazon.fr - Recherche Amazon.fr: https://www.amazon.fr/ 
[07/03/2009 13:05|757] - C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml: eBay France - eBay - EnchÃ¨res en ligne: http://search.ebay.fr/ 
[07/03/2009 13:05|1706] - C:\Program Files\Mozilla Firefox\searchplugins\google.xml: Google - Google Search: https://www.google.com/ 
[07/03/2009 13:05|748] - C:\Program Files\Mozilla Firefox\searchplugins\MediaDICO-fr.xml: MediaDICO - Les Dictionnaires Mediadico: http://www.dictionnaire-mediadico.com/dictionnaires.asp 
[07/03/2009 13:05|1426] - C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml: WikipÃ©dia (fr) - WikipÃ©dia, l'encyclopÃ©die libre: https://fr.wikipedia.org/wiki/Sp%C3%A9cial:Recherche 
[07/03/2009 13:05|652] - C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml: Yahoo - Recherche Yahoo: https://fr.search.yahoo.com/ 
 
----------\ Listing  de dossiers 
 
[16/05/2009 14:07 | --a------ | 67088 bytes] C:\Program Files\Mozilla Firefox\Components\bdbcaacebddb.dll 
[23/04/2009 16:01 | --a------ | 348547 bytes] C:\Program Files\Mozilla Firefox\Components\browser.xpt 
[29/04/2009 20:20 | --a------ | 23032 bytes] C:\Program Files\Mozilla Firefox\Components\browserdirprovider.dll 
[29/04/2009 20:20 | --a------ | 134648 bytes] C:\Program Files\Mozilla Firefox\Components\brwsrcmp.dll 
[17/05/2009 11:02 | --a------ | 143829 bytes] C:\Program Files\Mozilla Firefox\Components\compreg.dat 
[24/01/2009 12:25 | --a------ | 2394 bytes] C:\Program Files\Mozilla Firefox\Components
sIQTScriptablePlugin.xpt 
[17/05/2009 11:02 | --a------ | 96403 bytes] C:\Program Files\Mozilla Firefox\Components\xpti.dat 
[19/03/2008 19:23 | --a------ | 114688 bytes] C:\Program Files\Mozilla Firefox\plugins
p32dsw.dll 
[29/04/2009 20:20 | --a------ | 65528 bytes] C:\Program Files\Mozilla Firefox\plugins
pnul32.dll 
[27/02/2009 12:13 | --a------ | 103792 bytes] C:\Program Files\Mozilla Firefox\plugins
ppdf32.dll 
[27/02/2009 16:36 | --a------ | 7168 bytes] C:\Program Files\Mozilla Firefox\plugins
ppdf32.FRA 
[24/01/2009 12:25 | --a------ | 143360 bytes] C:\Program Files\Mozilla Firefox\plugins
pqtplugin.dll 
[24/01/2009 12:25 | --a------ | 143360 bytes] C:\Program Files\Mozilla Firefox\plugins
pqtplugin2.dll 
[24/01/2009 12:25 | --a------ | 143360 bytes] C:\Program Files\Mozilla Firefox\plugins
pqtplugin3.dll 
[24/01/2009 12:25 | --a------ | 143360 bytes] C:\Program Files\Mozilla Firefox\plugins
pqtplugin4.dll 
[24/01/2009 12:25 | --a------ | 143360 bytes] C:\Program Files\Mozilla Firefox\plugins
pqtplugin5.dll 
[24/01/2009 12:25 | --a------ | 143360 bytes] C:\Program Files\Mozilla Firefox\plugins
pqtplugin6.dll 
[24/01/2009 12:25 | --a------ | 143360 bytes] C:\Program Files\Mozilla Firefox\plugins
pqtplugin7.dll 
[24/01/2009 12:25 | --a------ | 143360 bytes] C:\Program Files\Mozilla Firefox\plugins
pqtplugin8.dll 
[19/01/2008 11:21 | --a------ | 2394 bytes] C:\Program Files\Mozilla Firefox\plugins
sIQTScriptablePlugin.xpt 
[24/01/2009 12:25 | --a------ | 4208 bytes] C:\Program Files\Mozilla Firefox\plugins\QuickTimePlugin.class 
[19/03/2008 18:33 | --a------ | 1144 bytes] C:\Program Files\Mozilla Firefox\plugins\ShockwavePlugin.class 
 
----------\ Analyse d'Internet Explorer 
 
HKEY_CURRENT_USER\..\Internet Explorer,Start Page: http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome   
HKEY_CURRENT_USER\..\Internet Explorer,Search Page: http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch   
HKEY_CURRENT_USER\..\Internet Explorer,Default_Search_URL: http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch   
HKEY_LOCAL_MACHINE\..\Internet Explorer,Search Page: http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch   
HKEY_LOCAL_MACHINE\..\Internet Explorer,Start Page: https://www.msn.com/fr-fr   
HKEY_LOCAL_MACHINE\..\Internet Explorer,Default_Search_URL: http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch   
HKEY_LOCAL_MACHINE\..\Internet Explorer,CustomizeSearch: https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm   
HKEY_LOCAL_MACHINE\..\Internet Explorer,SearchAssistant: https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm   
 
----------\ Browser Helper Object 
 
BHO: {18DF081C-E8AD-4283-A596-FA578C2EBDC3},@SANS NOM=AcroIEHelperStub  
BHO: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B},@SANS NOM=Search Helper 
 
----------\ SearchScopes 
 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes],@DefaultScope={E36D07D7-7B4C-47C7-877D-6884A690DD95} 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\${searchCLSID}],@DisplayName=@ieframe.dll,-12512  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{002BDC20-67FB-4341-8CA6-79CE932F1F89}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{0046D14F-A35D-44C4-B96C-B64BA57833E4}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{010B3045-F8B0-4956-A168-33FE4AFF2B4A}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{01151F17-403D-43E8-8C57-2C9C29D09232}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{01184852-B413-49A4-A7E4-9458D7EEC982}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{013E0CC0-6CED-4BD5-9569-F6B237BFD2B0}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{0150A648-6385-4E89-8198-83D7138CD487}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{0173D52B-2A32-4E4B-BEC4-1AB5265E1E18}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{01EAD152-589F-4F84-BACA-49162D5CCD75}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{022977F7-F4EA-4A06-896F-040A5946CD9A}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{02D19942-6B3B-4F4C-9B2C-DC988C275201}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{030A0DD4-DF5D-43F3-AA23-06EF9C13738C}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{034AFFD5-9F8F-4DC6-A7EE-EE4FFFFA5D45}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{03588BBA-2833-4E3A-BCAC-49DAE561E137}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{039A2A3C-5EB4-4FC1-9CCC-55731892F049}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{0403275D-0D8E-44A2-BACB-25CABD63205A}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{044F9EB3-E04F-491D-B0F3-07CC000CD2F3}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{047A44B0-546F-4783-8585-442B40784265}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{05E40660-C6B1-4E02-A2B3-A0AE297155F9}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{06BA4A1F-ED24-4E27-8C19-989C521CFB12}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{070C6C4A-F2ED-49A7-8263-5F774F813EFF}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{084D458F-F104-420A-8917-0827CD4BEEC0}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{0938A622-45D6-439F-9062-B89A86AC1B41}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{09A58C37-D50F-4B8C-892E-5159264EE4FB}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{0A01CBDD-7C89-4C87-B960-F3FDFC110D08}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{0A697B08-424B-4DA2-86F0-0EA1FE63225A}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{0B6D4808-6154-4D31-8170-BBE7EB95226B}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{0C366D66-F554-4CAC-BDE0-80B5DC3EE6CB}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{0D3005BC-33BB-430E-9E87-7E7281F71DCA}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{0DC4EEA3-6ADE-4C3A-8660-C5BFC376F012}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{0E01BB0C-A680-4A88-9964-1CC6FC229ECE}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{0E5268A6-EA60-4E39-9C46-0009CCCCCFC6}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{0ECCA14C-1305-45DE-A184-8034E764FCB3}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{0F0E091F-7BCD-4DA9-AD16-C9724419EC04}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{0F1E4010-7A9C-47FC-80FF-FE5EED275616}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{0F34B202-14CD-4820-98B0-4CC58C29721D}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{0FD5AA17-D0C2-4145-9C41-339F0B3A478F}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{0FF9D9B3-9A43-4579-ACC3-C81C788E6D6A}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{10043174-1693-491D-9C22-844C2CF8368C}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{102D3512-B866-4B2F-968A-C3DBEA9F3A4E}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{104664D2-B087-4CA8-AF0F-AF208708E0EC}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{10D3213C-60BA-4AB6-A4D5-AC1C60E813BF}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{10E966E2-EE34-40F2-81ED-FC62BC6F9285}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{1283F2BA-6FDA-4DD9-933A-678AEB57C7E6}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{14356222-93E9-436C-9C6A-95D42DF75756}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{14FFBB78-B136-4991-8944-C6C9DB27A71A}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{15FE8441-2D48-4006-879F-B7DC13904F0F}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{166E5954-13C9-4235-96BC-9B4C28A4D9C8}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{17ACA3A8-19BE-4901-9CD0-89305664EC85}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{17D3E7DD-045A-49A6-BBAD-254A46B3BDE7}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{183131C7-388B-467D-A165-0F2F6876C07F}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{18457C21-FC2B-42BC-96F2-F66717896591}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{18852F6A-78AC-404A-B3CA-626D87D86866}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{18972CAA-ED5D-45FA-8D8A-587F08F7050E}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{19320BBA-59A6-4402-8FAD-16A2C3E1396F}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{195B3859-BCB8-4A5B-97BF-4CA0D69CF1DE}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{196FD15F-1B27-4FF8-9A27-C2B06D85365D}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{1A65550B-6B70-4989-8C6D-388B1B5ADDA9}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{1AED80A3-6276-4B4F-85A2-B3E23C067FBA}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{1B08ADCC-4FF2-420F-A475-AA8F7B9AFDAD}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{1D6FF650-5D2C-4C1F-AEAB-634F271A0DEB}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{1E14BBB0-8EF8-41A7-AA8E-4F9F46C6CE8E}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{1E1D6616-994D-4AF1-B2DB-E856F02911E5}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{1E50DBDC-11BD-4ED0-84A5-F6DCF6F6197E}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{1E9A4BB3-E2F6-446F-B1D0-6E50C1DA5E24}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{1EF373E3-577B-4B09-BB28-CD24535770E6}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{1F26ABC4-CB23-4444-A6B0-C2A15D4E5A2E}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{1F46527C-F6F3-4F4B-95BC-F7D97A2A0342}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{20026B33-093A-40AC-B157-8EF2C4065D1F}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{2002A35B-29A3-4775-90D6-2AFED549750B}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{2077C382-5242-419D-AD9A-8CF44B08D05A}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{2166FB5B-EDB1-4638-A82B-A62DE1B50A49}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{21A71247-86D4-45D4-B6BC-7D2BCDA5C6BD}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{21B283FA-727B-4138-97D7-3ED0DBF5921E}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{228E6353-C634-4300-A5BE-003D2F9FA7A5}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{22A09EF5-15B1-4227-B076-6FE9022D4667}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{22C72F8D-B18F-4DA5-A1AA-9E7C0A5F440E}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{23390666-4526-4E1D-BB19-6CCE9221C662}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{23D41047-FDC1-48B2-8989-CDBD9BEA620B}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{2432FD69-15AA-42A5-8004-D469EC80D318}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{2436B0C8-6681-4E9E-897D-A9D52011BFDC}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{2512C62B-62B5-4723-A15E-31C112A66DA1}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{262324AC-DCE2-4022-B067-1A3E366C3E9D}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{267841D7-2F01-4A03-A458-03E0A86055A2}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{26F5BD25-D003-4C4C-B028-D0D16C01F320}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{286D0C9F-305A-4651-97E4-E64363A9083D}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{28D07B60-D621-481A-A29D-B307CD6273CD}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{294BCECB-F796-4648-978A-053238C3F998}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{2959D83C-58CD-40AD-83F5-92D877A1D9F5}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{2960DB39-55B7-4A83-B38C-16A4A76F4436}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{2A996BBA-C791-44EE-9613-741F9F107F7A}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{2AA60EB5-FBA9-4627-B12D-6048950E16C0}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{2AE9ACE9-3408-46D8-938C-0216D074A477}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{2B6053FB-3F67-489B-9091-67447F8E20CB}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{2B61FC30-C471-4050-BCF6-A8F773BA6F86}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{2B7F82BB-48DA-4F88-A786-2207153DFE74}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{2C06D277-7705-4031-B826-AD98394FA666}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{2CAD7EF2-6155-4382-9851-FD7570C089B6}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{2CE07B86-DDBF-4A93-89C8-AB087CBF3C2E}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{2D1362D1-18CB-4D7E-807B-28A360C9C09B}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{2D7A698C-193A-4820-8F03-89CB0DCC3AF0}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{2DCCCAB9-5DE9-42C7-9AC0-DAC36AAFBB23}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{2E24F691-F0D3-460E-B03D-1B36A7E0B477}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{2EBA14BE-9D2B-4500-AC88-7CD7F2782545}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{2FE26AB4-8ED8-467F-9DC6-1020CC7DE7F0}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{30C26ACA-EBC3-445D-AB57-35CE1625EBE3}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{310FD5C1-3CDA-434E-B075-DB9AD0D5C630}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{3142A479-585C-4D39-A7FC-028F11EB27B4}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{314C5629-6DF6-4BD8-A9A7-3793759C860B}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{315F78CA-91D6-4EBF-8D50-ECC26E5F0A46}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{318ECC7F-AF43-45EC-98D6-F166A3F7F520}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{32A34CBE-4ACE-441C-8B2C-19EAD7C7348F}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{32F26708-1713-4195-A79B-F1252C7708A7}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{34DDBD2E-5FD1-4658-BBB6-6599AB81A753}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{34FB00CC-530D-4588-8338-7577035A219E}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{3512DB17-9357-484C-8B32-B049938DF8B7}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{35F88BDC-CCFF-46F7-A027-FF915A32FCA9}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{36A46F27-B2DF-406C-8269-B2F5D19EB0D9}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{36AE171E-EF74-4EEA-BF23-078B1CE78C0F}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{36C77328-9BA3-4AE1-AEA4-50BBD25407EA}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{3703EE33-23CC-4F12-9820-1A58DC94D846}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{3717C39A-77E0-492A-8829-3E2B9E8A5515}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{38439C07-EF48-483B-A744-884A2CBDE2B8}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{39892428-280B-42F5-BCEC-38A497E59F17}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{3A60DCCD-773A-41FB-8C43-9B7D5B8F3D84}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{3AD5EC25-C439-4FF4-BF3B-3C97CAF1DBF6}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{3BEDD761-A6AB-42F2-A010-BDED04CB0C32}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{3C535E5A-929B-405D-835F-C4007B8E905F}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{3C91CC51-45A0-4CFE-98C3-049CC2DBE210}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{3CF39BF4-71A5-44AB-8711-454B1F041131}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{3D1BA4BD-698E-43D5-955D-BF73AC6E33B5}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{3E74B1DF-36FA-4D2C-B939-C942DC75D77F}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{3E8C3304-A825-445D-8832-133966B3BF2B}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{3F63A495-DC39-4A7C-9E35-673BA0B53EC0}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{3FB3836C-5866-4CB8-B80C-A89D0B5E5B09}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{3FDC7EA1-53C9-421C-BA8C-04EEE2530CFF}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{40223BF0-93E2-4125-BA33-D23AA8D77AD0}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{4094A373-2BBE-4616-8D90-570CE24636AF}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{409EDB0D-6EDD-4B4A-8E70-981C79E90F82}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{414D03E4-DE2F-4ADA-94B1-5BF5CF74E9F4}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{4154A900-4570-4D93-9BE7-0689A65A8616}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{41E710A3-72B0-492B-BBA6-54F297D7CCFF}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{42CEAAD4-168D-4E3C-A69D-92D1EA7FD1C8}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{430C9DE9-8AAA-43D0-822D-0374B6C7FE65}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{436B646E-54C4-4D71-BA71-8DDB8D88A5BD}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{451B80CE-A6B7-49EE-A495-9E286929591B}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{4536E87C-F07B-4891-A625-81839CC56557}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{4685623A-5874-40D5-9781-9F828D6C1B50}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{469302E7-3552-42A8-AC1B-013580256EC9}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{46ACE809-82AF-45F7-B66D-9318C37F3A33}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{4800C004-7DBB-445B-8598-C9FF892D3699}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{48493491-2362-4F55-8955-BC20064F555C}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{48CC4D79-F376-46E0-A1B2-01125D24AB4E}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{4922CB5C-3109-4927-AF0C-5FA61B59EDF3}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{4AB22725-533A-4E6C-8FE6-7CF9968185A2}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{4AC2A999-B6A8-487C-AF06-CDF3BDAFCFCF}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{4B75F06F-960C-4DE6-993B-A2F83C3AA08C}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{4B7F91F1-8927-46B4-8B07-848D60B55E9E}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{4D1B8B58-F7DE-4431-8706-D2B051751F0F}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{4D8709D3-67CC-45F0-90E9-F39FC028CB8A}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{4D998C1B-23AF-4339-A823-9F45350DB3A1}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{4DEDC2FE-A98E-4DBA-A006-B397B2816979}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{4E670F0A-9761-41F0-B4F0-8ACDF6EABE62}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{4E92EC4A-3650-41D0-8C62-2407A3237118}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{4ED51342-7C40-4A00-AB49-E6006E96F00C}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{4EF57366-8927-4A90-A199-71B84803315E}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{4F8CB324-9888-4B57-A441-FB8C5271C506}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{4F984890-071A-4388-9150-697D8C92F0D5}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{500DDA9D-1892-4127-83AD-2207DEBA795B}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{507BD5C9-D6A1-4622-B821-F52753F8EA27}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{50A34ADE-C996-4334-9106-7BED605CF9B5}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{52981564-939D-430C-B4F7-4C79D8E0F304}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{52E59A27-FE4C-4B36-8AFD-FDD6C94FE175}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{5453F877-134C-456B-B5ED-23A3BF576248}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{54636FDB-E185-4902-8662-1337AEF22788}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{549BB795-62D7-4B2C-97AC-20817B20410A}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{555662EE-4553-45F2-BD31-40C8BAB02275}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{55627D4C-57B4-4C1D-85F0-74BB60F99F98}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{55B4D88D-5DE8-4D5F-BF3A-E40665CF8F81}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{55BA235D-9616-4A36-8774-6BCD41570E61}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{55CFD236-C022-4259-8F4E-0AEE4799C89C}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{560BDC8F-194E-4029-A9D5-769EFC50C9CB}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{562316F1-622E-4405-B934-EE6CA9D13115}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{5628D06C-875E-419D-845E-E43E7571BE9A}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{5634D176-BE09-4D97-A90F-14739B9FD1E6}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{567A3697-FEE1-44D8-A86B-49067C99AB52}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{56B3F437-8112-457B-B2AC-E85E5C2F5282}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{582AF1BC-BD29-4694-84A6-015B3EB24208}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{583525A6-478F-4E32-9930-9FCD2413B34B}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{5841A742-0634-4CED-9637-4CF108BF54F3}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{584517C4-ED3A-4ED0-8FF1-8CEE13B6FD88}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{58662A6A-9961-4163-B2E4-687687B597F2}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{58B1017F-2155-43D6-80DD-BA7FB271E582}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{59012FE0-5A78-47E0-BE9F-79D3BB829754}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{59075D3E-F782-4BAB-9041-B13797F7B293}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{5C62956F-A0B3-400C-A39A-B2C6D1126009}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{5CAB9CBF-7820-43BB-A5AC-64A828C73183}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{5D1D8108-ACC3-49F3-B0BC-C16CC30F1A6B}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{5D5CDEA3-0826-44AD-A62B-2DE2D9EB1E79}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{5D892D2D-209E-4B65-9991-1A1401472D57}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{5EA61096-042F-4E93-A7F5-093562D48DB4}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{5F2534E2-F43C-4D52-9C42-407732334431}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{5F5E66D8-CFA1-4344-A0CF-45E6ED42FB64}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{5FC01E1B-1F96-4583-B614-0253653A846A}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{60500490-015D-47F0-B899-8C048E223EA0}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{606A1B3A-CA87-425F-B9E6-C621833BFA14}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{60942B6E-965F-476A-BEB8-52243CD8CC64}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{6174315C-69E3-4F87-ACE1-FD69DFDAEC0C}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{61D531E2-6CFB-435F-814B-8E1CA3193C36}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{61F167D8-20A3-46BA-880F-66D9E7D36F91}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{624065EE-E010-4EFD-9567-A3A616B4AFF3}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{62864766-5725-4B12-B240-F24463F1B8AB}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{62C2FFF2-5891-472A-8855-035A1E593022}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{6302A36E-3B0B-4B3A-9470-6DE41EDCBF96}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{642C2F23-5932-44FC-879E-D29456EB6B3A}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{6448782C-20D0-4FBA-BD5C-4FE2BF5EAE54}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{64CDD309-1378-49A6-B102-47919A0A2563}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{64E1462B-1AEA-4F41-A5F4-3A7E8C704FDA}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{65045FB2-9C22-49A3-AF21-3E830C4F70EB}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{650EC783-78CA-4C90-A6FE-AF665EC98BA5}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{651337A5-FA34-414E-B930-47CF194BCB9E}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{6528AD2A-19AA-4857-8C23-34AA50FA18B3}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{652CAF4C-5D84-4AD1-99AB-799518616033}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{6531DADC-0289-4A1C-8053-564F95F0F2DC}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{66189097-6034-42E8-B187-860A9A962C3D}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{66303D89-CC92-4441-B6CD-F6DEA06DDBE1}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{66D17371-F89E-449C-A714-F88A14032E5A}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{67284BD0-852C-49A5-9B99-0110F01EAB08}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{677C3B5D-880B-4D4E-A8E8-1F783D6DBDD5}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{6A7973CF-593F-476F-9E68-2072D282A610}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{6A809CBD-970B-4BAA-99EA-21E22A4A9665}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{6A8642D1-491A-4F0B-A878-38C393D58B0E}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{6DBD91D2-B813-4C55-A68B-AF515FB2A4C5}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{6DE3F768-D298-4D00-8932-4D347AD9EDB6}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{6DFF6EDC-A0A0-4778-BBDE-1AED315E5FFA}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{6E37E589-54DB-49E5-AB48-2C4C4AFF45E5}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{706FC47B-26FC-4DB8-B6A5-3EEBDD25A8FC}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{70FC75ED-8AD3-4620-8B15-D90A4C9589FB}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{71CBFB27-758B-494D-ABEF-4FF8966AF249}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{71FB185C-FFA1-4999-8AE2-7898FD3432F0}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{72B06A73-AC62-4195-9A11-F66F9DB54EF0}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{72E2F8C6-CD9C-40AE-8DB7-032D40664CBE}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{72E59503-BADE-4987-8C7B-E3F135AAE3B9}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{72EA3553-396F-4E91-B338-34C0B5574843}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{73638392-9C4D-48C9-B0AA-1561D43ECBD1}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{738114A0-8F0D-43AA-921C-DED8F6DC1C73}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{73ABD958-744C-4589-BEE1-6CF724382896}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{741AD472-3F88-484A-9202-B607A94D7CD8}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{747EA1B2-402A-4022-98B8-A6BA906FE5EC}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{74ECF4D3-B9EF-43F8-AA59-95FAF2E81A3A}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{74F67CD0-8083-4165-A5D8-E09967F5AFD9}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{7529E457-6856-4896-8DEB-047E1E7AB0A1}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{75BDECA2-5F43-410B-B474-0FF4792F732B}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{75E34473-36C0-442B-888D-1F7EB8F05E57}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{7637BB7A-2858-4777-B5E4-9335E80B0575}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{783633F7-F4FC-465B-9103-44D76FBB81B1}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{784B3934-E0AC-43F5-95A8-63C8CF8433A4}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{785362CF-3E2A-47FA-80FB-1BD8A237C894}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{78AF0686-3953-4B07-B8E7-D198C260FCD8}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{792892CC-4E08-44E1-9C9C-5A2D4302F21C}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{799D6A4D-5B4F-4248-A774-7B3B4A56C46F}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{79D6C6A5-36B5-4C46-8529-B89A80E63BC8}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{7A09C607-DC72-46B8-B34F-B0F26642A308}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{7AD58C01-633F-4366-95C2-C50A45683855}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{7B9DAEAA-A0FC-4FF6-9EA3-28C1C0FAD43D}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{7C2ADC77-12A6-4467-8F65-2120BD54EA03}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{7D2FEFFB-D267-4505-A514-FE1708D86594}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{7DB0536E-5ABA-4D45-950B-46A53D497CCA}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{7DFF8F1B-7C31-4E20-B90E-A2C36004CD4E}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{7E0795B4-6C6D-421B-94F6-72F7E200A671}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{7E2EEECF-6C14-416F-A92E-6A96C6EC5B7C}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{8047F205-2603-4102-8396-A3D908E83E52}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{81259FFC-14E1-4806-99C7-C551EEC27128}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{812B4E74-1105-42A8-A6F2-9797952C1861}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{817114A3-E332-4B7C-A64F-504C9B11F274}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{81E7C028-C06E-4FC9-949A-13C4257E2005}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{820E39AD-AF11-4D19-B82B-8E34912C0A7A}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{83789F90-2808-4218-8020-1A18D40D9592}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{83A0C9D4-6A21-4222-9595-D74A76ADA054}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{846BF57F-AABD-4C83-9D14-CE8B289E8212}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{849C92DF-3C9F-4767-8BAF-36522A0FDFEB}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{86049AAB-5BB9-4C29-BC7E-7F29F7500B2B}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{865C53FA-B392-472A-A2DE-4E383BF21349}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{86BECC13-7863-41D3-A682-2BFE864AD43D}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{86DB0039-351B-4E66-BC5F-217258293E3A}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{87DC5EFA-9A73-4C2D-BB92-3DF7476B7B4A}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{8817A17D-3AB6-4581-9A1D-8FCC34148FBD}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{8A3EA5E7-9E25-430B-AB91-44ABA6717B90}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{8AAD1A12-E861-41F1-96C8-07E59FEA942B}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{8C235CDB-24C4-4196-A451-EB58FC7B2228}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{8C271EC5-B39F-41C8-BF61-0FD6D7757029}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{8CA135CE-BD03-45D0-8762-5591E57B601C}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{8FAA512B-B3F8-474E-BD51-9A9B561E02BF}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{949A618A-9DE8-47D2-86ED-4C65F6E3AC03}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{96A32B1D-3D5E-46C0-A0CE-E34F98ED0B73}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{97236518-877F-4422-99F5-4E854D324317}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{9BCCE00D-78F3-4661-825F-667A8416D7E5}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{9C2F3010-1701-4878-971F-212BCB1D8D3A}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{9E935A68-1A75-47AD-BA35-082DFD336D21}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{9F41B33B-2C3C-4CD3-8EFC-9DF4347E3782}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{A0B271A9-D8AA-8E74-7392-2164D6A1C03C}],@DisplayName=Ask  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{A2C09AEB-59F5-4088-9422-77A2A281305F}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{A2E62ECD-983B-47B4-8D35-4BB989F17596}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{A37BAF72-7610-4A62-BEA0-7D565182A96C}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{A37C6E2B-454F-424E-8440-C771407832C5}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{A4788680-EB26-4503-AFF1-FC876E207701}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{A4B52113-BB31-4C6D-BD7A-B6050DD347C9}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{A51C500B-5F1A-489E-A424-A1913CC29AC5}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{A532150E-6F47-4A2C-A6CE-0D62C2C57B7E}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{A540D69B-1CD5-44FA-9B2A-DFEA5EBD97F1}],@DisplayName=uStart  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{A6C98AAE-F258-4CDC-823F-C9A6A279EFB3}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{A8957BCE-0DEF-4969-BB08-7BE53501F8F9}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{A8E649EC-790D-46F9-9F99-DAE6A0411F84}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{A9A4601E-04AA-43FE-819D-2CA82DB3A538}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{AA31041D-AAAE-4B10-8180-74CDDEA3F8FD}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{AAF41099-1662-4CD4-8CDE-8E2DECCFA4CD}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{ABAA1233-CA9A-4984-B7E3-820FDD232D9B}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{AD09197F-B947-4C79-85D5-A9E537C0FDCD}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{AD5D987D-64CB-425D-BCE7-9F8ACA04E97A}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{AD8FE823-DA01-4D71-B270-515DA8A0AF28}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{AF8ABA83-38D1-4F53-9AA3-E02F9FDBA549}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{B1007A43-1FA6-4054-BB1D-CA61A3C6CED0}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{B1D10439-7154-4694-B098-8C14A66644B1}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{B26D182D-F72A-4F8F-B262-015AB072DE60}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{B29D49EA-7302-4779-AE07-FF0A72B13D1E}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{B5AA7A04-FC44-4EEA-8902-F7666F8BF0B4}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{B6FCF191-C97B-4DDA-8532-6AA19A85242D}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{B7D50CB8-5EEF-4C6D-BE6D-2E7558CAFAF7}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{BA1FEB18-9033-4670-A8F1-89EAF1ED6C56}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{BA72C0A3-2956-44B3-9320-64CA43FE449E}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{BD0A50F2-6B7D-4024-A735-6D419F645763}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{BFB1515F-A705-4577-95AA-1F584C5D8396}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{BFB52611-65FC-4D41-9623-D192B457B3C3}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{BFCFE0FE-CA72-4FEC-ABC9-37F9E86DA59A}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{C0005FD9-2B47-4B3C-9DFA-27881411A6F9}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{C09EB1ED-00FD-4177-B134-94AEBE2ECED9}],@DisplayName=Yoog Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{C1B02E49-A7B4-464D-A3F7-8472B4D36345}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{C4000D64-E7F8-47AD-A52F-626216AB7722}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{C4FFDDD5-1116-46A5-8810-208A3F8DBA17}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{C7329A9E-F02C-4099-883E-4F59AAA6E618}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{C8026A3A-EA11-43E1-BB79-D4E9776D8690}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{C8C8FDD9-802C-4E47-8FAE-328B7832EBF4}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{C91A47ED-9DDA-4D78-85C5-A93605728862}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{CA574B06-8A0C-400D-9810-F3C65B610CBC}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{CCCB7ECC-B935-4C87-BF97-D546C469722D}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{D0195D36-84D9-4C7E-96DE-A4DDC2AA578C}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{D0CC04F3-DB7E-4C93-9D8A-87F76F570563}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{D1383224-115C-4115-99F3-D36A91F00695}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{D27A5783-E31D-4258-9EAE-91444941FC8C}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{D34A0175-0038-494B-8416-70EE72CAC390}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{D3C162D7-F006-47D1-B2A7-9EF2CD8A2D35}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{D3CC7117-13C1-4EB2-9A60-92F2C6CD4E06}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{D54B3851-D1F6-42F8-9B72-2719FBA41D38}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{D56836AC-A22F-41C4-A718-E4953E39BD13}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{D5ACF6B0-A16B-4F0C-A7E9-F71A909D77B7}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{D60068E1-1BB4-40FE-A16C-DBD9D2002E3D}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{D972CC05-F52A-42AB-94B7-6BA52E34DEE9}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{D97EA581-4658-46F9-95D2-D0DA7D710E05}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{D9806A0B-75DA-4490-9A44-511BE290FDB5}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{D98C54BD-0F1A-4D1D-90D5-23880F423DE3}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{DA5F207B-C034-409A-8518-0A2D2B0118BD}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{DBC1EEA8-40FB-4E65-A75B-DF0CF7CA5E6B}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{DCB4FFC8-4B54-4EC6-9BBE-73D054CB721D}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{DD718F2E-090C-4707-B816-489454B5522E}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{DFD5DEC7-DEDC-43B9-BAFD-2C767F33944D}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{E14C1245-D9D3-437D-B3D6-6AB840FFED59}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{E36D07D7-7B4C-47C7-877D-6884A690DD95}],@DisplayName=Google  
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{E4283766-E014-4C84-9C3D-1BB155DBCE20}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{E7D68B61-B680-4BB4-996D-888F605C7F35}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{E88C36C3-304F-47F2-A82C-A66F3387F9D9}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{E904A88C-646C-4A28-AC72-EC6AE18249BB}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{E9A549BA-3C82-4AE1-89AF-7F941B46C3EB}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{EE22A2DB-470D-43D7-9133-A7AA80E6D699}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{EF8BB798-338C-435B-B8EA-15A1E368B16D}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{EF93768D-5B9C-45DF-B1D1-3591AA9617B7}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{F0969F3F-1EAD-45A8-9B4D-D098EB2924F5}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{F1AE81FB-2EF1-4442-A987-53B4D5B07601}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{F544651D-A8FD-4AA8-88CE-CEB73D3D93CF}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{F680CFC6-BF77-4F17-8B23-1ACF9A43764D}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{F6DC5CEF-B8C9-46F4-A2AE-60CCE591A44E}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{F7591E29-5A26-4CD8-A9C5-9420B6F3B0F5}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{F86C70DF-8272-423C-980F-2203D4DC645A}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{F9E64242-3509-4B67-81C0-94B61C482EF3}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{FBA5D847-4E0B-41EB-B9C2-914FF0A3C2D8}],@DisplayName=Live Search 
[HKEY_USERS\S-1-5-21-2874080176-798181569-1004335510-1011\..\SearchScopes\{FC14E538-E1D2-415E-B716-7185DF26016E}],@DisplayName=Live Search 
[HKCU\..\SearchScopes],@DefaultScope={E36D07D7-7B4C-47C7-877D-6884A690DD95} 
[HKCU\..\SearchScopes\${searchCLSID}],@DisplayName=@ieframe.dll,-12512  
[HKCU\..\SearchScopes\{002BDC20-67FB-4341-8CA6-79CE932F1F89}],@DisplayName=Live Search 
[HKCU\..\SearchScopes\{0046D14F-A35D-44C4-B96C-B64BA57833E4}],@DisplayName=Live Search 
[HKCU\..\SearchScopes\{010B3045-F8B0-4956-A168-33FE4AFF2B4A}],@DisplayName=Google  
[HKCU\..\SearchScopes\{01151F17-403D-43E8-8C57-2C9C29D09232}],@DisplayName=Google  
[HKCU\..\SearchScopes\{01184852-B413-49A4-A7E4-9458D7EEC982}],@DisplayName=Google  
[HKCU\..\SearchScopes\{013E0CC0-6CED-4BD5-9569-F6B237BFD2B0}],@DisplayName=Live Search 
[HKCU\..\SearchScopes\{0150A648-6385-4E89-8198-83D7138CD487}],@DisplayName=Live Search 
[HKCU\..\SearchScopes\{0173D52B-2A32-4E4B-BEC4-1AB5265E1E18}],@DisplayName=Live Search 
[HKCU\..\SearchScopes\{01EAD152-589F-4F84-BACA-

benurrr · Answer

oulala 

-----\ Option 2

Relance Yoog_Fix de Batch_Man et choisis l'option 2 ( Suppression )

Attend que la suppression se finisse.

Ensuite appuis sur une touche, un rapport s'ouvre.

Poste-le dans ta prochaine réponse.

PS-2: S'il ne s'ouvre pas le rapport est à la racine de ton disque sous le nom de Yoog_Fix.txt

lambulanciere · Answer

oulala ca veut dire koi c'est grave docteur lol

benurrr · Answer

rien n'est grave 

c'est la longueur du rapport lol

lambulanciere · Answer

Yoog_Fix 2.02 de Batch_Man 
Debut a 18:42 le 17/05/2009 
Microsoft Windows XP Home Edition (5.1.2600) Service Pack 3
Internet Explorer 7.0.5730.13 
Mozilla Firefox 3.0.10 (fr) 
Symantec Corporation 2005  (Not activated) 
ALWIL Software 4.7.1098  (Activated) 
Symantec Corporation 2005  (Activated) 

A:\ [Removable] (Total:0 Mo/Free:0 Mo)
C:\ [Fixed] - NTFS - (Total:30710 Mo/Free:1925 Mo)
D:\ [Fixed] - NTFS - (Total:152068 Mo/Free:1112 Mo)
E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
F:\ [Removable] (Total:0 Mo/Free:0 Mo)
G:\ [Removable] (Total:0 Mo/Free:0 Mo)
H:\ [Removable] (Total:0 Mo/Free:0 Mo)
I:\ [Removable] (Total:0 Mo/Free:0 Mo)
J:\ [Removable] (Total:0 Mo/Free:0 Mo)

Option 1 [2] Suppression  

+---------------\ Suppression


----------\ Suppression dans de fichiers


----------\ Suppression dans prefs.js et user.js


----------\ Suppression dans le registre


----------\ Fichiers temporaires

celui la il est plus court

benurrr · Answer

1) Télécharge SDFix d' AndyManchesta 

http://downloads.andymanchesta.com/RemovalTools/SDFix.exe sur ton Bureau. 

Double clique sur SDFix.exe et choisis Install. L'outil sera extrait à la racine du lecteur système (généralement le C:\) 
N y touche pas pour l instant. 

2) Redémarre en mode sans échec (Pour cela, tu tapotes la touche F8 dès le début de l’allumage du PC sans t’arrêter)

Ne jamais démarrer en mode sans échec via msconfig

3) SDFix 
* Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script. 
* Appuie sur Y pour commencer le processus de nettoyage. 
* Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer. 
* Appuie sur une touche pour redémarrer le PC. 
* Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers. 
* Après le chargement du Bureau, l'outil terminera son travail et affichera Finished. 
* Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau. 
· Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.

lambulanciere · Answer

[b]SDFix: Version 1.240 [/b]
Run by C‚cile on 17/05/2009 at 19:15

Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix

[b]Checking Services [/b]:


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


[b]Checking Files [/b]: 

No Trojan Files Found






Removing Temp Files

[b]ADS Check [/b]:
 


                                 [b]Final Check [/b]:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-17 19:25:10
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_4F166E45E07A7E201BF9C46BFEF818C9]
"NextInstance"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_4F166E45E07A7E201BF9C46BFEF818C9\0000]
"Service"="4f166e45e07a7e201bf9c46bfef818c9"
"Legacy"=dword:00000001
"ConfigFlags"=dword:00000000
"Class"="LegacyDriver"
"ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}"
"DeviceDesc"="4f166e45e07a7e201bf9c46bfef818c9"
"Capabilities"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\4f166e45e07a7e201bf9c46bfef818c9]
"c"="&registry_path=\REGISTRY\MACHINE\SYSTEM\ControlSet002\Services\4f166e45e07a7e201bf9c46bfef818c9&download_period=846000&first_download_delay=180&version=2&ip_0=586742989&port_0=7000&max_fails_0=5&ip_1=704183501&port_1=8300&max_fails_1=5&ip_2=2241985741&port_2=9002&max_fails_2=2&ip_3=1512966353&port_3=11234&max_fails_3=2&ips_count=4&name=4f166e45e07a7e201bf9c46bfef818c9&path=system32\4f166e45e07a7e201bf9c46bfef818c9.sys&wmid=Dkx003&idate=2009-03-02 01:57:06:288&last_download_time=2009-5-13 7:40:28.248&first_skip=1&last_update_ip_pos=0"
"Type"=dword:00000001
"Start"=dword:00000000
"ErrorControl"=dword:00000000
"Tag"=dword:00000001
"ImagePath"=str(2):"system32\4f166e45e07a7e201bf9c46bfef818c9.sys"
"DisplayName"="4f166e45e07a7e201bf9c46bfef818c9"
"Group"="rnbpsjl"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\4f166e45e07a7e201bf9c46bfef818c9\Security]
"Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_4F166E45E07A7E201BF9C46BFEF818C9]
"NextInstance"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_4F166E45E07A7E201BF9C46BFEF818C9\0000]
"Service"="4f166e45e07a7e201bf9c46bfef818c9"
"Legacy"=dword:00000001
"ConfigFlags"=dword:00000000
"Class"="LegacyDriver"
"ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}"
"DeviceDesc"="4f166e45e07a7e201bf9c46bfef818c9"
"Capabilities"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\4f166e45e07a7e201bf9c46bfef818c9]
"c"="&registry_path=\REGISTRY\MACHINE\SYSTEM\ControlSet002\Services\4f166e45e07a7e201bf9c46bfef818c9&download_period=846000&first_download_delay=180&version=2&ip_0=586742989&port_0=7000&max_fails_0=5&ip_1=704183501&port_1=8300&max_fails_1=5&ip_2=2241985741&port_2=9002&max_fails_2=2&ip_3=1512966353&port_3=11234&max_fails_3=2&ips_count=4&name=4f166e45e07a7e201bf9c46bfef818c9&path=system32\4f166e45e07a7e201bf9c46bfef818c9.sys&wmid=Dkx003&idate=2009-03-02 01:57:06:288&last_download_time=2009-5-13 7:40:28.248&first_skip=1&last_update_ip_pos=0"
"Type"=dword:00000001
"Start"=dword:00000000
"ErrorControl"=dword:00000000
"Tag"=dword:00000001
"ImagePath"=str(2):"system32\4f166e45e07a7e201bf9c46bfef818c9.sys"
"DisplayName"="4f166e45e07a7e201bf9c46bfef818c9"
"Group"="rnbpsjl"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\4f166e45e07a7e201bf9c46bfef818c9\Security]
"Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,..

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Blud"="n2pig9O8Y3Jc/luyQJ+J//NyIPOAXOQCY806ZuDgZwzzoiaorBzkWB/hT+UGMAMTGI0bNVKmfIzdsGSKpboYmwFr8QiFqzGkX6Fot1GL3TbTHJrs9nXSyRNRp8Fx4svpWuRzgYdLNta1AtgsRN61QV8/CkvhSti5bQYo28IOKCFg6B+3LgeKR/AefnvyJdnZNCMEDAMXytMdNP4lUUdEOtSxkeohaIp1s/OaugTFiABZgP2KuZIVhjUm8NDWf2Df4HAeV3ChWvIX8qDf47H9hIg/2yGxTDmNwBwaGSdyZ+nzf8Vh4+US2to9d+8vEaCD6LQuZjfT4+fQhXrZu4HPx2Q9f2odoR764UcKii1fgcOO/7/RTfVvgKlH8Winge5ArKC3jmm73w/4TuU69HArrzGdVdhBcP26Qj7z+73Sb+2E9aMTNmR1HsjlzjjqbuLF7h2tlfDO/MI7HeiY0keGbYhTAaUr5YaDTdTTYcI8TqjPymlZHtpOjzU/XK2coCZGMfm8w68XJZOdMD4a3lAOc2YZzdz/jAFVB45zJk3gKUdrB+OIlu6RuyAWV7tzXFKby0ax9FSJfcFlP/hQCmAcqXdNTB3A/oIkYErv6CNLIeDGPTUFuodU2pIlNUllmu2ayHQqfoDo8kX30TKl4ZCSymybgunH74V961B4QGbZqg2eYY2fbpBMMcZWTJNE2K8HYBSimQrtgS6vqP+EXM55uLAOV49viQRsLF1Di8BP71ro6Y+6ATkzk6UprORziX+um59Dd+OB/dVMJAouFa6r/Q1QYbslLGb5EAQXsCKd3RDamObXqoSDlTYJ5IrK9Q9WjEKHloAsC5rp/nAH50skDQVM4ndP0ya2aR0nm0pMwPmCbCpYczlw0+mFpAE3ulZDt4Ef5Oq6tkfxK8OOB1CjJT8Jt0FrHCxqpYcfLUyuqkl6orCSXMg+HaREajIyUg4cUN+rvnVBw11RKrOapD7qo99jkAckGN0Hli73T4J4ckm6ekn6kRNpdGLROutobLMuw5JTmYDBrLICIzmdwBvbNBBkf/8oX6H3NAad4G4pZSb1VPqTcXoKVsPAXF/e9cuVj/hS/5fTEjclv7CaFzOQweEN426vsLdeHb7iGyeyHaWEUE+Wv5FEJbuy+ZrfRA85zfCCfLhtpB473+XxkUL6GZPnMQ5ZBgFjIBEXp1NU6yMToMJcbkybJjPnvyQvqFMRErHHM3ImCugSbKgmDdOXWYH+cVC0B9Tf+ZyUeceMplQYSq0bANCCXJEyN43jI0Gc5O2bY5Q11rQWmePAixZJd3X4gm6mihFlGIs1amJqWO7w5VYdFAmJ4m5LED8yRgV+MCbIuYjDuxuGqrrxpweUpjcHAggM0Td5NFBWIz16aoQo8Nd0//pU1I8pNuNY+/8tfTpUQ7R30gSVwHH2tcL3aaEVnlF4EUdVfIr9/pSZuzGvuBnWoWVX9a3HGoIYIipGoRd0re7XAk4Swo3+mBHsVCBFwSYhQ+UKGY485/fo1Ut="

scanning hidden files ...

C:\WINDOWS\system32\4f166e45e07a7e201bf9c46bfef818c9.sys 39936 bytes executable
C:\WINDOWS\system32\_4f166e45e07a7e201bf9c46bfef818c9.sys_.vir 39936 bytes executable
folder error: D:\Documents and Settings\Cécile

[b]Remaining Services [/b]:




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%ProgramFiles%\AOL 9.0\aol.exe"="%ProgramFiles%\AOL 9.0\aol.exe:*:Enabled:AOL"
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe"="%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe:*:Enabled:SPLINTER CELL PANDORA"
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe"="%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe:*:Enabled:PANDORA"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\APPS\Inventime\my.exe"="C:\APPS\Inventime\my.exe:*:Enabled:INVENTIME"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\APPS\skype\phone\Skype.exe"="C:\APPS\skype\phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[b]Remaining Files [/b]:



[b]Files with Hidden Attributes [/b]:

Wed 14 Dec 2005           215 ..SH. --- "C:\BOOT.BAK"
Mon 14 Apr 2008     1,695,232 ..SH. --- "C:\Program Files\Messenger\msmsgs.exe"
Mon 15 Sep 2008     1,562,960 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDHelper.dll"
Wed 22 Oct 2008       962,896 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\Tools.dll"
Tue 31 May 2005       106,496 A..H. --- "C:\Program Files\Fichiers communs\aolshare\shell\fr\shellext.dll"

[b]Finished![/b]

benurrr · Answer

salut


télécharge OTMoveIt
http://oldtimer.geekstogo.com/OTMoveIt3.exe (de Old_Timer) sur ton Bureau.

double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste instruction for items to be moved.

:processes
explorer.exe
:services
TesSafe
Machnm32
Machnm32 Driver
MEMSWEEP2
:files
C:\WINDOWS\System32\TesSafe.sys
c:\windows\system32\TesSafe.sys
c:\program files\Oberon Media
c:\windows\system32\Machnm32.sys
c:\windows\system32\13.tmp
:reg
[-HKEY_LOCAL_MACHINE\System\ControlSet004\Services\MEMSWEEP2­]
"ImagePath"="\??\c:\windows\system32\13.tmp"
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_H­OOKSYS]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_H­OOKSYS]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_H­OOKSYS]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGA­CY_HOOKSYS]
:commands
[purity]
[emptytemp]
[start explorer]

clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.

benurrr · Answer

oupss attend ne fait pas mon dernier message 

je vérifie quelque chose

lambulanciere · Answer

alors

benurrr · Answer

****************************************************

/!\ Manip crée spécialement pour cet utilisateur , ne pas reproduire chez soi ... /!\

Ouvre le Bloc-Notes (Démarrer\Tous les programmes\Accessoires\Bloc notes.)

Copie ce texte ( en gras )d'une traite ( CTRL+C pour copier ) puis colle-le ( CTRL+V dans le bloc-note )


File::
c:\windows\system32\bbbeadce.dll 
c:\windows\system32\bdbcaacebddb.dll 
c:\windows\system32\f07e8262-d31b-cd8e-2­d10-881fafc69c8c.exe 
c:\windows\system32\88ee5dc43b600b4bfe4­a4eb4b223400c.exe 
c:\windows\system32\drivers\klbhmfvi.sys 

Driver::
klbhmfvi.sys 

Registry::
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\4f166e45e07a7e201bf9c46bfef818c9]
"ImagePath"=-


Sauvegarde ce fichier sur ton bureau sous le nom de CFScript.txt.



Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :

http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif

Cela va relancer Combofix,

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.

S'il n'y a pas de redémarrage, poste quand même les rapports.

**************************************************** 


Par Manque De Curiosité On Risque De Mourir Ignorant;Tu es libre de penser que tu es C..,
Mais C.. de penser que ­tu es libre...Merci a australe13

lambulanciere · Answer

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:06:46, on 18/05/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Documents and Settings\Cécile\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32
otepad.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=61005
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=61005
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe"  -osboot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "D:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Notification de cadeaux MSN.lnk = ?
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin
pjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin
pjpi150_02.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32
wprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: Service Bonjour (Bonjour Service) - Unknown owner - C:\Program Files\Bonjour\mDNSResponder.exe (file missing)
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

lambulanciere · Answer

trop cool avast se met en route merci merci c'etait koi le bleme

benurrr · Answer

tu était vraiment inffecter a se demander si tu n'avait pas un élevage de virus

et je voit que hijackthis aussi passe 

tu peut me poster aussi le rapport combofix qui se trouve dans C stp

on a pas encore fini il y'a encore des residues

lambulanciere · Answer

il s'appelle comment, avast est il vraiment efficace comme antivirus ou as tu un autre a me conseiller un gratuit si possible

benurrr · Answer

le fichier est la

C:\Combofix.txt 

moi persso je te conseillerai antivir gratuit et efficace un des meilleure

benurrr · Answer

re

pour la suite j'attends le rapport de combofix

lambulanciere · Answer

je te l'est deja envoyer et vient de le renvoyer mais je c pas si tu l'as reçu

lambulanciere · Answer

je c pas pk je t'envoie le rapport mais il part pas que faire

benurrr · Answer

celui que ta envoyer c'est hijackthis je le voulait aussi et le je veut celui de combofix qui se trouve 

ici et porte se nom

C:\Combofix.txt

lambulanciere · Answer

je c mais je ne comprend pas je te l'est envoyezr plusieur fois mais tu ne le recois pas pourtant tu recois les autres messages

benurrr · Answer

il doit-etre trop long envoie le en 2 ou 3 partie

lambulanciere · Answer

54.2 - NTFSx86
Microsoft Windows XP Édition familiale  5.1.2600.3.1252.33.1036.18.1471.961 [GMT 2:00]
Lancé depuis: d:\documents and settings\Cécile\Bureau\ComboFix.exe
Commutateurs utilisés :: d:\documents and settings\Cécile\Bureau\CFScript.txt
AV: avast! antivirus 4.7.1098 [VPS 080831-0] *On-access scanning enabled* (Outdated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Norton Internet Security *On-access scanning disabled* (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

FILE ::
c:\windows\system32\88ee5dc43b600b4bfe4­a4eb4b223400c.exe
c:\windows\system32\bbbeadce.dll
c:\windows\system32\bdbcaacebddb.dll
c:\windows\system32\drivers\klbhmfvi.sys
c:\windows\system32\f07e8262-d31b-cd8e-2­d10-881fafc69c8c.exe
.

((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\apcup.dll
c:\windows\system32\bbbeadce.dll
c:\windows\system32\drivers\klbhmfvi.sys

.
(((((((((((((((((((((((((((((((((((((((   Pilotes/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_klbhmfvi
-------\Service_klbhmfvi


(((((((((((((((((((((((((((((   Fichiers créés du 2009-04-18 au 2009-05-18  ))))))))))))))))))))))))))))))))))))
.

2009-05-17 18:04 . 2006-06-29 11:07	14048	------w	c:\windows\system32\spmsg2.dll
2009-05-17 17:58 . 2009-05-17 17:58	--------	d-----w	c:\windows\system32\XPSViewer
2009-05-17 17:58 . 2009-05-17 17:58	--------	d-----w	c:\program files\MSBuild
2009-05-17 17:58 . 2009-05-17 17:58	--------	d-----w	c:\program files\Reference Assemblies
2009-05-17 17:57 . 2008-07-06 12:06	117760	------w	c:\windows\system32\prntvpt.dll
2009-05-17 17:57 . 2008-07-06 12:06	89088	-c----w	c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-05-17 17:57 . 2008-07-06 10:50	597504	-c----w	c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-05-17 17:57 . 2008-07-06 12:06	575488	-c----w	c:\windows\system32\dllcache\xpsshhdr.dll
2009-05-17 17:57 . 2008-07-06 12:06	575488	------w	c:\windows\system32\xpsshhdr.dll
2009-05-17 17:57 . 2008-07-06 12:06	1676288	-c----w	c:\windows\system32\dllcache\xpssvcs.dll
2009-05-17 17:57 . 2008-07-06 12:06	1676288	------w	c:\windows\system32\xpssvcs.dll
2009-05-17 17:15 . 2009-05-17 17:15	579584	-c--a-w	c:\windows\system32\dllcache\user32.dll
2009-05-17 17:12 . 2009-05-17 17:12	--------	d-----w	c:\windows\ERUNT
2009-05-17 17:11 . 2009-05-18 17:47	--------	d-----w	C:\SDFix
2009-05-17 16:16 . 2009-05-18 17:39	--------	d-----w	C:\Yoog_Fix
2009-05-17 14:42 . 2009-05-17 15:39	--------	d-----w	c:\program files\Ad-remover
2009-05-17 10:37 . 2009-05-17 12:01	--------	d-----w	c:\windows\BDOSCAN8
2009-05-17 09:02 . 2009-05-17 09:02	--------	d-----w	d:\documents and settings\Moi\Local Settings\Application Data\Mozilla
2009-05-17 09:00 . 2009-05-17 09:00	--------	d-----w	d:\documents and settings\Moi\Local Settings\Application Data\Deployment
2009-05-08 00:20 . 2009-05-16 12:07	205840	----a-w	c:\windows\system32\kusers.dll
2009-04-20 17:56 . 2009-05-17 10:51	--------	d--h--r	c:\program files\rnamfler
2009-04-19 15:54 . 2009-04-19 15:54	--------	d-----w	c:\program files\VstPlugins
2009-04-19 15:54 . 2006-06-20 08:56	225280	----a-w	c:\windows\system32\rewire.dll
2009-04-19 15:53 . 2009-04-19 15:53	--------	d-----w	c:\program files\Outsim
2009-04-19 15:51 . 2009-04-22 06:33	--------	d-----w	c:\program files\Image-Line

.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-18 19:54 . 2006-03-02 12:00	23424	----a-w	c:\windows\system32\drivers\uasvfhxa.sys
2009-05-17 18:02 . 2004-08-16 16:41	86750	----a-w	c:\windows\system32\perfc00C.dat
2009-05-17 18:02 . 2004-08-16 16:41	513778	----a-w	c:\windows\system32\perfh00C.dat
2009-05-17 09:00 . 2006-01-13 16:35	234464	-c--a-w	d:\documents and settings\Moi\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-01 15:35 . 2009-04-13 17:57	--------	d-----w	c:\program files\Free Music Zilla
2009-04-23 16:59 . 2009-03-02 20:14	15688	----a-w	c:\windows\system32\lsdelete.exe
2009-04-23 16:58 . 2009-03-02 20:05	64160	----a-w	c:\windows\system32\drivers\Lbd.sys
2009-03-30 17:06 . 2009-03-30 17:06	--------	d-----w	c:\program files\EasyFlirt Messenger
2009-03-29 20:02 . 2005-12-23 20:49	--------	d-----w	c:\program files\Fichiers communs\Adobe
2009-03-06 14:20 . 2006-03-02 12:00	286720	----a-w	c:\windows\system32\pdh.dll
2009-03-04 14:21 . 2009-03-04 14:21	246288	----a-w	c:\windows\system32\88ee5dc43b600b4bfe4a4eb4b223400c.exe
2009-03-03 00:13 . 2006-03-02 12:00	826368	----a-w	c:\windows\system32\wininet.dll
2009-02-22 19:29 . 2008-07-26 08:19	5632	----a-w	c:\windows\system32\drivers\StarOpen.sys
2009-02-20 17:10 . 2006-03-02 12:00	78336	----a-w	c:\windows\system32\ieencode.dll
2008-03-25 19:21 . 2008-03-25 19:21	97409	----a-w	c:\program files\install_DivX Player_.exe
2008-03-10 20:57 . 2008-03-10 20:57	6105952	----a-w	c:\program files\Firefox Setup 2.0.0.12.exe
2008-03-02 16:38 . 2008-03-02 16:38	1104734	----a-w	c:\program files\dvdshrink_3.2.0.16_fr.zip
2004-10-01 13:00 . 2007-04-05 11:58	40960	----a-w	c:\program files\Uninstall_CDS.exe
2009-05-16 12:07 . 2009-04-04 07:54	67088	----a-w	c:\program files\mozilla firefox\components\bdbcaacebddb.dll
.

(((((((((((((((((((((((((((((   SnapShot@2009-05-17_13.40.28   )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-05-18 19:59 . 2009-05-18 19:59	16384              c:\windows\temp\Perflib_Perfdata_4e4.dat
+ 2008-07-29 19:10 . 2008-07-29 19:10	26112              c:\windows\system32\TsWpfWrp.exe
- 2006-01-18 08:27 . 2008-07-09 07:40	26488              c:\windows\system32\spupdsvc.exe
+ 2006-01-18 08:27 . 2007-11-30 11:18	26488              c:\windows\system32\spupdsvc.exe
+ 2009-05-17 17:58 . 2008-07-06 12:06	89088              c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
- 2007-06-25 21:18 . 2007-11-30 12:39	18296              c:\windows\system32\spmsg.dll
+ 2007-06-25 21:18 . 2007-11-30 11:19	18296              c:\windows\system32\spmsg.dll
+ 2008-07-29 17:59 . 2008-07-29 17:59	43544              c:\windows\system32\PresentationHostProxy.dll
+ 2004-08-16 16:40 . 2009-05-17 18:02	72862              c:\windows\system32\perfc009.dat
+ 2008-07-25 23:56 . 2008-07-25 23:56	15872              c:\windows\system32\mui\[u]0/u40C\mscorees.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	15360              c:\windows\system32\mui\[u]0/u409\mscorees.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16	83968              c:\windows\system32\mscories.dll
+ 2008-07-29 17:24 . 2008-07-29 17:24	97800              c:\windows\system32\infocardapi.dll
+ 2008-07-29 17:24 . 2008-07-29 17:24	11264              c:\windows\system32\icardres.dll
+ 2008-07-29 19:10 . 2008-07-29 19:10	73720              c:\windows\system32\dxva2.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16	96760              c:\windows\system32\dfshim.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40	70648              c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40	91136              c:\windows\Microsoft.NET\Framework\v3.5\MSBuild.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40	41984              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.VisualC.STLCLR.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40	40960              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Data.Entity.Build.Tasks.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	89080              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2052.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	92664              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1042.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	95224              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1041.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	89592              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1028.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	84480              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2052.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	94720              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1042.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	97792              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1041.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	84992              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1028.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	97280              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\DeleteTemp.exe
+ 2008-07-30 23:06 . 2008-07-30 23:06	97280              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\DeleteTemp.exe
+ 2008-07-31 02:15 . 2008-07-31 02:15	27910              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\baseline.dat
+ 2008-07-31 02:18 . 2008-07-31 02:18	46096              c:\windows\Microsoft.NET\Framework\v3.5\fr\MSBuild.resources.exe
+ 2008-07-31 02:18 . 2008-07-31 02:18	22032              c:\windows\Microsoft.NET\Framework\v3.5\fr\EdmGen.Resources.dll
+ 2008-07-31 02:18 . 2008-07-31 02:18	17944              c:\windows\Microsoft.NET\Framework\v3.5\fr\DataSvcUtil.resources.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40	95224              c:\windows\Microsoft.NET\Framework\v3.5\EdmGen.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40	78856              c:\windows\Microsoft.NET\Framework\v3.5\DataSvcUtil.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40	41984              c:\windows\Microsoft.NET\Framework\v3.5\AddInUtil.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40	41992              c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess32.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40	41992              c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess.exe
+ 2008-07-29 19:10 . 2008-07-29 19:10	46104              c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
+ 2008-07-29 17:59 . 2008-07-29 17:59	32768              c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationCFFRasterizer.dll
+ 2008-07-29 19:10 . 2008-07-29 19:10	71160              c:\windows\Microsoft.NET\Framework\v3.0\WPF\PenIMC.dll

lambulanciere · Answer

+ 2008-07-29 17:32 . 2008-07-29 17:32	17448              c:\windows\Microsoft.NET\Framework\v3.0\Windows Workflow Foundation\PerformanceCounterInstaller.exe
+ 2008-07-29 17:16 . 2008-07-29 17:16	32768              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16	73728              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.Install.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16	20504              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceMonikerSupport.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16	11280              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll
+ 2008-07-31 00:24 . 2008-07-31 00:24	32768              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\fr\WsatConfig.resources.dll
+ 2008-07-31 00:24 . 2008-07-31 00:24	11264              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\fr\SMSvcHost.resources.dll
+ 2008-07-31 00:24 . 2008-07-31 00:24	28672              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\fr\ServiceModelReg.resources.dll
+ 2008-07-31 00:24 . 2008-07-31 00:24	36864              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\fr\ComSvcConfig.resources.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	37896              c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	81400              c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
+ 2008-07-25 09:17 . 2008-07-25 09:17	77824              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	57392              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
- 2005-09-23 06:28 . 2005-09-23 06:28	81920              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	81920              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
- 2005-09-23 06:28 . 2005-09-23 06:28	81920              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	81920              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	95232              c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	16896              c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	61952              c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
- 2005-09-23 06:28 . 2005-09-23 06:28	32768              c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17	32768              c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17	53248              c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
- 2005-09-23 06:28 . 2005-09-23 06:28	53248              c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17	88584              c:\windows\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	24584              c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	32256              c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\[u]0/u40C\mscorsecr.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	31744              c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\[u]0/u409\mscorsecr.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	19456              c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	69632              c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16	18944              c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	77312              c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	94208              c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	46592              c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	83456              c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16	69632              c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
- 2005-09-23 06:28 . 2005-09-23 06:28	69632              c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16	97792              c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16	12800              c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2005-09-23 06:28 . 2005-09-23 06:28	12800              c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2005-09-23 06:28 . 2005-09-23 06:28	32768              c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16	32768              c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
- 2005-09-23 06:28 . 2005-09-23 06:28	28672              c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16	28672              c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16	77824              c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
- 2005-09-23 06:28 . 2005-09-23 06:28	36864              c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16	36864              c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
- 2005-09-23 06:28 . 2005-09-23 06:28	40960              c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16	40960              c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17	72192              c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
- 2005-09-23 06:28 . 2005-09-23 06:28	72192              c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	65032              c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	28672              c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
- 2005-09-23 06:28 . 2005-09-23 06:28	28672              c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17	77824              c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16	18936              c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	81920              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\System.Web.Services.Resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	81920              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\System.Web.Mobile.resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	16896              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\System.Transactions.resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	40960              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\System.ServiceProcess.Resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	28672              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\System.Security.Resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	11776              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\System.Runtime.Serialization.Formatters.Soap.Resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	32768              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\System.Runtime.Remoting.Resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	61440              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\System.Messaging.Resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	13312              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\System.Management.Resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	32768              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\System.EnterpriseServices.Resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	15360              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\System.Drawing.Resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	40960              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\System.DirectoryServices.Resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	28672              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\System.DirectoryServices.Protocols.resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	36864              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\system.data.sqlxml.resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	49152              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\System.Configuration.resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	28672              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\System.Configuration.Install.Resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	10752              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\sysglobl.resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	96256              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\ShFusRes.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	11264              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\Regasm.resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	13312              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\MSBuild.resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	61440              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\Microsoft.VisualBasic.resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	45056              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\Microsoft.JScript.Resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	10752              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\Microsoft.Build.Utilities.Resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	53248              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\Microsoft.Build.Engine.resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	36864              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\caspol.resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	40960              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\aspnet_regsql.resources.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16	62968              c:\windows\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16	35320              c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17	69120              c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	27136              c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16	13312              c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
- 2005-09-23 06:28 . 2005-09-23 06:28	13312              c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16	80376              c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17	89608              c:\windows\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2008-11-25 02:59 . 2008-11-25 02:59	31560              c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16	34312              c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16	33288              c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16	24576              c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16	84480              c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll

lambulanciere · Answer

c:\windows\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16	17416              c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16	22024              c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16	36864              c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
- 2005-09-23 06:28 . 2005-09-23 06:28	36864              c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17	58880              c:\windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16	98808              c:\windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
- 2005-09-23 06:28 . 2005-09-23 06:28	10752              c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	10752              c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	14336              c:\windows\Microsoft.NET\Framework\v2.0.50727\1036\CvtResUI.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	33280              c:\windows\Microsoft.NET\Framework\v2.0.50727\1036\alinkui.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16	13824              c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16	28672              c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16	96768              c:\windows\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	16896              c:\windows\Microsoft.NET\Framework\SharedReg12.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	16896              c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	16896              c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16	16896              c:\windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16	82944              c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2009-05-17 17:12 . 2009-05-17 17:12	16384              c:\windows\ERUNT\SDFIX_First_Run\Users\[u]0/u0000002\UsrClass.dat
+ 2009-05-17 17:12 . 2009-05-17 17:12	16384              c:\windows\ERUNT\SDFIX\Users\[u]0/u0000002\UsrClass.dat
+ 2009-05-17 17:57 . 2008-07-06 12:06	89088              c:\windows\Driver Cache\i386\filterpipelineprintproc.dll
+ 2009-05-17 18:24 . 2009-05-17 18:24	47616              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\5700a35086393fff09a46fd10d2e39b5\WindowsLiveWriter.ni.exe
+ 2009-05-17 18:25 . 2009-05-17 18:25	99840              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\4a5ba9683bf7be94c307bd076fa568bf\WindowsLive.Writer.Api.ni.dll
+ 2009-05-17 18:09 . 2009-05-17 18:09	60928              c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\a715aa442ef87ae99b3ade185599249d\UIAutomationProvider.ni.dll
+ 2009-05-17 18:28 . 2009-05-17 18:28	37888              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\423f794d1f4ed6e120fbb02e436491cb\System.Windows.Presentation.ni.dll
+ 2009-05-17 18:28 . 2009-05-17 18:28	36864              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\19ca1747c1ea18a3b639b302bca8df93\System.Web.DynamicData.Design.ni.dll
+ 2009-05-17 18:26 . 2009-05-17 18:26	94208              c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\532438e2acfcadc469a4d468c51f8451\System.ComponentModel.DataAnnotations.ni.dll
+ 2009-05-17 18:26 . 2009-05-17 18:26	82944              c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\597b20e1b053d6a510cfe033c07a63e6\System.AddIn.Contract.ni.dll
+ 2009-05-17 18:06 . 2009-05-17 18:06	47104              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\2d7408a0232f2e2efd0d7adf5dfa733a\PresentationFontCache.ni.exe
+ 2009-05-17 18:05 . 2009-05-17 18:05	39424              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\c8fd2d9233f8ea3031fb16f697635231\PresentationCFFRasterizer.ni.dll
+ 2009-05-17 18:27 . 2009-05-17 18:27	55296              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\790cf1edb17ee41b59be62ecbd59613b\Microsoft.Vsa.ni.dll
+ 2009-05-17 18:25 . 2009-05-17 18:25	15872              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\ec83ec80653eb20ccc6ed42075c90aee\Microsoft.VisualC.ni.dll
+ 2009-05-17 18:26 . 2009-05-17 18:26	65024              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e9aba2eab90d647356f65e66053da02b\Microsoft.Build.Framework.ni.dll
+ 2009-05-17 18:26 . 2009-05-17 18:26	74752              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\28343d470d992f169ca0e7cdb3cc3117\Microsoft.Build.Framework.ni.dll
+ 2009-05-17 18:26 . 2009-05-17 18:26	14336              c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\f4e38208e88cb4cc314a1d6543b9fcc6\dfsvc.ni.exe
+ 2009-05-17 18:24 . 2009-05-17 18:24	25600              c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\11eb4f6606ba01e5128805759121ea6c\Accessibility.ni.dll
+ 2009-05-17 17:58 . 2009-05-17 17:58	94208              c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	90112              c:\windows\assembly\GAC_MSIL\WindowsBase.resources\3.0.0.0_fr_31bf3856ad364e35\WindowsBase.resources.dll
+ 2009-05-17 17:58 . 2009-05-17 17:58	98304              c:\windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	10240              c:\windows\assembly\GAC_MSIL\UIAutomationTypes.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationTypes.resources.dll
+ 2009-05-17 17:58 . 2009-05-17 17:58	40960              c:\windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	12288              c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationClientsideProviders.resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	36864              c:\windows\assembly\GAC_MSIL\system.workflow.runtime.resources\3.0.0.0_fr_31bf3856ad364e35\System.Workflow.Runtime.resources.dll
+ 2009-05-17 17:59 . 2009-05-17 17:59	12288              c:\windows\assembly\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	81920              c:\windows\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Web.Services.Resources.dll
+ 2009-05-17 17:59 . 2009-05-17 17:59	61440              c:\windows\assembly\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\System.Web.Routing.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	77824              c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	81920              c:\windows\assembly\GAC_MSIL\System.Web.Mobile.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Web.Mobile.resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	49152              c:\windows\assembly\GAC_MSIL\System.Web.Extensions.Design.resources\3.5.0.0_fr_31bf3856ad364e35\System.Web.Extensions.Design.Resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	24576              c:\windows\assembly\GAC_MSIL\System.Web.Entity.resources\3.5.0.0_fr_b77a5c561934e089\System.Web.Entity.Resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	11264              c:\windows\assembly\GAC_MSIL\System.Web.Entity.Design.resources\3.5.0.0_fr_b77a5c561934e089\System.Web.Entity.Design.Resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	16384              c:\windows\assembly\GAC_MSIL\System.Web.DynamicData.resources\3.5.0.0_fr_31bf3856ad364e35\System.Web.DynamicData.Resources.dll
+ 2009-05-17 17:59 . 2009-05-17 17:59	32768              c:\windows\assembly\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll
+ 2009-05-17 17:59 . 2009-05-17 17:59	77824              c:\windows\assembly\GAC_MSIL\System.Web.Abstractions\3.5.0.0__31bf3856ad364e35\System.Web.Abstractions.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	16896              c:\windows\assembly\GAC_MSIL\System.Transactions.resources\2.0.0.0_fr_b77a5c561934e089\System.Transactions.resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	61440              c:\windows\assembly\GAC_MSIL\System.Speech.resources\3.0.0.0_fr_31bf3856ad364e35\System.Speech.resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	40960              c:\windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.ServiceProcess.Resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	73728              c:\windows\assembly\GAC_MSIL\System.ServiceModel.Web.resources\3.5.0.0_fr_31bf3856ad364e35\System.ServiceModel.Web.resources.dll
+ 2009-05-17 17:58 . 2009-05-17 17:58	32768              c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2009-05-17 17:58 . 2009-05-17 17:58	73728              c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	36864              c:\windows\assembly\GAC_MSIL\system.servicemodel.install.resources\3.0.0.0_fr_b77a5c561934e089\System.ServiceModel.Install.Resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	28672              c:\windows\assembly\GAC_MSIL\System.Security.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Security.Resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	11776              c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	32768              c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_fr_b77a5c561934e089\System.Runtime.Remoting.Resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	28672              c:\windows\assembly\GAC_MSIL\System.Printing.resources\3.0.0.0_fr_31bf3856ad364e35\System.Printing.resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	28672              c:\windows\assembly\GAC_MSIL\System.Net.resources\3.5.0.0_fr_b03f5f7f11d50a3a\System.Net.Resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	61440              c:\windows\assembly\GAC_MSIL\System.Messaging.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Messaging.Resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	13312              c:\windows\assembly\GAC_MSIL\System.Management.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Management.Resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	11264              c:\windows\assembly\GAC_MSIL\System.Management.Instrumentation.resources\3.5.0.0_fr_b77a5c561934e089\System.Management.Instrumentation.Resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	12288              c:\windows\assembly\GAC_MSIL\system.io.log.resources\3.0.0.0_fr_b03f5f7f11d50a3a\System.IO.Log.Resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	57344              c:\windows\assembly\GAC_MSIL\system.identitymodel.selectors.resources\3.0.0.0_fr_b77a5c561934e089\System.IdentityModel.Selectors.Resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	65536              c:\windows\assembly\GAC_MSIL\system.identitymodel.resources\3.0.0.0_fr_b77a5c561934e089\System.IdentityModel.Resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	32768              c:\windows\assembly\GAC_MSIL\System.EnterpriseServices.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.EnterpriseServices.Resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	15360              c:\windows\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Drawing.Resources.dll
- 2009-03-11 16:50 . 2009-03-11 16:50	81920              c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	81920              c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	40960              c:\windows\assembly\GAC_MSIL\System.DirectoryServices.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.DirectoryServices.Resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	28672              c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.DirectoryServices.Protocols.resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	36864              c:\windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement.resources\3.5.0.0_fr_b77a5c561934e089\System.DirectoryServices.AccountManagement.resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	36864              c:\windows\assembly\GAC_MSIL\System.Data.SqlXml.resources\2.0.0.0_fr_b77a5c561934e089\system.data.sqlxml.resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	69632              c:\windows\assembly\GAC_MSIL\System.Data.Services.resources\3.5.0.0_fr_b77a5c561934e089\System.Data.Services.resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	36864              c:\windows\assembly\GAC_MSIL\System.Data.Services.Client.resources\3.5.0.0_fr_b77a5c561934e089\System.Data.Services.Client.resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	57344              c:\windows\assembly\GAC_MSIL\System.Data.Linq.resources\3.5.0.0_fr_b77a5c561934e089\System.Data.Linq.Resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	15872              c:\windows\assembly\GAC_MSIL\System.Data.Entity.Design.resources\3.5.0.0_fr_b77a5c561934e089\System.Data.Entity.Design.Resources.dll
+ 2009-05-17 17:59 . 2009-05-17 17:59	53248              c:\windows\assembly\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	61440              c:\windows\assembly\GAC_MSIL\System.Core.resources\3.5.0.0_fr_b77a5c561934e089\System.Core.Resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	49152              c:\windows\assembly\GAC_MSIL\system.configuration.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Configuration.resources.dll
- 2009-03-11 16:50 . 2009-03-11 16:50	81920              c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	81920              c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	28672              c:\windows\assembly\GAC_MSIL\System.Configuration.Install.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Configuration.Install.Resources.dll
+ 2009-05-17 17:59 . 2009-05-17 17:59	57344              c:\windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2009-05-17 17:59 . 2009-05-17 17:59	45056              c:\windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	10752              c:\windows\assembly\GAC_MSIL\sysglobl.resources\2.0.0.0_fr_b03f5f7f11d50a3a\sysglobl.resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	40960              c:\windows\assembly\GAC_MSIL\ReachFramework.resources\3.0.0.0_fr_31bf3856ad364e35\ReachFramework.resources.dll
+ 2009-05-17 17:58 . 2009-05-17 17:58	46104              c:\windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
+ 2009-05-17 17:58 . 2009-05-17 17:58	32768              c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	53248              c:\windows\assembly\GAC_MSIL\PresentationBuildTasks.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationBuildTasks.resources.dll
- 2009-03-11 16:50 . 2009-03-11 16:50	32768              c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	32768              c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	12800              c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2009-03-11 16:50 . 2009-03-11 16:50	12800              c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2009-05-17 17:59 . 2009-05-17 17:59	41984              c:\windows\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	28672              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2009-03-11 16:50 . 2009-03-11 16:50	28672              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	61440              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	19456              c:\windows\assembly\GAC_MSIL\microsoft.transactions.bridge.resources\3.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	45056              c:\windows\assembly\GAC_MSIL\Microsoft.Jscript.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.JScript.Resources.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	77824              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2009-05-17 17:59 . 2009-05-17 17:59	94208              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	11776              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5.resources\3.5.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	10752              c:\windows\assembly\GAC_MSIL\microsoft.build.utilities.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Utilities.Resources.dll
+ 2009-05-17 17:59 . 2009-05-17 17:59	36864              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2009-03-11 16:50 . 2009-03-11 16:50	36864              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	36864              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	69632              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\3.5.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	53248              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	12288              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5.resources\3.5.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.resources.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	77824              c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	13312              c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2009-03-11 16:50 . 2009-03-11 16:50	13312              c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	10752              c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2009-03-11 16:50 . 2009-03-11 16:50	10752              c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2009-03-11 16:50 . 2009-03-11 16:50	72192              c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	72192              c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	69120              c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	8192              c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40	5632              c:\windows\Microsoft.NET\Framework\v3.5\Sentinel.v3.5Client.dll
+ 2008-07-31 02:18 . 2008-07-31 02:18	4096              c:\windows\Microsoft.NET\Framework\v3.5\fr\Microsoft.Data.Entity.Build.Tasks.Resources.dll
- 2005-09-23 06:28 . 2005-09-23 06:28	7168              c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16	7168              c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
- 2005-09-23 06:29 . 2005-09-23 06:29	5632              c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	5632              c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	6656              c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	8192              c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
- 2005-09-23 06:28 . 2005-09-23 06:28	8192              c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	9728              c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
- 2005-09-23 06:28 . 2005-09-23 06:28	9728              c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2008-07-25 23:56 . 2008-07-25 23:56	9728              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC\fr\Microsoft.VisualBasic.Compatibility.resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	9216              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC\fr\Microsoft.VisualBasic.Compatibility.Data.resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	6144              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\System.Drawing.Design.Resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	7168              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\JSC.Resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	4096              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\InstallUtil.resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	5632              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\aspnet_regbrowsers.resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	8704              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\aspnet_compiler.resources.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16	5120              c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe

lambulanciere · Answer

c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2009-05-17 18:04 . 2009-05-17 18:04	5120              c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration.resources\3.0.0.0_fr_31bf3856ad364e35\WindowsFormsIntegration.resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	4096              c:\windows\assembly\GAC_MSIL\UIAutomationProvider.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationProvider.resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	4096              c:\windows\assembly\GAC_MSIL\UIAutomationClient.resources\3.0.0.0_fr_31bf3856ad364e35\UIAutomationClient.resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	8192              c:\windows\assembly\GAC_MSIL\System.Xml.Linq.resources\3.5.0.0_fr_b77a5c561934e089\System.Xml.Linq.Resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	3584              c:\windows\assembly\GAC_MSIL\System.Windows.Presentation.resources\3.5.0.0_fr_b77a5c561934e089\System.Windows.Presentation.resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	7680              c:\windows\assembly\GAC_MSIL\System.Web.Routing.resources\3.5.0.0_fr_31bf3856ad364e35\System.Web.Routing.Resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	4096              c:\windows\assembly\GAC_MSIL\System.Web.DynamicData.Design.resources\3.5.0.0_fr_31bf3856ad364e35\System.Web.DynamicData.Design.Resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	3584              c:\windows\assembly\GAC_MSIL\System.Web.Abstractions.resources\3.5.0.0_fr_31bf3856ad364e35\System.Web.Abstractions.Resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	6144              c:\windows\assembly\GAC_MSIL\System.Drawing.Design.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Drawing.Design.Resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	7680              c:\windows\assembly\GAC_MSIL\System.Data.Services.Design.resources\3.5.0.0_fr_b77a5c561934e089\System.Data.Services.Design.resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	5120              c:\windows\assembly\GAC_MSIL\System.Data.DataSetExtensions.resources\3.5.0.0_fr_b77a5c561934e089\System.Data.DataSetExtensions.Resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	8192              c:\windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations.resources\3.5.0.0_fr_31bf3856ad364e35\System.ComponentModel.DataAnnotations.Resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	5120              c:\windows\assembly\GAC_MSIL\smdiagnostics.resources\3.0.0.0_fr_b77a5c561934e089\SMDiagnostics.resources.dll
+ 2009-05-17 17:59 . 2009-05-17 17:59	5632              c:\windows\assembly\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll
- 2009-03-11 16:50 . 2009-03-11 16:50	7168              c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	7168              c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2009-03-11 16:50 . 2009-03-11 16:50	5632              c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	5632              c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	9728              c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	9216              c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	5120              c:\windows\assembly\GAC_MSIL\microsoft.transactions.bridge.dtc.resources\3.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.Resources.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	6656              c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	8192              c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2009-03-11 16:50 . 2009-03-11 16:50	8192              c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	113664              c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2009-03-11 16:50 . 2009-03-11 16:50	258048              c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	258048              c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	635904              c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	558080              c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	479232              c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcm80.dll
+ 2008-07-29 19:26 . 2008-07-29 19:26	301568              c:\windows\system32\XPSViewer\XPSViewer.exe
+ 2008-07-29 17:59 . 2008-07-29 17:59	161296              c:\windows\system32\UIAutomationCore.dll
+ 2009-05-17 17:58 . 2008-07-06 12:06	765440              c:\windows\system32\spool\XPSEP\i386\mxdwdrv.dll
+ 2009-05-17 17:58 . 2008-07-06 12:06	765440              c:\windows\system32\spool\XPSEP\i386\i386\mxdwdrv.dll
+ 2009-05-17 17:58 . 2008-07-06 12:06	748032              c:\windows\system32\spool\XPSEP\amd64\mxdwdrv.dll
+ 2009-05-17 17:58 . 2008-07-06 12:06	748032              c:\windows\system32\spool\XPSEP\amd64\amd64\mxdwdrv.dll
+ 2009-05-17 17:58 . 2008-07-06 12:06	147456              c:\windows\system32\spool\prtprocs\x64\filterpipelineprintproc.dll
+ 2009-05-17 17:57 . 2008-07-06 10:50	597504              c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
+ 2006-03-25 17:16 . 2008-03-13 04:52	761344              c:\windows\system32\spool\drivers\w32x86\3\unires.dll
- 2006-03-25 17:16 . 2007-05-15 08:08	761344              c:\windows\system32\spool\drivers\w32x86\3\unires.dll
+ 2006-03-25 17:16 . 2008-07-06 12:06	744960              c:\windows\system32\spool\drivers\w32x86\3\unidrvui.dll
+ 2006-03-25 17:16 . 2008-07-06 12:06	373248              c:\windows\system32\spool\drivers\w32x86\3\unidrv.dll
- 2006-03-25 17:16 . 2008-04-14 02:33	373248              c:\windows\system32\spool\drivers\w32x86\3\unidrv.dll
+ 2009-05-17 17:57 . 2008-07-06 12:06	198656              c:\windows\system32\spool\drivers\w32x86\3\mxdwdui.dll
+ 2009-05-17 17:57 . 2008-07-06 12:06	765440              c:\windows\system32\spool\drivers\w32x86\3\mxdwdrv.dll
+ 2006-08-24 14:15 . 2006-08-24 14:15	150808              c:\windows\system32\rgb9rast_2.dll
+ 2008-07-29 17:59 . 2008-07-29 17:59	781344              c:\windows\system32\PresentationNative_v0300.dll
+ 2008-07-29 18:35 . 2008-07-29 18:35	326160              c:\windows\system32\PresentationHost.exe
+ 2008-07-29 17:59 . 2008-07-29 17:59	105016              c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
+ 2004-08-16 16:40 . 2009-05-17 18:02	443712              c:\windows\system32\perfh009.dat
+ 2008-07-25 09:16 . 2008-07-25 09:16	158720              c:\windows\system32\mscorier.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16	282112              c:\windows\system32\mscoree.dll
+ 2008-07-29 17:24 . 2008-07-29 17:24	622080              c:\windows\system32\icardagt.exe
+ 2004-08-16 16:54 . 2009-05-17 19:34	642720              c:\windows\system32\FNTCACHE.DAT
+ 2008-07-29 19:10 . 2008-07-29 19:10	493048              c:\windows\system32\evr.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40	196104              c:\windows\Microsoft.NET\Framework\v3.5\WFServicesReg.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40	802816              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Build.Tasks.v3.5.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	984056              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapUI.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	107512              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	111096              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.3082.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	110072              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2070.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	106488              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1055.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	105976              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1053.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	107000              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1049.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	107512              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1046.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	109048              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1045.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	106488              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1044.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	108536              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1043.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	110072              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1040.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	111096              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1038.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	101368              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1037.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	112120              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1036.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	106488              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1035.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	113656              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1032.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	111608              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1031.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	108536              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1030.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	108536              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1029.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	102904              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1025.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	689152              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsscenario.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	413184              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsbasereqs.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	632320              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs70uimgr.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	110080              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	131584              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.3082.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	131072              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2070.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	121344              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1055.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	121344              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1053.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	123904              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1049.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	122880              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1046.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	128512              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1045.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	121856              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1044.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	129024              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1043.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	128512              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1040.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	132096              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1038.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	111104              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1037.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	133120              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1036.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	122368              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1035.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	137728              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1032.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	130048              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1031.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	126464              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1030.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	125440              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1029.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	113152              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1025.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	269304              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
+ 2008-07-29 16:47 . 2008-07-29 16:47	177152              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\HtmlLite.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	276984              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\dlmgr.dll
+ 2008-07-29 21:15 . 2008-07-29 21:15	225490              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\baseline.dat
+ 2008-07-30 23:06 . 2008-07-30 23:06	984056              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\WapUI.dll
+ 2008-07-30 23:08 . 2008-07-30 23:08	112120              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\WapRes.dll
+ 2008-07-30 23:06 . 2008-07-30 23:06	689152              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\vsscenario.dll
+ 2008-07-30 23:06 . 2008-07-30 23:06	413184              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\vsbasereqs.dll
+ 2008-07-30 23:06 . 2008-07-30 23:06	632320              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\vs70uimgr.dll
+ 2008-07-30 23:08 . 2008-07-30 23:08	133120              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setupres.dll
+ 2008-07-30 23:06 . 2008-07-30 23:06	269304              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
+ 2008-07-31 02:18 . 2008-07-31 02:18	183296              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\RebootStub.exe
+ 2008-07-30 23:06 . 2008-07-30 23:06	177152              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\HtmlLite.dll
+ 2008-07-30 23:06 . 2008-07-30 23:06	276984              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\dlmgr.dll
+ 2008-07-31 02:18 . 2008-07-31 02:18	163840              c:\windows\Microsoft.NET\Framework\v3.5\fr\Microsoft.Build.Tasks.v3.5.resources.dll
+ 2008-07-31 02:18 . 2008-07-31 02:18	275448              c:\windows\Microsoft.NET\Framework\v3.5\1036\vbc7ui.dll
+ 2008-07-31 02:18 . 2008-07-31 02:18	198144              c:\windows\Microsoft.NET\Framework\v3.5\1036\cscompui.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40	233976              c:\windows\Microsoft.NET\Framework\v3.5\1033\vbc7ui.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40	168448              c:\windows\Microsoft.NET\Framework\v3.5\1033\cscompui.dll
+ 2008-07-29 18:35 . 2008-07-29 18:35	864256              c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationUI.dll
+ 2008-07-29 17:59 . 2008-07-29 17:59	132120              c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2008-07-29 19:10 . 2008-07-29 19:10	806928              c:\windows\Microsoft.NET\Framework\v3.0\WPF\NaturalLanguage6.dll
+ 2008-07-31 00:48 . 2008-07-31 00:48	372736              c:\windows\Microsoft.NET\Framework\v3.0\WPF\fr\PresentationUI.resources.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16	152576              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe
+ 2008-07-29 17:16 . 2008-07-29 17:16	966656              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16	132096              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
+ 2008-07-29 17:16 . 2008-07-29 17:16	110592              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16	156688              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe
+ 2008-07-29 17:16 . 2008-07-29 17:16	163840              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16	397312              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll
+ 2008-07-29 17:24 . 2008-07-29 17:24	881664              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
+ 2008-05-14 20:38 . 2008-05-14 20:38	864256              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\fr\infocard.resources.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16	168968              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe
+ 2008-11-25 02:59 . 2008-11-25 02:59	436040              c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	839680              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
- 2005-09-23 06:28 . 2005-09-23 06:28	835584              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	835584              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	261632              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	114688              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
- 2005-09-23 06:28 . 2005-09-23 06:28	114688              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	258048              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
- 2005-09-23 06:28 . 2005-09-23 06:28	258048              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	131072              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
- 2005-09-23 06:28 . 2005-09-23 06:28	131072              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	303104              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	258048              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
- 2005-09-23 06:28 . 2005-09-23 06:28	258048              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	372736              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	113664              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
- 2005-09-23 06:28 . 2005-09-23 06:28	258048              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	258048              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll

lambulanciere · Answer

c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	188416              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
- 2005-09-23 06:28 . 2005-09-23 06:28	188416              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	401408              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16	970752              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	745472              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2008-11-25 02:59 . 2008-11-25 02:59	486400              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	425984              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
- 2005-09-23 06:28 . 2005-09-23 06:28	110592              c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	110592              c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	392184              c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	118784              c:\windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16	143360              c:\windows\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	100856              c:\windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17	230912              c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	345600              c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	114176              c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2008-11-25 02:59 . 2008-11-25 02:59	364872              c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	308224              c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
+ 2008-11-25 02:59 . 2008-11-25 02:59	990032              c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	659456              c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
- 2005-09-23 06:29 . 2005-09-23 06:29	372736              c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	372736              c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	110592              c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
- 2005-09-23 06:29 . 2005-09-23 06:29	110592              c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16	749568              c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16	655360              c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16	348160              c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	230904              c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2008-07-25 23:56 . 2008-07-25 23:56	167936              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\System.xml.Resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	430080              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\System.Windows.Forms.Resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	622592              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\System.Web.Resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	212992              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\system.Resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	548864              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\System.Design.Resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	413696              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\System.Deployment.resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	352256              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\System.Data.Resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	110592              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\System.Data.OracleClient.resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	420864              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\mscorrc.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	311296              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\mscorlib.Resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	139264              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\Microsoft.Build.Tasks.resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	315392              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\aspnetmmcext.resources.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	100352              c:\windows\Microsoft.NET\Framework\v2.0.50727\fr\aspnet_rc.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	798224              c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	575496              c:\windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	106496              c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
- 2005-09-23 06:28 . 2005-09-23 06:28	106496              c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16	507904              c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
- 2005-09-23 06:28 . 2005-09-23 06:28	106496              c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16	106496              c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17	147968              c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	254976              c:\windows\Microsoft.NET\Framework\v2.0.50727\1036\Vsavb7rtUI.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	225784              c:\windows\Microsoft.NET\Framework\v2.0.50727\1036\vbc7ui.dll
+ 2008-07-25 23:56 . 2008-07-25 23:56	170496              c:\windows\Microsoft.NET\Framework\v2.0.50727\1036\cscompui.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16	218112              c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	193016              c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16	145408              c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
+ 2009-05-17 17:12 . 2008-08-07 13:27	163328              c:\windows\ERUNT\SDFIX_First_Run\ERDNT.EXE
+ 2009-05-17 17:12 . 2008-08-07 13:27	163328              c:\windows\ERUNT\SDFIX\ERDNT.EXE
+ 2009-05-17 17:57 . 2008-03-13 04:52	761344              c:\windows\Driver Cache\i386\unires.dll
+ 2009-05-17 17:57 . 2008-07-06 12:06	744960              c:\windows\Driver Cache\i386\unidrvui.dll
+ 2009-05-17 17:57 . 2008-07-06 12:06	373248              c:\windows\Driver Cache\i386\unidrv.dll
+ 2009-05-17 17:57 . 2008-07-06 12:06	198656              c:\windows\Driver Cache\i386\mxdwdui.dll
+ 2009-05-17 17:57 . 2008-07-06 12:06	765440              c:\windows\Driver Cache\i386\mxdwdrv.dll
+ 2009-05-17 18:24 . 2009-05-17 18:24	321536              c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\2ef5bc3a2edd7570bb23886a4f32294a\WsatConfig.ni.exe
+ 2009-05-17 18:26 . 2009-05-17 18:26	627712              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\f9ac52e76b942f38edaea1540cdce7ad\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2009-05-17 18:25 . 2009-05-17 18:25	851968              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d88240dcc329907b1f7c6be038d67ccd\WindowsLive.Writer.BlogClient.ni.dll
+ 2009-05-17 18:25 . 2009-05-17 18:25	258048              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\c23a281e806a14bf48225461e9504e3e\WindowsLive.Writer.Mshtml.ni.dll
+ 2009-05-17 18:26 . 2009-05-17 18:26	322048              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ba458626154b268633d17b380951dc05\WindowsLive.Writer.SpellChecker.ni.dll
+ 2009-05-17 18:25 . 2009-05-17 18:25	118784              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ab125d3a580223b5c104e30afb48dee8\WindowsLive.Writer.Extensibility.ni.dll
+ 2009-05-17 18:26 . 2009-05-17 18:26	117760              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\aa1c0fb73aba618f70e59d58a734e315\WindowsLive.Writer.Instrumentation.ni.dll
+ 2009-05-17 18:25 . 2009-05-17 18:25	319488              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\aa0d656d49e99b02f7614f4d96d8f54c\WindowsLive.Writer.Interop.ni.dll
+ 2009-05-17 18:25 . 2009-05-17 18:25	334848              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\a58837d52e2eef58317a903e9b0de96d\WindowsLive.Writer.Interop.Mshtml.ni.dll
+ 2009-05-17 18:25 . 2009-05-17 18:25	594944              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\752deb2586f4ce372db2581728b3fd9d\WindowsLive.Writer.HtmlEditor.ni.dll
+ 2009-05-17 18:25 . 2009-05-17 18:25	174080              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\6b30f4f0e887c26cac499a5ce4ee45d8\WindowsLive.Writer.BrowserControl.ni.dll
+ 2009-05-17 18:25 . 2009-05-17 18:25	313856              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\681ad822aa7295018c1b9f96ad372ee0\WindowsLive.Writer.Interop.SHDocVw.ni.dll
+ 2009-05-17 18:26 . 2009-05-17 18:26	119296              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\55e6f7f927f7e25d68cba5cba5202ed0\WindowsLive.Writer.FileDestinations.ni.dll
+ 2009-05-17 18:25 . 2009-05-17 18:25	843776              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\51ff7ea9cefa9385a9597ef269236b8c\WindowsLive.Writer.Controls.ni.dll
+ 2009-05-17 18:25 . 2009-05-17 18:25	428032              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\1e25e6dbae70b2a0dba46e74e773acee\WindowsLive.Writer.Localization.ni.dll
+ 2009-05-17 18:25 . 2009-05-17 18:25	108544              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\[u]0/u5db615058b5e19e632385efbf3e2237\WindowsLive.Writer.Passport.ni.dll
+ 2009-05-17 18:25 . 2009-05-17 18:25	152064              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\[u]0/u0ad735ab245a8f45be00ba9dccc9443\WindowsLive.Writer.HtmlParser.ni.dll
+ 2009-05-17 18:25 . 2009-05-17 18:25	145920              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\9546c5ce7c6920bfb0971ee0080ff777\WindowsLive.Client.ni.dll
+ 2009-05-17 18:09 . 2009-05-17 18:09	240128              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\6a818099f0386e2356ae94f886a2196f\WindowsFormsIntegration.ni.dll
+ 2009-05-17 18:09 . 2009-05-17 18:09	187904              c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\a6d9503962d47c722231c1478f180695\UIAutomationTypes.ni.dll
+ 2009-05-17 18:09 . 2009-05-17 18:09	447488              c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\5c028c3d8db6c0f0277673ea4a2d89fb\UIAutomationClient.ni.dll
+ 2009-05-17 18:28 . 2009-05-17 18:28	400896              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\c338a470b14851ce5987bb0f0869c310\System.Xml.Linq.ni.dll
+ 2009-05-17 18:28 . 2009-05-17 18:28	129536              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\bb77ea11f46ab438b2b7ed7c180011a1\System.Web.Routing.ni.dll
+ 2009-05-17 18:25 . 2009-05-17 18:25	202240              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\6ee255220d90dcbe80c990e443051cc5\System.Web.RegularExpressions.ni.dll
+ 2009-05-17 18:28 . 2009-05-17 18:28	859648              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\58f62044fa702ea6f936071aa5520baa\System.Web.Extensions.Design.ni.dll
+ 2009-05-17 18:28 . 2009-05-17 18:28	328704              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\79c29ac85dd57dd485ab60118ac292ff\System.Web.Entity.ni.dll
+ 2009-05-17 18:28 . 2009-05-17 18:28	301056              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\d3d65e34fa60f0b6c72ca0d12ec89933\System.Web.Entity.Design.ni.dll
+ 2009-05-17 18:28 . 2009-05-17 18:28	547328              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\b7891f5659db299dbd1b3c72db7edb9f\System.Web.DynamicData.ni.dll
+ 2009-05-17 18:28 . 2009-05-17 18:28	141312              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\[u]0/u0ec08741a765c707bd9169346064a81\System.Web.Abstractions.ni.dll
+ 2009-05-17 18:25 . 2009-05-17 18:25	627200              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\5a555c9ae6984c40157cf940bb519f7c\System.Transactions.ni.dll
+ 2009-05-17 18:25 . 2009-05-17 18:25	212992              c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\ea3366939280c1715f1c620e33ee3c8a\System.ServiceProcess.ni.dll
+ 2009-05-17 18:25 . 2009-05-17 18:25	676352              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\1c8df2da33222c048d683017f2095f04\System.Security.ni.dll
+ 2009-05-17 18:25 . 2009-05-17 18:25	311296              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bfd6e16d8c3589cd2bd3f8d46f0a5402\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2009-05-17 18:25 . 2009-05-17 18:25	771584              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2abd876a3c8a6b088fa6d8d39d901e3c\System.Runtime.Remoting.ni.dll
+ 2009-05-17 18:27 . 2009-05-17 18:27	621056              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\519d9c618341b136f9b963ffb7495308\System.Net.ni.dll
+ 2009-05-17 18:27 . 2009-05-17 18:27	998400              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\8642fdfbf02a6cb6f01169fe6fdb5d11\System.Management.ni.dll
+ 2009-05-17 18:27 . 2009-05-17 18:27	330752              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\1d3fbbd23ce1e8637ef4f40a8d23cd32\System.Management.Instrumentation.ni.dll
+ 2009-05-17 18:14 . 2009-05-17 18:14	381440              c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\7c367a96b10d626ec8cbf8149272d845\System.IO.Log.ni.dll
+ 2009-05-17 18:14 . 2009-05-17 18:14	212992              c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\68e71147704ef0d34d9a4bece7767fc5\System.IdentityModel.Selectors.ni.dll
+ 2009-05-17 18:25 . 2009-05-17 18:25	280064              c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd908175603006c6c90bb5d900c7\System.EnterpriseServices.Wrapper.dll
+ 2009-05-17 18:25 . 2009-05-17 18:25	627712              c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd908175603006c6c90bb5d900c7\System.EnterpriseServices.ni.dll
+ 2009-05-17 18:08 . 2009-05-17 18:08	208384              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\18bbe2b6717e7f1d1dd672526e9889ee\System.Drawing.Design.ni.dll
+ 2009-05-17 18:25 . 2009-05-17 18:25	455680              c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c434a07332ce490711c27fd0edb7562f\System.DirectoryServices.Protocols.ni.dll
+ 2009-05-17 18:27 . 2009-05-17 18:27	881152              c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\8b3bb7a2c2f3ffe94c866283f1cd5957\System.DirectoryServices.AccountManagement.ni.dll
+ 2009-05-17 18:27 . 2009-05-17 18:27	939008              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\a4b887f476fa4b8746a93a9fc2208560\System.Data.Services.Client.ni.dll
+ 2009-05-17 18:27 . 2009-05-17 18:27	354816              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1cf3acad6553d6c59df576794f4e8bd6\System.Data.Services.Design.ni.dll
+ 2009-05-17 18:27 . 2009-05-17 18:27	756736              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\392de34573f9f8ec885714f2f3e7f07f\System.Data.Entity.Design.ni.dll
+ 2009-05-17 18:26 . 2009-05-17 18:26	135680              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\1db495ff00bbd14df4af6680c4de0653\System.Data.DataSetExtensions.ni.dll
+ 2009-05-17 18:25 . 2009-05-17 18:25	971264              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\b82c00e2d24305ad6cb08556e3779b75\System.Configuration.ni.dll
+ 2009-05-17 18:25 . 2009-05-17 18:25	141312              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\de514e484e49b04b016949d57ffac03e\System.Configuration.Install.ni.dll
+ 2009-05-17 18:26 . 2009-05-17 18:26	633856              c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\ce984d754e3c0b6be4504b785cc43574\System.AddIn.ni.dll
+ 2009-05-17 18:24 . 2009-05-17 18:24	366080              c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\[u]0/u45dd501b7257b1cc26083538ae69045\SMSvcHost.ni.exe
+ 2009-05-17 18:24 . 2009-05-17 18:24	256000              c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\9790551187e294b4ed3aaa1c221891c7\SMDiagnostics.ni.dll
+ 2009-05-17 18:24 . 2009-05-17 18:24	320512              c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\10a0c9707876fc1f65e64b811a28b020\ServiceModelReg.ni.exe
+ 2009-05-17 18:07 . 2009-05-17 18:07	224768              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f475294d8c7dc2dd4febeef27bc0417e\PresentationFramework.Classic.ni.dll
+ 2009-05-17 18:07 . 2009-05-17 18:07	539648              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8003abaf6bcf70f7eb620d06837e897b\PresentationFramework.Luna.ni.dll
+ 2009-05-17 18:07 . 2009-05-17 18:07	368128              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\59a67874d8d8475faa5be1d993083d12\PresentationFramework.Aero.ni.dll
+ 2009-05-17 18:07 . 2009-05-17 18:07	258048              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2c980c9a5051d723c6ec2a78a3d0e2b3\PresentationFramework.Royale.ni.dll
+ 2009-05-17 18:26 . 2009-05-17 18:26	133632              c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\6d38e317128608bc4516ea46ab94590e\MSBuild.ni.exe
+ 2009-05-17 18:24 . 2009-05-17 18:24	386560              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\1820d6a012fc0e16c3e1d29d973cd2d0\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2009-05-17 18:26 . 2009-05-17 18:26	144384              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\55b9eff9e23359faed4351386c062238\Microsoft.Build.Utilities.ni.dll
+ 2009-05-17 18:26 . 2009-05-17 18:26	175104              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\4217124db1ea5de5f1a1f3eea75e8d32\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2009-05-17 18:26 . 2009-05-17 18:26	839680              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\96825c34d7e1f7df1923ff2123bed8da\Microsoft.Build.Engine.ni.dll
+ 2009-05-17 18:26 . 2009-05-17 18:26	222720              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\9b321ebf67587237f576df6104a32588\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2009-05-17 18:26 . 2009-05-17 18:26	220672              c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\9bea05938bee3555c5aa8763d89a68f9\CustomMarshalers.ni.dll
+ 2009-05-17 18:24 . 2009-05-17 18:24	410112              c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\12629e2f3e315459bee67cbbaac85cb2\ComSvcConfig.ni.exe
+ 2009-05-17 18:24 . 2009-05-17 18:24	842240              c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\b5b2feadc3943e3976daebc0bcd2b5e2\AspNetMMCExt.ni.dll
+ 2009-05-17 17:58 . 2009-05-17 17:58	385024              c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2009-05-17 17:58 . 2009-05-17 17:58	167936              c:\windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	167936              c:\windows\assembly\GAC_MSIL\System.XML.resources\2.0.0.0_fr_b77a5c561934e089\System.xml.Resources.dll
+ 2009-05-17 17:59 . 2009-05-17 17:59	139264              c:\windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2009-05-17 17:59 . 2009-05-17 17:59	507904              c:\windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	102400              c:\windows\assembly\GAC_MSIL\System.WorkflowServices.resources\3.5.0.0_fr_31bf3856ad364e35\System.WorkflowServices.resources.dll
+ 2009-05-17 17:58 . 2009-05-17 17:58	540672              c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	311296              c:\windows\assembly\GAC_MSIL\system.workflow.componentmodel.resources\3.0.0.0_fr_31bf3856ad364e35\System.Workflow.ComponentModel.resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	184320              c:\windows\assembly\GAC_MSIL\system.workflow.activities.resources\3.0.0.0_fr_31bf3856ad364e35\System.Workflow.Activities.resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	430080              c:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_fr_b77a5c561934e089\System.Windows.Forms.Resources.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	839680              c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	622592              c:\windows\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Web.Resources.dll
- 2009-03-11 16:50 . 2009-03-11 16:50	835584              c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	835584              c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	634880              c:\windows\assembly\GAC_MSIL\System.Web.Extensions.resources\3.5.0.0_fr_31bf3856ad364e35\System.Web.Extensions.Resources.dll
+ 2009-05-17 17:59 . 2009-05-17 17:59	335872              c:\windows\assembly\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll
+ 2009-05-17 18:03 . 2009-05-17 18:03	139264              c:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll
+ 2009-05-17 17:59 . 2009-05-17 17:59	131072              c:\windows\assembly\GAC_MSIL\System.Web.Entity.Design\3.5.0.0__b77a5c561934e089\System.Web.Entity.Design.dll
+ 2009-05-17 18:03 . 2009-05-17 18:03	229376              c:\windows\assembly\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll
+ 2009-05-17 17:58 . 2009-05-17 17:58	688128              c:\windows\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll
- 2009-03-11 16:50 . 2009-03-11 16:50	114688              c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	114688              c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2009-05-17 17:59 . 2009-05-17 17:59	569344              c:\windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	499712              c:\windows\assembly\GAC_MSIL\system.servicemodel.resources\3.0.0.0_fr_b77a5c561934e089\System.ServiceModel.Resources.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	258048              c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2009-03-11 16:50 . 2009-03-11 16:50	258048              c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2009-05-17 17:58 . 2009-05-17 17:58	966656              c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	102400              c:\windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_fr_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	131072              c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2009-03-11 16:50 . 2009-03-11 16:50	131072              c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	303104              c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	212992              c:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_fr_b77a5c561934e089\system.Resources.dll
+ 2009-05-17 17:59 . 2009-05-17 17:59	233472              c:\windows\assembly\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Net.dll

lambulanciere · Answer

c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	258048              c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	372736              c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2009-05-17 17:59 . 2009-05-17 17:59	143360              c:\windows\assembly\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2009-05-17 17:58 . 2009-05-17 17:58	131072              c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2009-05-17 17:58 . 2009-05-17 17:58	430080              c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2009-05-17 17:58 . 2009-05-17 17:58	126976              c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	626688              c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	401408              c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2009-03-11 16:50 . 2009-03-11 16:50	188416              c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	188416              c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2009-05-17 17:59 . 2009-05-17 17:59	286720              c:\windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	548864              c:\windows\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Design.Resources.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	970752              c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	413696              c:\windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Deployment.resources.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	745472              c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2009-05-17 18:03 . 2009-05-17 18:03	442368              c:\windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll
+ 2009-05-17 17:59 . 2009-05-17 17:59	114688              c:\windows\assembly\GAC_MSIL\System.Data.Services.Design\3.5.0.0__b77a5c561934e089\System.Data.Services.Design.dll
+ 2009-05-17 18:03 . 2009-05-17 18:03	294912              c:\windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	352256              c:\windows\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_fr_b77a5c561934e089\System.Data.Resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	110592              c:\windows\assembly\GAC_MSIL\System.Data.OracleClient.resources\2.0.0.0_fr_b77a5c561934e089\System.Data.OracleClient.resources.dll
+ 2009-05-17 17:59 . 2009-05-17 17:59	684032              c:\windows\assembly\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	409600              c:\windows\assembly\GAC_MSIL\System.Data.Entity.resources\3.5.0.0_fr_b77a5c561934e089\System.Data.Entity.Resources.dll
+ 2009-05-17 17:59 . 2009-05-17 17:59	229376              c:\windows\assembly\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll
+ 2009-05-17 17:59 . 2009-05-17 17:59	667648              c:\windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	425984              c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2009-05-17 17:59 . 2009-05-17 17:59	163840              c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	110592              c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2009-03-11 16:50 . 2009-03-11 16:50	110592              c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2009-05-17 17:58 . 2009-05-17 17:58	110592              c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2009-05-17 17:58 . 2009-05-17 17:58	528384              c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2009-05-17 17:58 . 2009-05-17 17:58	864256              c:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	372736              c:\windows\assembly\GAC_MSIL\PresentationUI.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationUI.resources.dll
+ 2009-05-17 17:58 . 2009-05-17 17:58	163840              c:\windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	245760              c:\windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationFramework.resources.dll
+ 2009-05-17 17:58 . 2009-05-17 17:58	397312              c:\windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2009-05-17 17:58 . 2009-05-17 17:58	139264              c:\windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2009-05-17 17:58 . 2009-05-17 17:58	196608              c:\windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	110592              c:\windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationCore.resources.dll
+ 2009-05-17 17:58 . 2009-05-17 17:58	598016              c:\windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	311296              c:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.Resources.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	659456              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2009-03-11 16:50 . 2009-03-11 16:50	372736              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	372736              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2009-03-11 16:50 . 2009-03-11 16:50	110592              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	110592              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2009-05-17 17:58 . 2009-05-17 17:58	397312              c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	749568              c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	655360              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2009-05-17 17:59 . 2009-05-17 17:59	802816              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	163840              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5.resources\3.5.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.resources.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	139264              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Tasks.resources.dll
+ 2009-05-17 17:59 . 2009-05-17 17:59	733184              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	348160              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-05-17 17:59 . 2009-05-17 17:59	106496              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.dll
+ 2009-05-17 18:01 . 2009-05-17 18:01	507904              c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2009-05-17 18:04 . 2009-05-17 18:04	315392              c:\windows\assembly\GAC_MSIL\AspNetMMCExt.resources\2.0.0.0_fr_b03f5f7f11d50a3a\aspnetmmcext.resources.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	261632              c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2009-05-17 17:58 . 2009-05-17 17:58	368640              c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	113664              c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	258048              c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2009-03-11 16:50 . 2009-03-11 16:50	258048              c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	486400              c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2009-05-17 17:58 . 2009-05-17 17:58	163840              c:\windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2009-05-17 17:58 . 2008-07-06 12:06	1676288              c:\windows\system32\spool\XPSEP\i386\xpssvcs.dll
+ 2009-05-17 17:58 . 2008-07-06 12:06	1676288              c:\windows\system32\spool\XPSEP\i386\i386\xpssvcs.dll
+ 2009-05-17 17:58 . 2008-07-06 15:36	2936832              c:\windows\system32\spool\XPSEP\amd64\xpssvcs.dll
+ 2009-05-17 17:58 . 2008-07-06 15:36	2936832              c:\windows\system32\spool\XPSEP\amd64\amd64\xpssvcs.dll
+ 2009-05-17 17:57 . 2008-07-06 12:06	1676288              c:\windows\system32\spool\drivers\w32x86\3\XpsSvcs.dll
+ 2007-03-15 16:19 . 2008-03-20 16:06	1480232              c:\windows\system32\LegitCheckControl.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40	1720824              c:\windows\Microsoft.NET\Framework\v3.5\vbc.exe
+ 2008-07-29 16:47 . 2008-07-29 16:47	1054208              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	1364992              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\SITSetup.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47	1064448              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\gencomp.dll
+ 2008-07-30 23:06 . 2008-07-30 23:06	1054208              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\vs_setup.dll
+ 2008-07-30 23:06 . 2008-07-30 23:06	1364992              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\SITSetup.dll
+ 2008-07-30 23:06 . 2008-07-30 23:06	1064448              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\gencomp.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40	1548280              c:\windows\Microsoft.NET\Framework\v3.5\csc.exe
+ 2008-12-05 17:35 . 2008-12-05 17:35	1736528              c:\windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
+ 2008-07-31 00:42 . 2008-07-31 00:42	6246928              c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsLexicons000c.dll
+ 2008-07-29 19:10 . 2008-07-29 19:10	2637840              c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsLexicons0009.dll
+ 2008-07-31 00:42 . 2008-07-31 00:42	2650632              c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsData000c.dll
+ 2008-07-29 19:10 . 2008-07-29 19:10	4883464              c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsData0009.dll
+ 2008-12-05 18:12 . 2008-12-05 18:12	5931008              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16	1344000              c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	1172472              c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2008-11-25 02:59 . 2008-11-25 02:59	2048000              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	5025792              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2008-11-25 02:59 . 2008-11-25 02:59	5242880              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	3149824              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	5062656              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17	2933248              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
+ 2008-11-25 02:59 . 2008-11-25 02:59	5813576              c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2008-11-25 02:59 . 2008-11-25 02:59	4546560              c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16	1163768              c:\windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
+ 2009-05-17 18:25 . 2009-05-17 18:25	2002432              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\63c1f01ba87e31518027469b30556590\WindowsLive.Writer.CoreServices.ni.dll
+ 2009-05-17 18:24 . 2009-05-17 18:24	6392832              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\13ec1ddc801643374544a27a41b5803e\WindowsLive.Writer.PostEditor.ni.dll
+ 2009-05-17 18:25 . 2009-05-17 18:25	1105920              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\[u]0/ua051f69ee730e16214b2657f6853dc1\WindowsLive.Writer.ApplicationFramework.ni.dll
+ 2009-05-17 18:05 . 2009-05-17 18:05	3313664              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\14cd5f4b61d35f9b76327d6be9853755\WindowsBase.ni.dll
+ 2009-05-17 18:09 . 2009-05-17 18:09	1049600              c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\f3c7957351aec85f526a3350c9718b1e\UIAutomationClientsideProviders.ni.dll
+ 2009-05-17 18:05 . 2009-05-17 18:05	7868416              c:\windows\assembly\NativeImages_v2.0.50727_32\System\80978a322d7dd39f0a71be1251ae395a\System.ni.dll
+ 2009-05-17 18:09 . 2009-05-17 18:09	5450752              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\773a9786013451d3baaeff003dc4230f\System.Xml.ni.dll
+ 2009-05-17 18:28 . 2009-05-17 18:28	1356288              c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\ac1750e78d79520dcf19195772eff1b6\System.WorkflowServices.ni.dll
+ 2009-05-17 18:28 . 2009-05-17 18:28	1908224              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\d265da36954fcb4cb7ad5adc693ea0f2\System.Workflow.Runtime.ni.dll
+ 2009-05-17 18:28 . 2009-05-17 18:28	4514304              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\693a8fbe6f7ad6e4e429052da4317e59\System.Workflow.ComponentModel.ni.dll
+ 2009-05-17 18:28 . 2009-05-17 18:28	2992640              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\cc99fbbac0b6e4e9ca62093e49b0c16b\System.Workflow.Activities.ni.dll
+ 2009-05-17 18:25 . 2009-05-17 18:25	1840640              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\b57bb002a655920cbfa2bee29d1e22b7\System.Web.Services.ni.dll
+ 2009-05-17 18:28 . 2009-05-17 18:28	2209280              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\81197e32ec931f439b3114e9031b65d6\System.Web.Mobile.ni.dll
+ 2009-05-17 18:28 . 2009-05-17 18:28	2403328              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\7f64c9d25471b72e1e957bdfe67947c8\System.Web.Extensions.ni.dll
+ 2009-05-17 18:08 . 2009-05-17 18:08	1917440              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\63cf639b6e0a3c25c1643c85016e7422\System.Speech.ni.dll
+ 2009-05-17 18:27 . 2009-05-17 18:27	1706496              c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\340cad17fe57947eacbc8fa2cea780da\System.ServiceModel.Web.ni.dll
+ 2009-05-17 18:15 . 2009-05-17 18:15	2338304              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\[u]0/u34c91b133dee73d452652c52767b5ea\System.Runtime.Serialization.ni.dll
+ 2009-05-17 18:08 . 2009-05-17 18:08	1035264              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\646ab52eef343380aa002c220dc31e13\System.Printing.ni.dll
+ 2009-05-17 18:14 . 2009-05-17 18:14	1056768              c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\c2de8479e54852f56996f79bc93acb13\System.IdentityModel.ni.dll
+ 2009-05-17 18:08 . 2009-05-17 18:08	1587200              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3da96ee075bab9202626ae44c18d226c\System.Drawing.ni.dll
+ 2009-05-17 18:25 . 2009-05-17 18:25	1116672              c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\543aced762f6b0c3f8e037955941afc6\System.DirectoryServices.ni.dll
+ 2009-05-17 18:25 . 2009-05-17 18:25	1801216              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\a6b58624486714fa71e5e35186850ff0\System.Deployment.ni.dll
+ 2009-05-17 18:07 . 2009-05-17 18:07	6616576              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\c70731047b0022638b3f9fb158948a03\System.Data.ni.dll
+ 2009-05-17 18:25 . 2009-05-17 18:25	2510336              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\826b09ab0d0e36f4d631b4cd335df511\System.Data.SqlXml.ni.dll
+ 2009-05-17 18:27 . 2009-05-17 18:27	1328128              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\956a513dcbd44d5a6801840ef2b0b47b\System.Data.Services.ni.dll
+ 2009-05-17 18:25 . 2009-05-17 18:25	1115136              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\283ecfbaa6a6fab76c8b544a4a89d5ce\System.Data.OracleClient.ni.dll
+ 2009-05-17 18:07 . 2009-05-17 18:07	2516480              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\[u]0/ubbec79460b1137df5313f9baf7b246f\System.Data.Linq.ni.dll
+ 2009-05-17 18:27 . 2009-05-17 18:27	9924096              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\6479f975b105808a8d9e7a7fdc762551\System.Data.Entity.ni.dll
+ 2009-05-17 18:07 . 2009-05-17 18:07	2295296              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\47d87251e93256c635eb73403b8db33e\System.Core.ni.dll
+ 2009-05-17 18:07 . 2009-05-17 18:07	2128896              c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\4bfb3048bf200a6a8592d1b4ba861a7f\ReachFramework.ni.dll
+ 2009-05-17 18:07 . 2009-05-17 18:07	1657856              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\6bafb1a2a73794ddb9761cb321c9e7e2\PresentationUI.ni.dll
+ 2009-05-17 18:05 . 2009-05-17 18:05	1451008              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\e634bc4c4a00635a0a254febab0e2e2c\PresentationBuildTasks.ni.dll
+ 2009-05-17 18:26 . 2009-05-17 18:26	1712128              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\1c86afc399d0fdd8e069266ffbe748d1\Microsoft.VisualBasic.ni.dll
+ 2009-05-17 18:24 . 2009-05-17 18:24	1093120              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\6b2f62f5e981913fce1d223f645d9ddf\Microsoft.Transactions.Bridge.ni.dll
+ 2009-05-17 18:27 . 2009-05-17 18:27	2332160              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\b261961046545831aa60963e84905968\Microsoft.JScript.ni.dll
+ 2009-05-17 18:26 . 2009-05-17 18:26	1620992              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\bd241492d96db39f20e758c13c845033\Microsoft.Build.Tasks.ni.dll
+ 2009-05-17 18:26 . 2009-05-17 18:26	1966080              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\a47100d8f4574bed2d49d83d0ab8964e\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2009-05-17 18:26 . 2009-05-17 18:26	1888768              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\6cfe582681724965fb817e8ece5f0909\Microsoft.Build.Engine.ni.dll
+ 2009-05-17 17:58 . 2009-05-17 17:58	1245184              c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	3149824              c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll

lambulanciere · Answer

c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2009-05-17 17:58 . 2009-05-17 17:58	1630208              c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
+ 2009-05-17 17:58 . 2009-05-17 17:58	1138688              c:\windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	5025792              c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2009-05-17 18:03 . 2009-05-17 18:03	1277952              c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2009-05-17 18:03 . 2009-05-17 18:03	5931008              c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	5062656              c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2009-05-17 17:59 . 2009-05-17 17:59	2879488              c:\windows\assembly\GAC_MSIL\System.Data.Entity\3.5.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2009-05-17 18:03 . 2009-05-17 18:03	5283840              c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2009-05-17 18:01 . 2009-05-17 18:01	5242880              c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	2933248              c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2009-05-17 17:58 . 2009-05-17 17:58	4210688              c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2009-05-17 18:02 . 2009-05-17 18:02	4546560              c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2009-05-17 17:12 . 2009-05-17 17:12	15032320              c:\windows\ERUNT\SDFIX_First_Run\Users\[u]0/u0000001\ntuser.dat
+ 2009-05-17 17:12 . 2009-05-17 17:12	15032320              c:\windows\ERUNT\SDFIX\Users\[u]0/u0000001\ntuser.dat
+ 2009-05-17 18:08 . 2009-05-17 18:08	12430848              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\63406259e94d5c0ff5b79401dfe113ce\System.Windows.Forms.ni.dll
+ 2009-05-17 18:25 . 2009-05-17 18:25	11796992              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\3963ce03d445a8619abbf388d590134b\System.Web.ni.dll
+ 2009-05-17 18:24 . 2009-05-17 18:24	17317888              c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\4146033013edebd7e0cb604e504ebfee\System.ServiceModel.ni.dll
+ 2009-05-17 18:08 . 2009-05-17 18:08	10683392              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\8ee220bc3cce4f7bbd7818946519ed7f\System.Design.ni.dll
+ 2009-05-17 18:07 . 2009-05-17 18:07	14327808              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\96e710f47c601cba3f2348a8d11ddede\PresentationFramework.ni.dll
+ 2009-05-17 18:06 . 2009-05-17 18:06	12216320              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\956375d487cbef36165b3250030e3574\PresentationCore.ni.dll
+ 2009-05-17 18:05 . 2009-05-17 18:05	11486720              c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6d667f19d687361886990f3ca0f49816\mscorlib.ni.dll
.
-- Instantané actualisé --
.
(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-21 68856]
"NBJ"="c:\program files\Ahead\Nero BackItUp\NBJ.exe" [2006-02-10 2048000]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2005-12-14 180269]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2007-01-29 30248]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2007-01-29 46632]
"PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-02-01 255528]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2007-03-12 663552]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-01-06 290088]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-04-23 516440]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

d:\documents and settings\C‚cile\Menu D‚marrer\Programmes\D‚marrage\
Notification de cadeaux MSN.lnk - d:\documents and settings\C‚cile\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [2009-3-20 135680]

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32
"wave1"= serwvdrv.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Désinstallation.lnk]
path=d:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Désinstallation.lnk
backup=c:\windows\pss\Désinstallation.lnkCommon Startup

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^PC TimeWatch Tray Icon.lnk]
path=d:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\PC TimeWatch Tray Icon.lnk
backup=c:\windows\pss\PC TimeWatch Tray Icon.lnkCommon Startup

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^PhotoImpression 4.lnk]
path=d:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\PhotoImpression 4.lnk
backup=c:\windows\pss\PhotoImpression 4.lnkCommon Startup

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Web Services.lnk]
path=d:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Web Services.lnk
backup=c:\windows\pss\Web Services.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"XCOMM"=2 (0x2)
"VSSERV"=2 (0x2)
"SPBBCSvc"=2 (0x2)
"SNDSrvc"=2 (0x2)
"SAVScan"=3 (0x3)
"navapsvc"=3 (0x3)
"lxcg_device"=3 (0x3)
"LIVESRV"=2 (0x2)
"ISSVC"=2 (0x2)
"iPodService"=3 (0x3)
"ccSetMgr"=2 (0x2)
"ccPwdSvc"=3 (0x3)
"ccProxy"=2 (0x2)
"ccEvtMgr"=2 (0x2)
"bdss"=2 (0x2)
"PTWsvc"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%ProgramFiles%\AOL 9.0\aol.exe"=
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe"=
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe"=
"%windir%\system32\sessmgr.exe"=
"c:\APPS\Inventime\my.exe"=
"c:\Program Files\Messenger\msmsgs.exe"=
"c:\Program Files\LimeWire\LimeWire.exe"=
"%windir%\Network Diagnostic\xpnetdiag.exe"=
"c:\APPS\skype\phone\Skype.exe"=
"c:\Program Files\iTunes\iTunes.exe"=
"c:\Program Files\Windows Live\Messenger\wlcsdk.exe"=
"c:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"=
"c:\Program Files\Windows Live\Messenger\msnmsgr.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [02/03/2009 22:05 64160]
R2 atjsgt;atjsgt;c:\windows\system32\drivers\atjsgt.sys [13/08/2007 11:44 165504]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [11/03/2009 18:53 55152]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [18/01/2009 23:34 953168]
R2 linsgt;linsgt;c:\windows\system32\drivers\linsgt.sys [13/08/2007 11:44 16000]
R2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [14/01/2009 18:53 226656]
S0 cfbfe;cfbfe;c:\windows\system32\drivers\gdbto.sys --> c:\windows\system32\drivers\gdbto.sys [?]
S3 ATE_PROCMON;ATE_PROCMON;\??\c:\program files\Anti Trojan Elite\ATEPMon.sys --> c:\program files\Anti Trojan Elite\ATEPMon.sys [?]
S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 19:08 533360]
S3 PTWDrv;PTW - Process monitoring driver;c:\program files\MainSoft\PC TimeWatch\PTWatch.sys [20/10/2003 17:07 4096]
S4 PTWsvc;PCTimeWatch;c:\program files\MainSoft\PC TimeWatch\PTWsvc.exe [06/02/2007 11:58 835584]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
Contenu du dossier 'Tâches planifiées'

2009-05-18 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 16:58]

2009-05-13 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 11:34]

2009-05-18 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-08-21 20:28]

2009-05-18 c:\windows\Tasks\Maintenance en 1 clic.job
- d:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 08:23]
.
- - - - ORPHELINS SUPPRIMES - - - -

BHO-{E0C3CCFE-6063-467D-86BE-A04FBA8A13C9} - c:\windows\system32\apcup.dll


.
------- Examen supplémentaire -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
FF - ProfilePath - d:\documents and settings\Cécile\Application Data\Mozilla\Firefox\Profiles\9wup1kzf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www15.yoog.com/search.php?q=
FF - prefs.js: browser.search.selectedEngine - Yoog Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - prefs.js: keyword.URL - hxxp://www15.yoog.com/search.php?q=
FF - component: c:\program files\Mozilla Firefox\components\bdbcaacebddb.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava11.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava12.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava13.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava14.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava32.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJPI150_02.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPOJI610.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin8.dll
FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin8.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

lambulanciere · Answer

---- PARAMETRES FIREFOX ----
FF - user.js: google.toolbar.linkdoctor.enabled - false
FF - user.js: browser.search.defaultenginename - Yoog Search
FF - user.js: browser.search.defaulturl - hxxp://www15.yoog.com/search.php?q=
FF - user.js: browser.search.selectedEngine - Yoog Search
FF - user.js: keyword.URL - hxxp://www15.yoog.com/search.php?q=
FF - user.js: keyword.enabled - true
FF - user.js: google.toolbar.linkdoctor.enabled - false
FF - user.js: browser.search.defaultenginename - Yoog Search
FF - user.js: browser.search.defaulturl - hxxp://www15.yoog.com/search.php?q=
FF - user.js: browser.search.selectedEngine - Yoog Search
FF - user.js: keyword.URL - hxxp://www15.yoog.com/search.php?q=
FF - user.js: keyword.enabled - true
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-18 22:00
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ... 

Recherche d'éléments en démarrage automatique cachés ... 

Recherche de fichiers cachés ... 


c:\windows\system32\4f166e45e07a7e201bf9c46bfef818c9.sys 39936 bytes executable
c:\windows\system32\_4f166e45e07a7e201bf9c46bfef818c9.sys_.vir 39936 bytes executable

Scan terminé avec succès
Fichiers cachés: 2

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\4f166e45e07a7e201bf9c46bfef818c9]
"ImagePath"="system32\4f166e45e07a7e201bf9c46bfef818c9.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\MysqlInventime]
"ImagePath"="c:\apps\INVENT~1\mysql\bin\mysqld-nt --defaults-file=c:\apps\Inventime\mysql\my.ini MysqlInventime"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(488)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(2388)
c:\windows\system32\eappprxy.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\progra~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\apps\Powercinema\Kernel\TV\CLCapSvc.exe
c:\program files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
c:\apps\HIDSERVICE\HidService.exe
c:\program files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
c:\apps\Powercinema\Kernel\TV\CLSched.exe
c:\windows\system32\wbem\unsecapp.exe
d:\documents and settings\Cécile\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Brother\Brmfcmon\BrMfcMon.exe
.
**************************************************************************
.
Heure de fin: 2009-05-18 22:04 - La machine a redémarré
ComboFix-quarantined-files.txt  2009-05-18 20:03
ComboFix2.txt  2009-05-17 13:43

Avant-CF: 5 517 787 136 octets libres
Après-CF: 5 520 814 080 octets libres

1025	--- E O F ---	2009-05-18 18:03

lambulanciere · Answer

Verdict ?

benurrr · Answer

c:\program files\mozilla firefox\components\bdbcaacebddb.dll 

fait vérifier ces fichier sur virus total

Rends toi sur ce site :

https://www.virustotal.com/gui/

Clique sur parcourir et cherche ces fichiers par contre tu peut verifier les fichier que un par un:

c:\program files\mozilla firefox\components\bdbcaacebddb.dll 
 
Clique sur envoyer le fichier.

Un rapport va s'élaborer ligne à ligne.

Attends la fin. Il doit comprendre la taille du fichier envoyé.

Sauvegarde le rapport avec le bloc-note.

Copie le dans ta réponse. 

par moment il y'a déjà un rapport de prêt toi tu fera réanalyser le fichier maintenant

lambulanciere · Answer

Antivirus Version Dernière mise à jour Résultat a-squared 4.0.0.101 2009.05.19 Trojan-Proxy.Win32.Horst.ggq!A2 AhnLab-V3 5.0.0.2 2009.05.19 Win-Trojan/Horst.67088 AntiVir 7.9.0.168 2009.05.19 TR/Proxy.Horst.ggq Antiy-AVL 2.0.3.1 2009.05.19 - Authentium 5.1.2.4 2009.05.19 - Avast 4.8.1335.0 2009.05.18 - AVG 8.5.0.336 2009.05.19 Proxy.AGMN BitDefender 7.2 2009.05.19 - CAT-QuickHeal 10.00 2009.05.19 Trojan.Agent.ATV ClamAV 0.94.1 2009.05.19 - Comodo 1157 2009.05.08 - DrWeb 5.0.0.12182 2009.05.19 - eSafe 7.0.17.0 2009.05.19 Suspicious File eTrust-Vet 31.6.6511 2009.05.19 - F-Prot 4.4.4.56 2009.05.18 - F-Secure 8.0.14470.0 2009.05.19 - Fortinet 3.117.0.0 2009.05.19 - GData 19 2009.05.19 - Ikarus T3.1.1.49.0 2009.05.19 - K7AntiVirus 7.10.739 2009.05.19 - Kaspersky 7.0.0.125 2009.05.19 - McAfee 5620 2009.05.19 - McAfee+Artemis 5620 2009.05.19 - McAfee-GW-Edition 6.7.6 2009.05.19 Trojan.Proxy.Horst.ggq Microsoft 1.4602 2009.05.19 Trojan:Win32/Floganix.A NOD32 4088 2009.05.19 - Norman 6.01.05 2009.05.19 - nProtect 2009.1.8.0 2009.05.19 Trojan-Proxy/W32.Horst.67088 Panda 10.0.0.14 2009.05.19 - PCTools 4.4.2.0 2009.05.18 - Prevx 3.0 2009.05.19 High Risk Fraudulent Security Program Rising 21.30.14.00 2009.05.19 - Sophos 4.41.0 2009.05.19 - Sunbelt 3.2.1858.2 2009.05.19 - Symantec 1.4.4.12 2009.05.19 - TheHacker 6.3.4.1.327 2009.05.19 - TrendMicro 8.950.0.1092 2009.05.19 - VBA32 3.12.10.5 2009.05.19 - ViRobot 2009.5.19.1740 2009.05.19 - VirusBuster 4.6.5.0 2009.05.19 - Information additionnelle File size: 67088 bytes MD5...: e44d21d278c275ead65df29a70825da8 SHA1..: f09db8f7c7260ca7dc479420d200a9ea74383e80 SHA256: ceb6991384f0a4fbfe35daf06f7ffbb26eddf1e3c0537497ff1f2dab9f3a2c24 SHA512: bd2fcf5311cbf5f4245182fe7e06b7ae004bc858055df9edf9bce42df5558b3b 78ce32a72649c8cf70dcb6f9a599094feb36d4dd809ab6368b23d2cbd610226b ssdeep: 1536:XIX+0JV1YMn/PRWbeWH5/xavxPMUgUDIFLZUb1uHd:XOBOaiH5/opPMh7te +d PEiD..: - TrID..: File type identification UPX compressed Win32 Executable (39.5%) Win32 EXE Yoda's Crypter (34.3%) Win32 Executable Generic (11.0%) Win32 Dynamic Link Library (generic) (9.8%) Generic Win/DOS Executable (2.5%) PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x27880 timedatestamp.....: 0x49f9a312 (Thu Apr 30 13:09:38 2009) machinetype.......: 0x14c (I386) ( 3 sections ) name viradd virsiz rawdsiz ntrpy md5 UPX0 0x1000 0x17000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e UPX1 0x18000 0x10000 0xfc00 7.90 fe41a702f04dc4c479b56ab491d84615 .rsrc 0x28000 0x1000 0x600 3.67 0c7f34a737e072b9395a6868c85d1258 ( 8 imports ) > KERNEL32.DLL: LoadLibraryA, GetProcAddress, VirtualProtect, VirtualAlloc, VirtualFree > ADVAPI32.dll: RegCloseKey > nspr4.dll: PR_AtomicDecrement > ole32.dll: CoInitialize > OLEAUT32.dll: - > SHLWAPI.dll: StrChrW > USER32.dll: wsprintfW > xpcom.dll: NS_Alloc ( 1 exports ) NSGetModule PDFiD.: - RDS...: NSRL Reference Data Set - packers (Kaspersky): PE_Patch.UPX, UPX http://info.prevx.com/aboutprogramtext.asp?PX5=A4DE51B01065AB9E06A1016B9B8BEE0099ED1D76 packers (F-Prot): UPX

benurrr · Answer

c'est pas beau mais au moins en connait leur emplacement a ces bebette

on va commencer par initialiser firefox 

http://www.commentcamarche.net/faq/sujet 9525 reinitialiser firefox reset

apres l'avoir initialiser on va le désinstaller

et en le retelecharge içi 

http://download.cdn.mozilla.net/pub/firefox/releases/3.0.10/win32/fr/Firefox%20Setup%203.0.10.exe 

en passe un coup de ccleaner 

tu va télécharger Ccleaner https://www.ccleaner.com/ccleaner/download

ouvre "Ccleaner" vas dans l'onglet "Option" puis "Avancé" puis décoches "Effacer uniquement les fichiers, du dossier temp de Windows, plus vieux que 48 heures."

. Puis vas dans l'onglet "Nettoyeur" fais "Analyse" puis "Lancer le nettoyage".
 Puis vas dans l'onglet "Registre" puis fait "Chercher des erreurs" puis "Réparer les erreurs sélectionnée"
. Tu refais tous ca 4-5 fois (le nettoyage et le registre). 

Puis reste dans "Ccleaner" puis va dans "Option" puis "Propriété" puis coches "Nettoyer automatiquement l'ordinateur au démarrage". 

içi mode d'emploi pour ccleaner

https://www.malekal.com/tutoriel-ccleaner/

après avoir redémarrer en réinstalle firefox

lambulanciere · Answer

ccleaner n'est pas en français c normal

benurrr · Answer

tu va dans option et après propriété et la tu met en francais

lambulanciere · Answer

je trouve pas option

lambulanciere · Answer

in ternet explorer a bloque le telechargement de fichier de ce site vers mon ordinateur

benurrr · Answer

il faut accepter le telechargement pour cela

en haut de la page blanche il y'a un bandeau blanc tu fait un clic droit et tu fait accepter le téléchargement

lambulanciere · Answer

non y a rien de tout ca

benurrr · Answer

si

la ou le message apparait comme quoi 

In ternet explorer a bloque le telechargement de fichier de ce site vers mon ordinateur

tu fait un clic droit dessus et tu autorise

lambulanciere · Answer

ca y est j'ai trouver et fait la manip deja une fois

lambulanciere · Answer

y a plus d'erreur on dirait

benurrr · Answer

des que tu fini les manip que je t'ai decrite dans le message 78 tu me le fait savoir

pour qu'on passe a la suite

lambulanciere · Answer

c fait je t'attend lol

benurrr · Answer

télécharge malwarbyte http://www.commentcamarche.net/telecharger/telechargement 34055379 malwarebytes anti malware

a l'installation vérifie que mise a jour et lancer programme et scan complet sont bien cocher 

Une fois a jour, le programme va se lancer; clic sur l´onglet paramètre, et coche la case : "Arrêter internet explorer pendant la suppression". 

A la fin du scan clique sur Afficher les résultats 

Vérifier si tout est coché et clic Supprimer la sélection 

S'il t'es demandé de redémarrer >>> clique sur "Yes" 

Et tu poste le rapport générer 

c'est un des logiciels que je te ferai garder a la fin de la desinfection

lambulanciere · Answer

j'arrive pas a telecharger on verra ca une autre fois suis fatiguee

lambulanciere · Answer

je meut pas ouvrir malaware j'ai un message d'erreur d'exécution "0" je clic sur ok et encore message d'erreur d'exécution 440 erreur automation

benurrr · Answer

salut 

en refait un script car tout n'est pas partie au premier 


**************************************************** 

/!\ Manip crée spécialement pour cet utilisateur , ne pas reproduire chez soi ... /!\ 

Ouvre le Bloc-Notes (Démarrer\Tous les programmes\Accessoires\Bloc notes.) 

Copie ce texte ( en gras )d'une traite ( CTRL+C pour copier ) puis colle-le ( CTRL+V dans le bloc-note ) 


Driver::
uasvfhxa
gdbto

File::
c:\windows\system32\88ee5dc43b600b4bfe4­a4eb4b223400c.exe 
c:\program files\mozilla firefox\components\bdbcaacebddb.dll 
c:\windows\system32\4f166e45e07a7e201bf9c46bfef818c9.sys 
c:\windows\system32\_4f166e45e07a7e201bf9c46bfef818c9.sys

Registry::
[-HKEY_LOCAL_MACHINE\System\ControlSet002\Services\4f166e45e0­7a7e201bf9c46bfef818c9] 
"ImagePath"="system32\4f166e45e07a7e201bf9c46bfef818c9.sys" 


Sauvegarde ce fichier sur ton bureau sous le nom de CFScript.txt. 



Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous : 

http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif 

Cela va relancer Combofix, 

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide. 

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal! 

Ne touche à rien tant que le scan n'est pas terminé. 

Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis. 

S'il n'y a pas de rédémarrage, poste quand même les rapports. 

Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt 


Par Manque De Curiosité On Risque De Mourir Ignorant;Tu es libre de penser que tu es C..,
Mais C.. de penser que ­tu es libre...Merci a australe13

lambulanciere · Answer

ComboFix 09-05-16.05 - Cécile 20/05/2009 18:56.3 - NTFSx86
Microsoft Windows XP Édition familiale  5.1.2600.3.1252.33.1036.18.1471.801 [GMT 2:00]
Lancé depuis: d:\documents and settings\Cécile\Bureau\ComboFix.exe
Commutateurs utilisés :: d:\documents and settings\Cécile\Bureau\CFScript.txt
AV: avast! antivirus 4.7.1098 [VPS 080831-0] *On-access scanning enabled* (Outdated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Norton Internet Security *On-access scanning disabled* (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

FILE ::
c:\program files\mozilla firefox\components\bdbcaacebddb.dll
c:\windows\system32\_4f166e45e07a7e201bf9c46bfef818c9.sys
c:\windows\system32\4f166e45e07a7e201bf9c46bfef818c9.sys
c:\windows\system32\88ee5dc43b600b4bfe4­a4eb4b223400c.exe
.

((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\mozilla firefox\components\bdbcaacebddb.dll

.
(((((((((((((((((((((((((((((   Fichiers créés du 2009-04-20 au 2009-05-20  ))))))))))))))))))))))))))))))))))))
.

2009-05-20 06:16 . 2009-04-06 13:32	15504	----a-w	c:\windows\system32\drivers\mbam.sys
2009-05-20 06:16 . 2009-04-06 13:32	38496	----a-w	c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-20 06:16 . 2009-05-20 06:16	--------	d-----w	c:\program files\Malwarebytes' Anti-Malware
2009-05-18 20:05 . 2009-05-18 20:05	--------	d-----w	c:\program files\Trend Micro
2009-05-17 18:04 . 2006-06-29 11:07	14048	------w	c:\windows\system32\spmsg2.dll
2009-05-17 17:58 . 2009-05-17 17:58	--------	d-----w	c:\windows\system32\XPSViewer
2009-05-17 17:58 . 2009-05-17 17:58	--------	d-----w	c:\program files\MSBuild
2009-05-17 17:58 . 2009-05-17 17:58	--------	d-----w	c:\program files\Reference Assemblies
2009-05-17 17:57 . 2008-07-06 12:06	117760	------w	c:\windows\system32\prntvpt.dll
2009-05-17 17:57 . 2008-07-06 12:06	89088	-c----w	c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-05-17 17:57 . 2008-07-06 10:50	597504	-c----w	c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-05-17 17:57 . 2008-07-06 12:06	575488	-c----w	c:\windows\system32\dllcache\xpsshhdr.dll
2009-05-17 17:57 . 2008-07-06 12:06	575488	------w	c:\windows\system32\xpsshhdr.dll
2009-05-17 17:57 . 2008-07-06 12:06	1676288	-c----w	c:\windows\system32\dllcache\xpssvcs.dll
2009-05-17 17:57 . 2008-07-06 12:06	1676288	------w	c:\windows\system32\xpssvcs.dll
2009-05-17 17:15 . 2009-05-17 17:15	579584	-c--a-w	c:\windows\system32\dllcache\user32.dll
2009-05-17 17:12 . 2009-05-17 17:12	--------	d-----w	c:\windows\ERUNT
2009-05-17 17:11 . 2009-05-18 17:47	--------	d-----w	C:\SDFix
2009-05-17 16:16 . 2009-05-18 17:39	--------	d-----w	C:\Yoog_Fix
2009-05-17 14:42 . 2009-05-17 15:39	--------	d-----w	c:\program files\Ad-remover
2009-05-17 10:37 . 2009-05-17 12:01	--------	d-----w	c:\windows\BDOSCAN8
2009-05-17 09:02 . 2009-05-17 09:02	--------	d-----w	d:\documents and settings\Moi\Local Settings\Application Data\Mozilla
2009-05-17 09:00 . 2009-05-17 09:00	--------	d-----w	d:\documents and settings\Moi\Local Settings\Application Data\Deployment
2009-05-08 00:20 . 2009-05-16 12:07	205840	----a-w	c:\windows\system32\kusers.dll
2009-04-20 17:56 . 2009-05-17 10:51	--------	d--h--r	c:\program filesnamfler

.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-19 20:41 . 2007-04-27 15:15	--------	d-----w	c:\program files\CCleaner
2009-05-18 19:54 . 2006-03-02 12:00	23424	----a-w	c:\windows\system32\drivers\uasvfhxa.sys
2009-05-17 18:02 . 2004-08-16 16:41	86750	----a-w	c:\windows\system32\perfc00C.dat
2009-05-17 18:02 . 2004-08-16 16:41	513778	----a-w	c:\windows\system32\perfh00C.dat
2009-05-17 09:00 . 2006-01-13 16:35	234464	-c--a-w	d:\documents and settings\Moi\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-01 15:35 . 2009-04-13 17:57	--------	d-----w	c:\program files\Free Music Zilla
2009-04-23 16:59 . 2009-03-02 20:14	15688	----a-w	c:\windows\system32\lsdelete.exe
2009-04-23 16:58 . 2009-03-02 20:05	64160	----a-w	c:\windows\system32\drivers\Lbd.sys
2009-04-22 06:33 . 2009-04-19 15:51	--------	d-----w	c:\program files\Image-Line
2009-04-19 15:54 . 2009-04-19 15:54	--------	d-----w	c:\program files\VstPlugins
2009-04-19 15:53 . 2009-04-19 15:53	--------	d-----w	c:\program files\Outsim
2009-03-30 17:06 . 2009-03-30 17:06	--------	d-----w	c:\program files\EasyFlirt Messenger
2009-03-29 20:02 . 2005-12-23 20:49	--------	d-----w	c:\program files\Fichiers communs\Adobe
2009-03-06 14:20 . 2006-03-02 12:00	286720	----a-w	c:\windows\system32\pdh.dll
2009-03-04 14:21 . 2009-03-04 14:21	246288	----a-w	c:\windows\system32\88ee5dc43b600b4bfe4a4eb4b223400c.exe
2009-03-03 00:13 . 2006-03-02 12:00	826368	----a-w	c:\windows\system32\wininet.dll
2009-02-22 19:29 . 2008-07-26 08:19	5632	----a-w	c:\windows\system32\drivers\StarOpen.sys
2009-02-20 17:10 . 2006-03-02 12:00	78336	----a-w	c:\windows\system32\ieencode.dll
2008-03-25 19:21 . 2008-03-25 19:21	97409	----a-w	c:\program files\install_DivX Player_.exe
2008-03-10 20:57 . 2008-03-10 20:57	6105952	----a-w	c:\program files\Firefox Setup 2.0.0.12.exe
2008-03-02 16:38 . 2008-03-02 16:38	1104734	----a-w	c:\program files\dvdshrink_3.2.0.16_fr.zip
2004-10-01 13:00 . 2007-04-05 11:58	40960	----a-w	c:\program files\Uninstall_CDS.exe
.

(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-21 68856]
"NBJ"="c:\program files\Ahead\Nero BackItUp\NBJ.exe" [2006-02-10 2048000]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OBealsched.exe" [2005-12-14 180269]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2007-01-29 30248]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2007-01-29 46632]
"PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-02-01 255528]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2007-03-12 663552]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-01-06 290088]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-04-23 516440]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

d:\documents and settings\C‚cile\Menu D‚marrer\Programmes\D‚marrage\
Notification de cadeaux MSN.lnk - d:\documents and settings\C‚cile\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [2009-3-20 135680]

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32
"wave1"= serwvdrv.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Désinstallation.lnk]
path=d:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Désinstallation.lnk
backup=c:\windows\pss\Désinstallation.lnkCommon Startup

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^PC TimeWatch Tray Icon.lnk]
path=d:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\PC TimeWatch Tray Icon.lnk
backup=c:\windows\pss\PC TimeWatch Tray Icon.lnkCommon Startup

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^PhotoImpression 4.lnk]
path=d:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\PhotoImpression 4.lnk
backup=c:\windows\pss\PhotoImpression 4.lnkCommon Startup

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Web Services.lnk]
path=d:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Web Services.lnk
backup=c:\windows\pss\Web Services.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"XCOMM"=2 (0x2)
"VSSERV"=2 (0x2)
"SPBBCSvc"=2 (0x2)
"SNDSrvc"=2 (0x2)
"SAVScan"=3 (0x3)
"navapsvc"=3 (0x3)
"lxcg_device"=3 (0x3)
"LIVESRV"=2 (0x2)
"ISSVC"=2 (0x2)
"iPodService"=3 (0x3)
"ccSetMgr"=2 (0x2)
"ccPwdSvc"=3 (0x3)
"ccProxy"=2 (0x2)
"ccEvtMgr"=2 (0x2)
"bdss"=2 (0x2)
"PTWsvc"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%ProgramFiles%\AOL 9.0\aol.exe"=
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe"=
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe"=
"%windir%\system32\sessmgr.exe"=
"c:\APPS\Inventime\my.exe"=
"c:\Program Files\Messenger\msmsgs.exe"=
"c:\Program Files\LimeWire\LimeWire.exe"=
"%windir%\Network Diagnostic\xpnetdiag.exe"=
"c:\APPS\skype\phone\Skype.exe"=
"c:\Program Files\iTunes\iTunes.exe"=
"c:\Program Files\Windows Live\Messenger\wlcsdk.exe"=
"c:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"=
"c:\Program Files\Windows Live\Messenger\msnmsgr.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [02/03/2009 22:05 64160]
R2 atjsgt;atjsgt;c:\windows\system32\drivers\atjsgt.sys [13/08/2007 11:44 165504]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [11/03/2009 18:53 55152]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [18/01/2009 23:34 953168]
R2 linsgt;linsgt;c:\windows\system32\drivers\linsgt.sys [13/08/2007 11:44 16000]
R2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [14/01/2009 18:53 226656]
S0 cfbfe;cfbfe;c:\windows\system32\drivers\gdbto.sys --> c:\windows\system32\drivers\gdbto.sys [?]
S3 ATE_PROCMON;ATE_PROCMON;\??\c:\program files\Anti Trojan Elite\ATEPMon.sys --> c:\program files\Anti Trojan Elite\ATEPMon.sys [?]
S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 19:08 533360]
S3 PTWDrv;PTW - Process monitoring driver;c:\program files\MainSoft\PC TimeWatch\PTWatch.sys [20/10/2003 17:07 4096]
S4 PTWsvc;PCTimeWatch;c:\program files\MainSoft\PC TimeWatch\PTWsvc.exe [06/02/2007 11:58 835584]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
Contenu du dossier 'Tâches planifiées'

2009-05-18 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 16:58]

2009-05-20 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 11:34]

2009-05-20 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-08-21 20:28]

2009-05-20 c:\windows\Tasks\Maintenance en 1 clic.job
- d:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 08:23]
.
.
------- Examen supplémentaire -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
FF - ProfilePath - d:\documents and settings\Cécile\Application Data\Mozilla\Firefox\Profiles\9wup1kzf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www15.yoog.com/search.php?q=
FF - prefs.js: browser.search.selectedEngine - Yoog Search
FF - prefs.js: keyword.URL - hxxp://www15.yoog.com/search.php?q=
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592
pCIDetect13.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava11.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava12.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava13.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava14.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava32.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJPI150_02.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPOJI610.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins
pqtplugin8.dll
FF - plugin: c:\program files\QuickTime\Plugins
pqtplugin8.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology
pViewpoint.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

---- PARAMETRES FIREFOX ----
FF - user.js: google.toolbar.linkdoctor.enabled - false
FF - user.js: browser.search.defaultenginename - Yoog Search
FF - user.js: browser.search.defaulturl - hxxp://www15.yoog.com/search.php?q=
FF - user.js: browser.search.selectedEngine - Yoog Search
FF - user.js: keyword.URL - hxxp://www15.yoog.com/search.php?q=
FF - user.js: keyword.enabled - true
FF - user.js: google.toolbar.linkdoctor.enabled - false
FF - user.js: browser.search.defaultenginename - Yoog Search
FF - user.js: browser.search.defaulturl - hxxp://www15.yoog.com/search.php?q=
FF - user.js: browser.search.selectedEngine - Yoog Search
FF - user.js: keyword.URL - hxxp://www15.yoog.com/search.php?q=
FF - user.js: keyword.enabled - true
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-20 18:59
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ... 

Recherche d'éléments en démarrage automatique cachés ... 

Recherche de fichiers cachés ... 


c:\windows\system32\4f166e45e07a7e201bf9c46bfef818c9.sys 39936 bytes executable
c:\windows\system32\_4f166e45e07a7e201bf9c46bfef818c9.sys_.vir 39936 bytes executable

Scan terminé avec succès
Fichiers cachés: 2

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\4f166e45e07a7e201bf9c46bfef818c9]
"ImagePath"="system32\4f166e45e07a7e201bf9c46bfef818c9.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\MysqlInventime]
"ImagePath"="c:\apps\INVENT~1\mysql\bin\mysqld-nt --defaults-file=c:\apps\Inventime\mysql\my.ini MysqlInventime"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(488)
c:\windows\system32\Ati2evxx.dll
.
Heure de fin: 2009-05-20 19:01
ComboFix-quarantined-files.txt  2009-05-20 17:00
ComboFix2.txt  2009-05-18 20:04
ComboFix3.txt  2009-05-17 13:43

Avant-CF: 5 601 529 856 octets libres
Après-CF: 5 585 559 552 octets libres

235	--- E O F ---	2009-05-18 18:03

lambulanciere · Answer

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:19:03, on 20/05/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Documents and Settings\Cécile\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32
otepad.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=61005
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=61005
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe"  -osboot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "D:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Notification de cadeaux MSN.lnk = ?
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin
pjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin
pjpi150_02.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32
wprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: Service Bonjour (Bonjour Service) - Unknown owner - C:\Program Files\Bonjour\mDNSResponder.exe (file missing)
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

benurrr · Answer

---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :
http://oldtimer.geekstogo.com/OTMoveIt3.exe

---> Double-clique sur OTMoveIt3.exe afin de le lancer.

---> Copie (Ctrl+C) le texte suivant ci-dessous :
:processes
explorer.exe

:services
uasvfhxa 
gdbto 


:files
c:\windows\system32\_4f166e45e07a7e201bf9c46bfef818c9.sys 
c:\windows\system32\4f166e45e07a7e201bf9c46bfef818c9.sys 
c:\windows\system32\88ee5dc43b600b4bfe4­a4eb4b223400c.exe

:reg 
 [-HKEY_LOCAL_MACHINE\System\ControlSet002\Services\4f166e45e07a7e201bf9c46bfef818c9] 
"ImagePath"="system32\4f166e45e07a7e201bf9c46bfef818c9.sys"
[-HKEY_LOCAL_MACHINE\System\ControlSet002\Services\4f166e45e07a7e201bf9c46bfef818c9] 
"ImagePath"="system32\4f166e45e07a7e201bf9c46bfef818c9.sys


:commands
[purity]
[emptytemp]
[start explorer]
[reboot]

benurrr · Answer

---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau : 
http://oldtimer.geekstogo.com/OTMoveIt3.exe 

---> Double-clique sur OTMoveIt3.exe afin de le lancer. 

---> Copie (Ctrl+C) le texte suivant ci-dessous : 
:processes 
explorer.exe 

:services 
uasvfhxa 
gdbto 


:files 
c:\windows\system32\_4f166e45e07a7e201bf9c46bfef818c9.sys 
c:\windows\system32\4f166e45e07a7e201bf9c46bfef818c9.sys 
c:\windows\system32\88ee5dc43b600b4bfe4­a4eb4b223400c.exe 

:reg 
[-HKEY_LOCAL_MACHINE\System\ControlSet002\Services\4f166e45e07a7e201bf9c46bfef818c9] 
"ImagePath"="system32\4f166e45e07a7e201bf9c46bfef818c9.sys" 
[-HKEY_LOCAL_MACHINE\System\ControlSet002\Services\4f166e45e07a7e201bf9c46bfef818c9] 
"ImagePath"="system32\4f166e45e07a7e201bf9c46bfef818c9.sys 


:commands 
[purity] 
[emptytemp] 
[start explorer] 
[reboot] 


Par Manque De Curiosité On Risque De Mourir Ignorant;Tu es libre de penser que tu es C..,
Mais C.. de penser que ­tu es libre...Merci a australe13

lambulanciere · Answer

apres le copier coller je clic sur kel onglet

benurrr · Answer

salut

oupss lol j'ai pas mit la suite

---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved. 

---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3. 

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer. 
Accepte en cliquant sur YES. 

---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\ 
Le nom du rapport correspond au moment de sa création : date_heure.log

lambulanciere · Answer

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
Service\Driver uasvfhxa not found.
Service\Driver uasvfhxa not found.
Service\Driver gdbto not found.
Service\Driver gdbto not found.
========== FILES ==========
File/Folder c:\windows\system32\_4f166e45e07a7e201bf9c46bfef818c9.sys not found.
c:\windows\system32\4f166e45e07a7e201bf9c46bfef818c9.sys moved successfully.
File/Folder c:\windows\system32\88ee5dc43b600b4bfe4­a4eb4b223400c.exe not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\System\ControlSet002\Services\4f166e45e07a7e201bf9c46bfef818c9\ deleted successfully.
HKEY_LOCAL_MACHINE\System\ControlSet002\Services\4f166e45e07a7e201bf9c46bfef818c9\"ImagePath"|"system32\4f166e45e07a7e201bf9c46bfef818c9.sys" /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\System\ControlSet002\Services\4f166e45e07a7e201bf9c46bfef818c9\ deleted successfully.
HKEY_LOCAL_MACHINE\System\ControlSet002\Services\4f166e45e07a7e201bf9c46bfef818c9\"ImagePath"|"system32\4f166e45e07a7e201bf9c46bfef818c9.sys /E : value set successfully!
========== COMMANDS ==========
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. D:\Documents and Settings\Cécile\Local Settings\Temporary Internet Files\Content.IE5\PY37I4P8\01[1].htm scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\Cécile\Local Settings\Temporary Internet Files\Content.IE5\NFKDCX35\01[1].htm scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\Cécile\Local Settings\Temporary Internet Files\Content.IE5\NFKDCX35\default[2].htm scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\Cécile\Local Settings\Temporary Internet Files\Content.IE5\NFKDCX35\default[3].htm scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\Cécile\Local Settings\Temporary Internet Files\Content.IE5\NFKDCX35\im[2].htm scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\Cécile\Local Settings\Temporary Internet Files\Content.IE5\NFKDCX35\InboxLight[2].htm scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\Cécile\Local Settings\Temporary Internet Files\Content.IE5\NFKDCX35\InboxLight[3].htm scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\Cécile\Local Settings\Temporary Internet Files\Content.IE5\NFKDCX35\signin[1].htm scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\Cécile\Local Settings\Temporary Internet Files\Content.IE5\F2OC7GZK\ToastFull[2].htm scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\Cécile\Local Settings\Temporary Internet Files\Content.IE5\F2OC7GZK\ToastFull[3].htm scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\Cécile\Local Settings\Temporary Internet Files\Content.IE5\F2OC7GZK\ToastMini[2].htm scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\Cécile\Local Settings\Temporary Internet Files\Content.IE5\F2OC7GZK\ToastMini[3].htm scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\Cécile\Local Settings\Temporary Internet Files\Content.IE5\7Y1PG01C\01[2].htm scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\Cécile\Local Settings\Temporary Internet Files\Content.IE5\7Y1PG01C\ADSAdClient31[9].htm scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\Cécile\Local Settings\Temporary Internet Files\Content.IE5\7Y1PG01C\im[1].htm scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\Cécile\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\Cécile\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS	emp\Perflib_Perfdata_4e4.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully
 
OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 05232009_193345

Files moved on Reboot...
D:\Documents and Settings\Cécile\Local Settings\Temporary Internet Files\Content.IE5\PY37I4P8\01[1].htm moved successfully.
D:\Documents and Settings\Cécile\Local Settings\Temporary Internet Files\Content.IE5\NFKDCX35\01[1].htm moved successfully.
D:\Documents and Settings\Cécile\Local Settings\Temporary Internet Files\Content.IE5\NFKDCX35\default[2].htm moved successfully.
D:\Documents and Settings\Cécile\Local Settings\Temporary Internet Files\Content.IE5\NFKDCX35\default[3].htm moved successfully.
D:\Documents and Settings\Cécile\Local Settings\Temporary Internet Files\Content.IE5\NFKDCX35\im[2].htm moved successfully.
D:\Documents and Settings\Cécile\Local Settings\Temporary Internet Files\Content.IE5\NFKDCX35\InboxLight[2].htm moved successfully.
D:\Documents and Settings\Cécile\Local Settings\Temporary Internet Files\Content.IE5\NFKDCX35\InboxLight[3].htm moved successfully.
D:\Documents and Settings\Cécile\Local Settings\Temporary Internet Files\Content.IE5\NFKDCX35\signin[1].htm moved successfully.
D:\Documents and Settings\Cécile\Local Settings\Temporary Internet Files\Content.IE5\F2OC7GZK\ToastFull[2].htm moved successfully.
D:\Documents and Settings\Cécile\Local Settings\Temporary Internet Files\Content.IE5\F2OC7GZK\ToastFull[3].htm moved successfully.
D:\Documents and Settings\Cécile\Local Settings\Temporary Internet Files\Content.IE5\F2OC7GZK\ToastMini[2].htm moved successfully.
D:\Documents and Settings\Cécile\Local Settings\Temporary Internet Files\Content.IE5\F2OC7GZK\ToastMini[3].htm moved successfully.
File D:\Documents and Settings\Cécile\Local Settings\Temporary Internet Files\Content.IE5\7Y1PG01C\01[2].htm not found!
File D:\Documents and Settings\Cécile\Local Settings\Temporary Internet Files\Content.IE5\7Y1PG01C\ADSAdClient31[9].htm not found!
D:\Documents and Settings\Cécile\Local Settings\Temporary Internet Files\Content.IE5\7Y1PG01C\im[1].htm moved successfully.
D:\Documents and Settings\Cécile\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat moved successfully.
File C:\WINDOWS	emp\Perflib_Perfdata_4e4.dat not found!

benurrr · Answer

ok

telecharge blacklight anti-rootkit

https://majorgeeks.com/downloadget.php?id=5156&file=15&evp=a398348782dc4a215a61e05819e7ec06

double clic sur l'icone de ton bureau pour le lancer

tu poste le rapport generer

lambulanciere · Answer

il y a pas de rapport ouvert

lambulanciere · Answer

05/23/09 21:13:50 [Info]: BlackLight Engine 2.2.1092 initialized
05/23/09 21:13:50 [Info]: OS: 5.1 build 2600 (Service Pack 3)
05/23/09 21:13:50 [Note]: 7019 4
05/23/09 21:13:50 [Note]: 7005 0
05/23/09 21:13:56 [Note]: 7006 0
05/23/09 21:13:56 [Note]: 7011 3016
05/23/09 21:13:56 [Note]: 7035 0
05/23/09 21:13:56 [Note]: 7026 0
05/23/09 21:13:56 [Note]: 7026 0
05/23/09 21:13:58 [Note]: FSRAW library version 1.7.1024
05/23/09 21:21:24 [Note]: 2000 1012
05/23/09 21:21:24 [Note]: 2000 1012
05/23/09 21:21:24 [Note]: 2000 1012
05/23/09 21:21:24 [Note]: 2000 1012
05/23/09 21:21:24 [Note]: 2000 1012

benurrr · Answer

bien plus de rootkit

en tient le bon bout 

pour nettoyer les fix qui ont servit car plus a jour en les reprendra

Ferme toutes les applications en cours, puis télécharge ToolsCleaner2 sur ton Bureau.
http://www.commentcamarche.net/telecharger/telechargement 34055291 toolscleaner

Double clique sur ToolsCleaner2.exe >
puis Recherche
et sur Suppression
Note : ton bureau va disparaître, c'est normal. S'il n'apparaît pas à la fin du scan, fais la manip suivante :

CTRL+ALT+SUPP pour ouvrir le Gestionnaire des tâches.
Puis rends toi à l'onglet "Processus". Clique en haut à gauche sur Fichiers et choisis "Exécuter"

Tape explorer.exe et valide. Cela fera re-apparaître le Bureau

tu poste le rapport générer après suppression 


Par Manque De Curiosité On Risque De Mourir Ignorant;Tu es libre de penser que tu es C..,
Mais C.. de penser que ­tu es libre...Merci a australe13

lambulanciere · Answer

[ Rapport ToolsCleaner version 2.3.5 (par A.Rothstein & dj QUIOU) ]

--> Recherche: 

D:\Documents and Settings\Cécile\Bureau\ComboFix.exe: trouvé !

---------------------------------
--> Suppression: 

D:\Documents and Settings\Cécile\Bureau\ComboFix.exe: ERREUR DE SUPPRESSION !!

benurrr · Answer

salut

supprime manuellement combofix qui se trouve sur ton bureau en faisant un clic droit et supprimer


fait un scan en ligne antivirus malware et spyware

içi un tuto qui explique les démarches il faut y'aller avec explorer et non firefox

http://www.commentcamarche.net/faq/sujet 8874 scanner en ligne avec f secure

lambulaciere · Answer

j'ai 2 fichiers infectes

benurrr · Answer

re

d'autre soucie ?

Par Manque De Curiosité On Risque De Mourir Ignorant;Tu es libre de penser que tu es C..,
Mais C.. de penser que ­tu es libre...Merci a australe13

lambulanciere · Answer

non rien d'autre, je désinfecte automatiquement ou fichier par fichier

benurrr · Answer

salut

automatiquement 

içi un comparatif antivirus 

http://forum.malekal.com/ftopic3528.php

lambulanciere · Answer

23 programme(s) malveillant(s) détecté(s)
Trojan.Win32.Qhost (logiciel espion)

    * Système (Désinfecté) 

Worm.Win32.AutoRun.raz (virus)

    * C:\SYSTEM VOLUME INFORMATION\_RESTORE{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP88\A0017068.DLL (Renommé & Envoyé) 

Trojan.Win32.Agent.cfvd (virus)

    * C:\SYSTEM VOLUME INFORMATION\_RESTORE{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP86\A0016482.BAT (Renommé & Envoyé) 

W32/Zlob.gen123 (virus)

    * C:\SYSTEM VOLUME INFORMATION\_RESTORE{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP86\A0016531.EXE (Non nettoyé & Envoyé) 

Trojan-Proxy.Win32.Horst.ggx (virus)

    * C:\SYSTEM VOLUME INFORMATION\_RESTORE{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP85\A0016418.DLL (Renommé & Envoyé) 

Trojan.Win32.Agent.cfvd (virus)

    * C:\SYSTEM VOLUME INFORMATION\_RESTORE{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP80\A0016392.BAT (Renommé & Envoyé) 

Trojan.Win32.Agent.cfvd (virus)

    * C:\SYSTEM VOLUME INFORMATION\_RESTORE{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP80\A0016393.BAT (Renommé & Envoyé) 

Trojan-Proxy.Win32.Horst.ggx (virus)

    * C:\SYSTEM VOLUME INFORMATION\_RESTORE{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP73\A0015321.DLL (Renommé & Envoyé) 

Trojan-Downloader.Win32.Zlob.bcxw (virus)

    * C:\SYSTEM VOLUME INFORMATION\_RESTORE{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP68\A0015172.DLL (Renommé & Envoyé) 

Trojan-Downloader.Win32.Zlob.bcxw (virus)

    * C:\SYSTEM VOLUME INFORMATION\_RESTORE{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP66\A0015044.DLL (Renommé & Envoyé) 

Trojan-Downloader.Win32.Zlob.bcxw (virus)

    * C:\SYSTEM VOLUME INFORMATION\_RESTORE{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP66\A0015067.DLL (Renommé & Envoyé) 

Trojan-Downloader.Win32.Zlob.bcxw (virus)

    * C:\SYSTEM VOLUME INFORMATION\_RESTORE{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP65\A0015035.DLL (Renommé & Envoyé) 

Trojan-Downloader.Win32.Zlob.bcxw (virus)

    * C:\SYSTEM VOLUME INFORMATION\_RESTORE{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP64\A0015029.DLL (Renommé & Envoyé) 

Trojan-Downloader.Win32.Zlob.bcxw (virus)

    * C:\SYSTEM VOLUME INFORMATION\_RESTORE{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP63\A0014024.DLL (Renommé & Envoyé) 

Trojan-Downloader.Win32.Zlob.bcxw (virus)

    * C:\SYSTEM VOLUME INFORMATION\_RESTORE{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP63\A0015022.DLL (Renommé & Envoyé) 

Trojan-Downloader.Win32.Zlob.bcxw (virus)

    * C:\SYSTEM VOLUME INFORMATION\_RESTORE{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP63\A0015025.DLL (Renommé & Envoyé) 

Trojan-Downloader.Win32.Zlob.bcxw (virus)

    * C:\SYSTEM VOLUME INFORMATION\_RESTORE{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP61\A0013917.DLL (Renommé & Envoyé) 

Trojan-Downloader.Win32.Zlob.bcxw (virus)

    * C:\SYSTEM VOLUME INFORMATION\_RESTORE{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP60\A0012897.DLL (Renommé & Envoyé) 

Trojan-Downloader.Win32.Zlob.bcxw (virus)

    * C:\SYSTEM VOLUME INFORMATION\_RESTORE{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP59\A0012860.DLL (Renommé & Envoyé) 

Trojan-Downloader.Win32.Zlob.bcxw (virus)

    * C:\SYSTEM VOLUME INFORMATION\_RESTORE{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP59\A0012879.DLL (Renommé & Envoyé) 

Trojan-Downloader.Win32.Zlob.bcxw (virus)

    * C:\SYSTEM VOLUME INFORMATION\_RESTORE{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP59\A0012880.DLL (Renommé & Envoyé) 

Trojan-Downloader.Win32.Zlob.bcxw (virus)

    * C:\SYSTEM VOLUME INFORMATION\_RESTORE{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP59\A0012889.DLL (Renommé & Envoyé) 

Trojan.Win32.Shutdowner.ale (virus)

    * C:\PROGRAM FILES\INSTALL_DIVX PLAYER_.EXE (Renommé & Envoyé) 

Statistiques
Analysé:

    * Fichiers: 52586
    * Système: 4402
    * N'a pas été analysé: 6 

Actions:

    * Désinfecté: 1
    * Renommé: 21
    * Supprimé: 0
    * Non nettoyé: 1
    * Envoyé: 22 

Fichiers qui n'ont pas été analysés :

    * C:\PAGEFILE.SYS
    * C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT
    * C:\WINDOWS\SYSTEM32\CONFIG\SAM
    * C:\WINDOWS\SYSTEM32\CONFIG\SECURITY
    * C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE
    * C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM

benurrr · Answer

c'etait ta restauration system

par precaution tu peut la purger et en creer un nouveau propre

pour purger

purger les points de restauration : 
1.Ouvre le Menu Démarrer 
2.Clique-droit sur Poste de travail 
3.Clique sur Propriétés 
4.Positionne-toi dans l'onglet Restauration du système 
5.Coche Désactiver la restauration système 
6.Valide par Ok 
7.Redémarre 
8.Reproduis les manipulations 1 à 3 
9.Décoche Désactiver la restauration système 
10.Valide par Ok 

et créer un nouveau point

- Aller dans le Menu Démarrer puis dans Programmes, 
- Ensuite dans Accessoires et enfin dans Outils système, 
- Choisir Restauration du système, 
- Sélectionner Créer un point de restauration, 
- Cliquer sur Suivant, 
- Entrer un nom pour le point de restauration : ce nom doit être assez évocateur, 
- Cliquer sur Créer et le point de restauration se créé automatiquement. 


Par Manque De Curiosité On Risque De Mourir Ignorant;Tu es libre de penser que tu es C..,
Mais C.. de penser que ­tu es libre...Merci a australe13

lambulanciere · Answer

j'ai pas creer un point de restauration

benurrr · Answer

salut

tu devrai comme sa au moins ta un point propre

lambulanciere · Answer

je peut pas le faire il me le propose pas

benurrr · Answer

re

comment sa il te le propose pas

tu a suivie mon message 113 créer un point de restauration

lambulanciere · Answer

oui
demarer, tout les programmes, accessoires, outils systeme et le pas de creer de point de restaurations

benurrr · Answer

apres outil system c'est restauration systeme

lambulanciere · Answer

ok c fait lol j'avais pas vu

benurrr · Answer

c'est rien

le point esque tu a changer d'antivirus oui ou non et malewarbyte a tu réussi a le telecharger ?

PERSSO je te conseille antivir comme antivirus superantispyware contre les logiciel espion et malwarbyte contre les malware et un bon pare feu comodo

lambulanciere · Answer

oui ca y est j'ai creer le point de restaurantion

benurrr · Answer

d'autre soucie ?

lambulanciere · Answer

et ad aware je le garde ou pas, et avast je le vire auss alors 
je peut supprimer tout les rapport,

benurrr · Answer

oui 

adware tu vire et avast aussi car 2 antivirus c'est source de conflit et les rapport tu vire

lambulanciere · Answer

ok et les antivirus et anti spyware il fonctionne des que j'allume le pc ou y a t'il une manip a faire et y a t'il des mise a jour

benurrr · Answer

oui si c'est antivir au démarrage il s'allume et tu le voit parapluie en bas droite il est ouvert se qui veut dire que t'est protéger pour l'antispyware  normalement oui mais il faut quand meme des fois la lancer la mise a jour tu anticipe

lambulanciere · Answer

ok je fait donc un demarrage seurise ou normal j'ai entendu parler de avg comme antivirus et windows diffender peut tu me donner un avis sur ses programmes et entre ad aware et antispyware niveau ressource lequel est le mieux

benurrr · Answer

Ok je fait donc un demarrage seurise ou normal la je te suit pas

avg il dise qu'il est bioen mais moi j'ai toujours eu antivir alors je connais pas trop avg en tout cas c'est déjà mieux que avast d'apres certain comparatif

adware était très bien y'a 2 ou 3 ans maintenant un peu dépasser

lambulanciere · Answer

il me propose démarrage normal " parametre par défaut recommandé, dans lequel antivir guard démarre en mode normal, automatique

démarrage sécurisé antivir guard démarre aussi vite que possible ce démarrage rapide vous offre plus se sécurité, mais il allonge le temps nécessaire a l'ordinateur pour être disponible

benurrr · Answer

moi il est en normal

lambulanciere · Answer

je n'arrive encore pas a ouvrir malwarebyte j'ai les même message d'erreur que la dernière fois
 c'est a dire erreur d'exécution o et erreur d'exécution 440 que doit je faire

benurrr · Answer

IL est installer ? si oui désinstalle le passe ccleaner que je t'ai fait telecharger et un coup de regseeker

tu telecharge regseeker sur ton bureau  http://www.commentcamarche.net/telecharger/telecharger 34055142 regseeker tu le dezippe sur ton bureau avec un clic droit tu fait extraire ici

tu double clic sur le dossier regseeker qui a été générer et tu double clic sur regseeker.exe dans la fenêtre qui s'ouvre 

on haut a droite tu a langage tu le mais on français

après a gauche tu a nettoyer le registre tu clic une fois

tu vérifie que tout et cocher sauf service invalide

et tu fait un clique sur nettoyage automatique

reverifie que tout est cocher sauf élément vert

et tu met 4 passe et tu appuie sur go

sa va nettoyer ton registre et tu redémarre

et la tu réinstalle malwarbyte 

http://www.commentcamarche.net/telecharger/telechargement 34055379 malwarebytes anti malware

lambulanciere · Answer

il est déjà en français et je trouve pas nettoyer le registre

benurrr · Answer

içi un  tuto

http://www.teletuto.fr/story.php?title=Nettoyer_sa_base_de_registre_avec_regseeker-1

lambulanciere · Answer

je suis tomber sur quad registry cleaner et il me fait un  scan rapide c'est ca

benurrr · Answer

non la video sur le lien il t'explique comment utiliser regseeker

le quad dont tu parle est payant  et bien sur il va te trouver des merde pour te faire acheter le logiciel

lambulanciere · Answer

non j'arrive a rien ça marche pas je comprend rien

benurrr · Answer

quesqui marche pas ?

prend ton temps on est pas a la piece

lambulanciere · Answer

j'ai ouvert regseeker.zip Winrar j'ai une fenetre qui s'ouvre avec des onglets
ajouter, extraire vers, tester, voi,r supprimer, rechercher, assistant, info, antivirus, commenter, sfx

benurrr · Answer

tu fait extraire et après tu va dans le dossier générer et tu le lance en double cliquant sur regseeker.exe

Par Manque De Curiosité On Risque De Mourir Ignorant;Tu es libre de penser que tu es C..,
Mais C.. de penser que ­tu es libre...Merci a australe13

lambulanciere · Answer

yes c'est fait

lambulanciere · Answer

et ca marche toujours pas

benurrr · Answer

salut

quesqui marche pas malwarbyte ou regseeker ?

lambulanciere · Answer

mawarebytes

benurrr · Answer

je me renseigne et je te tient au courant

benurrr · Answer

a la place malwarbyte tu met superantispyware

http://www.superantispyware.com/superantispywarefreevspro.ht%C2%ADml

içi un tuto 

https://www.malekal.com/?s=SUPERAntiSpyware

ou squared free

http://www.commentcamarche.net/telecharger/telechargement 224 a squared free

içi un tuto

https://blog.emsisoft.com/en/

lambulanciere · Answer

ok superantispyware fait un scan et ma déjà trouver 3adaware tracking cookie, donc je peut supprimer malwarebytes

benurrr · Answer

tu peut suprimer malwarbyte

mais je vait quand meme chercher le pourkoi du comment 

je te tiendrai au courant si j'ai des nouvelles

lambulanciere · Answer

ok donc maintenant mon pc est clean alors

benurrr · Answer

oui pour l'instant lol

et en parefeu tu a mit comodo ou tu a garder celui de base ?

lambulanciere · Answer

merci t optimiste j'ai mis comodo

lambulanciere · Answer

je peut supprimer regseeker ou pas

benurrr · Answer

salut

comme ta envie 

il consomme pas de ressource et tu peut en servir de temps en temps

lambulanciere · Answer

je te remercie de ton aide j'ai économiser le prix de la réparation et mon antivirus marche bien maintenant avec les conseil qui vont avec merci bcp et je garde ce site dans mes favoris merci

Connection impossible

155 réponses

Votre réponse

Discussions similaires

Newsletters